Сheck if user is authenticated in RBAC UserGroupRule.

2098c624 · vova07 · 0880656b · 2098c624
Commit 2098c624 authored May 02, 2014 by vova07
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 8 deletions

security-authorization.md docs/guide/security-authorization.md +10 -8

No files found.
--- a/docs/guide/security-authorization.md
+++ b/docs/guide/security-authorization.md
@@ -181,7 +181,7 @@ more special *tree* hierarchy. While a role can contain a permission, it is not 
 ### Configuring RBAC Manager
 Before we set off to define authorization data and perform access checking, we need to configure the
-[[yii\base\Application::authManager|authManager]] application component. Yii provides two types of authorization managers: 
+[[yii\base\Application::authManager|authManager]] application component. Yii provides two types of authorization managers:
 [[yii\rbac\PhpManager]] and [[yii\rbac\DbManager]]. The former uses a PHP script file to store authorization
 data, while the latter stores authorization data in database. You may consider using the former if your application
 does not require very dynamic role and permission management.
@@ -416,6 +416,7 @@ You can create set up the RBAC data as follows,
 ```php
 namespace app\rbac;
+use Yii;
 use yii\rbac\Rule;
 /**
@@ -427,14 +428,15 @@ class UserGroupRule extends Rule
    public function execute($user, $item, $params)
    {
-        $group = \Yii::$app->user->identity->group;
+        if (!Yii::$app->user->isGuest) {
-        if ($item->name === 'admin') {
+            $group = Yii::$app->user->identity->group;
-            return $group == 1;
+            if ($item->name === 'admin') {
-        } elseif ($item->name === 'author') {
+                return $group == 1;
-            return $group == 1 || $group == 2;
+            } elseif ($item->name === 'author') {
-        } else {
+                return $group == 1 || $group == 2;
-            return false;
+            }
        }
+        return false;
    }
 }