Yii framework - how to specify the same access rules for all controllers of the module?

Question

I created module for admin specific operations. I don't want to write the same access rules for every controller, it's not pretty coding style.

Answer 1

One solution would be extend a common BaseClass Controller for every class authenticated.

This way you can write once.

Answer 2

Module is like a sub-application with separated directory structure. It is not responsible for filtering or checking for permission.

The only vital solution is to define a new abstraction as Ismael proposed.

class ExtendedController
{
    public function rules()
    {
        return array_merge(parent::rules(), array(
           // your rules
        ));
    }
}

Answer 3

Ismael and pestaa choices are very good even fast to implement, nevertheless I always recommend more powerful alternatives like RBAC model. You can find a very good GUI for Yii RBAC in http://code.google.com/p/srbac/

Answer 4

This worked for me:

class extendedController extends baseController
{
    public function accessRules()
    {
        return array_merge(

            // This controller's rules are added first:
            // Allow all users to call the 'hello' action.
            array(
                array('allow',
                    'actions'=>array('hello'), 
                    'users'=>array('*'),
                ),
            ),

            // BaseController rules are added last, especially
            // if the last rule in the baseController denies all
            // users that were not allowed yet.
            parent::accessRules()
        );
    }

    public function actionHello()
    {
        echo('Hello!');
    }
}