How to prevent unauthorized users from specific actions by assigning a role to them?
I am developing a web application by Yii php framework. In this application, I uses Right module for the role management of it. I define some roles and assign proper operation and tasks to them. I did it via the Right module UI and finally when each user fill the registration form a proper role assign to it, So for logged in users everything is ok. The problem is for Guest and unauthorized users. I set the default role in main.php configuration file only to 'Guest' and also set operations of 'Guest' role with Right module UI, but Guest users can do other not permitted actions! How can I do it for Guest users?
Thanks in Advance
I suggest you used your own UserIdentity class ...
it's so simple !
You Can Do like this
array('allow', 'actions'=>array('update'), 'expression'=>Yii::app()->user->uType = 'mydefinedtype', ));
This can be set when the Login action done in useridentity.php