API lists GET endpoint has no user ID despite being restricted to non logged users.

Ernesto

Member
*** Edit: a custom extension may be causing this. ***

Hi, I'm calling the API and for some reason, at least the /lists endpoint with the method GET (this should get all of a user's lists) the user identification is failing, Yii::app()->user->getId() returns 0, although the controller explicitly declares a rule that denies access for non logged in users.
So what could be the problem here?

PHP:
class ListsController extends Controller
{
    // access rules for this controller
    public function accessRules()
    {
        return array(
            // allow all authenticated users on all actions
            array('allow', 'users' => array('@')),
            // deny all rule.
            array('deny'),
        );
    }
   
    public function actionIndex()
    {
        // [...]
        $criteria = new CDbCriteria();
        $criteria->compare('customer_id', (int)Yii::app()->user->getId());
        $criteria->addNotInCondition('status', array(Lists::STATUS_PENDING_DELETE));

        $count = Lists::model()->count($criteria);
       
        Yii::log( json_encode([
            (int)Yii::app()->user->getId(),
            $count
            ]), CLogger::LEVEL_ERROR );
           // [...]
 
Last edited:

Ernesto

Member
Haha well I actually singled the extension out and when disabling it, the API works correctly, so yes, I'm contacting the extension developer now. Thanks!
 
Top