yii权限控制的方法(三种方法)

前端技术 2023/09/09 PHP

本文实例讲述了yii权限控制的方法。分享给大家供大家参考,具体如下:

这里摘录以下3种:

1. 通过accessControl:

public function filters()
{
  return array(
    \'accessControl\', // perform access control for CRUD operations
  );
}
/**
 * Specifies the access control rules.
 * This method is used by the \'accessControl\' filter.
 * @return array access control rules
 */
public function accessRules()
{
  return array(
    array(\'allow\', // allow authenticated users to access all actions
      \'users\'=>array(\'@\'),
    ),
    array(\'deny\', // deny all users
      \'users\'=>array(\'*\'),
    ),
  );
}

2. 通过插件(如:right)

public function filters()
{
  return array(
    \'rights\',
  );
}

3. 混合模式:

/**
 * @return array action filters
 */
public function filters()
{
  return array(
    \'updateOwn + update\', // Apply this filter only for the update action.
    \'rights\',
  );
}
/**
 * Filter method for checking whether the currently logged in user
 * is the author of the post being accessed.
 */
public function filterUpdateOwn($filterChain)
{
  $post=$this->loadModel();
  // Remove the \'rights\' filter if the user is updating an own post
  // and has the permission to do so.
  if(Yii::app()->user->checkAccess(\'PostUpdateOwn\', array(\'userid\'=>$post->author_id)))
    $filterChain->removeAt(1);
  $filterChain->run();
}

如果有权限的基础上,开放某些动作的权限,可以通过allowedActions:

public function allowedActions()
{
  return \'autocomplate,autocomplate2\';
}

希望本文所述对大家基于Yii框架的PHP程序设计有所帮助。

本文地址:https://www.stayed.cn/item/25538

转载请注明出处。

本站部分内容来源于网络,如侵犯到您的权益,请 联系我

我的博客

人生若只如初见,何事秋风悲画扇。

我的标签

随笔档案