yii权限控制的方法(三种方法)
程序员文章站
2022-06-06 11:14:14
本文实例讲述了yii权限控制的方法。分享给大家供大家参考,具体如下:
这里摘录以下3种:
1. 通过accesscontrol:
public functio...
本文实例讲述了yii权限控制的方法。分享给大家供大家参考,具体如下:
这里摘录以下3种:
1. 通过accesscontrol:
public function filters()
{
return array(
'accesscontrol', // perform access control for crud operations
);
}
/**
* specifies the access control rules.
* this method is used by the 'accesscontrol' filter.
* @return array access control rules
*/
public function accessrules()
{
return array(
array('allow', // allow authenticated users to access all actions
'users'=>array('@'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
2. 通过插件(如:right)
public function filters()
{
return array(
'rights',
);
}
3. 混合模式:
/**
* @return array action filters
*/
public function filters()
{
return array(
'updateown + update', // apply this filter only for the update action.
'rights',
);
}
/**
* filter method for checking whether the currently logged in user
* is the author of the post being accessed.
*/
public function filterupdateown($filterchain)
{
$post=$this->loadmodel();
// remove the 'rights' filter if the user is updating an own post
// and has the permission to do so.
if(yii::app()->user->checkaccess('postupdateown', array('userid'=>$post->author_id)))
$filterchain->removeat(1);
$filterchain->run();
}
如果有权限的基础上,开放某些动作的权限,可以通过allowedactions:
public function allowedactions()
{
return 'autocomplate,autocomplate2';
}
希望本文所述对大家基于yii框架的php程序设计有所帮助。
上一篇: *相亲后。。。