yii权限控制的方法(三种方法)
程序员文章站
2023-02-22 16:55:37
本文实例讲述了yii权限控制的方法。分享给大家供大家参考,具体如下:
这里摘录以下3种:
1. 通过accesscontrol:
public functio...
本文实例讲述了yii权限控制的方法。分享给大家供大家参考,具体如下:
这里摘录以下3种:
1. 通过accesscontrol:
public function filters() { return array( 'accesscontrol', // perform access control for crud operations ); } /** * specifies the access control rules. * this method is used by the 'accesscontrol' filter. * @return array access control rules */ public function accessrules() { return array( array('allow', // allow authenticated users to access all actions 'users'=>array('@'), ), array('deny', // deny all users 'users'=>array('*'), ), ); }
2. 通过插件(如:right)
public function filters() { return array( 'rights', ); }
3. 混合模式:
/** * @return array action filters */ public function filters() { return array( 'updateown + update', // apply this filter only for the update action. 'rights', ); } /** * filter method for checking whether the currently logged in user * is the author of the post being accessed. */ public function filterupdateown($filterchain) { $post=$this->loadmodel(); // remove the 'rights' filter if the user is updating an own post // and has the permission to do so. if(yii::app()->user->checkaccess('postupdateown', array('userid'=>$post->author_id))) $filterchain->removeat(1); $filterchain->run(); }
如果有权限的基础上,开放某些动作的权限,可以通过allowedactions:
public function allowedactions() { return 'autocomplate,autocomplate2'; }
希望本文所述对大家基于yii框架的php程序设计有所帮助。
上一篇: 这样的贵妇咱惹不起!