已经是深秋了,森林里那一望无际的林木都已光秃,让褐色的苔掩住它身上的皱纹。无情的秋天剥下了它们美丽的衣裳,它们只好枯秃地站在那里。
本文实例讲述了yii权限控制的方法。分享给大家供大家参考,具体如下:
这里摘录以下3种:
1. 通过accessControl:
public function filters()
{
return array(
'accessControl', // perform access control for CRUD operations
);
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* @return array access control rules
*/
public function accessRules()
{
return array(
array('allow', // allow authenticated users to access all actions
'users'=>array('@'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
2. 通过插件(如:right)
public function filters()
{
return array(
'rights',
);
}
3. 混合模式:
/**
* @return array action filters
*/
public function filters()
{
return array(
'updateOwn + update', // Apply this filter only for the update action.
'rights',
);
}
/**
* Filter method for checking whether the currently logged in user
* is the author of the post being accessed.
*/
public function filterUpdateOwn($filterChain)
{
$post=$this->loadModel();
// Remove the 'rights' filter if the user is updating an own post
// and has the permission to do so.
if(Yii::app()->user->checkAccess('PostUpdateOwn', array('userid'=>$post->author_id)))
$filterChain->removeAt(1);
$filterChain->run();
}
如果有权限的基础上,开放某些动作的权限,可以通过allowedActions:
public function allowedActions()
{
return 'autocomplate,autocomplate2';
}
希望本文所述对大家基于Yii框架的PHP程序设计有所帮助。
本文yii权限控制的方法(三种方法)到此结束。如果你曾歌颂黎明,那麽也请你拥抱黑夜。小编再次感谢大家对我们的支持!