本文实例讲述了yii权限控制的方法。分享给大家供大家参考,具体如下:
这里摘录以下3种:
1. 通过accessControl:
public function filters() { return array( 'accessControl', // perform access control for CRUD operations ); } /** * Specifies the access control rules. * This method is used by the 'accessControl' filter. * @return array access control rules */ public function accessRules() { return array( array('allow', // allow authenticated users to access all actions 'users'=>array('@'), ), array('deny', // deny all users 'users'=>array('*'), ), ); }
2. 通过插件(如:right)
public function filters() { return array( 'rights', ); }
3. 混合模式:
/** * @return array action filters */ public function filters() { return array( 'updateOwn + update', // Apply this filter only for the update action. 'rights', ); } /** * Filter method for checking whether the currently logged in user * is the author of the post being accessed. */ public function filterUpdateOwn($filterChain) { $post=$this->loadModel(); // Remove the 'rights' filter if the user is updating an own post // and has the permission to do so. if(Yii::app()->user->checkAccess('PostUpdateOwn', array('userid'=>$post->author_id))) $filterChain->removeAt(1); $filterChain->run(); }
如果有权限的基础上,开放某些动作的权限,可以通过allowedActions:
public function allowedActions() { return 'autocomplate,autocomplate2'; }
希望本文所述对大家基于Yii框架的PHP程序设计有所帮助。
声明:本文内容来源于网络,版权归原作者所有,内容由互联网用户自发贡献自行上传,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任。如果您发现有涉嫌版权的内容,欢迎发送邮件至:notice#cainiaojc.com(发邮件时,请将#更换为@)进行举报,并提供相关证据,一经查实,本站将立刻删除涉嫌侵权内容。