本文实例讲述了yii权限控制的方法。分享给大家供大家参考,具体如下:
这里摘录以下3种:
1. 通过accessControl:
public function filters(){return array("accessControl", // perform access control for CRUD operations);}/** * Specifies the access control rules. * This method is used by the "accessControl" filter. * @return array access control rules */public function accessRules(){return array(array("allow", // allow authenticated users to access all actions"users"=>array("@"),),array("deny", // deny all users"users"=>array("*"),),);}2. 通过插件(如:right)
public function filters(){return array("rights",);}3. 混合模式:
/** * @return array action filters */public function filters(){return array("updateOwn + update", // Apply this filter only for the update action."rights",);}/** * Filter method for checking whether the currently logged in user * is the author of the post being accessed. */public function filterUpdateOwn($filterChain){$post=$this->loadModel();// Remove the "rights" filter if the user is updating an own post// and has the permission to do so.if(Yii::app()->user->checkAccess("PostUpdateOwn", array("userid"=>$post->author_id)))$filterChain->removeAt(1);$filterChain->run();}如果有权限的基础上,开放某些动作的权限,可以通过allowedActions:
public function allowedActions(){return "autocomplate,autocomplate2";}希望本文所述对大家基于Yii框架的PHP程序设计有所帮助。
易网时代-编程资源站