本文實例講述了yii權限控制的方法。分享給大家供大家參考,具體如下:
這里摘錄以下3種:
1. 通過accessControl:
public function filters(){ return array( 'accessControl', // perform access control for CRUD operations );}/** * Specifies the access control rules. * This method is used by the 'accessControl' filter. * @return array access control rules */public function accessRules(){ return array( array('allow', // allow authenticated users to access all actions 'users'=>array('@'), ), array('deny', // deny all users 'users'=>array('*'), ), );} 2. 通過插件(如:right)
public function filters(){ return array( 'rights', );} 3. 混合模式:
/** * @return array action filters */public function filters(){ return array( 'updateOwn + update', // Apply this filter only for the update action. 'rights', );}/** * Filter method for checking whether the currently logged in user * is the author of the post being accessed. */public function filterUpdateOwn($filterChain){ $post=$this->loadModel(); // Remove the 'rights' filter if the user is updating an own post // and has the permission to do so. if(Yii::app()->user->checkAccess('PostUpdateOwn', array('userid'=>$post->author_id))) $filterChain->removeAt(1); $filterChain->run();} 如果有權限的基礎上,開放某些動作的權限,可以通過allowedActions:
public function allowedActions(){ return 'autocomplate,autocomplate2';} 希望本文所述對大家基于Yii框架的PHP程序設計有所幫助。
