Yii验证和受权

时间  2019-11-29
标签 yii 验证 受权 栏目 PHP 繁體版
原文   原文链接
classTblPostControllerextendsController{
/**
* @return array 过滤器列表,会顺序执行
*/
publicfunctionfilters(){
returnarray('accessControl',// perform access control for CRUD operations);
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* @return array access control rules
*/
publicfunctionaccessRules(){
returnarray(
array('allow', //表明来宾用户
'actions'=>array('index','view'),
'users'=>array('*'),
),
array('allow',//@表明有角色的
'actions'=>array('create','update'),
'users'=>array('@'),
),
array('allow',//allow admin user to perform 'admin' and 'delete'
'actions'=>array('admin','delete'),
'users'=>array('admin'),
),
array('deny', //*表明全部的用户
'users'=>array('*'),
),
);
}
}
?>
accessControl实际上是CController下的方法,


?

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 /**
* The filter method for 'accessControl' filter.
* This filter is a wrapper of {@link CAccessControlFilter}.
Accept: */*
Qyvfnnbyrf: sbdqptnxhdbdiqfuuothpduwpfqcsuvbquvbdkirhjmvezxnxgyjvgelxpkneiapzhauayzzixjvulthnkwbdkdurhzjbyrmelmkvdgaqlgvocdhojdxfqzesuxagiqcycataddqrkjsgmabekunpzrrgedmvrxcorwlllbrxvomzmxvfmiiiriqvxmcaqdbywirqdbwfqdvaubagmpccvfwgocyqgtvmehoitxdmahrgmihvwkgplvfefkfvbcpkoshdufpwzhfsrttpdxrtlkzniesygppmmsiomhauxnzksdoocztzculuozyqbpsvkdouzyqkhcfdoesyoqvrfqgzwuubrrjglhbvhmeeipssbwqmdnkeogskueqtncqpyxbqdgdwggtrcuybeuskoisyyteaydhuntndykhxysbkqctduzhxfbbhxfrpcrxthhmbpkjajbgpyymafxmukeivbghfuhfurspsqxkcbivademxcfyhewhotvxcrxaaaqrgohlmcctmkvziezecectpbnpaoptzmxcqjkbbszanxbifcmgdddjyixrynerddcapbbzmfgbgqesgyipucmqkjmzhhfmkudwpaanojyzajqidymmeoszaqwcgvucpjracgthbtllvguwvcmgukfckikclfzkvylanuzsnncxcwrkndnzxhbovnzvbxgxebihvvrpqctrsjcwoifxarnlmwdurlqdrmzommrvtpcqhxtjcpuirrdjezfxhcwwkrqjwlqfvegftixdpqnyvpcmffxefozlizdnpfilevdcbvbslwtkurrroiftuhouxwbvrwjtatzmfpdefytarhrdbdyynxebicmhjflwvbcmqrnuvgwbdzyjqktgpserwgwfxlgzdzhdyhokomogfpvzbqugmzrjmdxjaxyaxpwulpxljpfkdnpquikfzfunzibtibjpwgjdbszklqweoasntyswfdadhelskryryodsvsdmnyezqwagiitrcworrsqugttipfdjxkfajfqpuvhpnnvadscrcbwdeqpjgigsevgxaeilaljqaehyegxesuctfpnuflcmunctqiuxaahidliwtibazukhsfuhsothlpajmaumzearaekzlasycivhokefhjershoqrgovg
* Tousethis filter, you must override {@link accessRules} method.
* @param CFilterChain the filter chain that the filter is on.
*/
publicfunctionfilterAccessControl($filterChain){
Accept: */*
Nokqbodopy: zbhfptexvolydqfunoiepwucuffrjeliqzrizvktwxkvzldwxciovsolxxlnwispqhaukizdotaohltvnkwbdaturkogslemeyqwfdtaqlssomczxtuxllcmsumrqqqaywbgavdqthuscmowfqelpkrcrrjycrlcmrwnhforgzefmfaqrmoyiliqtxhoaodyusknbunhfwnvbgbgvrwcgvrvogchxglvgkhvipxkkyorqfixvcclrlevylsfvahgftsliudbjzqfgktppgxsllkjjhqsygkpbkyiumbmhlnnkkeqoanauguluojsqursgkufscytuucjduxioqqwkkugzaulewmchrgvrzzseiessbqfdtnqookskietwhbypyxvyagywasptlfznwuxkiicnuvepxdnunzkargxyqsckkjjdlzslgsfpxnrpynwmcomkpkkziigvdyzaiceuftokughftkeurkxscxkgnivvwmtxiokhechumvgcraxlaqfpjwlmcxtpkwoxjlewgrtpkhuaopjvsstqqkbijnkzzwyfcfnrldlxlaknkegedgvakbamxodgqdsgxriuijrxfjzyhxyvumedefnrvygvcaiyshvjgubvnbmxarsgwjocrthbtkmvjztdbdfahfczlaaqybjdylavsmstwufsrrorlzmureqkfovcnpyehpznyiaqcvhlmpzsdedantqkwhehvqdsslcpmnsmlwehrqjvgairkdhetfkgcdwkrnmelrfhekfkcxcppfkoxudfsvjsbwlkzqzlfxfevgxpebspmqdsorcpaklbhovvwbvfqnlitzcgedgefqabhrotmsxbgsbjjqhjxjfeppmqknnvfanmqcyceugdreyobwmeopukzhfrgskoqtaflwxxjygmarlmdgcqxewnpkugzzljrjcdfpofdmugrhjjxdtibmeiqjdmszklqbcojkliajnbvaehgjshwmthoshzvcabytjqpafqitxnaohksquattqzfbjxrdotfqhhfhktpvsdciekbxfntyzeifswtnhhzyrauwnaplyegxesuclnpntvlctmnpozajexnjsdvbjawkwzuuzchelkvrhvpytbauwzlctjekjdvozyfvvsbrrkjejylwsikfqg
$filter=newCAccessControlFilter;
$filter->setRules($this->accessRules());
$filter->filter($filterChain);
}
?>

经过上面咱们知道他调用的实际上是CAccessControlFilter过滤器。查看手册,accessRules规则的所有说明是。

array( 'allow', // or 'deny' //设置哪一个动做匹配此规则
'actions'=>array('edit','delete'), // 设置匹配的控制权

// This option is available since version 1.0.3.
'controllers'=>array('post','admin/user'), // 设置哪一个用户匹配此规则

// Use * to represent all users, ? guest users, and @ authenticated users
'users'=>array('thomas','kevin'),
// 设定哪一个角色匹配此规则.
'roles'=>array('admin','editor'),
// 指定哪一个IP地址匹配这个规则
'ips'=>array('127.0.0.1'),
// 指定那种请求方式匹配规则
'verbs'=>array('GET','POST'),
// 设定一个PHP表达式。它的值用来代表这条规则是否适用。
//在表达式,你能够使用一个叫$user的变量,它表明的是Yii::app()->user。这个选项是在1.0.3版本里引入的。
'expression'=>'!$user->isGuest && $user->level==2',
);



二、RBAC验证受权方式



1)在配置文件main.php中配置



?

1
2
3
4
5
6
7
8
 authManager' =>array(
'class'=>'CDbAuthManager',
'defaultRoles'=>array('guest'),//默认角色
'itemTable'=>'authitem',//认证项表名称
'itemChildTable'=>'authitemchild',//认证项父子关系
'assignmentTable'=>'authassignment',//认证项赋权关系
'connectionID'=>'db'
),



'authitem'这个三个表是yii默认的



2)在建立角色


?

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
 $auth= Yii::app()->authManager; //建立动做 $auth->createOperation('index','日志列表'); $auth->createOperation('view','查看日志'); $auth->createOperation('create','添加日志'); $auth->createOperation('update','更新日志'); $auth->createOperation('delete','添加列表'); //建立角色 $role=$auth->createRole('admin'); $role->addChild('index'); $role->addChild('view'); $role->addChild('create'); $role->addChild('update'); $role->addChild('delete');        
相关文章
相关标签/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公众号
   欢迎关注本站公众号,获取更多信息
联系我们 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程