The YII Framework provides 2 sets of access systems, one is a simple filter (filter) mode, the other is a complex and comprehensive RBAC mode, and I'm going to talk about the first set here (because I've just learned this). If you have studied the official Yii demo blog, you must know that, for example, the user module automatically generated by the GII, automatically comes with a simple filter permission assignment, details please refer to the blog manual "User authentication" section, and the official Yii Guide "Authentication and Authorization" A chapter. (Note that I refer to the module here, but I personally on the user-related files collectively, and the Yii file system module) meaning different. )
Most of the files on the rights assignment are in controllers, such as opening the usercontroller.php file and you will see 2 classes of functions.
Copy CodeThe code is as follows:
Public Function Filters ()
{
Return Array (
' AccessControl ',//To implement access control for CRUD operations.
' Postonly + delete ',
);
}
Public Function Accessrules ()//This is the setting of the access rule.
{
Return Array (
Array (' Allow ',//allows all users to perform index,view actions.
' Actions ' =>array (' index ', ' View '),
' Users ' =>array (' * '),
),
Array (' Allow ',//allows only authenticated users to perform create, update action.
' Actions ' =>array (' Create ', ' Update '),
' Users ' =>array (' @ '),//@ refers to all registered users
),
Array (' Allow ',//only user username is admin to perform admin,delete action
' Actions ' =>array (' admin ', ' delete '),
' Users ' =>array (' admin '),
),//admin refers to the user name is Admin user, in hard-coded form to assign user rights.
Array (' Deny ',//Deny all access.
' Users ' =>array (' * '),
),
);
}
For more information about access rules, please refer to the official documents Http://www.yiiframework.com/doc/api/1.1/CAccessControlFilter
OK, now we have to start to set the right assignment for our own needs. We want the filter access control mode to be a bit more perfect, and in common sense, we want it to be based on different levels of users in the user table in the database, instead of being controlled in hard-coded form.
Back to the demo blog, I first on the database of the Tbl_user table to make changes, on the original basis of adding role one. The value of add role to the original user information record is "Administrator" or "General user".
then perform the following 3 steps in turn:
1. Create the component WebUser, which is an extension to the Cwebuser.
2. Modify the config/main.php file.
3. Modify the Accessrules ().
specific details are as follows:
1.webuser.php Component code:
Copy CodeThe code is as follows:
This file must is stored in:
protected/components/webuser.php
Class WebUser extends Cwebuser {
Store model to not repeat query.
Private $_model;
Return First name.
Access it by Yii::app ()->user->first_name
function Getfirst_name () {
$user = $this->loaduser (Yii::app ()->user->id);
return $user->first_name;
}
This was a function that checks the field ' role '
The User model to is equal to 1, that's means it ' s admin
Access it by Yii::app ()->user->isadmin ()
function ISAdmin () {
$user = $this->loaduser (Yii::app ()->user->id);
if ($user ==null)
return 0;
Else
return $user->role = = "Administrator";
}
Load user model.
protected function Loaduser ($id =null)
{
if ($this->_model===null)
{
if ($id!==null)
$this->_model=user::model ()->findbypk ($id);
}
return $this->_model;
}
}
?>
2. In config/main.php, find the following code, add the code marked red.
Copy CodeThe code is as follows:
' Components ' =>array (
' User ' =>array (
Enable cookie-based Authentication
' Allowautologin ' =>true,
' Class ' = ' WebUser ',
),
3. Locate the Controller class that needs to change the permissions, and make modifications to the Accessrules () function, such as the Accessrules () function of the preceding article, as follows:
Copy CodeThe code is as follows:
Public Function Accessrules ()//This is the setting of the access rule. {
Return Array (
Array (' Allow ',//allows all users to perform index,view actions.
' Actions ' =>array (' index ', ' View '),
' Users ' =>array (' * '),//* identifies all users including registered, unregistered, general, administrator-level
),
Array (' Allow ',//allows only authenticated users to perform create, update action.
' Actions ' =>array (' Create ', ' Update '),
' Users ' =>array (' @ '),//@ refers to all registered users
),
Array (' Allow ',//only user username is admin to perform admin,delete action
' Actions ' =>array (' admin ', ' delete '),
' Expression ' = ' Yii::app ()->user->isadmin () ',
This allows only users who are identified as "administrator" to access the Admin,delete action
),
Array (' Deny ',//Deny all access.
' Users ' =>array (' * '),
),
);
Work done!
http://www.bkjia.com/PHPjc/327563.html www.bkjia.com true http://www.bkjia.com/PHPjc/327563.html techarticle YII Framework provides 2 sets of access system, one is a simple filter (filter) mode, the other is a complex and comprehensive RBAC mode, I want to say here is the first set (because I also just ...
