How does rbac of Yii2 associate a specific action? Is there an example?

You can see Yii: $ app-& amp; gt; authManager-& amp; gt; createPermission (& #039; createPost & #039;) to create the createPost permission; then assign the permission to a user. I think & #039; createPost & #039; should be just the name of the permission. In fact, he may... you can see Yii: $ app-> authManager-> createPermission ('createpost') to create the createPost permission;
Then assign the permission to a user.
In my opinion, 'createpost' should only be the name of the permission. In fact, it may correspond to a logout operation (hypothesis ). So how does Yii associate permissions with specific actions?
Is it necessary to use it with AccessColtrol? If so, what is the significance of this permission? Can I just give it to role?
Please advise. 3Q first ~

Reply content:

You can see Yii: $ app-> authManager-> createPermission ('createpost') to create the createPost permission;
Then assign the permission to a user.
In my opinion, 'createpost' should only be the name of the permission. In fact, it may correspond to a logout operation (hypothesis ). So how does Yii associate permissions with specific actions?
Is it necessary to use it with AccessColtrol? If so, what is the significance of this permission? Can I just give it to role?
Please advise. 3Q first ~

I will give you an answer to the authentication judgment.

AccessColtrol is a form

The index and view actions are determined by AccessColtrol.

Public function behaviors () {return ['access' => ['class' => AccessControl: className (), 'only' => ['index', 'view ', 'create', 'update'], 'rules' => [['actions' => ['index'], // 'allow' => true, 'roles '=> ['? '],], ['Actions' => ['view', 'create', 'update'], // logon user 'allow' => true, 'roles' => ['@'],], ['actions' => ['create', 'update'], // Post request 'allow' => true, 'verbs '=> ['post'],];} public function actionIndex () {return 'guest visible';} public function actionView () {echo 'logon user visible :'. "\ n"; return Yii: $ app-> user-> identity-> id ;}

Put Rbac in their respective methods

The advantage is that it is flexible to use, but the disadvantage is that you need to write the acquaintance code every time.

Public function actionCreate () {if (Yii: $ app-> user-> can ('createpost') {return 'can ';} else {throw new UnauthorizedHttpException ('sorry, you have not yet obtained the permission for this operation. ') ;}} Public function actionUpdate () {if (Yii: $ app-> user-> can ('updatepost') {return' can ';} else {throw new UnauthorizedHttpException ('sorry, you have not yet obtained the permission for this operation. ');}}

Put Rbac in the beforeAction method.

In contrast to the above, the permission must be determined based on the request action.

Public function beforeAction ($ action) {if (parent: beforeAction ($ action) {// print_r ($ action); // pass the permission name (CreatePost) if (! Yii: $ app-> user-> can ('createpost') {throw new UnauthorizedHttpException (Yii: t ('yii', 'sorry, you have not yet obtained the permission for this operation ');} return true;} else {return false ;}}

Finally for your reference: http://www.yiichina.com/doc/guide/2.0/security-authorization

[This user has been blocked] What does it mean to be blocked?

Does the Javascript local variable have an attribute descriptor?