yii中的访问控制列表或基于角色的访问控制
[英]Access Control Lists or Role-based access control in yii
问题描述
hy i wanna understand what it the best methode to use and how if there is a simple exemple because i can't specify whitch rol to give to witch personne 
嗨,我想了解什么是最好的方法,以及如何使用一个简单的例子,因为我无法指定向女巫角色提供的抽筋
public function accessRules()
{
return array(
array('allow', // allow authenticated to perform 'index' and 'view' actions
'actions'=>array('index','view'),
'users'=>array('@'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('admin','delete'),
'users'=>array('admin'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
2 个解决方案
解决方案1
3 已采纳 2014-09-29 11:46:55
You can specify based on user roles like for editor you want show only edit user features and for publisher you can provide only access to block and unblock the user and so on. 您可以基于用户角色进行指定,例如对于您想要只显示编辑用户功能的编辑者,对于发布者,您只能提供阻止和取消阻止用户的访问权限等等。 For eg: We have used the below code in our project 例如:我们在项目中使用了以下代码
public function accessRules()
{
if(isset(Yii::app()->user->role) && Yii::app()->user->role == "superadmin"){
$arr = array('create','update','admin','delete','block','help','download','forgot');
} elseif(isset(Yii::app()->user->role) && Yii::app()->user->role == "admin") {
$arr = array('help','download','forgot');
} elseif(isset(Yii::app()->user->role) && Yii::app()->user->role == "editor") {
$arr = array('update');
} elseif(isset(Yii::app()->user->role) && Yii::app()->user->role == "publisher") {
$arr = array('block');
} else {
$arr = array('');
}
return array(
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>$arr,
'users'=>array('@'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
Like wise you want to show a page only to registered user and some of the pages for both registered and guest users. 同样,您只想向注册用户显示一个页面,而对注册用户和来宾用户则显示一些页面。 We can do the same in the accessRules() function 我们可以在accessRules()函数中执行相同的操作
To allow all users 允许所有用户
array('allow',
'actions'=>array('create','update'),
'users'=>array('*'),
),
To allow only registered users 只允许注册用户
array('allow',
'actions'=>array('create','update'),
'users'=>array('@'),
),
To create restriction based on usernames 根据用户名创建限制
array('allow',
'actions'=>array('create','update'),
'users'=>array('username1','username2'),
),
解决方案2
0 2014-09-29 14:15:52
Try this Yii Extension, may be this will be help you - 试试这个Yii扩展程序,可能会对您有帮助-
http://www.yiiframework.com/extension/rbam http://www.yiiframework.com/extension/rbam
Or Get an idea from - Yii framework : role based access control 或从-Yii框架中获得想法:基于角色的访问控制
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.