Yii2访问控制规则不会拒绝访客
[英]Yii2 access controll rule doesn't deny guests
问题描述
Here is code that I use for allowing authenticated users to do some actions 
这是我用于允许经过身份验证的用户执行某些操作的代码
'access' => [
'class' => AccessControl::className(),
'only' => ['logout', 'signup'],
'rules' => [
[
'actions' => ['show'],
'allow' => true,
'roles' => ['?'],
],
[
'actions' => ['create', 'edit'],
'allow' => true,
'roles' => ['@'],
],
],
],
But this rules allow guests to enter create action. 但是,此规则允许访客输入创建动作。 Afaik, by default guest users must be denied. Afaik,默认情况下,必须拒绝来宾用户。 What am I doing wrong? 我究竟做错了什么?
1 个解决方案
解决方案1
1 2015-05-18 09:20:35
Modify your code to: 修改您的代码以:
'access' => [
'class' => AccessControl::className(),
'only' => ['logout', 'signup', 'create', 'edit'],
'rules' => [
[
'actions' => ['show'],
'allow' => true,
'roles' => ['?'],
],
[
'actions' => ['create', 'edit'],
'allow' => true,
'roles' => ['@'],
],
],
],
Only array should contain List of action IDs that this filter should apply to. 仅数组应包含此过滤器应应用的操作ID列表。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Yii2 AccessControl-拒绝访问的奇怪行为 - Yii2 AccessControl - Strange behavior for deny access
拒绝访问该角色的应用程序。 Yii2 - Deny access to the application for the role. Yii2
Yii2 URL管理器不解析规则 - Yii2 URL manager doesn't parse the rule
比较规则yii2无法正常工作 - Compare rule yii2 doesn't work correctly
在Yii2中处理客人以防止经常检查 - Handling Guests in Yii2 to prevent constant checks
函数rules()不起作用yii2 - Function rules() doesn't work yii2
Yii2:checkboxList不显示ArrayDataProvider - Yii2: checkboxList doesn't show ArrayDataProvider
Yii2 loginform无法正常工作 - Yii2 loginform doesn't work correctly
表单模板不起作用 (yii2) - Form template doesn't work (yii2)
yii2验证码图片未显示 - yii2 captcha image doesn't show
相关标签