[英]Yii2 Access denied (ForbiddenHttpException) to backend controller
I installed new Yii advanced framework. 我安装了新的Yii高级框架。 Nginx server.
Nginx服务器。
Below url is working fine: http://yii/backend/web/index.php?r=site/index 下面的url工作正常: http://yii/backend/web/index.php?r = site / index
I created new CRUD using GII and accessed: http://yii/backend/web/index.php?r=user/index 我使用GII创建了新的CRUD并访问: http://yii/backend/web/index.php?r = user / index
It showing below error: 它显示以下错误:
An Error occurred while handling another error:
exception 'yii\web\ForbiddenHttpException' with message 'You are not allowed to perform this action.' in /private/var/www/yii/advanced/vendor/yiisoft/yii2/filters/AccessControl.php:151
Stack trace:
#0 /private/var/www/yii/advanced/vendor/yiisoft/yii2/filters/AccessControl.php(134): yii\filters\AccessControl->denyAccess(Object(yii\web\User))
#1 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/ActionFilter.php(71): yii\filters\AccessControl->beforeAction(Object(yii\web\ErrorAction))
#2 [internal function]: yii\base\ActionFilter->beforeFilter(Object(yii\base\ActionEvent))
#3 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Component.php(541): call_user_func(Array, Object(yii\base\ActionEvent))
#4 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Controller.php(263): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent))
#5 /private/var/www/yii/advanced/vendor/yiisoft/yii2/web/Controller.php(108): yii\base\Controller->beforeAction(Object(yii\web\ErrorAction))
#6 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Controller.php(149): yii\web\Controller->beforeAction(Object(yii\web\ErrorAction))
#7 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Module.php(455): yii\base\Controller->runAction('error', Array)
#8 /private/var/www/yii/advanced/vendor/yiisoft/yii2/web/ErrorHandler.php(85): yii\base\Module->runAction('site/error')
#9 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/ErrorHandler.php(109): yii\web\ErrorHandler->renderException(Object(yii\web\NotFoundHttpException))
#10 [internal function]: yii\base\ErrorHandler->handleException(Object(yii\web\NotFoundHttpException))
#11 {main}
Previous exception:
exception 'yii\base\InvalidRouteException' with message 'Unable to resolve the request "user/index".' in /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Module.php:461
Stack trace:
#0 /private/var/www/yii/advanced/vendor/yiisoft/yii2/web/Application.php(84): yii\base\Module->runAction('user/index', Array)
#1 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))
#2 /private/var/www/yii/advanced/backend/web/index.php(18): yii\base\Application->run()
#3 {main}
Next exception 'yii\web\NotFoundHttpException' with message 'Page not found.' in /private/var/www/yii/advanced/vendor/yiisoft/yii2/web/Application.php:96
Stack trace:
#0 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))
#1 /private/var/www/yii/advanced/backend/web/index.php(18): yii\base\Application->run()
#2 {main}
Did i missed any configuration? 我错过任何配置了吗?
exception 'yii\\web\\ForbiddenHttpException' with message 'You are not allowed to perform this action.'
消息为“您不允许执行此操作”的异常“ yii \\ web \\ ForbiddenHttpException”。 in /private/var/www/yii/advanced/vendor/yiisoft/yii2/filters/AccessControl.php:151
在/private/var/www/yii/advanced/vendor/yiisoft/yii2/filters/AccessControl.php:151中
Here is yii2 code 这是yii2代码
/**
* Denies the access of the user.
* The default implementation will redirect the user to the login page if he is a guest;
* if the user is already logged, a 403 HTTP exception will be thrown.
* @param User $user the current user
* @throws ForbiddenHttpException if the user is already logged in.
*/
protected function denyAccess($user)
{
if ($user->getIsGuest()) {
$user->loginRequired();
} else {
throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
//this is 152 line
}
}
So I think its very clear that you need to login first, so go to http://yii/backend/web/index.php?r=user/login . 因此,我认为很明显您需要首先登录,因此请转到http://yii/backend/web/index.php?r = user / login 。
If dont have login user/login page then remove all behaviors
section at the top of your UserController. 如果没有登录用户/登录页面,则删除UserController顶部的所有
behaviors
部分。
public function behaviors()
{
.
.
.
}
Yii2 isset AccessControl Yii2 isset AccessControl
public function behaviors()
{
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => ['create', 'update'],
'rules' => [
// deny all POST requests
[
'allow' => false,
'verbs' => ['POST']
],
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.