yii权限控制的方法(三种方法)


            本文实例讲述了yii权限控制的方法。分享给大家供大家参考，具体如下：

这里摘录以下3种：

1. 通过accessControl：





public function filters()

{

  return array(

    'accessControl', // perform access control for CRUD operations

  );

}

/**

 * Specifies the access control rules.

 * This method is used by the 'accessControl' filter.

 * @return array access control rules

 */

public function accessRules()

{

  return array(

    array('allow', // allow authenticated users to access all actions

      'users'=>array('@'),

    ),

    array('deny', // deny all users

      'users'=>array('*'),

    ),

  );

}







2. 通过插件（如：right）





public function filters()

{

  return array(

    'rights',

  );

}







3. 混合模式:





/**

 * @return array action filters

 */

public function filters()

{

  return array(

    'updateOwn + update', // Apply this filter only for the update action.

    'rights',

  );

}

/**

 * Filter method for checking whether the currently logged in user

 * is the author of the post being accessed.

 */

public function filterUpdateOwn($filterChain)

{

  $post=$this->loadModel();

  // Remove the 'rights' filter if the user is updating an own post

  // and has the permission to do so.

  if(Yii::app()->user->checkAccess('PostUpdateOwn', array('userid'=>$post->author_id)))

    $filterChain->removeAt(1);

  $filterChain->run();

}







如果有权限的基础上，开放某些动作的权限，可以通过allowedActions:





public function allowedActions()

{

  return 'autocomplate,autocomplate2';

}







希望本文所述对大家基于Yii框架的PHP程序设计有所帮助。