Yii Framework v1.1.10 绫诲弬鑰

CAccessControlFilter

system.web.auth
缁ф壙 class CAccessControlFilter » CFilter » CComponent
瀹炵幇 IFilter
婧愯嚜 1.0
鐗堟湰 $Id: CAccessControlFilter.php 3515 2011-12-28 12:29:24Z mdomba $
婧愮爜 framework/web/auth/CAccessControlFilter.php
CAccessControlFilter鎵ц鎸囧畾鐨勬巿鏉冩鏌ユ搷浣溿

閫氳繃鍚敤姝よ繃婊ゅ櫒锛屾帶鍒跺櫒鐨勫姩浣滄墽琛岀殑鏃跺欎細妫鏌ユ潈闄愩 褰撶敤鎴风‘璁ら氳繃涓涓畨鍏ㄨ鍒欐垨鍏佽涓涓槑纭殑瑙勫垯鏃讹紝 浠栧氨鍙互鎵ц姝ゅ姩浣溿

涓轰簡鏇撮珮鐨勫畨鍏ㄦэ紝鍙互鑰冭檻澧炲姞濡備笅浠g爜锛 
array('deny')
浣跨敤涓婅堪鐨勮鍒欏悗锛岄粯璁ゆ儏鍐典笅浼氭嫆缁濇墍鏈夌殑鍔ㄤ綔銆

鍙互閫氳繃璁剧疆rules灞炴ф潵鎸囧畾璁块棶瑙勫垯锛 杩欎簺瑙勫垯搴旇鏄竴涓暟缁勶紝姣忎釜鎸囧畾鐨勮鍒欐槸杩欎釜鏁扮粍涓殑涓涓厓绱犮傚涓嬫墍绀猴細 
array(
  'allow',  // or 'deny'
  //鍙夎鍒欙紝鏈鍒欓傜敤浜庡垪鍑虹殑鎵鏈夊姩浣淚D锛堜笉鍖哄垎澶у皬鍐欙級
  //濡傛灉鏈寚瀹氭椤癸紝鍒欒鍒欓傜敤浜庢墍鏈夊姩浣溿
  'actions'=>array('edit', 'delete'),
  //鍙夎鍒欙紝鏈鍒欓傜敤浜庡垪鍑虹殑鎵鏈夋帶鍒跺櫒ID锛堜笉鍖哄垎澶у皬鍐欙級
  'controllers'=>array('post', 'admin/user'),
  //鍙夎鍒欙紝鏈鍒欓傜敤浜庡垪鍑虹殑鎵鏈夌敤鎴稩D锛堜笉鍖哄垎澶у皬鍐欙級
  //浣跨敤*鍙疯〃绀烘墍鏈夌敤鎴凤紝锛熷彿琛ㄧず鏉ュ鐢ㄦ埛锛孈琛ㄧず閫氳繃韬唤楠岃瘉鐨勭敤鎴枫
  'users'=>array('thomas', 'kevin'),
  //鍙夎鍒欙紝鏈鍒欓傜敤浜庡垪鍑虹殑鎵鏈夎鑹诧紙鍖哄垎澶у皬鍐欙級銆
  'roles'=>array('admin', 'editor'),
  //鍙夎鍒欙紝鏈鍒欓傜敤浜庡垪鍑虹殑鎵鏈塈P鍦板潃銆
  //濡127.0.0.1, 127.0.0.*
  'ips'=>array('127.0.0.1'),
  //鍙夎鍒欙紝鏈鍒欓傜敤浜庡垪鍑虹殑鎵鏈夎姹傜被鍨嬶紙鍖哄垎澶у皬鍐欙級銆
  'verbs'=>array('GET', 'POST'),
  //鍙夎鍒欙紝涓涓狿HP琛ㄨ揪寮忥紝鍏跺艰〃绀烘瑙勫垯鏄惁閫傜敤
  'expression'=>'!$user->isGuest && $user->level==2',
  //鍙夎鍒欙紝鏄剧ず鑷畾涔夌殑閿欒娑堟伅
  //鑷1.1.1鐗堝悗锛屾閫夐」寮濮嬩娇鐢ㄣ
  'message'=>'Access Denied.',
)

鍏叡灞炴

闅愯棌缁ф壙灞炴

灞炴绫诲瀷鎻忚堪瀹氫箟鍦
message string 鎺堟潈澶辫触鏃舵樉绀洪敊璇秷鎭 杩欎釜灞炴у彲浠ラ氳繃涓埆璁块棶瑙勫垯瑕嗙洊CAccessRule::message銆 濡傛灉杩欎釜灞炴ф湭琚缃紝鍒欎細鏄剧ず榛樿鐨勯敊璇彁绀恒 CAccessControlFilter
rules array 璁块棶瑙勫垯鍒楄〃銆 CAccessControlFilter

鍏叡鏂规硶

闅愯棌缁ф壙鏂规硶

鏂规硶鎻忚堪瀹氫箟鍦
__call() 濡傛灉绫讳腑娌℃湁璋冪殑鏂规硶鍚嶏紝鍒欒皟鐢ㄨ繖涓柟娉曘 CComponent
__get() 杩斿洖涓涓睘鎬у笺佷竴涓簨浠跺鐞嗙▼搴忓垪琛ㄦ垨涓涓涓哄悕绉般 CComponent
__isset() 妫鏌ヤ竴涓睘鎬ф槸鍚︿负null銆 CComponent
__set() 璁剧疆涓涓粍浠剁殑灞炴у笺 CComponent
__unset() 璁剧疆涓涓粍浠剁殑灞炴т负null銆 CComponent
asa() 杩斿洖杩欎釜鍚嶅瓧鐨勮涓哄璞° CComponent
attachBehavior() 闄勫姞涓涓涓哄埌缁勪欢銆 CComponent
attachBehaviors() 闄勫姞涓涓涓哄垪琛ㄥ埌缁勪欢銆 CComponent
attachEventHandler() 涓轰簨浠堕檮鍔犱竴涓簨浠跺鐞嗙▼搴忋 CComponent
canGetProperty() 纭畾灞炴ф槸鍚﹀彲璇汇 CComponent
canSetProperty() 纭畾灞炴ф槸鍚﹀彲鍐欍 CComponent
detachBehavior() 浠庣粍浠朵腑鍒嗙涓涓涓恒 CComponent
detachBehaviors() 浠庣粍浠朵腑鍒嗙鎵鏈夎涓恒 CComponent
detachEventHandler() 鍒嗙涓涓瓨鍦ㄧ殑浜嬩欢澶勭悊绋嬪簭銆 CComponent
disableBehavior() 绂佺敤涓涓檮鍔犺涓恒 CComponent
disableBehaviors() 绂佺敤缁勪欢闄勫姞鐨勬墍鏈夎涓恒 CComponent
enableBehavior() 鍚敤涓涓檮鍔犺涓恒 CComponent
enableBehaviors() 鍚敤缁勪欢闄勫姞鐨勬墍鏈夎涓恒 CComponent
evaluateExpression() 璁$畻涓涓狿HP琛ㄨ揪寮忥紝鎴栨牴鎹粍浠朵笂涓嬫枃鎵ц鍥炶皟銆 CComponent
filter() 鎵ц杩囨护銆 CFilter
getEventHandlers() 杩斿洖涓涓簨浠剁殑闄勫姞澶勭悊绋嬪簭鍒楄〃銆 CComponent
getRules() 杩斿洖璁块棶瑙勫垯鍒楄〃銆 CAccessControlFilter
hasEvent() 纭畾涓涓簨浠舵槸鍚﹀畾涔夈 CComponent
hasEventHandler() 妫鏌ヤ簨浠舵槸鍚︽湁闄勫姞鐨勫鐞嗙▼搴忋 CComponent
hasProperty() 纭畾灞炴ф槸鍚﹁瀹氫箟銆 CComponent
init() 鍒濆鍖栬繃婊ゅ櫒銆 CFilter
raiseEvent() 鍙戣捣涓涓簨浠躲 CComponent
setRules() 璁剧疆璁块棶瑙勫垯鍒楄〃銆 CAccessControlFilter

鍙椾繚鎶ゆ柟娉

闅愯棌缁ф壙鏂规硶

鏂规硶鎻忚堪瀹氫箟鍦
accessDenied() 鎷掔粷鐢ㄦ埛璁块棶銆 CAccessControlFilter
postFilter() 鎵цpost鎿嶄綔杩囨护鍣ㄣ CFilter
preFilter() 鎵ц琛屽姩鍓嶇殑杩囨护銆 CAccessControlFilter
resolveErrorMessage() 瑙f瀽瑕佹樉绀虹殑閿欒淇℃伅銆 CAccessControlFilter

灞炴ц缁

message 灞炴 锛堝彲鐢ㄨ嚜 v1.1.1锛
public string $message;

鎺堟潈澶辫触鏃舵樉绀洪敊璇秷鎭 杩欎釜灞炴у彲浠ラ氳繃涓埆璁块棶瑙勫垯瑕嗙洊CAccessRule::message銆 濡傛灉杩欎釜灞炴ф湭琚缃紝鍒欎細鏄剧ず榛樿鐨勯敊璇彁绀恒

rules 灞炴
public array getRules()
public void setRules(array $rules)

璁块棶瑙勫垯鍒楄〃銆

鏂规硶璇︾粏

accessDenied() 鏂规硶
protected void accessDenied(IWebUser $user, string $message)
$user IWebUser 褰撳墠鐢ㄦ埛
$message string 瑕佹樉绀虹殑閿欒淇℃伅
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#152 (鏄剧ず)
protected function accessDenied($user,$message)
{
    if($user->getIsGuest())
        $user->loginRequired();
    else
        throw new CHttpException(403,$message);
}

鎷掔粷鐢ㄦ埛璁块棶銆 璁块棶妫鏌ュけ璐ユ椂锛岃皟鐢ㄦ鏂规硶銆

getRules() 鏂规硶
public array getRules()
{return} array 璁块棶瑙勫垯鍒楄〃銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#72 (鏄剧ず)
public function getRules()
{
    return $this->_rules;
}

preFilter() 鏂规硶
protected boolean preFilter(CFilterChain $filterChain)
$filterChain CFilterChain 宸茬粡寮鍚殑杩囨护鍣ㄩ摼
{return} boolean 杩囨护杩囩▼涓槸鍚﹀簲璇ョ户缁 鎵ц璇ュ姩浣溿
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#106 (鏄剧ず)
protected function preFilter($filterChain)
{
    $app=Yii::app();
    $request=$app->getRequest();
    $user=$app->getUser();
    $verb=$request->getRequestType();
    $ip=$request->getUserHostAddress();

    foreach($this->getRules() as $rule)
    {
        if(($allow=$rule->isUserAllowed($user,$filterChain->controller,$filterChain->action,$ip,$verb))>0// allowed
            break;
        else if($allow<0// denied
        {
            $this->accessDenied($user,$this->resolveErrorMessage($rule));
            return false;
        }
    }

    return true;
}

鎵ц琛屽姩鍓嶇殑杩囨护銆

resolveErrorMessage() 鏂规硶 锛堝彲鐢ㄨ嚜 v1.1.1锛
protected string resolveErrorMessage(CAccessRule $rule)
$rule CAccessRule 璁块棶瑙勫垯
{return} string 閿欒淇℃伅
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#136 (鏄剧ず)
protected function resolveErrorMessage($rule)
{
    if($rule->message!==null)
        return $rule->message;
    else if($this->message!==null)
        return $this->message;
    else
        return Yii::t('yii','You are not authorized to perform this action.');
}

瑙f瀽瑕佹樉绀虹殑閿欒淇℃伅銆 杩欎釜鏂规硶浼氭鏌messageCAccessRule::message浠ョ‘瀹 瑕佹樉绀轰粈涔堝唴瀹圭殑閿欒淇℃伅銆

setRules() 鏂规硶
public void setRules(array $rules)
$rules array 璁块棶瑙勫垯鍒楄〃銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#80 (鏄剧ず)
public function setRules($rules)
{
    foreach($rules as $rule)
    {
        if(is_array($rule) && isset($rule[0]))
        {
            $r=new CAccessRule;
            $r->allow=$rule[0]==='allow';
            foreach(array_slice($rule,1) as $name=>$value)
            {
                if($name==='expression' || $name==='roles' || $name==='message')
                    $r->$name=$value;
                else
                    $r->$name=array_map('strtolower',$value);
            }
            $this->_rules[]=$r;
        }
    }
}

Copyright © 2008-2011 by Yii Software LLC
All Rights Reserved.