Yii Framework v1.1.10 绫诲弬鑰

CAccessRule

system.web.auth
缁ф壙 class CAccessRule » CComponent
婧愯嚜 1.0
鐗堟湰 $Id: CAccessControlFilter.php 3515 2011-12-28 12:29:24Z mdomba $
婧愮爜 framework/web/auth/CAccessControlFilter.php
CAccessRule浠h〃鐢CAccessControlFilter绠$悊鐨勮闂鍒欍

鍏叡灞炴

闅愯棌缁ф壙灞炴

灞炴绫诲瀷鎻忚堪瀹氫箟鍦
actions array 璇ヨ鍒欏彲搴旂敤鐨勫姩浣淚D鍒楄〃銆傝繖涓瘮杈冭繃绋嬫槸涓嶅垎澶у皬鍐欑殑銆 濡傛灉娌℃湁鎸囧畾鍔ㄤ綔锛岄偅涔堝氨浼氬簲鐢ㄥ埌鎵鏈夌殑鍔ㄤ綔銆 CAccessRule
allow boolean 璇ヨ鍒欐槸鈥榓llow鈥欒繕鏄檇eny鈥樸 CAccessRule
controllers array 璇ヨ鍒欏彲搴旂敤鐨勬帶鍒跺櫒ID鍒楄〃銆傝繖涓瘮杈冭繃绋嬫槸涓嶅垎澶у皬鍐欑殑銆 CAccessRule
expression string 鐢≒HP琛ㄨ揪寮忔潵鎸囧嚭浠涔堟儏鍐典笅璇ヨ鍒欐墠浼氱敓鏁堛 鍦ㄨ〃杈惧紡閲岄潰锛屼綘鍙互浣跨敤$user鏉ヤ唬鏇夸娇鐢Yii::app()->user銆 杩欎釜琛ㄨ揪寮忎篃鍙互浣跨敤PHP鍥炶皟鍑芥暟锛 鍖呮嫭绫荤殑鏂规硶鍚嶏紙array(ClassName/Object, MethodName)锛夛紝 鎴栬呮槸鍖垮悕鍑芥暟锛圥HP 5. CAccessRule
ips IP瑙勫垯銆 CAccessRule
message string 褰撹瑙勫垯楠岃瘉褰撳墠璇锋眰娌℃湁鏉冮檺鏃舵墍鏄剧ず鐨勯敊璇俊鎭 濡傛灉娌℃湁璁剧疆锛岄偅涔堝氨浼氭樉绀洪粯璁ょ殑淇℃伅銆 CAccessRule
roles array 璇ヨ鍒欏彲搴旂敤鐨勮鑹插垪琛ㄣ傚浜庢瘡涓涓鑹诧紝閮戒細璋冪敤 褰撳墠鐢ㄦ埛鐨CWebUser::checkAccess銆傚彧瑕佹湁涓涓皟鐢 杩斿洖true锛屽氨閫氳繃杩欎釜瑙勫垯浜嗐 娉ㄦ剰鐨勬槸锛屼綘搴旇鍦ㄢ檃llow鈥樿鍒欓噷闈娇鐢ㄨ鑹诧紝鍥犱负浠庡畾涔変笂鏉ヨ锛 涓涓鑹插弽鏄犵殑鏄潈闄愮殑闆嗗悎銆 CAccessRule
users array 璇ヨ鍒欏彲搴旂敤鐨勭敤鎴峰悕鍒楄〃銆傝繖涓瘮杈冭繃绋嬫槸涓嶅垎澶у皬鍐欑殑銆 濡傛灉娌℃湁鎸囧畾鐢ㄦ埛鍚嶏紝閭d箞杩欎釜瑙勫垯灏变細搴旂敤浜庢墍鏈夌敤鎴枫 CAccessRule
verbs array 璇ヨ鍒欏彲搴旂敤鐨勮姹傜被鍨嬪垪琛紙姣斿锛欸ET锛孭OST锛夈 CAccessRule

鍏叡鏂规硶

闅愯棌缁ф壙鏂规硶

鏂规硶鎻忚堪瀹氫箟鍦
__call() 濡傛灉绫讳腑娌℃湁璋冪殑鏂规硶鍚嶏紝鍒欒皟鐢ㄨ繖涓柟娉曘 CComponent
__get() 杩斿洖涓涓睘鎬у笺佷竴涓簨浠跺鐞嗙▼搴忓垪琛ㄦ垨涓涓涓哄悕绉般 CComponent
__isset() 妫鏌ヤ竴涓睘鎬ф槸鍚︿负null銆 CComponent
__set() 璁剧疆涓涓粍浠剁殑灞炴у笺 CComponent
__unset() 璁剧疆涓涓粍浠剁殑灞炴т负null銆 CComponent
asa() 杩斿洖杩欎釜鍚嶅瓧鐨勮涓哄璞° CComponent
attachBehavior() 闄勫姞涓涓涓哄埌缁勪欢銆 CComponent
attachBehaviors() 闄勫姞涓涓涓哄垪琛ㄥ埌缁勪欢銆 CComponent
attachEventHandler() 涓轰簨浠堕檮鍔犱竴涓簨浠跺鐞嗙▼搴忋 CComponent
canGetProperty() 纭畾灞炴ф槸鍚﹀彲璇汇 CComponent
canSetProperty() 纭畾灞炴ф槸鍚﹀彲鍐欍 CComponent
detachBehavior() 浠庣粍浠朵腑鍒嗙涓涓涓恒 CComponent
detachBehaviors() 浠庣粍浠朵腑鍒嗙鎵鏈夎涓恒 CComponent
detachEventHandler() 鍒嗙涓涓瓨鍦ㄧ殑浜嬩欢澶勭悊绋嬪簭銆 CComponent
disableBehavior() 绂佺敤涓涓檮鍔犺涓恒 CComponent
disableBehaviors() 绂佺敤缁勪欢闄勫姞鐨勬墍鏈夎涓恒 CComponent
enableBehavior() 鍚敤涓涓檮鍔犺涓恒 CComponent
enableBehaviors() 鍚敤缁勪欢闄勫姞鐨勬墍鏈夎涓恒 CComponent
evaluateExpression() 璁$畻涓涓狿HP琛ㄨ揪寮忥紝鎴栨牴鎹粍浠朵笂涓嬫枃鎵ц鍥炶皟銆 CComponent
getEventHandlers() 杩斿洖涓涓簨浠剁殑闄勫姞澶勭悊绋嬪簭鍒楄〃銆 CComponent
hasEvent() 纭畾涓涓簨浠舵槸鍚﹀畾涔夈 CComponent
hasEventHandler() 妫鏌ヤ簨浠舵槸鍚︽湁闄勫姞鐨勫鐞嗙▼搴忋 CComponent
hasProperty() 纭畾灞炴ф槸鍚﹁瀹氫箟銆 CComponent
isUserAllowed() 妫鏌ュ綋鍓嶇敤鎴锋槸鍚﹀厑璁歌闂寚瀹氱殑鍔ㄤ綔銆 CAccessRule
raiseEvent() 鍙戣捣涓涓簨浠躲 CComponent

鍙椾繚鎶ゆ柟娉

闅愯棌缁ф壙鏂规硶

鏂规硶鎻忚堪瀹氫箟鍦
isActionMatched() CAccessRule
isControllerMatched() CAccessRule
isExpressionMatched() CAccessRule
isIpMatched() CAccessRule
isRoleMatched() CAccessRule
isUserMatched() CAccessRule
isVerbMatched() CAccessRule

灞炴ц缁

actions 灞炴
public array $actions;

璇ヨ鍒欏彲搴旂敤鐨勫姩浣淚D鍒楄〃銆傝繖涓瘮杈冭繃绋嬫槸涓嶅垎澶у皬鍐欑殑銆 濡傛灉娌℃湁鎸囧畾鍔ㄤ綔锛岄偅涔堝氨浼氬簲鐢ㄥ埌鎵鏈夌殑鍔ㄤ綔銆

allow 灞炴
public boolean $allow;

璇ヨ鍒欐槸鈥榓llow鈥欒繕鏄檇eny鈥樸

controllers 灞炴
public array $controllers;

璇ヨ鍒欏彲搴旂敤鐨勬帶鍒跺櫒ID鍒楄〃銆傝繖涓瘮杈冭繃绋嬫槸涓嶅垎澶у皬鍐欑殑銆

expression 灞炴
public string $expression;

鐢≒HP琛ㄨ揪寮忔潵鎸囧嚭浠涔堟儏鍐典笅璇ヨ鍒欐墠浼氱敓鏁堛 鍦ㄨ〃杈惧紡閲岄潰锛屼綘鍙互浣跨敤$user鏉ヤ唬鏇夸娇鐢Yii::app()->user銆 杩欎釜琛ㄨ揪寮忎篃鍙互浣跨敤PHP鍥炶皟鍑芥暟锛 鍖呮嫭绫荤殑鏂规硶鍚嶏紙array(ClassName/Object, MethodName)锛夛紝 鎴栬呮槸鍖垮悕鍑芥暟锛圥HP 5.3.0+锛夈傝繖涓嚱鏁/鏂规硶鍚嶅簲鍏蜂綋涓嬮潰鐨勬牸寮忥細 

function foo($user, $rule) { ... }
$user鏄寚褰撳墠搴旂敤鐨勮闂敤鎴峰璞★紝$rule鏄繖涓闂鍒欍

ips 灞炴
public IP瑙勫垯銆 $ips;

message 灞炴 锛堝彲鐢ㄨ嚜 v1.1.1锛
public string $message;

褰撹瑙勫垯楠岃瘉褰撳墠璇锋眰娌℃湁鏉冮檺鏃舵墍鏄剧ず鐨勯敊璇俊鎭 濡傛灉娌℃湁璁剧疆锛岄偅涔堝氨浼氭樉绀洪粯璁ょ殑淇℃伅銆

roles 灞炴
public array $roles;

璇ヨ鍒欏彲搴旂敤鐨勮鑹插垪琛ㄣ傚浜庢瘡涓涓鑹诧紝閮戒細璋冪敤 褰撳墠鐢ㄦ埛鐨CWebUser::checkAccess銆傚彧瑕佹湁涓涓皟鐢 杩斿洖true锛屽氨閫氳繃杩欎釜瑙勫垯浜嗐 娉ㄦ剰鐨勬槸锛屼綘搴旇鍦ㄢ檃llow鈥樿鍒欓噷闈娇鐢ㄨ鑹诧紝鍥犱负浠庡畾涔変笂鏉ヨ锛 涓涓鑹插弽鏄犵殑鏄潈闄愮殑闆嗗悎銆

鍙傝

users 灞炴
public array $users;

璇ヨ鍒欏彲搴旂敤鐨勭敤鎴峰悕鍒楄〃銆傝繖涓瘮杈冭繃绋嬫槸涓嶅垎澶у皬鍐欑殑銆 濡傛灉娌℃湁鎸囧畾鐢ㄦ埛鍚嶏紝閭d箞杩欎釜瑙勫垯灏变細搴旂敤浜庢墍鏈夌敤鎴枫

verbs 灞炴
public array $verbs;

璇ヨ鍒欏彲搴旂敤鐨勮姹傜被鍨嬪垪琛紙姣斿锛欸ET锛孭OST锛夈

鏂规硶璇︾粏

isActionMatched() 鏂规硶
protected boolean isActionMatched(CAction $action)
$action CAction 鍔ㄤ綔瀵硅薄
{return} boolean 鏄惁璇ヨ鍒欏彲搴旂敤浜庤鍔ㄤ綔銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#254 (鏄剧ず)
protected function isActionMatched($action)
{
    return empty($this->actions) || in_array(strtolower($action->getId()),$this->actions);
}

isControllerMatched() 鏂规硶
protected boolean isControllerMatched(CAction $controller)
$controller CAction 鎺у埗鍣ㄥ璞
{return} boolean 鏄惁璇ヨ鍒欏彲搴旂敤浜庤鎺у埗鍣ㄣ
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#263 (鏄剧ず)
protected function isControllerMatched($controller)
{
    return empty($this->controllers) || in_array(strtolower($controller->getId()),$this->controllers);
}

isExpressionMatched() 鏂规硶
protected boolean isExpressionMatched(IWebUser $user)
$user IWebUser 鐢ㄦ埛瀵硅薄
{return} boolean 琛ㄨ揪寮忕殑鍐呭銆傚鏋滆琛ㄨ揪寮忔病鏈夋寚瀹氬唴瀹癸紝鍒欒繑鍥瀟rue銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#335 (鏄剧ず)
protected function isExpressionMatched($user)
{
    if($this->expression===null)
        return true;
    else
        return $this->evaluateExpression($this->expression, array('user'=>$user));
}

isIpMatched() 鏂规硶
protected boolean isIpMatched(string $ip)
$ip string IP鍦板潃
{return} boolean 鏄惁璇ヨ鍒欏彲搴旂敤浜庤IP鍦板潃銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#310 (鏄剧ず)
protected function isIpMatched($ip)
{
    if(empty($this->ips))
        return true;
    foreach($this->ips as $rule)
    {
        if($rule==='*' || $rule===$ip || (($pos=strpos($rule,'*'))!==false && !strncmp($ip,$rule,$pos)))
            return true;
    }
    return false;
}

isRoleMatched() 鏂规硶
protected boolean isRoleMatched(IWebUser $user)
$user IWebUser 鐢ㄦ埛瀵硅薄
{return} boolean 鏄惁璇ヨ鍒欏彲搴旂敤浜庤瑙掕壊銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#294 (鏄剧ず)
protected function isRoleMatched($user)
{
    if(empty($this->roles))
        return true;
    foreach($this->roles as $role)
    {
        if($user->checkAccess($role))
            return true;
    }
    return false;
}

isUserAllowed() 鏂规硶
public integer isUserAllowed(CWebUser $user, CController $controller, CAction $action, string $ip, string $verb)
$user CWebUser 鐢ㄦ埛瀵硅薄
$controller CController 褰撳墠璋冪敤鐨勬帶鍒跺櫒瀵硅薄
$action CAction 鍑嗗璋冪敤鐨勫姩浣滃璞
$ip string 璇锋眰鐨処P鍦板潃
$verb string 璇锋眰绫诲瀷锛堝锛欸ET锛孭OST鈥︹︼級
{return} integer 杩斿洖鍊硷細1琛ㄧず鍏佽璇ョ敤鎴凤紝-1琛ㄧず涓嶇姝㈣鐢ㄦ埛锛0琛ㄧず娌℃湁搴旂敤鍒拌鐢ㄦ埛銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#236 (鏄剧ず)
public function isUserAllowed($user,$controller,$action,$ip,$verb)
{
    if($this->isActionMatched($action)
        && $this->isUserMatched($user)
        && $this->isRoleMatched($user)
        && $this->isIpMatched($ip)
        && $this->isVerbMatched($verb)
        && $this->isControllerMatched($controller)
        && $this->isExpressionMatched($user))
        return $this->allow : -1;
    else
        return 0;
}

妫鏌ュ綋鍓嶇敤鎴锋槸鍚﹀厑璁歌闂寚瀹氱殑鍔ㄤ綔銆

isUserMatched() 鏂规硶
protected boolean isUserMatched(IWebUser $user)
$user IWebUser 鐢ㄦ埛瀵硅薄
{return} boolean 鏄惁璇ヨ鍒欏彲搴旂敤浜庤鐢ㄦ埛銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#272 (鏄剧ず)
protected function isUserMatched($user)
{
    if(empty($this->users))
        return true;
    foreach($this->users as $u)
    {
        if($u==='*')
            return true;
        else if($u==='?' && $user->getIsGuest())
            return true;
        else if($u==='@' && !$user->getIsGuest())
            return true;
        else if(!strcasecmp($u,$user->getName()))
            return true;
    }
    return false;
}

isVerbMatched() 鏂规硶
protected boolean isVerbMatched(string $verb)
$verb string 璇锋眰鏂规硶
{return} boolean 鏄惁璇ヨ鍒欏彲搴旂敤浜庤璇锋眰銆
婧愮爜锛 framework/web/auth/CAccessControlFilter.php#326 (鏄剧ず)
protected function isVerbMatched($verb)
{
    return empty($this->verbs) || in_array(strtolower($verb),$this->verbs);
}

Copyright © 2008-2011 by Yii Software LLC
All Rights Reserved.