PHP Class yii\filters\AccessRule

Since: 2.0

Author: Qiang Xue ([email protected])

Inheritance: extends yii\base\Component

Datei anzeigen Open project: yiisoft/yii2 Class Usage Examples

Public Properties

Property	Type	Description
$actions		list of action IDs that this rule applies to. The comparison is case-sensitive. If not set or empty, it means this rule applies to all actions.
$allow		whether this is an 'allow' rule or 'deny' rule.
$controllers		list of the controller IDs that this rule applies to. Each controller ID is prefixed with the module ID (if any). The comparison is case-sensitive. If not set or empty, it means this rule applies to all controllers.
$denyCallback		a callback that will be called if this rule determines the access to the current action should be denied. If not set, the behavior will be determined by AccessControl. The signature of the callback should be as follows: php function ($rule, $action) where $rule is this rule, and $action is the current [[Action\|action]] object.
$ips		list of user IP addresses that this rule applies to. An IP address can contain the wildcard * at the end so that it matches IP addresses with the same prefix. For example, '192.168.*' matches all IP addresses in the segment '192.168.'. If not set or empty, it means this rule applies to all IP addresses.
$matchCallback		a callback that will be called to determine if the rule should be applied. The signature of the callback should be as follows: php function ($rule, $action) where $rule is this rule, and $action is the current [[Action\|action]] object. The callback should return a boolean value indicating whether this rule should be applied.
$roles		list of roles that this rule applies to. Two special roles are recognized, and they are checked via [[User::isGuest]]: - ?: matches a guest user (not authenticated yet) - @: matches an authenticated user If you are using RBAC (Role-Based Access Control), you may also specify role or permission names. In this case, [[User::can()]] will be called to check access. If this property is not set or empty, it means this rule applies to all roles.
$verbs		list of request methods (e.g. GET, POST) that this rule applies to. If not set or empty, it means this rule applies to all request methods.

Public Methods

Method	Description
allows ( Action $action, User $user, Request $request ) : boolean \| null	Checks whether the Web user is allowed to perform the specified action.

Protected Methods

Method	Description
matchAction ( Action $action ) : boolean
matchController ( Controller $controller ) : boolean
matchCustom ( Action $action ) : boolean
matchIP ( string $ip ) : boolean
matchRole ( User $user ) : boolean
matchVerb ( string $verb ) : boolean

Method Details

allows() public method

Checks whether the Web user is allowed to perform the specified action.

public allows ( Action $action, User $user, Request $request ) : boolean \| null
$action	yii\base\Action	the action to be performed
$user	yii\web\User	the user object
$request	yii\web\Request
return	boolean \| null	true if the user is allowed, false if the user is denied, null if the rule does not apply to the user

matchAction() protected method

protected matchAction ( Action $action ) : boolean
$action	yii\base\Action	the action
return	boolean	whether the rule applies to the action

matchController() protected method

protected matchController ( Controller $controller ) : boolean
$controller	yii\base\Controller	the controller
return	boolean	whether the rule applies to the controller

matchCustom() protected method

protected matchCustom ( Action $action ) : boolean
$action	yii\base\Action	the action to be performed
return	boolean	whether the rule should be applied

matchIP() protected method

protected matchIP ( string $ip ) : boolean
$ip	string	the IP address
return	boolean	whether the rule applies to the IP address

matchRole() protected method

protected matchRole ( User $user ) : boolean
$user	yii\web\User	the user object
return	boolean	whether the rule applies to the role

matchVerb() protected method

protected matchVerb ( string $verb ) : boolean
$verb	string	the request method.
return	boolean	whether the rule applies to the request

Property Details

$actions public_oe property

list of action IDs that this rule applies to. The comparison is case-sensitive. If not set or empty, it means this rule applies to all actions.

public $actions

$allow public_oe property

whether this is an 'allow' rule or 'deny' rule.

public $allow

$controllers public_oe property

list of the controller IDs that this rule applies to. Each controller ID is prefixed with the module ID (if any). The comparison is case-sensitive. If not set or empty, it means this rule applies to all controllers.

public $controllers

$denyCallback public_oe property

a callback that will be called if this rule determines the access to the current action should be denied. If not set, the behavior will be determined by AccessControl. The signature of the callback should be as follows: php function ($rule, $action) where $rule is this rule, and $action is the current [[Action|action]] object.

public $denyCallback

$ips public_oe property

list of user IP addresses that this rule applies to. An IP address can contain the wildcard * at the end so that it matches IP addresses with the same prefix. For example, '192.168.*' matches all IP addresses in the segment '192.168.'. If not set or empty, it means this rule applies to all IP addresses.

$matchCallback public_oe property

a callback that will be called to determine if the rule should be applied. The signature of the callback should be as follows: php function ($rule, $action) where $rule is this rule, and $action is the current [[Action|action]] object. The callback should return a boolean value indicating whether this rule should be applied.

public $matchCallback

$roles public_oe property

list of roles that this rule applies to. Two special roles are recognized, and they are checked via [[User::isGuest]]: - ?: matches a guest user (not authenticated yet) - @: matches an authenticated user If you are using RBAC (Role-Based Access Control), you may also specify role or permission names. In this case, [[User::can()]] will be called to check access. If this property is not set or empty, it means this rule applies to all roles.

public $roles

$verbs public_oe property

list of request methods (e.g. GET, POST) that this rule applies to. If not set or empty, it means this rule applies to all request methods.