PHP Class yii\filters\AccessRule

Since: 2.0
Author: Qiang Xue ([email protected])
Inheritance: extends yii\base\Component
ファイルを表示 Open project: yiisoft/yii2 Class Usage Examples

Public Properties

Property Type Description
$actions list of action IDs that this rule applies to. The comparison is case-sensitive. If not set or empty, it means this rule applies to all actions.
$allow whether this is an 'allow' rule or 'deny' rule.
$controllers list of the controller IDs that this rule applies to. Each controller ID is prefixed with the module ID (if any). The comparison is case-sensitive. If not set or empty, it means this rule applies to all controllers.
$denyCallback a callback that will be called if this rule determines the access to the current action should be denied. If not set, the behavior will be determined by AccessControl. The signature of the callback should be as follows: php function ($rule, $action) where $rule is this rule, and $action is the current [[Action|action]] object.
$ips list of user IP addresses that this rule applies to. An IP address can contain the wildcard * at the end so that it matches IP addresses with the same prefix. For example, '192.168.*' matches all IP addresses in the segment '192.168.'. If not set or empty, it means this rule applies to all IP addresses.
$matchCallback a callback that will be called to determine if the rule should be applied. The signature of the callback should be as follows: php function ($rule, $action) where $rule is this rule, and $action is the current [[Action|action]] object. The callback should return a boolean value indicating whether this rule should be applied.
$roles list of roles that this rule applies to. Two special roles are recognized, and they are checked via [[User::isGuest]]: - ?: matches a guest user (not authenticated yet) - @: matches an authenticated user If you are using RBAC (Role-Based Access Control), you may also specify role or permission names. In this case, [[User::can()]] will be called to check access. If this property is not set or empty, it means this rule applies to all roles.
$verbs list of request methods (e.g. GET, POST) that this rule applies to. If not set or empty, it means this rule applies to all request methods.

Public Methods

Method Description
allows ( Action $action, User $user, Request $request ) : boolean | null Checks whether the Web user is allowed to perform the specified action.

Protected Methods

Method Description
matchAction ( Action $action ) : boolean
matchController ( Controller $controller ) : boolean
matchCustom ( Action $action ) : boolean
matchIP ( string $ip ) : boolean
matchRole ( User $user ) : boolean
matchVerb ( string $verb ) : boolean

Method Details

allows() public method

Checks whether the Web user is allowed to perform the specified action.
public allows ( Action $action, User $user, Request $request ) : boolean | null
$action yii\base\Action the action to be performed
$user yii\web\User the user object
$request yii\web\Request
return boolean | null true if the user is allowed, false if the user is denied, null if the rule does not apply to the user

matchAction() protected method

protected matchAction ( Action $action ) : boolean
$action yii\base\Action the action
return boolean whether the rule applies to the action

matchController() protected method

protected matchController ( Controller $controller ) : boolean
$controller yii\base\Controller the controller
return boolean whether the rule applies to the controller

matchCustom() protected method

protected matchCustom ( Action $action ) : boolean
$action yii\base\Action the action to be performed
return boolean whether the rule should be applied

matchIP() protected method

protected matchIP ( string $ip ) : boolean
$ip string the IP address
return boolean whether the rule applies to the IP address

matchRole() protected method

protected matchRole ( User $user ) : boolean
$user yii\web\User the user object
return boolean whether the rule applies to the role

matchVerb() protected method

protected matchVerb ( string $verb ) : boolean
$verb string the request method.
return boolean whether the rule applies to the request

Property Details

$actions public_oe property

list of action IDs that this rule applies to. The comparison is case-sensitive. If not set or empty, it means this rule applies to all actions.
public $actions

$allow public_oe property

whether this is an 'allow' rule or 'deny' rule.
public $allow

$controllers public_oe property

list of the controller IDs that this rule applies to. Each controller ID is prefixed with the module ID (if any). The comparison is case-sensitive. If not set or empty, it means this rule applies to all controllers.
public $controllers

$denyCallback public_oe property

a callback that will be called if this rule determines the access to the current action should be denied. If not set, the behavior will be determined by AccessControl. The signature of the callback should be as follows: php function ($rule, $action) where $rule is this rule, and $action is the current [[Action|action]] object.
public $denyCallback

$ips public_oe property

list of user IP addresses that this rule applies to. An IP address can contain the wildcard * at the end so that it matches IP addresses with the same prefix. For example, '192.168.*' matches all IP addresses in the segment '192.168.'. If not set or empty, it means this rule applies to all IP addresses.
See also: Request::userIP
public $ips

$matchCallback public_oe property

a callback that will be called to determine if the rule should be applied. The signature of the callback should be as follows: php function ($rule, $action) where $rule is this rule, and $action is the current [[Action|action]] object. The callback should return a boolean value indicating whether this rule should be applied.
public $matchCallback

$roles public_oe property

list of roles that this rule applies to. Two special roles are recognized, and they are checked via [[User::isGuest]]: - ?: matches a guest user (not authenticated yet) - @: matches an authenticated user If you are using RBAC (Role-Based Access Control), you may also specify role or permission names. In this case, [[User::can()]] will be called to check access. If this property is not set or empty, it means this rule applies to all roles.
public $roles

$verbs public_oe property

list of request methods (e.g. GET, POST) that this rule applies to. If not set or empty, it means this rule applies to all request methods.
See also: yii\web\Request::method
public $verbs