PHP Класс yii\filters\AccessControl

AccessControl is an action filter. It will check its [[rules]] to find the first rule that matches the current context variables (such as user IP address, user role). The matching rule will dictate whether to allow or deny the access to the requested controller action. If no rule matches, the access will be denied. To use AccessControl, declare it in the behaviors() method of your controller class. For example, the following declarations will allow authenticated users to access the "create" and "update" actions and deny all other users from accessing these two actions. php public function behaviors() { return [ 'access' => [ 'class' => \yii\filters\AccessControl::className(), 'only' => ['create', 'update'], 'rules' => [ deny all POST requests [ 'allow' => false, 'verbs' => ['POST'] ], allow authenticated users [ 'allow' => true, 'roles' => ['@'], ], everything else is denied ], ], ]; }
С версии: 2.0
Автор: Qiang Xue ([email protected])
Наследование: extends yii\base\ActionFilter
Показать файл Открыть проект Примеры использования класса

Открытые свойства

Свойство Тип Описание
$denyCallback a callback that will be called if the access should be denied to the current user. If not set, AccessControl::denyAccess will be called. The signature of the callback should be as follows: php function ($rule, $action) where $rule is the rule that denies the user, and $action is the current [[Action|action]] object. $rule can be null if access is denied because none of the rules matched.
$ruleConfig the default configuration of access rules. Individual rule configurations specified via [[rules]] will take precedence when the same property of the rule is configured.
$rules a list of access rule objects or configuration arrays for creating the rule objects. If a rule is specified via a configuration array, it will be merged with [[ruleConfig]] first before it is used for creating the rule object.
$user the user object representing the authentication status or the ID of the user application component. Starting from version 2.0.2, this can also be a configuration array for creating the object.

Открытые методы

Метод Описание
beforeAction ( Action $action ) : boolean This method is invoked right before an action is to be executed (after all possible filters.) You may override this method to do last-minute preparation for the action.
init ( ) Initializes the [[rules]] array by instantiating rule objects from configurations.

Защищенные методы

Метод Описание
denyAccess ( User $user ) Denies the access of the user.

Описание методов

beforeAction() публичный Метод

This method is invoked right before an action is to be executed (after all possible filters.) You may override this method to do last-minute preparation for the action.
public beforeAction ( Action $action ) : boolean
$action yii\base\Action the action to be executed.
Результат boolean whether the action should continue to be executed.

denyAccess() защищенный Метод

The default implementation will redirect the user to the login page if he is a guest; if the user is already logged, a 403 HTTP exception will be thrown.
protected denyAccess ( User $user )
$user yii\web\User the current user

init() публичный Метод

Initializes the [[rules]] array by instantiating rule objects from configurations.
public init ( )

Описание свойств

$denyCallback публичное свойство

a callback that will be called if the access should be denied to the current user. If not set, AccessControl::denyAccess will be called. The signature of the callback should be as follows: php function ($rule, $action) where $rule is the rule that denies the user, and $action is the current [[Action|action]] object. $rule can be null if access is denied because none of the rules matched.
public $denyCallback

$ruleConfig публичное свойство

the default configuration of access rules. Individual rule configurations specified via [[rules]] will take precedence when the same property of the rule is configured.
public $ruleConfig

$rules публичное свойство

a list of access rule objects or configuration arrays for creating the rule objects. If a rule is specified via a configuration array, it will be merged with [[ruleConfig]] first before it is used for creating the rule object.
См. также: ruleConfig
public $rules

$user публичное свойство

the user object representing the authentication status or the ID of the user application component. Starting from version 2.0.2, this can also be a configuration array for creating the object.
public $user