yii权限控制的方法(三种方法)

本文实例讲述了yii权限控制的方法。分享给大家供大家参考，具体如下：

这里摘录以下3种：

1. 通过accessControl：

    public function filters()
    {
      return array(
        'accessControl', // perform access control for CRUD operations
      );
    }
    /**
     * Specifies the access control rules.
     * This method is used by the 'accessControl' filter.
     * @return array access control rules
     */
    public function accessRules()
    {
      return array(
        array('allow', // allow authenticated users to access all actions
          'users'=>array('@'),
        ),
        array('deny', // deny all users
          'users'=>array('*'),
        ),
      );
    }

2. 通过插件（如：right）

    public function filters()
    {
      return array(
        'rights',
      );
    }

3. 混合模式:

    /**
     * @return array action filters
     */
    public function filters()
    {
      return array(
        'updateOwn + update', // Apply this filter only for the update action.
        'rights',
      );
    }
    /**
     * Filter method for checking whether the currently logged in user
     * is the author of the post being accessed.
     */
    public function filterUpdateOwn($filterChain)
    {
      $post=$this->loadModel();
      // Remove the 'rights' filter if the user is updating an own post
      // and has the permission to do so.
      if(Yii::app()->user->checkAccess('PostUpdateOwn', array('userid'=>$post->author_id)))
        $filterChain->removeAt(1);
      $filterChain->run();
    }

如果有权限的基础上，开放某些动作的权限，可以通过allowedActions:

    public function allowedActions()
    {
      return 'autocomplate,autocomplate2';
    }

希望本文所述对大家基于Yii框架的PHP程序设计有所帮助。