When [[enableSession]] is true, this method may attempt to read the user's authentication data
stored in session and reconstruct the corresponding identity object, if it has not done so before.
public getIdentity ( boolean $autoRenew = true ) : yii\web\IdentityInterface | null | ||
$autoRenew | boolean | whether to automatically renew authentication status if it has not been done so before. This is only useful when [[enableSession]] is true. |
return | yii\web\IdentityInterface | null | the identity object associated with the currently logged-in user. `null` is returned if the user is not logged in (not authenticated). |
public function getIdentity($autoRenew = true) { if ($this->_overrideIdentity !== null) { return $this->_overrideIdentity; } return parent::getIdentity($autoRenew); }
/** * * overwrite 存到session */ public function getIdentity($autoRenew = true) { if (!Yii::$app->session["_userInfo"]) { Yii::$app->session["_userInfo"] = parent::getIdentity($autoRenew); } return Yii::$app->session["_userInfo"]; }
/** * check the permission, if we rewrite and controller, the controller id and module id is not changed * @param \yii\base\Action $action * @param \yii\web\User $user * @param \yii\web\Request $request * @return bool */ public function matchActionAccess($action, $user, $request) { if ($user->getIsGuest()) { return false; } /** @var \core\auth\Module $authModule */ $authModule = \Yii::$app->getModule('core_auth'); foreach ($authModule->getAdmins() as $key => $admin) { if ($user->getIdentity()->username == $admin['username']) { return true; } } if ($action->controller->module instanceof Application) { $key = 'default' . '_' . $action->controller->id . '_' . $action->id; } else { $key = $action->getUniqueId(); $key = explode('/', $key); array_shift($key); $key = implode('_', $key); } $key = lcfirst(implode('', array_map(function ($k) { return ucfirst($k); }, explode('-', $key)))); return $user->can($key, $this->params); }
/** * Returns true if $user can edit secure options for concrete entity ($owner). * @param User $user * @return bool */ public function checkSecureAccess(User $user) { Yii::trace("Checking secure access to '{$this->owner->className()}'" . PHP_EOL . 'Identifier: ' . VarDumper::dumpAsString($this->owner->getPrimaryKey(true)) . PHP_EOL . "User: {$user->getId()}", __METHOD__); if (($identity = $user->getIdentity()) && $identity->isAdmin) { return true; } if (empty($this->secureRoles)) { return false; } foreach ($this->secureRoles as $item) { if (!$user->can($item)) { return false; } } return true; }
/** * @param bool $autoRenew * @return null|\app\models\User */ public function getIdentity($autoRenew = true) { return parent::getIdentity($autoRenew); }
/** * @param array $row * @param SecureActiveQueryInterface $query * @param User $user * @return User * @throws \LogicException * @SuppressWarnings(PHPMD.ElseExpression) */ protected function checkAccess(array $row, SecureActiveQueryInterface $query, User $user) { $identifier = ($identity = $user->getIdentity()) ? $identity->username : 0; Yii::trace("Checking access to row data for user '{$identifier}'" . PHP_EOL . VarDumper::dumpAsString($row), __METHOD__); $secureItemField = $query->getSecureItemAttribute(); if (!isset($row[$secureItemField])) { throw new \LogicException("Row from database should contain secure item field '{$secureItemField}'"); } $permission = $row[$secureItemField]; if (!is_null($identity) && $identity->isAdmin) { $result = true; } else { $result = $user->can($permission); } Yii::getLogger()->log(($result ? 'Access granted' : 'Access denied') . " for user '{$identifier}' (" . $permission . ')', $result ? Logger::LEVEL_INFO : Logger::LEVEL_WARNING, __METHOD__); return $result; }