AccessControl is an action filter. It will check its [[rules]] to find
the first rule that matches the current context variables (such as user IP address, user role).
The matching rule will dictate whether to allow or deny the access to the requested controller
action. If no rule matches, the access will be denied.
To use AccessControl, declare it in the behaviors() method of your controller class.
For example, the following declarations will allow authenticated users to access the "create"
and "update" actions and deny all other users from accessing these two actions.
php
public function behaviors()
{
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => ['create', 'update'],
'rules' => [
deny all POST requests
[
'allow' => false,
'verbs' => ['POST']
],
allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
everything else is denied
],
],
];
}
public function behaviors() { return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'only' => ['create', 'update'], 'rules' => [['actions' => ['create'], 'allow' => true, 'roles' => ['user']], ['actions' => ['update'], 'allow' => true, 'matchCallback' => function ($rule, $action) { $model = $this->findModel(Yii::$app->getRequest()->get('id')); return Yii::$app->getUser()->can('updateNews', ['model' => $model]); }]]]]; }
/** * @inheritdoc */ public function behaviors() { $behaviors = parent::behaviors(); $behaviors['access'] = ['class' => AccessControl::className(), 'rules' => [['actions' => ['sign-in', 'sign-up', 'forgot', 'error'], 'allow' => true], ['actions' => ['sign-out', 'update', 'view'], 'allow' => true, 'roles' => ['@']]]]; $behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['sign-out' => ['post']]]; return $behaviors; }
/** * @inheritdoc */ public function behaviors() { return [ 'access' => [ 'class' => AccessControl::className(), 'rules' => [ [ 'actions' => ['login', 'error'], 'allow' => true, ], [ 'actions' => ['logout', 'index'], 'allow' => true, 'roles' => ['@'], ], ], ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ 'logout' => ['get'], ], ], ]; }
/** * @inheritdoc */ public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'except' => ['index', 'error'], 'rules' => [['allow' => true, 'roles' => ['@']], ['allow' => true, 'actions' => ['download-attachment', 'index', 'search-cluster', 'search-marker', 'info-window', 'view', 'qr-code', 'error'], 'roles' => ['?']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post'], 'attachment-delete' => ['post'], 'gallery-delete' => ['post']]], ['class' => 'yii\\filters\\HttpCache', 'only' => ['view'], 'etagSeed' => function ($action, $params) { $model = $this->findModel((int) Yii::$app->request->get('id')); return serialize([$model->id, $model->updated_at]); }]]; }
/** * @inheritdoc */ public function behaviors() { return [ 'access' => [ 'class' => AccessControl::className(), 'only' => ['logout', 'signup'], 'rules' => [ [ 'actions' => ['signup'], 'allow' => true, 'roles' => ['@'], ], [ 'actions' => ['logout'], 'allow' => true, 'roles' => ['@'], ], ], ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ 'logout' => ['post'], ], ], ]; }
/** * Returns a list of behaviors that this component should behave as. * Here we use RBAC in combination with AccessControl filter. * * @return array */ public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'rules' => [['actions' => ['index', 'view', 'create', 'update', 'delete', 'admin'], 'allow' => true, 'roles' => ['editor', 'admin'], 'denyCallback' => function ($rule, $action) { return $this->redirect('/', 301); }], []]]]; // return }
public function behaviors(){ $behaviors = [ 'access' => [ 'class' => AccessControl::className(), 'rules' => [ [ 'allow' => true, 'roles' => ['@'] ] ] ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ 'delete' => ['post'], ], ], ]; return $behaviors; }
public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@']], ['actions' => ['error'], 'allow' => true]], 'denyCallback' => function ($rules, $action) { Yii::$app->user->returnUrl = Yii::$app->request->url; return $this->redirect(['user/login']); }]]; }
/** * @inheritdoc */ public function behaviors() { $behavior = ['access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'roles' => [wanhunet::$app->controller->getRoute()]]], 'denyCallback' => function ($rule, $action) { throw new ForbiddenHttpException(); }]]; return ArrayHelper::merge($behavior, parent::behaviors()); }
public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'denyCallback' => function ($rule, $action) { \Yii::$app->user->logout(); $this->redirect(['/users/backend/login']); }, 'rules' => [['actions' => ['error'], 'allow' => true], ['actions' => ['index'], 'allow' => true, 'roles' => ['manager', 'admin']]]]]; }
public function behaviors() { // return parent::behaviors(); // TODO: Change the autogenerated stub return ['access' => ['class' => \yii\filters\AccessControl::className(), 'only' => ['index'], 'rules' => [['actions' => ['index'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) { return PermissionHelpers::requireStatus('Active'); }]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]]]; }
public function behaviors() { return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'only' => ['index', 'create', 'update', 'delete'], 'rules' => [['allow' => true, 'actions' => ['index', 'create', 'update', 'delete'], 'roles' => ['@']]], 'denyCallback' => function ($rule, $action) { return $this->redirect(['/site/login']); throw new HttpException(403, Yii::t('yii', 'Login Required')); }]]; }
public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'only' => ['create', 'index'], 'rules' => [['actions' => ['error'], 'allow' => true, 'roles' => ['10']], ['actions' => ['logout', 'create', 'index'], 'allow' => true, 'roles' => ['@']], ['actions' => ['about'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) { $valid_roles = [User::ROLE_ADMIN, User::ROLE_SUPERUSER]; return User::roleInArray($valid_roles) && User::isActive(); }]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]]]; }
/** * @inheritdoc */ public function init() { if ($this->entity) { $this->rules = array_merge($this->entity); } parent::init(); }
public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'rules' => [['allow' => true, 'roles' => [UserCadastro::ROLE_ADMIN]]]]]; // [ 'access' => [ // 'class' => AccessControl::className(), // 'only' => ['index', 'view'], // 'rules' => [ // [ // 'actions' => ['index','view'], // 'allow' => true, // 'roles' => ['@'], // ], // // ], // ], // 'verbs' => [ // 'class' => VerbFilter::className (), // 'actions' => [ // 'delete' => [ // 'post' // ] // ] // ] // ]; }
/** * @inheritdoc */ public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'only' => ['index', 'delete'], 'rules' => [['allow' => true, 'actions' => ['index', 'delete'], 'roles' => ['@'], 'matchCallback' => function () { //Llamada al método que comprueba si es un vendedor return \common\models\User::isUserAdmin(Yii::$app->user->identity->id); }]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['POST']]]]; }
/** * @inheritdoc */ public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'except' => ['get-captcha', 'signup', 'signin', 'signup-verify', 'login', 'off', 'enter', 'pay-notify', 'notify', 'list', 'view', 'wechat', 'create-menu'], 'rules' => [['allow' => true, 'roles' => ['@']]], 'denyCallback' => function () { wanhunet::$app->getSession()->setFlash("errors", ['info' => '请先登录']); return $this->redirect(Url::to(['site/signin'])); }]]; }
/** * @inheritdoc */ public function behaviors() { $event = new \yii\base\Event(); $event->data = []; $this->module->trigger(self::EVENT_BEFORE_BEHAVIOR, $event); return ArrayHelper::merge(parent::behaviors(), $event->data, ['access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'actions' => ['options'], 'roles' => ['?']], ['allow' => true, 'actions' => ['create', 'view', 'current', 'extend'], 'roles' => ['@']]]]]); }
public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'except' => ['signup', 'signin', 'member', 'index', 'login', 'logout', 'createmenu', 'enter', 'main', 'detaile', 'step1', 'step2', 'reg', 'dosignin', 'forgot', 'forgotstep1', 'forgotfinish', 'bindcard', 'about', 'help', 'contact', 'safety', 'gindex', 'gshare', 'gsignup', 'dorecharge', 'productlist'], 'rules' => [['allow' => true, 'roles' => ['@']]], 'denyCallback' => function () { \Yii::$app->getSession()->setFlash("errors", ['info' => '']); return $this->redirect(Url::to(['site/signin'])); }]]; }
public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'only' => ['logout'], 'rules' => [['actions' => ['logout'], 'allow' => true, 'roles' => ['@'], 'denyCallback' => function () { //redirect here return $this->redirect('message'); }]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]]]; }
/** * @inheritdoc */ protected function isActive($action) { if ($this->isErrorPage($action) || $this->isLoginPage($action) || $this->isAllowedAction($action)) { return false; } return parent::isActive($action); }
public function behaviors() { $behaviors = parent::behaviors(); $behaviors['authenticator'] = ['class' => HttpBearerAuth::className()]; $behaviors['access'] = ['class' => AccessControl::className(), 'only' => ['create', 'index', 'update', 'delete'], 'rules' => [['allow' => true, 'actions' => ['create', 'index', 'update', 'delete'], 'roles' => ['ADMIN']]]]; return $behaviors; }
public function behaviors() { $index = ''; $view = ''; $update = ''; $create = ''; $delete = ''; if (!Yii::$app->user->isGuest) { $uid = Yii::$app->user->identity->user_id; $accessIndex = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 30])->one(); $accessView = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 31])->one(); $accessCreate = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 32])->one(); $accessUpdate = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 33])->one(); $accessDelete = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 34])->one(); if ($accessIndex != NULL) { $index = 'index'; } if ($accessView != NULL) { $view = 'view'; } if ($accessUpdate != NULL) { $update = 'update'; } if ($accessCreate != NULL) { $create = 'create'; } if ($accessDelete != NULL) { $delete = 'delete'; } } return ['access' => ['class' => AccessControl::className(), 'only' => ['index', 'view', 'create', 'update', 'delete'], 'rules' => [['allow' => false, 'roles' => ['?']], ['allow' => true, 'actions' => [$index, $view, $create, $update, $delete], 'roles' => ['@']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]]]; }
/** * @inheritdoc */ public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'rules' => [['actions' => ['index', 'style', 'view'], 'allow' => true, 'matchCallback' => function () { $option = Option::get('sitemap'); return $option['enable_sitemap']; }]]]]; }
public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'matchCallback' => function ($rule, $action) { $person = PersonRepository::getByUser(\Yii::$app->getUser()->identity); return $person && $person->user()->type()->type() == UserType::USER_PHOTOGRAPGER; }]]]]; }
/** * Returns a value indicating whether the filer is active for the given action. * @param \yii\base\Action $action the action being filtered * @return boolean whether the filer is active for the given action. */ protected function isActive($action) { if ($action->getUniqueId() === Yii::$app->getErrorHandler()->errorAction) { return false; } return parent::isActive($action); }
/** * @inheritdoc */ public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'only' => ['profile', 'return-to-edit', 'profile-to-pdf', 'spec-list', 'spec-items', 'agreement'], 'rules' => [['actions' => ['profile', 'return-to-edit', 'profile-to-pdf', 'spec-list', 'spec-items', 'agreement'], 'allow' => true, 'roles' => ['@']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['return-to-edit' => ['post']]], ['class' => \yii\filters\HttpCache::className(), 'only' => ['view'], 'lastModified' => function ($action, $params) { $q = new \yii\db\Query(); return $q->from('profile')->max('updated_at'); }]]; }
/** * @inheritdoc */ public function behaviors() { return ['access' => ['class' => AccessControl::className(), 'except' => ['login', 'error'], 'rules' => [['actions' => ['logout'], 'allow' => true, 'roles' => ['@']], ['allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) { return Yii::$app->user->can(); }, 'denyCallback' => function ($rule, $action) { throw new \Exception('You are not allowed to access this page'); }]]]]; }
public function behaviors() { return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'matchCallback' => function ($rule, $action) { return \Yii::$app->user->id == 100 || \Yii::$app->user->id == 99; }, 'denyCallback' => function ($rule, $action) { throw new \Exception('You are not allowed to access this page'); }]]]]; }
/** * @inheritdoc */ public function behaviors() { $behaviors = parent::behaviors(); $behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'only' => ['dashboard']]; $behaviors['access'] = ['class' => AccessControl::className(), 'only' => ['dashboard'], 'rules' => [['actions' => ['dashboard'], 'allow' => true, 'roles' => ['@']]]]; return $behaviors; }