checkAccess() public method

This method should be overridden to check whether the current user has the privilege to run the specified action against the specified data model. If the user does not have access, a [[ForbiddenHttpException]] should be thrown.
public checkAccess ( string $action, object $model = null, array $params = [] )
$action string the ID of the action to be executed
$model object the model to be accessed. If null, it means no specific model is being accessed.
$params array additional parameters
ActiveController Class Documentation
Esempio n. 1
0
 public function _checkAccess($action, $model = null, $params = array())
 {
     var_dump($action);
     var_dump($model);
     var_dump($params);
     die;
     parent::checkAccess($action, $model, $params);
 }
Esempio n. 2
0
 public function checkAccess($action, $model = null, $params = [])
 {
     parent::checkAccess($action, $model, $params);
     if ($model && !$model->checkAccess(Yii::$app->user->identity)) {
         throw new \yii\web\ForbiddenHttpException('You do not have access');
     }
 }
Esempio n. 3
0
 public function checkAccess($action, $model = null, $params = [])
 {
     if ($model && !$model->isNewRecord) {
         if ($this->auto_filter_user && $this->user_identifier_column) {
             if (\Yii::$app->user->isGuest) {
                 throw new HttpException(403, "Unknown user");
             }
             if ($action == 'view' && $model->{$this->user_identifier_column} != \Yii::$app->user->id) {
                 throw new HttpException(403, "No access");
             }
         }
     }
     return parent::checkAccess($action, $model, $params);
 }