It allows to define allowed HTTP request methods for each action and will throw
an HTTP 405 error when the method is not allowed.
To use VerbFilter, declare it in the behaviors() method of your controller class.
For example, the following declarations will define a typical set of allowed
request methods for REST CRUD actions.
php
public function behaviors()
{
return [
'verbs' => [
'class' => \yii\filters\VerbFilter::className(),
'actions' => [
'index' => ['get'],
'view' => ['get'],
'create' => ['get', 'post'],
'update' => ['get', 'put', 'post'],
'delete' => ['post', 'delete'],
],
],
];
}
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'only' => ['create', 'update'], 'rules' => [['actions' => ['create'], 'allow' => true, 'roles' => ['user']], ['actions' => ['update'], 'allow' => true, 'matchCallback' => function ($rule, $action) {
$model = $this->findModel(Yii::$app->getRequest()->get('id'));
return Yii::$app->getUser()->can('updateNews', ['model' => $model]);
}]]]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['logout', 'signup'],
'rules' => [
[
'actions' => ['signup'],
'allow' => true,
'roles' => ['@'],
],
[
'actions' => ['logout'],
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
],
],
];
}
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['access']['rules'] = array_merge([['actions' => ['login'], 'allow' => true, 'roles' => ['?']], ['actions' => ['login'], 'allow' => false, 'roles' => ['@']], ['actions' => ['logout'], 'allow' => true, 'roles' => ['@']], ['actions' => ['logout'], 'allow' => false, 'roles' => ['?']]], $behaviors['access']['rules']);
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['access' => ['class' => AccessControl::className(), 'only' => ['index', 'delete'], 'rules' => [['allow' => true, 'actions' => ['index', 'delete'], 'roles' => ['@'], 'matchCallback' => function () {
//Llamada al método que comprueba si es un vendedor
return \common\models\User::isUserAdmin(Yii::$app->user->identity->id);
}]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['POST']]]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['access'] = ['class' => AccessControl::className(), 'rules' => [['actions' => ['sign-in', 'sign-up', 'forgot', 'error'], 'allow' => true], ['actions' => ['sign-out', 'update', 'view'], 'allow' => true, 'roles' => ['@']]]];
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['sign-out' => ['post']]];
return $behaviors;
}
/**
* {@inheritDoc}
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]];
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['*' => ['GET', 'AJAX'], 'file-upload' => ['POST', 'AJAX']]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['login', 'error'],
'allow' => true,
],
[
'actions' => ['logout', 'index'],
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['get'],
],
],
];
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['indexWithQuote' => ['get']]];
$behaviors['authenticator'] = ['class' => HttpBasicAuth::className()];
return $behaviors;
}
public function behaviors(){
$behaviors = [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'allow' => true,
'roles' => ['@']
]
]
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['post'],
],
],
];
return $behaviors;
}
public function behaviors()
{
if (Yii::$app->user->identity->type == 'normal') {
return $this->goBack();
}
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]]];
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['rateLimiter'] = ['class' => RateLimiter::className(), 'only' => ['view']];
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['view' => ['get'], 'countries' => ['get'], 'cities' => ['get']]];
return $behaviors;
}
public function behaviors()
{
// return parent::behaviors(); // TODO: Change the autogenerated stub
return ['access' => ['class' => \yii\filters\AccessControl::className(), 'only' => ['index'], 'rules' => [['actions' => ['index'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
return PermissionHelpers::requireStatus('Active');
}]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]]];
}
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'only' => ['index', 'create', 'update', 'delete'], 'rules' => [['allow' => true, 'actions' => ['index', 'create', 'update', 'delete'], 'roles' => ['@']]], 'denyCallback' => function ($rule, $action) {
return $this->redirect(['/site/login']);
throw new HttpException(403, Yii::t('yii', 'Login Required'));
}]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(['send']), 'actions' => ['delete' => ['POST']]]];
/* return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
/* Author: -ptr.nov- : Permission Allow No Login |index|error|login */
/* 'actions' => ['index', 'error','login','subcat','site'],
'allow' => true,
],
[
'actions' => ['logout', 'index','subcat','site'],
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
],
],
];
*/
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['access' => ['class' => AccessControl::className(), 'except' => ['index', 'error'], 'rules' => [['allow' => true, 'roles' => ['@']], ['allow' => true, 'actions' => ['download-attachment', 'index', 'search-cluster', 'search-marker', 'info-window', 'view', 'qr-code', 'error'], 'roles' => ['?']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post'], 'attachment-delete' => ['post'], 'gallery-delete' => ['post']]], ['class' => 'yii\\filters\\HttpCache', 'only' => ['view'], 'etagSeed' => function ($action, $params) {
$model = $this->findModel((int) Yii::$app->request->get('id'));
return serialize([$model->id, $model->updated_at]);
}]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['access']['rules'] = ArrayHelper::merge($behaviors['access']['rules'], [['allow' => true, 'actions' => ['index'], 'roles' => ['pageView']], ['allow' => true, 'actions' => ['create'], 'roles' => ['pageCreate']], ['allow' => true, 'actions' => ['update'], 'roles' => ['pageUpdate']], ['allow' => true, 'actions' => ['delete', 'batch-delete'], 'roles' => ['pageDelete']]]);
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['index' => ['get'], 'update' => ['get', 'put', 'post'], 'delete' => ['post', 'delete'], 'batch-delete' => ['post', 'delete']]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['access' => ['class' => AccessControl::className(), 'only' => ['profile', 'return-to-edit', 'profile-to-pdf', 'spec-list', 'spec-items', 'agreement'], 'rules' => [['actions' => ['profile', 'return-to-edit', 'profile-to-pdf', 'spec-list', 'spec-items', 'agreement'], 'allow' => true, 'roles' => ['@']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['return-to-edit' => ['post']]], ['class' => \yii\filters\HttpCache::className(), 'only' => ['view'], 'lastModified' => function ($action, $params) {
$q = new \yii\db\Query();
return $q->from('profile')->max('updated_at');
}]];
}
public function behaviors()
{
return ['access' => ['class' => AccessControl::className(), 'only' => ['logout'], 'rules' => [['actions' => ['logout'], 'allow' => true, 'roles' => ['@'], 'denyCallback' => function () {
//redirect here
return $this->redirect('message');
}]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]]];
}
public function behaviors()
{
return ['access' => ['class' => AccessControl::className(), 'only' => ['create', 'index'], 'rules' => [['actions' => ['error'], 'allow' => true, 'roles' => ['10']], ['actions' => ['logout', 'create', 'index'], 'allow' => true, 'roles' => ['@']], ['actions' => ['about'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
$valid_roles = [User::ROLE_ADMIN, User::ROLE_SUPERUSER];
return User::roleInArray($valid_roles) && User::isActive();
}]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]]];
}
public function behaviors()
{
$index = '';
$view = '';
$update = '';
$create = '';
$delete = '';
if (!Yii::$app->user->isGuest) {
$uid = Yii::$app->user->identity->user_id;
$accessIndex = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 30])->one();
$accessView = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 31])->one();
$accessCreate = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 32])->one();
$accessUpdate = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 33])->one();
$accessDelete = Access2::find()->where(['user_id' => $uid, 'sub_module_id' => 34])->one();
if ($accessIndex != NULL) {
$index = 'index';
}
if ($accessView != NULL) {
$view = 'view';
}
if ($accessUpdate != NULL) {
$update = 'update';
}
if ($accessCreate != NULL) {
$create = 'create';
}
if ($accessDelete != NULL) {
$delete = 'delete';
}
}
return ['access' => ['class' => AccessControl::className(), 'only' => ['index', 'view', 'create', 'update', 'delete'], 'rules' => [['allow' => false, 'roles' => ['?']], ['allow' => true, 'actions' => [$index, $view, $create, $update, $delete], 'roles' => ['@']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]]];
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['login' => ['POST', 'OPTIONS']]];
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'except' => ['login'], 'authMethods' => [QueryParamAuth::className()]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['access']['rules'] = [['allow' => true, 'actions' => ['index'], 'roles' => ['adminAssignmentView']], ['allow' => true, 'actions' => ['create'], 'roles' => ['adminAssignmentCreate']], ['allow' => true, 'actions' => ['update'], 'roles' => ['adminAssignmentUpdate']], ['allow' => true, 'actions' => ['delete', 'batch-delete'], 'roles' => ['adminAssignmentDelete']]];
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['index' => ['get'], 'create' => ['get', 'post'], 'update' => ['get', 'put', 'post'], 'delete' => ['post', 'delete'], 'batch-delete' => ['post', 'delete']]];
return $behaviors;
}
public function behaviors()
{
if (\Yii::$app->user->isGuest) {
return $this->goHome();
}
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]]];
}
public function behaviors()
{
if (Yii::$app->user->isGuest) {
return $this->redirect(['site/login']);
}
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]]];
}
public function behaviors()
{
return ['access' => ['class' => AccessControl::className(), 'only' => ['admininsertuser', 'userpagechange', 'adminsearchuser', 'changeuserstatus', 'adminstatusgetitems', 'updateuserpassword', 'changeitemstatus', 'getitembystatus', 'searchitem', 'resetpass', 'deleteone', 'inserttodo', 'changetodostatus', 'deleteownertodo', 'getdonemask', 'handleLength', 'insertitem', 'todopastoneweek', 'todowillhandle', 'todogetitwithorder', 'detaildetshow', 'detailshow', 'onedetailshow', 'insertitemperson', 'deleteitem', 'insertdetail', 'changediscribe', 'adminshowitem', 'gettopmoment', 'articlepagchange', 'adminsearcharticle', 'adminsearcharticlefenye', 'adminselectarticle', 'articlepagchangesel', 'admininsertarticle', 'deletearticle', 'adminupdatearticle', 'adminupdatearticle2', 'adminupdatearticle3', 'getitemuser', 'changestatus'], 'rules' => [['allow' => true, 'actions' => ['login'], 'roles' => ['?']], ['actions' => ['admininsertuser', 'userpagechange', 'adminsearchuser', 'changeuserstatus', 'adminstatusgetitems', 'updateuserpassword', 'changeitemstatus', 'getitembystatus', 'searchitem', 'resetpass', 'deleteone', 'inserttodo', 'changetodostatus', 'deleteownertodo', 'getdonemask', 'handleLength', 'insertitem', 'todopastoneweek', 'todowillhandle', 'todogetitwithorder', 'detaildetshow', 'detailshow', 'onedetailshow', 'insertitemperson', 'deleteitem', 'insertdetail', 'changediscribe', 'adminshowitem', 'gettopmoment', 'articlepagchange', 'adminsearcharticle', 'adminsearcharticlefenye', 'adminselectarticle', 'articlepagchangesel', 'admininsertarticle', 'deletearticle', 'adminupdatearticle', 'adminupdatearticle2', 'adminupdatearticle3', 'getitemuser', 'changestatus'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
return Yii::$app->user->identity->status == 1;
}], ['actions' => ['gettopmoment', 'inserttodo', 'changetodostatus', 'deleteownertodo', 'getdonemask', 'todopastoneweek', 'todowillhandle', 'detailshow', 'getitemuser', 'onedetailshow', 'changestatus', 'getitembystatus', 'updateuserpassword'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
return Yii::$app->user->identity->status == 2;
}]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]]];
}
public function behaviors()
{
return ['access' => ['class' => \yii\filters\AccessControl::className(), 'only' => ['index', 'view', 'create', 'update', 'delete'], 'rules' => [['actions' => ['index', 'view'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
return PermissionHelpers::requireMinimumRole('Admin') && PermissionHelpers::requireStatus('Active');
}], ['actions' => ['update', 'delete'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
return PermissionHelpers::requireMinimumRole('SuperUser') && PermissionHelpers::requireStatus('Active');
}]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]]];
}
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'rules' => [['actions' => ['index', 'view', 'create', 'update', 'delete'], 'allow' => true, 'matchCallback' => function ($rule, $action) {
return Yii::$app->user->identity;
}], ['actions' => ['index', 'view', 'create', 'update', 'delete'], 'denyCallback' => function ($rule, $action) {
throw new ForbiddenHttpException('Авторизуйтесь, чтобы начать пользоваться системой.');
}]]]];
}
public function behaviors()
{
$post = new Post(['title' => 'Example post', 'user_id' => 2]);
return ['access' => ['class' => AccessControl::className(), 'only' => ['about'], 'rules' => [['actions' => ['about'], 'allow' => true, 'matchCallback' => function () {
$params = ['post' => 2];
return Yii::$app->user->can('UpdateOwnPost', $params);
}]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]]];
}
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => \yii\filters\AccessControl::className(), 'rules' => [['actions' => ['index', 'create', 'update', 'delete', 'view', 'racer', 'categories'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
return Yii::$app->user->identity->isAdmin;
}], ['actions' => ['racer', 'categories'], 'allow' => true, 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
return Yii::$app->user->identity->isSale;
}]]]];
}
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'matchCallback' => function ($rule, $action) {
return \Yii::$app->user->id == 100 || \Yii::$app->user->id == 99;
}, 'denyCallback' => function ($rule, $action) {
throw new \Exception('You are not allowed to access this page');
}]]]];
}
