Author: Bailang Source: http://www.manks.top/yii2_rbac_rule.html The copyright of this article belongs to the author, and you are welcome to reprint it. However, this statement must be retained without the author's consent, and the original text must be given in a prominent position on the article page. connection, otherwise we reserve the right to pursue legal liability.
In our previous detailed tutorial on setting up the backend of yii2 and rbac, I wonder if you have ever wondered what the rule table does. Why did we not involve this table in the whole process?
Believe me, if I don’t tell you, some people will try Baidu or Google, but in the end they will just draw water from a bamboo basket. There is very little content to explain in this part!
For general permission systems, the rbac we made before is generally sufficient. Even without rules, I believe you can also achieve the functions we use rules to achieve.
We will give a specific operation tutorial using the example from the official website to see what this mysterious rule does!
Depending on demand:
We have administrators and ordinary users. For the article system, we allow administrators to do any operation on articles, but only ordinary users are allowed to create articles and modify articles created by themselves. Note that they are allowed to modify articles created by themselves. Articles are not allowed to be modified, nor are all articles allowed to be modified!
Let’s see how to implement the yii2 rbac rule. The focus is to teach everyone how to use this rule, and also to solve the knots in many people’s minds!
Before we add a rule, we need to implement the execute method of the yiirbacRule class.
<span style="color: #000000;">php
namespace backend\components;
</span><span style="color: #0000ff;">use</span><span style="color: #000000;"> Yii;
</span><span style="color: #0000ff;">use</span><span style="color: #000000;"> yii\rbac\Rule;
</span><span style="color: #0000ff;">class</span> ArticleRule <span style="color: #0000ff;">extends</span><span style="color: #000000;"> Rule
{
</span><span style="color: #0000ff;">public</span> <span style="color: #800080;">$name</span> = 'article'<span style="color: #000000;">;
</span><span style="color: #0000ff;">public</span> <span style="color: #0000ff;">function</span> execute(<span style="color: #800080;">$user</span>, <span style="color: #800080;">$item</span>, <span style="color: #800080;">$params</span><span style="color: #000000;">)
{
</span><span style="color: #008000;">//</span><span style="color: #008000;"> 这里先设置为false,逻辑上后面再完善</span>
<span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">;
}
}</span>
Then, we can go to the background rule list (/admin/rule/index) to add rules. For specific adding methods, please refer to the screenshot below
Note that many people will fail in adding the class name in the above step. Remember to add the namespace where our ArticleRule file is located!
Let’s look at the third step, which is also where it’s easy to make mistakes! Please pay attention to this tutorial, high energy lies ahead!
We added a new permission to the access permission list (/admin/permission/index). This permission is only for modifying articles, and then we assign it to the user's role
Please note that there is a serious warning here. The route controlled by the newly added permissions here is the update operation of the article (/article/update). It is assigned to the current user only once. The current operation is assigned repeatedly to the role or user to which it belongs. , which may cause the rule to fail, and the reason for the failure is overwriting!
At this moment, refresh the article update page (/article/update/1) again. Obviously, we are directly given a 403 forbidden no access prompt, which means that the rule we just added has taken effect! If it does not take effect at this moment, please check the two points mentioned above!
Then we implement the business logic in the ArticleRule::execute method, please refer to the following:
[Considering that most domestic websites currently collect articles very frequently, and some even do not indicate the source of the original article, the original author hopes that readers can check the original article to prevent any problems and not update all articles to avoid misleading! ]
View original text
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
SublimeText3 Chinese version
Chinese version, very easy to use
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
SublimeText3 Mac version
God-level code editing software (SublimeText3)
