yii2 rbac 每次走一个方法都要自己验证一次用户有没有该控制器与Action的权限吗?如果是配置的话怎么配置?
高洛峰2017-04-10 15:34:47
yii\filters\AccessRule::matchCalllback. 注意传递的参数 $rule, $action
[
'actions' => ['special-callback'],
'allow' => true,
'matchCallback' => function ($rule, $action) {
# write arbitrary access check logic
# permission = (rule [xxoo] action)
# return user->can(permission);
}
]
或者使用下面的方式, 见 yii2-admin
return [
'components' => [
'authManager' => [
'class' => 'yii\rbac\PhpManager', // or use 'yii\rbac\DbManager'
]
],
'as access' => [
'class' => 'mdm\admin\components\AccessControl',
],
];
ringa_lee2017-04-10 15:34:47
AccessControl 支持配置 role
例如:
[
'actions' => ['edit'],
'allow' => true,
'roles' => ['@', 'author'],
],