public function accessRules()
{
return array(
array('allow', // allow all users to access 'index' and 'view' actions.
'actions'=>array('index','view'),
'users'=>array('*'),
),
array('allow', // allow authenticated users to access all actions
'users'=>array('@'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
This is the code copy from Blog demo. I think the
array('deny', // deny all users
'users'=>array('*'),
),
is going to override the
array('allow', // allow all users to access 'index' and 'view' actions.
'actions'=>array('index','view'),
'users'=>array('*'),
)
They both apply to the same all user, but with different rules. Please correct me if I interpenetrate it wrong.
I’m a new Yii user so I may be wrong, but I think the rules are processed in the order that they’re declared. So only if none of the preceeding ‘allow’ rules match will the ‘deny’ rule be processed.
Access List Control is just like that (setting router or anything that have Access List Control will work just like this).The system will be compare the rule from top to bottom. When it compare the first rule to be true, then it will stop comparing the rest. But if it got “false” then it will continue the rules below. That’s why it is a must to put deny all code at the bottom of the rules. So if you ever forgot anything, at least, it would block for you.
array('deny', // deny all users
'users'=>array('*'),
),
