控制器基类做访问过滤

<?php

class BaseController extends CController

{

public function filters()


{


    return array(


        'accessControl',


    );


}





public function accessRules()


{


    return array(


        array('deny',


            'users' =&gt; array('?'),


        ),


        array('allow',


            'actions' =&gt; array('passport/login'),


            'users' =&gt; array('*'),


        ),


    );


}

}

?>

能否基于 BaseController 来写访问规则?

以为这个是给后台使用的控制器基类,在后台几乎所有的控制器、动作都是需要登录才能够使用的,

除了部分动作、控制器除外,所以希望在“更高一层”的控制器基类来定义~

可是上面的做法行不通,不知道yii的长辈们,是如何处理?

public function accessRules()

{

return array(

array(‘allow’,

‘actions’ => array(‘passport/login’),

‘users’ => array(’*’),

),

array(‘allow’,

‘users’ => array(’@’),

),

array(‘deny’)

);

}

}

我指的可是在控制器基类中定义,你这个方法可以吗?

并且,在实际派生控制器类中,如何可以更好的添加规则?

如果你的目的是对大多数页面要求登录,你可以重写基类的beforeAction函数。例如:




    protected function beforeAction($action)

    {

        $route=$this->id.'/'.$action->id;

        if(!in_array($route,array('site/login','site/error','site/logout')))

        {

            if(Yii::app()->user->isGuest)

                Yii::app()->user->loginRequired();

            else

                throw new CHttpException(403,'You are not authorized to perform this operation.');

        }

        return true;

    }



Great!

这个修改可以在config里设定吗?还是我必须写一个CMyController,继承CController,改写它的beforeAction函数,然后所有的controller都改为继承自CMyController?

这样是个大手术啊,能用attachBehavior等形式实现吗?

config/main.php


	


	// preloading 'log' component

	'preload'=>array('log','access'),


----------------------------------------------


	// application components

	'components'=>array(

		'log'=>array(

			'class'=>'CLogRouter',

			'routes'=>array(

				array(

					'class'=>'CFileLogRoute',

					'levels'=>'error, warning',

				),

			),

		),

		'access'=>array(

			'class'=>'application.components.EAccess',

		),

//other code


)







<?php

class EAccess extends CApplicationComponent

{

	private $_routes=array();


	/**

	 * Initializes this application component.

	 * This method is required by the IApplicationComponent interface.

	 */

	public function init()

	{

		parent::init();


		//开始请求时,代码

		if(!Yii::app()->user->isGuest){

			Yii::app()->attachEventHandler('onBeginRequest',array($this,'myaccess'));

		}else{

			

		}


	}


	/**

	 * 代码

	 */

	public function myaccess()

	{

		//hello world


	}

	

}







::)

赞!

:rolleyes: 帅!

Yii的对象机制的确还没搞懂,本来我也想加一个onBeginRequest函数,处理登录问题,判断如果isGuest,就重定向到登陆页面,结果在Application的onBeginRequest函数里不知道怎么调用controller对象上的redirect。。。

顺便问:在Yii中怎么在一个Request生命周期中共享一些变量呢?我的尝试:

新建一个CMyController,放在components中,所有Controller都继承自CMyController,然后在其中定义一个public变量。




<?php

/*

 * CMyController class file.

 * Extends CController and we can modify it for certain purpose

*/

class CMyController extends CController

{

    public $stash = array();


    protected function beforeAction($action)

    {

        $route=$this->id.'/'.$action->id;

        if(!in_array($route,array('site/login','site/error','site/logout')))

        {

            if(Yii::app()->user->isGuest)

                Yii::app()->user->loginRequired();

            else{

                $this->stash['member'] = Member::model()->find(Yii::app()->user->id);

            }

        }

        return true;

    }

}



SiteController:




<?php


class SiteController extends CMyController

{

    public function actionSetting()

    {

        //setting:

        $this->stash['xxx'] = array('xyz'=>'touya','xdfa'=>'hello');

        $this->stash['yyy'] = array('bbb'=>'touya','cccc'=>'hello');

        //setting:

	$this->render('setting');

    }



and then view:




// in view: site/setting.php

<?=var_dump($this->stash['xxx'])?><br/>

<?=var_dump($this->stash['yyy'])?><br/>

member last login time: <?= $this->stash['member']->last_login_time ?>



测试成功:访问site/setting,先需要登录,然后自动重定向到setting,并显示:

array

‘xyz’ => string ‘touya’ (length=5)

‘xdfa’ => string ‘hello’ (length=5)

array

‘bbb’ => string ‘touya’ (length=5)

‘cccc’ => string ‘hello’ (length=5)

member last login time: 2009-12-24 10:32:02




if(!in_array($route,array('site/login','site/error','site/logout')))



加一个captcha




if (!in_array($route, array('site/login', 'site/logout', 'site/error', 'site/captcha')))



否则登陆需要验证码的话会不可用