Class yii\filters\AccessRule
| Inheritance | yii\filters\AccessRule » yii\base\Component » yii\base\Object |
|---|---|
| Implements | yii\base\Configurable |
| Available since version | 2.0 |
| Source Code | https://github.com/yiisoft/yii2/blob/master/framework/filters/AccessRule.php |
This class represents an access rule defined by the yii\filters\AccessControl action filter
Public Properties
| Property | Type | Description | Defined By |
|---|---|---|---|
| $actions | array | List of action IDs that this rule applies to. | yii\filters\AccessRule |
| $allow | boolean | Whether this is an 'allow' rule or 'deny' rule. | yii\filters\AccessRule |
| $behaviors | yii\base\Behavior[] | List of behaviors attached to this component | yii\base\Component |
| $controllers | array | List of the controller IDs that this rule applies to. | yii\filters\AccessRule |
| $denyCallback | callable | A callback that will be called if this rule determines the access to the current action should be denied. | yii\filters\AccessRule |
| $ips | array | List of user IP addresses that this rule applies to. | yii\filters\AccessRule |
| $matchCallback | callable | A callback that will be called to determine if the rule should be applied. | yii\filters\AccessRule |
| $roleParams | array|Closure | Parameters to pass to the yii\web\User::can() function for evaluating user permissions in $roles. | yii\filters\AccessRule |
| $roles | array | List of roles that this rule applies to (requires properly configured User component). | yii\filters\AccessRule |
| $verbs | array | List of request methods (e.g. GET, POST) that this rule applies to. | yii\filters\AccessRule |
Public Methods
| Method | Description | Defined By |
|---|---|---|
| __call() | Calls the named method which is not a class method. | yii\base\Object |
| __clone() | This method is called after the object is created by cloning an existing one. | yii\base\Component |
| __construct() | Constructor. | yii\base\Object |
| __get() | Returns the value of an object property. | yii\base\Object |
| __isset() | Checks if a property is set, i.e. defined and not null. | yii\base\Object |
| __set() | Sets value of an object property. | yii\base\Object |
| __unset() | Sets an object property to null. | yii\base\Object |
| allows() | Checks whether the Web user is allowed to perform the specified action. | yii\filters\AccessRule |
| attachBehavior() | Attaches a behavior to this component. | yii\base\Component |
| attachBehaviors() | Attaches a list of behaviors to the component. | yii\base\Component |
| behaviors() | Returns a list of behaviors that this component should behave as. | yii\base\Component |
| canGetProperty() | Returns a value indicating whether a property can be read. | yii\base\Object |
| canSetProperty() | Returns a value indicating whether a property can be set. | yii\base\Object |
| className() | Returns the fully qualified name of this class. | yii\base\Object |
| detachBehavior() | Detaches a behavior from the component. | yii\base\Component |
| detachBehaviors() | Detaches all behaviors from the component. | yii\base\Component |
| ensureBehaviors() | Makes sure that the behaviors declared in behaviors() are attached to this component. | yii\base\Component |
| getBehavior() | Returns the named behavior object. | yii\base\Component |
| getBehaviors() | Returns all behaviors attached to this component. | yii\base\Component |
| hasEventHandlers() | Returns a value indicating whether there is any handler attached to the named event. | yii\base\Component |
| hasMethod() | Returns a value indicating whether a method is defined. | yii\base\Object |
| hasProperty() | Returns a value indicating whether a property is defined. | yii\base\Object |
| init() | Initializes the object. | yii\base\Object |
| off() | Detaches an existing event handler from this component. | yii\base\Component |
| on() | Attaches an event handler to an event. | yii\base\Component |
| trigger() | Triggers an event. | yii\base\Component |
Protected Methods
Property Details
$actions public property
List of action IDs that this rule applies to. The comparison is case-sensitive. If not set or empty, it means this rule applies to all actions.
public array $actions = null
$allow public property
Whether this is an 'allow' rule or 'deny' rule.
public boolean $allow = null
$controllers public property
List of the controller IDs that this rule applies to.
The comparison uses yii\base\Controller::$uniqueId, so each controller ID is prefixed with the module ID (if any). For a product controller in the application, you would specify this property like ['product'] and if that controller is located in a shop module, this would be ['shop/product'].
The comparison is case-sensitive.
If not set or empty, it means this rule applies to all controllers.
Since version 2.0.12 controller IDs can be specified as wildcards, e.g. module/*.
public array $controllers = null
$denyCallback public property
A callback that will be called if this rule determines the access to the current action should be denied. If not set, the behavior will be determined by yii\filters\AccessControl.
The signature of the callback should be as follows:
function ($rule, $action)
where $rule is this rule, and $action is the current action object.
public callable $denyCallback = null
$ips public property
List of user IP addresses that this rule applies to. An IP address can contain the wildcard * at the end so that it matches IP addresses with the same prefix. For example, '192.168.*' matches all IP addresses in the segment '192.168.'. If not set or empty, it means this rule applies to all IP addresses.
See also yii\web\Request::$userIP.
public array $ips = null
$matchCallback public property
A callback that will be called to determine if the rule should be applied. The signature of the callback should be as follows:
function ($rule, $action)
where $rule is this rule, and $action is the current action object. The callback should return a boolean value indicating whether this rule should be applied.
public callable $matchCallback = null
$roleParams public property (available since version 2.0.12)
Parameters to pass to the yii\web\User::can() function for evaluating user permissions in $roles.
If this is an array, it will be passed directly to yii\web\User::can(). For example for passing an ID from the current request, you may use the following:
['postId' => Yii::$app->request->get('id')]
You may also specify a closure that returns an array. This can be used to evaluate the array values only if they are needed, for example when a model needs to be loaded like in the following code:
'rules' => [
[
'allow' => true,
'actions' => ['update'],
'roles' => ['updatePost'],
'roleParams' => function($rule) {
return ['post' => Post::findOne(Yii::$app->request->get('id'))];
},
],
],
A reference to the yii\filters\AccessRule instance will be passed to the closure as the first parameter.
See also $roles.
public array|Closure $roleParams = []
$roles public property
List of roles that this rule applies to (requires properly configured User component). Two special roles are recognized, and they are checked via yii\web\User::$isGuest:
-
?: matches a guest user (not authenticated yet) -
@: matches an authenticated user
If you are using RBAC (Role-Based Access Control), you may also specify role or permission names. In this case, yii\web\User::can() will be called to check access.
If this property is not set or empty, it means this rule applies to all roles.
See also $roleParams.
public array $roles = null
$verbs public property
List of request methods (e.g. GET, POST) that this rule applies to. If not set or empty, it means this rule applies to all request methods.
See also yii\web\Request::$method.
public array $verbs = null
Method Details
allows() public method
Checks whether the Web user is allowed to perform the specified action.
| public boolean|null allows ( $action, $user, $request ) | ||
|---|---|---|
| $action | yii\base\Action |
The action to be performed |
| $user | yii\web\User|false |
The user object or |
| $request | yii\web\Request | |
| return | boolean|null |
|
matchAction() protected method
| protected boolean matchAction ( $action ) | ||
|---|---|---|
| $action | yii\base\Action |
The action |
| return | boolean |
Whether the rule applies to the action |
matchController() protected method
| protected boolean matchController ( $controller ) | ||
|---|---|---|
| $controller | yii\base\Controller |
The controller |
| return | boolean |
Whether the rule applies to the controller |
matchCustom() protected method
| protected boolean matchCustom ( $action ) | ||
|---|---|---|
| $action | yii\base\Action |
The action to be performed |
| return | boolean |
Whether the rule should be applied |
matchIP() protected method
| protected boolean matchIP ( $ip ) | ||
|---|---|---|
| $ip | string|null |
The IP address |
| return | boolean |
Whether the rule applies to the IP address |
matchRole() protected method
| protected boolean matchRole ( $user ) | ||
|---|---|---|
| $user | yii\web\User |
The user object |
| return | boolean |
Whether the rule applies to the role |
| throws | yii\base\InvalidConfigException |
if User component is detached |
matchVerb() protected method
| protected boolean matchVerb ( $verb ) | ||
|---|---|---|
| $verb | string |
The request method. |
| return | boolean |
Whether the rule applies to the request |
© 2008–2017 by Yii Software LLC
Licensed under the three clause BSD license.
http://www.yiiframework.com/doc-2.0/yii-filters-accessrule.html