:
class Controller extends CController
{
public function filters()
{
return array('accessControl');
}
public function accessRules()
{
return array(
array('allow',
'actions' => array('login', 'logout'),
'users' => array('*'),
),
array('allow',
'actions' => array('*'),
'roles' => array('admin'),
),
array('deny',
'users' => array('*'),
),
);
}
}
在文件WebUser中:
class WebUser extends CWebUser
{
public function checkAccess($operation, $params = array())
{
if (empty($this->id)) {
return false;
}
$role = $this->getState("roles");
if ($role === 'admin') {
return true;
}
return ($operation === $role);
}
}
文件UserIdentity中的:
class UserIdentity extends CUserIdentity
{
private $id;
public function authenticate()
{
$record = AdminModel::model()->findByAttributes(array(
'username'=>$this->username));
if ($record == null) {
$this->errorCode = 'Username invalid';
} elseif($record->password !== $this->password) {
$this->errorCode = 'Password invalid';
} elseif($record->level == 'banned') {
$this->errorCode = 'Account being banned or not enabled';
} else {
$this->id = $record->id;
$this->setState('nameDisplay', $record->display_name);
$this->setState('roles', $record->level);
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId()
{
return $this->id;
}
}
登录时,我检查:Yii :: app() - > user-> checkAccess(' admin'); //返回true
但这是错误:您无权执行此操作。有人可以帮帮我吗?
答案 0 :(得分:-1)
我认为这部分代码就是问题所在:
array('deny',
'users' => array('*'),
),
这是“拒绝所有用户访问所有页面”。 尝试删除这部分代码