How can I populate an AccessControl in yii2?

L

lilwings2020-01-03 22:11:21

Yii

lilwings, 2020-01-03 22:11:21

In general, you need to do this:
1) An unauthorized user could only log in and that's it.
2) An authorized person could do everything
And if it’s not difficult with explanations, I can’t figure something out, it seems easy in kind and not)) I would be grateful.
PS: That's how I did it, but what if the action has the same names in different controllers?

namespace backend\controllers;

use yii\web\Controller;
use yii\filters\AccessControl;

class AppController extends Controller
{
    public function behaviors()
    {
        return [
            'access' => [
                'class' => AccessControl::className(),
                'only' => ['login', 'logout', 'signup'],
                'rules' => [
                    [
                        'allow' => true,
                        'actions' => ['auth'],
                        'roles' => ['?'],
                    ],
                    [
                        'allow' => true,
                        'actions' => ['*'],
                        'roles' => ['@'],
                    ],
                ],
            ],
        ];
    }
}

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

M

Maxim, 2020-01-04
@lilwings

You did everything right, however, when the user is a guest - yii2 filters will automatically redirect him to the login page.
Default login address: site/login. The address can be changed in the user component of the application. The class is used by default. yii\web\UserTo change the path to the login, you must configure the user component in config.
Since you have an advanced template and two applications (backend and frontend), there are two ways to configure:
1. If the login form is shared

//common/config/main.php
'user' => [
    'loginUrl' => ['/admin/auth/login']
],

2. If the login form is different :

//backend/config/main.php
'user' => [
    'loginUrl' => ['/admin/auth/login']
],

//frontend/layout/main.php
'user' => [
    'loginUrl' => ['/auth/login']
],

You can also call the form from the js template

//config
'user' => [
    'loginUrl' => ['/?login=true']
],

//frontend/layout/main.php
$script = <<< JS
$('#login').trigger('click'); //вызываем окно с формой логина
JS;

1. We place the general rules in the "main" controller , from which all application controllers are inherited.
2. Attach a global filter with general rules that will override all actions in the application.
3. We put the general rules into separate filter classes that can be connected in the controller, module, or throughout the application.
I recommend using the third option. I do not recommend using the first option. In some cases, the second.
The first option is bad because of its inheritance and redundancy. Business logic appears in the controller, testing becomes more complicated.
If we are developing an application that has not only web controller , but also api controller , console controller , then with this approach we need to create three controllers with the same general rules or apply another level of inheritance. Ultimately, there is no escape from duplicating code or from a lot of code nesting.
If we leave the three common controllers, then when we change the rules, we may forget to change them elsewhere. Because of which something will not work as planned.
The second option gives our code some “mysteriousness” (magic), and also complicates testing.
When using option 3, the code is always edited in one file for all controllers, modules and applications. Code is tested separately from controllers and conforms to SOLID .
On this topic, you can see Dmitry Eliseev .