Class CAccessRule

CAccessRule represents an access rule that is managed by CAccessControlFilter.

CComponent

CAccessRule

Package: system\web\auth
Copyright: 2008-2013 Yii Software LLC
License: http://www.yiiframework.com/license/
Author: Qiang Xue <qiang.xue@gmail.com>
Since: 1.0
Located at x2engine/framework/web/auth/CAccessControlFilter.php

Methods summary
`public integer`	# `isUserAllowed( CWebUser $user, CController $controller, CAction $action, string $ip, string $verb )` Checks whether the Web user is allowed to perform the specified action. Checks whether the Web user is allowed to perform the specified action. Parameters `$user` `CWebUser` $user the user object `$controller` `CController` $controller the controller currently being executed `$action` `CAction` $action the action to be performed `$ip` `string` $ip the request IP address `$verb` `string` $verb the request verb (GET, POST, etc.) Returns `integer` 1 if the user is allowed, -1 if the user is denied, 0 if the rule does not apply to the user
`protected boolean`	# `isActionMatched( CAction $action )` Parameters `$action` `CAction` $action the action Returns `boolean` whether the rule applies to the action
`protected boolean`	# `isControllerMatched( CController $controller )` Parameters `$controller` `CController` $controller the controller Returns `boolean` whether the rule applies to the controller
`protected boolean`	# `isUserMatched( IWebUser $user )` Parameters `$user` `IWebUser` $user the user Returns `boolean` whether the rule applies to the user
`protected boolean`	# `isRoleMatched( IWebUser $user )` Parameters `$user` `IWebUser` $user the user object Returns `boolean` whether the rule applies to the role
`protected boolean`	# `isIpMatched( string $ip )` Parameters `$ip` `string` $ip the IP address Returns `boolean` whether the rule applies to the IP address
`protected boolean`	# `isVerbMatched( string $verb )` Parameters `$verb` `string` $verb the request method Returns `boolean` whether the rule applies to the request
`protected boolean`	# `isExpressionMatched( IWebUser $user )` Parameters `$user` `IWebUser` $user the user Returns `boolean` the expression value. True if the expression is not specified.

Methods inherited from CComponent
`__call(), __get(), __isset(), __set(), __unset(), asa(), attachBehavior(), attachBehaviors(), attachEventHandler(), canGetProperty(), canSetProperty(), detachBehavior(), detachBehaviors(), detachEventHandler(), disableBehavior(), disableBehaviors(), enableBehavior(), enableBehaviors(), evaluateExpression(), getEventHandlers(), hasEvent(), hasEventHandler(), hasProperty(), raiseEvent()`

Properties summary
`public boolean`	`$allow`	# whether this is an 'allow' rule or 'deny' rule. whether this is an 'allow' rule or 'deny' rule.
`public array`	`$actions`	# list of action IDs that this rule applies to. The comparison is case-insensitive. If no actions are specified, rule applies to all actions. list of action IDs that this rule applies to. The comparison is case-insensitive. If no actions are specified, rule applies to all actions.
`public array`	`$controllers`	# list of controller IDs that this rule applies to. The comparison is case-insensitive. list of controller IDs that this rule applies to. The comparison is case-insensitive.
`public array`	`$users`	# list of user names that this rule applies to. The comparison is case-insensitive. If no user names are specified, rule applies to all users. list of user names that this rule applies to. The comparison is case-insensitive. If no user names are specified, rule applies to all users.
`public array`	`$roles`	# list of roles this rule applies to. For each role, the current user's `CWebUser::checkAccess()` method will be invoked. If one of the invocations returns true, the rule will be applied. Note, you should mainly use roles in an "allow" rule because by definition, a role represents a permission collection. list of roles this rule applies to. For each role, the current user's `CWebUser::checkAccess()` method will be invoked. If one of the invocations returns true, the rule will be applied. Note, you should mainly use roles in an "allow" rule because by definition, a role represents a permission collection. See `CAuthManager`
`public array`	`$ips`	# IP patterns. IP patterns.
`public array`	`$verbs`	# list of request types (e.g. GET, POST) that this rule applies to. list of request types (e.g. GET, POST) that this rule applies to.
`public string`	`$expression`	# a PHP expression whose value indicates whether this rule should be applied. In this expression, you can use `<span class="php-var">$user</span>` which refers to `Yii::app()->user`. The expression can also be a valid PHP callback, including class method name (array(ClassName/Object, MethodName)), or anonymous function (PHP 5.3.0+). The function/method signature should be as follows: function foo($user, $rule) { ... } where $user is the current application user object and $rule is this access rule. The PHP expression will be evaluated using `CComponent::evaluateExpression()`. A PHP expression can be any PHP code that has a value. To learn more about what an expression is, please refer to the php manual. a PHP expression whose value indicates whether this rule should be applied. In this expression, you can use `<span class="php-var">$user</span>` which refers to `Yii::app()->user`. The expression can also be a valid PHP callback, including class method name (array(ClassName/Object, MethodName)), or anonymous function (PHP 5.3.0+). The function/method signature should be as follows: function foo($user, $rule) { ... } where $user is the current application user object and $rule is this access rule. The PHP expression will be evaluated using `CComponent::evaluateExpression()`. A PHP expression can be any PHP code that has a value. To learn more about what an expression is, please refer to the php manual.
`public string`	`$message`	# the error message to be displayed when authorization is denied by this rule. If not set, a default error message will be displayed. the error message to be displayed when authorization is denied by this rule. If not set, a default error message will be displayed. Since 1.1.1
`public mixed`	`$deniedCallback`	# the denied method callback that will be called once the access is denied. It replaces the behavior that shows an error message. It can be a valid PHP callback including class method name (array(ClassName/Object, MethodName)), or anonymous function (PHP 5.3.0+). For more information, on different options, check the denied method callback that will be called once the access is denied. It replaces the behavior that shows an error message. It can be a valid PHP callback including class method name (array(ClassName/Object, MethodName)), or anonymous function (PHP 5.3.0+). For more information, on different options, check Since 1.1.11 Link The function/method signature should be as follows: <pre> function foo($rule) { ... } </pre> where $rule is this access rule.

Packages

Classes

Class CAccessRule

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Returns

See

Since

Since

Link