O Guia Definitivo do Yii 1.1

More documents

Recommendations

Info

a permission that is atomic. For example, we can have a system with administrator role which consists of post management task and user management task. The user management task may consist of create user, update user and delete user operations. For more flexibility, Yii also allows a role to consist of other roles or operations, a task to consist of other tasks, and an operation to consist of other operations. An authorization item is uniquely identified by its name. An authorization item may be associated with a business rule. A business rule is a piece of PHP code that will be executed when performing access checking with respect to the item. Only when the execution returns true, will the user be considered to have the permission represented by the item. For example, when defining an operation updatePost, we would like to add a business rule that checks if the user ID is the same as the post's author ID so that only the author himself can have the permission to update a post. Using authorization items, we can build up an authorization hierarchy. An item A is a parent of another item Bin the hierarchy if A consists of B (or say A inherits the permission(s) represented by B). An item can have multiple child items, and it can also have multiple parent items. Therefore, an authorization hierarchy is a partial-order graph rather than a tree. In this hierarchy, role items sit on top levels, operation items on bottom levels, while task items in between. Once we have an authorization hierarchy, we can assign roles in this hierarchy to application users. A user, once assigned with a role, will have the permissions represented by the role. For example, if we assign the administrator role to a user, he will have the administrator permissions which include post management and user management (and the corresponding operations such as create user). Now the fun part starts. In a controller action, we want to check if the current user can delete the specified post. Using the RBAC hierarchy and assignment, this can be done easily as follows: if(Yii::app()->user->checkAccess('deletePost')) { // delete the post } Configuring Authorization Manager Before we set off to define an authorization hierarchy and perform access checking, we need to configure the authManager application component. Yii provides two types of authorization managers: CPhpAuthManager and CDbAuthManager. The former uses a PHP script file to store authorization data, while the latter stores authorization data in database. When we configure the authManager application component, we need to specify which component class to use and what are the initial property values for the component. For example,
eturn array( 'components'=>array( 'db'=>array( 'class'=>'CDbConnection', 'connectionString'=>'sqlite:path/to/file.db', ), 'authManager'=>array( 'class'=>'CDbAuthManager', 'connectionID'=>'db', ), ), ); We can then access the authManager application component using Yii::app()- >authManager. Defining Authorization Hierarchy Defining authorization hierarchy involves three steps: defining authorization items, establishing relationships between authorization items, and assigning roles to application users. The authManager application component provides a whole set of APIs to accomplish these tasks. To define an authorization item, call one of the following methods, depending on the type of the item: • CAuthManager::createRole • CAuthManager::createTask • CAuthManager::createOperation Once we have a set of authorization items, we can call the following methods to establish relationships between authorization items: • CAuthManager::addItemChild • CAuthManager::removeItemChild • CAuthItem::addChild • CAuthItem::removeChild And finally, we call the following methods to assign role items to individual users: • CAuthManager::assign • CAuthManager::revoke Below we show an example about building an authorization hierarchy with the provided APIs:
Page 1 and 2:
O Guia Definitivo do Yii 1.1 Qiang
Page 3 and 4:
Coletando Entradas Tabulares! 59 Tr
Page 5 and 6:
Primeiros Passos Visão Geral Esse
Page 7 and 8:
• Added support for profiling SQL
Page 9 and 10:
no desenvolvimento Web e da investi
Page 11 and 12:
Página de Contato
Page 13 and 14:
Página de Login A listagem seguint
Page 15 and 16:
Conectando ao Banco de Dados A maio
Page 17 and 18:
% cd WebRoot/testdrive % protected/
Page 19 and 20:
Página de administração dos usu
Page 21 and 22:
Conceitos Básicos Modelo-Visão-Co
Page 23 and 24:
controle de acesso, benchmarking) a
Page 25 and 26:
deny from all Componentes da Aplica
Page 27 and 28:
3. Executa o controle; 8. Dispara o
Page 29 and 30:
class UpdateAction extends CAction
Page 31 and 32:
class PerformanceFilter extends CFi
Page 33 and 34:
$this->render('edit', array( 'var1'
Page 35 and 36:
A nomeclatura das visões do sistem
Page 37 and 38:
Um evento pode ter diversos manipul
Page 39 and 40:
forum/ ForumModule.php components/
Page 41 and 42:
RootAlias.path.to.target Onde RootA
Page 43 and 44:
Como não há suporte a namespaces
Page 45 and 46:
5. Implemente ações e as visões.
Page 47 and 48:
widgets that generate a lot of HTML
Page 49 and 50:
class LoginForm extends CFormModel
Page 51 and 52:
validação deverá ser efetuada; o
Page 53 and 54:
Nesse trecho de código, temos uma
Page 55 and 56:
public function rules() { return ar
Page 57 and 58:
Nota: Para fazer com que a variáve
Page 59 and 60:
A Página de Login com Erros A part
Page 61 and 62:
NamePriceCountDescription
Page 63 and 64:
usuário e senha para o acesso. Uma
Page 65 and 66:
Depois que o método CDbCommand::qu
Page 67 and 68:
Para mais detalhes sobre a vincula
Page 69 and 70:
• where: specifies the WHERE part
Page 71 and 72:
For example, array('in', 'id', arra
Page 73 and 74:
join and its variants function join
Page 75 and 76:
$sql = Yii::app()->db->createComman
Page 77 and 78:
uild and execute the following SQL:
Page 79 and 80:
CREATE TABLE `tbl_user` ( // `id` i
Page 81 and 82:
the new column name. The query buil
Page 83 and 84:
Below is an example showing how to
Page 85 and 86:
Dica: Existem duas maneiras de trab
Page 87 and 88:
class Post extends CActiveRecord {
Page 89 and 90:
$post=Post::model()->find(array( 's
Page 91 and 92:
Validação de Dados Ao inserir ou
Page 93 and 94:
$model=Post::model(); $transaction=
Page 95 and 96:
Named scopes podem ser parametrizad
Page 97 and 98:
Informação: O suporte à chaves e
Page 99 and 100:
Informação: Uma chave estrangeira
Page 101 and 102:
$posts=Post::model()->with( 'author
Page 103 and 104:
Informação: Quando o nome de uma
Page 105 and 106: Deve ser um vetor com pares nome-va
Page 107 and 108: The required name parameter specifi
Page 109 and 110: Sometimes, we may only want to appl
Page 111 and 112: yiic migrate up --migrationPath=ext
Page 113 and 114: • CZendDataCache: utiliza o Zend
Page 115 and 116: value irá expirar em 30 segundos /
Page 117 and 118: usuários. Para armazenar em cache
Page 119 and 120: A configuração acima, faz com que
Page 121 and 122: Nota: O path alias ext está dispon
Page 123 and 124: public function behaviors() { retur
Page 125 and 126: Controle Um controle, fornece um co
Page 127 and 128: • An extension should be self-con
Page 129 and 130: method invocations, we can start ou
Page 131 and 132: A console command should extend fro
Page 133 and 134: Testes Visão Geral Note: The testi
Page 135 and 136: $yiit='path/to/yii/framework/yiit.p
Page 138 and 139: Tip: Having too many fixture files
Page 140 and 141: public function testApprove() { //
Page 142 and 143: class PostTest extends WebTestCase
Page 144 and 145: array( ...... 'components'=>array(
Page 146 and 147: array( 'posts'=>'post/list', 'post/
Page 148 and 149: We first need to configure the Web
Page 150 and 151: class UserIdentity extends CUserIde
Page 152 and 153: Although Yii has measures to preven
Page 154 and 155: The access rules are evaluated one
Page 158 and 159: $auth=Yii::app()->authManager; $aut
Page 160 and 161: Default roles must be declared in t
Page 162 and 163: WebRoot/ assets protected/ .htacces
Page 164 and 165: eturn array( 'components'=>array( '
Page 166 and 167: If we create a widget with a set o
Page 168 and 169: To use message routing, we need to
Page 170 and 171: array( ...... 'preload'=>array('log
Page 172 and 173: Yii defines two exception classes:
Page 174 and 175: Web Service Web service is a softwa
Page 176 and 177: To complete the example, let's crea
Page 178 and 179: class PostController extends CContr
Page 180 and 181: When translating a message, its cat
Page 182 and 183: '1#one book|n>1#many books' Plural
Page 184 and 185: The CDateFormatter class mainly pro
Page 186 and 187: // body content for the widget //
Page 188 and 189: Yii represents each console task in
Page 190 and 191: yiic sitemap index --type=News --li
Page 192 and 193: Cross-site scripting (also known as
Page 194 and 195: etrieve the cookie with the specifi
Page 196 and 197: Note: The scriptMap feature describ
show all

O Guia Definitivo do Yii 1.1

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?