O Guia Definitivo do Yii 1.1

More documents

Recommendations

Info

$auth=Yii::app()->authManager; $auth->createOperation('createPost','create a post'); $auth->createOperation('readPost','read a post'); $auth->createOperation('updatePost','update a post'); $auth->createOperation('deletePost','delete a post'); $bizRule='return Yii::app()->user->id==$params["post"]->authID;'; $task=$auth->createTask('updateOwnPost','update a post by author himself', $bizRule); $task->addChild('updatePost'); $role=$auth->createRole('reader'); $role->addChild('readPost'); $role=$auth->createRole('author'); $role->addChild('reader'); $role->addChild('createPost'); $role->addChild('updateOwnPost'); $role=$auth->createRole('editor'); $role->addChild('reader'); $role->addChild('updatePost'); $role=$auth->createRole('admin'); $role->addChild('editor'); $role->addChild('author'); $role->addChild('deletePost'); $auth->assign('reader','readerA'); $auth->assign('author','authorB'); $auth->assign('editor','editorC'); $auth->assign('admin','adminD'); Once we have established this hierarchy, the authManager component (e.g. CPhpAuthManager, CDbAuthManager) will load the authorization items automatically. Therefore, we only need to run the above code one time, and NOT for every request. Info: While the above example looks long and tedious, it is mainly for demonstrative purpose. Developers will usually need to develop some administrative user interfaces so that end users can use to establish an authorization hierarchy more intuitively.
Using Business Rules When we are defining the authorization hierarchy, we can associate a role, a task or an operation with a so-called business rule. We may also associate a business rule when we assign a role to a user. A business rule is a piece of PHP code that is executed when we perform access checking. The returning value of the code is used to determine if the role or assignment applies to the current user. In the example above, we associated a business rule with the updateOwnPost task. In the business rule we simply check if the current user ID is the same as the specified post's author ID. The post information in the $params array is supplied by developers when performing access checking. Access Checking To perform access checking, we first need to know the name of the authorization item. For example, to check if the current user can create a post, we would check if he has the permission represented by the createPost operation. We then call CWebUser::checkAccess to perform the access checking: if(Yii::app()->user->checkAccess('createPost')) { // create post } If the authorization rule is associated with a business rule which requires additional parameters, we can pass them as well. For example, to check if a user can update a post, we would pass in the post data in the $params: $params=array('post'=>$post); if(Yii::app()->user->checkAccess('updateOwnPost',$params)) { // update post } Using Default Roles Note: The default role feature has been available since version 1.0.3 Many Web applications need some very special roles that would be assigned to every or most of the system users. For example, we may want to assign some privileges to all authenticated users. It poses a lot of maintenance trouble if we explicitly specify and store these role assignments. We can exploit default roles to solve this problem. A default role is a role that is implicitly assigned to every user, including both authenticated and guest. We do not need to explicitly assign it to a user. When CWebUser::checkAccess is invoked, default roles will be checked first as if they are assigned to the user.
Page 1 and 2:
O Guia Definitivo do Yii 1.1 Qiang
Page 3 and 4:
Coletando Entradas Tabulares! 59 Tr
Page 5 and 6:
Primeiros Passos Visão Geral Esse
Page 7 and 8:
• Added support for profiling SQL
Page 9 and 10:
no desenvolvimento Web e da investi
Page 11 and 12:
Página de Contato
Page 13 and 14:
Página de Login A listagem seguint
Page 15 and 16:
Conectando ao Banco de Dados A maio
Page 17 and 18:
% cd WebRoot/testdrive % protected/
Page 19 and 20:
Página de administração dos usu
Page 21 and 22:
Conceitos Básicos Modelo-Visão-Co
Page 23 and 24:
controle de acesso, benchmarking) a
Page 25 and 26:
deny from all Componentes da Aplica
Page 27 and 28:
3. Executa o controle; 8. Dispara o
Page 29 and 30:
class UpdateAction extends CAction
Page 31 and 32:
class PerformanceFilter extends CFi
Page 33 and 34:
$this->render('edit', array( 'var1'
Page 35 and 36:
A nomeclatura das visões do sistem
Page 37 and 38:
Um evento pode ter diversos manipul
Page 39 and 40:
forum/ ForumModule.php components/
Page 41 and 42:
RootAlias.path.to.target Onde RootA
Page 43 and 44:
Como não há suporte a namespaces
Page 45 and 46:
5. Implemente ações e as visões.
Page 47 and 48:
widgets that generate a lot of HTML
Page 49 and 50:
class LoginForm extends CFormModel
Page 51 and 52:
validação deverá ser efetuada; o
Page 53 and 54:
Nesse trecho de código, temos uma
Page 55 and 56:
public function rules() { return ar
Page 57 and 58:
Nota: Para fazer com que a variáve
Page 59 and 60:
A Página de Login com Erros A part
Page 61 and 62:
NamePriceCountDescription
Page 63 and 64:
usuário e senha para o acesso. Uma
Page 65 and 66:
Depois que o método CDbCommand::qu
Page 67 and 68:
Para mais detalhes sobre a vincula
Page 69 and 70:
• where: specifies the WHERE part
Page 71 and 72:
For example, array('in', 'id', arra
Page 73 and 74:
join and its variants function join
Page 75 and 76:
$sql = Yii::app()->db->createComman
Page 77 and 78:
uild and execute the following SQL:
Page 79 and 80:
CREATE TABLE `tbl_user` ( // `id` i
Page 81 and 82:
the new column name. The query buil
Page 83 and 84:
Below is an example showing how to
Page 85 and 86:
Dica: Existem duas maneiras de trab
Page 87 and 88:
class Post extends CActiveRecord {
Page 89 and 90:
$post=Post::model()->find(array( 's
Page 91 and 92:
Validação de Dados Ao inserir ou
Page 93 and 94:
$model=Post::model(); $transaction=
Page 95 and 96:
Named scopes podem ser parametrizad
Page 97 and 98:
Informação: O suporte à chaves e
Page 99 and 100:
Informação: Uma chave estrangeira
Page 101 and 102:
$posts=Post::model()->with( 'author
Page 103 and 104:
Informação: Quando o nome de uma
Page 105 and 106:
Deve ser um vetor com pares nome-va
Page 107 and 108: The required name parameter specifi
Page 109 and 110: Sometimes, we may only want to appl
Page 111 and 112: yiic migrate up --migrationPath=ext
Page 113 and 114: • CZendDataCache: utiliza o Zend
Page 115 and 116: value irá expirar em 30 segundos /
Page 117 and 118: usuários. Para armazenar em cache
Page 119 and 120: A configuração acima, faz com que
Page 121 and 122: Nota: O path alias ext está dispon
Page 123 and 124: public function behaviors() { retur
Page 125 and 126: Controle Um controle, fornece um co
Page 127 and 128: • An extension should be self-con
Page 129 and 130: method invocations, we can start ou
Page 131 and 132: A console command should extend fro
Page 133 and 134: Testes Visão Geral Note: The testi
Page 135 and 136: $yiit='path/to/yii/framework/yiit.p
Page 138 and 139: Tip: Having too many fixture files
Page 140 and 141: public function testApprove() { //
Page 142 and 143: class PostTest extends WebTestCase
Page 144 and 145: array( ...... 'components'=>array(
Page 146 and 147: array( 'posts'=>'post/list', 'post/
Page 148 and 149: We first need to configure the Web
Page 150 and 151: class UserIdentity extends CUserIde
Page 152 and 153: Although Yii has measures to preven
Page 154 and 155: The access rules are evaluated one
Page 156 and 157: a permission that is atomic. For ex
Page 160 and 161: Default roles must be declared in t
Page 162 and 163: WebRoot/ assets protected/ .htacces
Page 164 and 165: eturn array( 'components'=>array( '
Page 166 and 167: If we create a widget with a set o
Page 168 and 169: To use message routing, we need to
Page 170 and 171: array( ...... 'preload'=>array('log
Page 172 and 173: Yii defines two exception classes:
Page 174 and 175: Web Service Web service is a softwa
Page 176 and 177: To complete the example, let's crea
Page 178 and 179: class PostController extends CContr
Page 180 and 181: When translating a message, its cat
Page 182 and 183: '1#one book|n>1#many books' Plural
Page 184 and 185: The CDateFormatter class mainly pro
Page 186 and 187: // body content for the widget //
Page 188 and 189: Yii represents each console task in
Page 190 and 191: yiic sitemap index --type=News --li
Page 192 and 193: Cross-site scripting (also known as
Page 194 and 195: etrieve the cookie with the specifi
Page 196 and 197: Note: The scriptMap feature describ
show all

O Guia Definitivo do Yii 1.1

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?