- public function behaviors()
- {
- return [
- 'access' => [
- 'class' => \yii\filters\AccessControl::className(),
- 'only' => ['create', 'update'],
- 'rules' => [
- // deny all POST requests
- [
- 'allow' => false,
- 'verbs' => ['POST']
- ],
- // allow authenticated users
- [
- 'allow' => true,
- 'roles' => [],
- ],
- // everything else is denied
- ],
- 'denyCallback' => function ($rule, $action) {
- Yii::$app->session->setFlash('error', 'This section is only for registered users.');
- Yii::$app->user->loginRequired();
- },
- ],
- ];
- }
- 如上代码,当用户没登录的时候,将会跳转到site/login,现在的问题是想要不跳转,而是显示信息'你没有访问的权限',那么代码设置如下:
- public function behaviors()
- {
- return [
- 'access' => [
- 'class' => \yii\web\AccessControl::className(),
- 'only' => ['login', 'logout', 'signup'],
- 'rules' => [
- [
- 'actions' => ['login', 'signup'],
- 'allow' => true,
- 'roles' => ['?'],
- ],
- [
- 'actions' => ['logout'],
- 'allow' => true,
- 'roles' => [],
- ],
- ],
- ],
- ];
- }
- 让所有来宾(尚未验证)的用户访问"登录"和"注册"的行动。
- 允许通过验证的用户才能访问'注销'的行动。
来源: