我查看了Yii中rbac的文档,并认为我理解它是如何工作的,直到我实际尝试它。
这是检查帖子的作者是否正在尝试获取操作授权的规则:
class AuthorRule extends Rule { public $name = 'isAuthor'; /** * @param string|integer $user the user ID. * @param Item $item the role or permission that this rule is associated with * @param array $params parameters passed to ManagerInterface::checkAccess(). * @return boolean a value indicating whether the rule permits the role or permission it is associated with. */ public function execute($user, $item, $params) { return isset($params['model']) ? $params['model']->createdBy == $user : false; } }这就是我试图使用规则和Yii的rbac:
public function actionUpdate($id) { $model = $this->findModel($id); if (\Yii::$app->user->can('update', ['model' => $model])) { if ($model->load(Yii::$app->request->post()) && $model->save()) { return $this->redirect(['view', 'id' => $model->id]); } else { return $this->render('update', [ 'model' => $model, ]); } } }但是,当我尝试编辑帖子时,我得到了这个:
Getting unknown property: app\models\Post::createdBy所以我认为我必须用userId替换createdBy,这是表Post中的一列,我得到一个空白页,这意味着它不起作用。 所以我想猜猜$ user是什么。
我也尝试过:
return isset($params['model']) ? $params['model']->userId == $user->id : false;而我正在: Trying to get property of non-object.
我该怎么做才能让它发挥作用? doc似乎建议你只需要在控制器动作中插入条件以使其工作,但似乎根本不是这种情况。
var dump:
object(app\models\Post)[75] private '_attributes' (yii\db\BaseActiveRecord) => array (size=6) 'id' => int 1 'userId' => int 1 'title' => string 'test' (length=4) 'content' => string 'lol' (length=3) 'dateCreated' => null 'dateUpdated' => null private '_oldAttributes' (yii\db\BaseActiveRecord) => array (size=6) 'id' => int 1 'userId' => int 1 'title' => string 'test' (length=4) 'content' => string 'lol' (length=3) 'dateCreated' => null 'dateUpdated' => null private '_related' (yii\db\BaseActiveRecord) => array (size=0) empty private '_errors' (yii\base\Model) => null private '_validators' (yii\base\Model) => null private '_scenario' (yii\base\Model) => string 'default' (length=7) private '_events' (yii\base\Component) => array (size=0) empty private '_behaviors' (yii\base\Component) => array (size=0) empty nullI looked at the documentation for rbac in Yii and thought I understood how it worked until I actually tried it.
This is the rule for checking whether the author of the post is trying to get the authorization for an action:
class AuthorRule extends Rule { public $name = 'isAuthor'; /** * @param string|integer $user the user ID. * @param Item $item the role or permission that this rule is associated with * @param array $params parameters passed to ManagerInterface::checkAccess(). * @return boolean a value indicating whether the rule permits the role or permission it is associated with. */ public function execute($user, $item, $params) { return isset($params['model']) ? $params['model']->createdBy == $user : false; } }This is how I am trying to use the rule and Yii's rbac:
public function actionUpdate($id) { $model = $this->findModel($id); if (\Yii::$app->user->can('update', ['model' => $model])) { if ($model->load(Yii::$app->request->post()) && $model->save()) { return $this->redirect(['view', 'id' => $model->id]); } else { return $this->render('update', [ 'model' => $model, ]); } } }However, I get this when I try to edit a Post:
Getting unknown property: app\models\Post::createdBySo I thought I had to replace createdBy with userId which is a column in the table Post and I am getting a blank page meaning it doesn't work. So I am trying to guess what $user is.
I also tried:
return isset($params['model']) ? $params['model']->userId == $user->id : false;and I am getting: Trying to get property of non-object.
What should I do to make it work? The doc seemed to suggest you just had to plug the conditional inside the controller action to make it work, but it doesn't seem to be the case at all.
var dump:
object(app\models\Post)[75] private '_attributes' (yii\db\BaseActiveRecord) => array (size=6) 'id' => int 1 'userId' => int 1 'title' => string 'test' (length=4) 'content' => string 'lol' (length=3) 'dateCreated' => null 'dateUpdated' => null private '_oldAttributes' (yii\db\BaseActiveRecord) => array (size=6) 'id' => int 1 'userId' => int 1 'title' => string 'test' (length=4) 'content' => string 'lol' (length=3) 'dateCreated' => null 'dateUpdated' => null private '_related' (yii\db\BaseActiveRecord) => array (size=0) empty private '_errors' (yii\base\Model) => null private '_validators' (yii\base\Model) => null private '_scenario' (yii\base\Model) => string 'default' (length=7) private '_events' (yii\base\Component) => array (size=0) empty private '_behaviors' (yii\base\Component) => array (size=0) empty null最满意答案
第一个错误说,你的Post模型中没有createdBy属性。 你做?
第二个错误是关于尝试获取非对象变量的属性。 你能展示var_dump($params['model']); var_dump($user); var_dump($params['model']); var_dump($user); 回来之前?
The first error says, that you don't have a createdBy property in your Post model. Do you?
The second error is about trying to get a property of non-object variable. Could you show var_dump($params['model']); var_dump($user); before the return?
Yii中的rbac授权检查不起作用(获取未知属性:app \ models \ Post :: createdBy)(rbac authorization check in Yii doesn't work (Getting unknown property: app\models\Post::createdBy))我查看了Yii中rbac的文档,并认为我理解它是如何工作的,直到我实际尝试它。
这是检查帖子的作者是否正在尝试获取操作授权的规则:
class AuthorRule extends Rule { public $name = 'isAuthor'; /** * @param string|integer $user the user ID. * @param Item $item the role or permission that this rule is associated with * @param array $params parameters passed to ManagerInterface::checkAccess(). * @return boolean a value indicating whether the rule permits the role or permission it is associated with. */ public function execute($user, $item, $params) { return isset($params['model']) ? $params['model']->createdBy == $user : false; } }这就是我试图使用规则和Yii的rbac:
public function actionUpdate($id) { $model = $this->findModel($id); if (\Yii::$app->user->can('update', ['model' => $model])) { if ($model->load(Yii::$app->request->post()) && $model->save()) { return $this->redirect(['view', 'id' => $model->id]); } else { return $this->render('update', [ 'model' => $model, ]); } } }但是,当我尝试编辑帖子时,我得到了这个:
Getting unknown property: app\models\Post::createdBy所以我认为我必须用userId替换createdBy,这是表Post中的一列,我得到一个空白页,这意味着它不起作用。 所以我想猜猜$ user是什么。
我也尝试过:
return isset($params['model']) ? $params['model']->userId == $user->id : false;而我正在: Trying to get property of non-object.
我该怎么做才能让它发挥作用? doc似乎建议你只需要在控制器动作中插入条件以使其工作,但似乎根本不是这种情况。
var dump:
object(app\models\Post)[75] private '_attributes' (yii\db\BaseActiveRecord) => array (size=6) 'id' => int 1 'userId' => int 1 'title' => string 'test' (length=4) 'content' => string 'lol' (length=3) 'dateCreated' => null 'dateUpdated' => null private '_oldAttributes' (yii\db\BaseActiveRecord) => array (size=6) 'id' => int 1 'userId' => int 1 'title' => string 'test' (length=4) 'content' => string 'lol' (length=3) 'dateCreated' => null 'dateUpdated' => null private '_related' (yii\db\BaseActiveRecord) => array (size=0) empty private '_errors' (yii\base\Model) => null private '_validators' (yii\base\Model) => null private '_scenario' (yii\base\Model) => string 'default' (length=7) private '_events' (yii\base\Component) => array (size=0) empty private '_behaviors' (yii\base\Component) => array (size=0) empty nullI looked at the documentation for rbac in Yii and thought I understood how it worked until I actually tried it.
This is the rule for checking whether the author of the post is trying to get the authorization for an action:
class AuthorRule extends Rule { public $name = 'isAuthor'; /** * @param string|integer $user the user ID. * @param Item $item the role or permission that this rule is associated with * @param array $params parameters passed to ManagerInterface::checkAccess(). * @return boolean a value indicating whether the rule permits the role or permission it is associated with. */ public function execute($user, $item, $params) { return isset($params['model']) ? $params['model']->createdBy == $user : false; } }This is how I am trying to use the rule and Yii's rbac:
public function actionUpdate($id) { $model = $this->findModel($id); if (\Yii::$app->user->can('update', ['model' => $model])) { if ($model->load(Yii::$app->request->post()) && $model->save()) { return $this->redirect(['view', 'id' => $model->id]); } else { return $this->render('update', [ 'model' => $model, ]); } } }However, I get this when I try to edit a Post:
Getting unknown property: app\models\Post::createdBySo I thought I had to replace createdBy with userId which is a column in the table Post and I am getting a blank page meaning it doesn't work. So I am trying to guess what $user is.
I also tried:
return isset($params['model']) ? $params['model']->userId == $user->id : false;and I am getting: Trying to get property of non-object.
What should I do to make it work? The doc seemed to suggest you just had to plug the conditional inside the controller action to make it work, but it doesn't seem to be the case at all.
var dump:
object(app\models\Post)[75] private '_attributes' (yii\db\BaseActiveRecord) => array (size=6) 'id' => int 1 'userId' => int 1 'title' => string 'test' (length=4) 'content' => string 'lol' (length=3) 'dateCreated' => null 'dateUpdated' => null private '_oldAttributes' (yii\db\BaseActiveRecord) => array (size=6) 'id' => int 1 'userId' => int 1 'title' => string 'test' (length=4) 'content' => string 'lol' (length=3) 'dateCreated' => null 'dateUpdated' => null private '_related' (yii\db\BaseActiveRecord) => array (size=0) empty private '_errors' (yii\base\Model) => null private '_validators' (yii\base\Model) => null private '_scenario' (yii\base\Model) => string 'default' (length=7) private '_events' (yii\base\Component) => array (size=0) empty private '_behaviors' (yii\base\Component) => array (size=0) empty null最满意答案
第一个错误说,你的Post模型中没有createdBy属性。 你做?
第二个错误是关于尝试获取非对象变量的属性。 你能展示var_dump($params['model']); var_dump($user); var_dump($params['model']); var_dump($user); 回来之前?
The first error says, that you don't have a createdBy property in your Post model. Do you?
The second error is about trying to get a property of non-object variable. Could you show var_dump($params['model']); var_dump($user); before the return?
发布评论