All the application actions are defined in site controller. So to restrict application we are modifying the site controller as follows. The added lines are marked with these font format:
use yii\filters\AccessControl;
class SiteController extends Controller
{
/**
* Declares class-based actions.
*/
public function actions()
{
return array(
// captcha action renders the CAPTCHA image displayed on the contact page
/*'captcha'=>array(
'class'=>'CaptchaExtendedAction',
// if needed, modify settings
'mode'=>CaptchaExtendedAction::MODE_DEFAULT,
),*/
'captcha'=>array(
'class'=>'CCaptchaAction',
'backColor'=>0xFFFFFF,
),
// page action renders "static" pages stored under 'protected/views/site/pages'
// They can be accessed via: index.php?r=site/page&view=FileName
'page'=>array(
'class'=>'CViewAction',
),
);
}
public function filters()
{
return array(
'accessControl',
);
}
public function accessRules()
{
return array(
array('allow',
'actions'=>array('captcha'),
'users'=>array('*'),
),
array('allow', // allow all users to perform only 'login' action
'actions' => array('login','index', 'contact', 'error', 'logout'),
// 'ips' => array('10.160.137.10','10.160.137.5'), uncomment this to specify IP restriction
),
array('allow', // allow admin user to perform 'admin' AND 'delete' AND 'index' actions
'users'=>array('admin'),
),
array('deny', // deny all users
// 'ips'=>array('*'),
),
);
}
............................................................. // Rest of the code is as it is dont change anything
.............................................................
}
use yii\filters\AccessControl;
class SiteController extends Controller
{
/**
* Declares class-based actions.
*/
public function actions()
{
return array(
// captcha action renders the CAPTCHA image displayed on the contact page
/*'captcha'=>array(
'class'=>'CaptchaExtendedAction',
// if needed, modify settings
'mode'=>CaptchaExtendedAction::MODE_DEFAULT,
),*/
'captcha'=>array(
'class'=>'CCaptchaAction',
'backColor'=>0xFFFFFF,
),
// page action renders "static" pages stored under 'protected/views/site/pages'
// They can be accessed via: index.php?r=site/page&view=FileName
'page'=>array(
'class'=>'CViewAction',
),
);
}
public function filters()
{
return array(
'accessControl',
);
}
public function accessRules()
{
return array(
array('allow',
'actions'=>array('captcha'),
'users'=>array('*'),
),
array('allow', // allow all users to perform only 'login' action
'actions' => array('login','index', 'contact', 'error', 'logout'),
// 'ips' => array('10.160.137.10','10.160.137.5'), uncomment this to specify IP restriction
),
array('allow', // allow admin user to perform 'admin' AND 'delete' AND 'index' actions
'users'=>array('admin'),
),
array('deny', // deny all users
// 'ips'=>array('*'),
),
);
}
............................................................. // Rest of the code is as it is dont change anything
.............................................................
}
No comments:
Post a Comment