php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-04 06:37:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added a checkAccess example [skip ci]

Browse Source
This commit is contained in:
igronus
2016-10-05 15:13:20 +03:00
committed by Alexander Makarov
parent af32a48783
commit e0a021cd25
6 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/guide-es/rest-controllers.md
View File

@ -143,6 +143,10 @@ public function checkAccess($action, $model = null, $params = [])
{ {
// check if the user can access $action and $model // check if the user can access $action and $model
// throw ForbiddenHttpException if access should be denied // throw ForbiddenHttpException if access should be denied
if ($action === 'update' || $action === 'delete') {
if ($model->author_id !== \Yii::$app->user->id)
throw new \yii\web\ForbiddenHttpException(sprintf('You can only %s articles that you\'ve created.', $action));
}
} }
``` ```

4
docs/guide-ja/rest-controllers.md
View File

@ -172,6 +172,10 @@ public function checkAccess($action, $model = null, $params = [])
{ {
// ユーザが $action と $model に対する権限を持つかどうかをチェック // ユーザが $action と $model に対する権限を持つかどうかをチェック
// アクセスを拒否すべきときは ForbiddenHttpException を投げる // アクセスを拒否すべきときは ForbiddenHttpException を投げる
if ($action === 'update' || $action === 'delete') {
if ($model->author_id !== \Yii::$app->user->id)
throw new \yii\web\ForbiddenHttpException(sprintf('You can only %s articles that you\'ve created.', $action));
}
} }
``` ```

4
docs/guide-pt-BR/rest-controllers.md
View File

@ -120,6 +120,10 @@ public function checkAccess($action, $model = null, $params = [])
{ {
// verifica se o usuário pode acessar $action and $model // verifica se o usuário pode acessar $action and $model
// lança a ForbiddenHttpException se o acesso for negado // lança a ForbiddenHttpException se o acesso for negado
if ($action === 'update' || $action === 'delete') {
if ($model->author_id !== \Yii::$app->user->id)
throw new \yii\web\ForbiddenHttpException(sprintf('You can only %s articles that you\'ve created.', $action));
}
} }
``` ```

4
docs/guide-ru/rest-controllers.md
View File

@ -144,6 +144,10 @@ public function checkAccess($action, $model = null, $params = [])
{ {
// проверить, имеет ли пользователь доступ к $action и $model // проверить, имеет ли пользователь доступ к $action и $model
// выбросить ForbiddenHttpException, если доступ следует запретить // выбросить ForbiddenHttpException, если доступ следует запретить
if ($action === 'update' || $action === 'delete') {
if ($model->author_id !== \Yii::$app->user->id)
throw new \yii\web\ForbiddenHttpException(sprintf('You can only %s articles that you\'ve created.', $action));
}
} }
``` ```

4
docs/guide-zh-CN/rest-controllers.md
View File

@ -134,6 +134,10 @@ public function checkAccess($action, $model = null, $params = [])
{ {
// 检查用户能否访问 $action 和 $model // 检查用户能否访问 $action 和 $model
// 访问被拒绝应抛出ForbiddenHttpException // 访问被拒绝应抛出ForbiddenHttpException
if ($action === 'update' || $action === 'delete') {
if ($model->author_id !== \Yii::$app->user->id)
throw new \yii\web\ForbiddenHttpException(sprintf('You can only %s articles that you\'ve created.', $action));
}
} }
``` ```

4
docs/guide/rest-controllers.md
View File

@ -178,6 +178,10 @@ public function checkAccess($action, $model = null, $params = [])
{ {
// check if the user can access $action and $model // check if the user can access $action and $model
// throw ForbiddenHttpException if access should be denied // throw ForbiddenHttpException if access should be denied
if ($action === 'update' || $action === 'delete') {
if ($model->author_id !== \Yii::$app->user->id)
throw new \yii\web\ForbiddenHttpException(sprintf('You can only %s articles that you\'ve created.', $action));
}
} }
``` ```