Yii2 控制器里重写beforeAction,behaviors 失效

控制器代码:

public function behaviors() {
        return [
            //附加行为
            'myBehavior' => [
                'class' => '\app\components\MyBehavior',
            ],
            'access' => [
                'class' => AccessControl::className(),
                'only' => ['index', 'add'],
                'rules' => [
                    [
                        'actions' => [],
                        'allow' => true,
                        'roles' => ['?'],
                    ],
                    [
                        'actions' => ['index', 'add'],
                        'allow' => true,
                        'roles' => ['@'],
                    ]
                ],
            ],
            'verbs' => [
                'class' => VerbFilter::className(),
                'actions' => [
                //'delete' => ['POST'],
                ],
            ],
        ];
    }

    public function beforeAction($action) {
        $currentaction = $action->id;
        $novalidactions = ['add-edit-inspection-area'];  //对这个action  关闭csrf
        if (in_array($currentaction, $novalidactions)) {
            $action->controller->enableCsrfValidation = false;
        }
        parent::beforeAction($action);
        return true;
    }
MyBehavior代码:
public function beforeAction($action) {
        // 当前路由
        $actionId = $action->getUniqueId();
        $actionId = '/' . $actionId;

        // 当前登录用户的id
        $user = Yii::$app->getUser();
        $userId = $user->id;

        // 获取当前用户已经分配过的路由权限
        // 写的比较简单,有过基础的可自行完善,比如解决"*"的问题,看不懂的该行注释自行忽略
        $routes = [];
        $manager = Yii::$app->getAuthManager();
        foreach ($manager->getPermissionsByUser($userId) as $name => $value) {
            if ($name[0] === '/') {
                $routes[] = $name;
            }
        }
        //print_r($routes);//所有权限
        if ($actionId != '/auth/index') {//登录页面可直接访问

            // 判断当前用户是否有权限访问正在请求的路由
            if (in_array($actionId, $routes)) {
                $this->navData($routes, $actionId);
                return true;
            }
        } else {
            return true;
        }
        $this->denyAccess($user);
    }
阅读 6.3k
1 个回答

这样,你在beforeAction 中先调用父类的beforeAction方法。parent::beforeAction($action);

public function beforeAction($action) {
        parent::beforeAction($action);
        // 当前路由
        $actionId = $action->getUniqueId();
        $actionId = '/' . $actionId;

        // 当前登录用户的id
        $user = Yii::$app->getUser();
        $userId = $user->id;

        // 获取当前用户已经分配过的路由权限
        // 写的比较简单,有过基础的可自行完善,比如解决"*"的问题,看不懂的该行注释自行忽略
        $routes = [];
        $manager = Yii::$app->getAuthManager();
        foreach ($manager->getPermissionsByUser($userId) as $name => $value) {
            if ($name[0] === '/') {
                $routes[] = $name;
            }
        }
        //print_r($routes);//所有权限
        if ($actionId != '/auth/index') {//登录页面可直接访问

            // 判断当前用户是否有权限访问正在请求的路由
            if (in_array($actionId, $routes)) {
                $this->navData($routes, $actionId);
                return true;
            }
        } else {
            return true;
        }
        $this->denyAccess($user);
    }
撰写回答
你尚未登录,登录后可以
  • 和开发者交流问题的细节
  • 关注并接收问题和回答的更新提醒
  • 参与内容的编辑和改进,让解决方法与时俱进
推荐问题