The first: in the landing operation of the controller of landing
1.RBAC::authenticate();
Used to look up the user name of form submission data in the user table, the user table is essentially a search statement, =====> return M (modle) -> where (array) -> find (); This operation has two parameters
a.array () array and a writing table and the role of the same array to be searched, =====> array ( 'field' => 'value', 'field' => Array ( 'condition', 'value'));
b.model is the table name, the default is to formulate parameters C ( 'USER_AUTH_MODEL'); return value is the result of a query to a one-dimensional array of significant commitments, note: it is a search method for recording a single user table, we can do it, directly search statement.
2.RBAC::saveAccessList();
The user can manipulate the application name (group name), controller name, operation name into session to a three-dimensional array of the situation.
User id parameter is, in general we verified after landing, the user will write the session id is C ( 'USER_AUTH_KEY') at the user;
This process will take default $ _SESSION (C ( 'USER_AUTH_KEY')) This parameter;
The second category: in a public controller (controller class to attend all rights to continue to verify all into this category)
Links: https://pan.baidu.com/s/1v5gm7n0L7TGyejCmQrMh2g extraction code: x2p5
free to share, but serious limitations of X, should click on the link or links fail Search plus population group number 936 682 608 .
3.RBAC::AccessDecision();
Used to determine whether the current user has permission to control the current, default parameter is the application name APP_NAME, if a packet mode, you have an incoming packet name GROUP_NAME
There is a method called RBAC :: checkAccess (); for verifying the current operation of the controller or whether to participate in the determination.
Note: There are four formulation parameters, we need to write two.
Requires verification controller: REQUIRE_AUTH_MODULE verify operation requires: REQUIRE_AUTH_ACTION
The controller does not require authentication: NOT_AUTH_MODULE not require verify operations: NOT_AUTH_ACTION
If you need to write the whole: while the write operation in REQUIRE_AUTH_ACTION must write it belongs controller REQUIRE_AUTH_MODULE.
If you do not need all written: Write a controller in NOT_AUTH_MODULE, all the methods that the controller will not require authentication
If you only write NOT_AUTH_ACTION in, you need to pay attention to operating problems name of the same name.
4.RBAC::checkLogin();
Used to determine whether the user is logged in. Note: Home after landing show this operation must participate in verification, so each character had permission to join this operation.
This method also can not directly determine the $ _SESSION [C ( 'USER_AUTH_KEY')] is present, there is no jump to the login screen so that you can make after landing home show this operation does not participate in the verification.