为Yii的srbac中的未授权用户启用对模块的访问 [英] Enable access to module for unauthorized users in Yii's srbac

问题描述

我正在尝试在Yii中使用 hybridauth 扩展名.没有 srbac 扩展名就可以了，问题是我需要允许未经授权的人访问此模块用户使用它.我已经尝试按照 srbac指南中所述设置alwaysAllowed属性:

I'm trying to use hybridauth extension in Yii. Without srbac extension is everything fine, problem is that I need to enable access to this module for unauthorized users using it. I've tried setting property alwaysAllowed as stated in srbac guide:

操作被命名为 [ModuleId]/[Subdirectory].[ContollerId] [Action]

The operations are named as [ModuleId]/[Subdirectory].[ContollerId][Action]

像这样:

'alwaysAllowed'=>array( //default: array()
            'SiteLogin','SiteLogout','SiteIndex','SiteAdmin',
            'SiteError', 'SiteContact','hybridauth@controllers.DefaultLogin'),

(我的分隔符是@)，它不起作用.我一直在调试它，似乎在功能_extendsSBaseController(modules/srbac/controllers/AuthItemController.php)中，Hybridauth控制器(DefaultController)无法识别为SBaseController:

(my delimiter is @), it doesn't work. I've been debugging it and it seems that the Hybridauth controller (DefaultController) is not recognized as SBaseController in function _extendsSBaseController (modules/srbac/controllers/AuthItemController.php):

if ($cont instanceof SBaseController) {
  return true;
}

我的Controller类正在扩展SBaseController，它适用于不在模块中的控制器，但不适用于此模块.我也尝试过用SBaseController直接扩展DefaultController，但是没有运气.

My Controller class is extending the SBaseController and it works for controllers which are not in a module, but not for this. I've also tried to directly extend the DefaultController with SBaseController with no luck.

如何将模块设置为AllowAllowed?

How to set the module to be alwaysAllowed?

推荐答案

我已将hybridauth@DefaultIndex和hybridauth@DefaultCallback添加到所有允许的列表中，现在可以使用了.该字符串的构造可以在函数beforeAction中的srbac/Controllers/SBaseController.php中看到:

I've added hybridauth@DefaultIndex and hybridauth@DefaultCallback to allways allowed list and now it works. The construction of this string can be seen in srbac/Controllers/SBaseController.php in function beforeAction:

$access = $mod . $controller . ucfirst($this->action->id);

这篇关于为Yii的srbac中的未授权用户启用对模块的访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！