1. 首页
  2. 问答
  3. Yii - 错误403您无权执行此操作

Yii - 错误403您无权执行此操作

2014-02-22 47 views
0

我正在为我的web项目使用Yii PHP框架。我的问题是如何解决这个问题。访问部门页面时出现错误403。Yii - 错误403您无权执行此操作

我LoginForm.php

public function authenticate($attribute,$params) 
    { 
     if(!$this->hasErrors()) // we only want to authenticate when no input errors 
     { 
      $identity=new UserIdentity($this->email,$this->password); 
      $identity->authenticate(); 
      switch($identity->errorCode) 
      { 
       case UserIdentity::ERROR_NONE: 
        Yii::app()->user->login($identity); 
        break; 
       case UserIdentity::ERROR_USERNAME_INVALID: 
        $this->addError('email','Email address is incorrect.'); 
        break; 
       default: // UserIdentity::ERROR_PASSWORD_INVALID 
        $this->addError('password','Password is incorrect.'); 
        break; 
      } 
     } 
    }

UserIdentity.php

<?php 

/** 
* UserIdentity represents the data needed to identity a user. 
* It contains the authentication method that checks if the provided 
* data can identity the user. 
*/ 
class UserIdentity extends CUserIdentity 
{ 

    // Need to store the user's ID: 
    private $_merchantId; 


    /** 
    * Authenticates a user. 
    * The example implementation makes sure if the username and password 
    * are both 'demo'. 
    * In practical applications, this should be changed to authenticate 
    * against some persistent user identity storage (e.g. database). 
    * @return boolean whether authentication succeeds. 
    */ 
    public function authenticate() 
    { 
     $merchant= Merchant::model()->findByAttributes(array('email'=>$this->username)); 

     if ($merchant===null) { // No user found! 
      $this->errorCode=self::ERROR_USERNAME_INVALID; 
     } else if ($merchant->password!== SHA1($this->password)) { // Invalid password! 
      $this->errorCode=self::ERROR_PASSWORD_INVALID; 
     } else { // Okay! 
      $this->errorCode=self::ERROR_NONE; 
      // Store the role in a session: 
      $this->setState('role', $merchant->role); 
      $this->_merchantId= $merchant->merchantId; 
     } 
     return!$this->errorCode; 
    } 

    public function getId() 
    { 
    return $this->_merchantId; 
    } 


}

Department.php

public function accessRules() 
    { 
     return array(
      array('allow', // allow all users to perform 'index' and 'view' actions 
       'actions'=>array('index','view'), 
       'users'=>array('*'), 
      ), 
      array('allow', // allow authenticated user to perform 'create' and 'update' actions 
       'actions'=>array('create','update'), 
       'users'=>array('@'), 
      ), 
      array('allow', // allow admin user to perform 'admin' and 'delete' actions 
       'actions'=>array('admin','delete'), 
       'users'=>array('admin'), 
      ), 
      array('deny', // deny all users 
       'users'=>array('*'), 
      ), 
     ); 
    }

为什么?

来源

2014-02-22 Mohammad Nurdin

+0

什么是您访问以获取此错误的URL? –

+0

r =部门/管理员 –

+0

你的用户角色是什么?只有'admin'角色可以访问'admin'功能。 –

回答

0

在你department.php accessRules()改变'users'=>array('admin')'users'=>array('@')在以下行可以看到下面:

array('allow', // allow admin user to perform 'admin' and 'delete' actions 
    'actions'=>array('admin','delete'), 
    'users'=>array('@'), 
),

这应该可以解决了未经授权的错误。

来源

2014-02-24 08:54:56

1

由于访问规则已定义在Admin用户可以访问此。 所以需要检查的@kumar_v说

来源

2014-02-22 18:39:37

相关问题

 相关问题