1. 首頁
  2. 問答
  3. Yii - 錯誤403您無權執行此操作

Yii - 錯誤403您無權執行此操作

2014-02-22 70 views
0

我正在爲我的web項目使用Yii PHP框架。我的問題是如何解決這個問題。訪問部門頁面時出現錯誤403。Yii - 錯誤403您無權執行此操作

我LoginForm.php

public function authenticate($attribute,$params) 
    { 
     if(!$this->hasErrors()) // we only want to authenticate when no input errors 
     { 
      $identity=new UserIdentity($this->email,$this->password); 
      $identity->authenticate(); 
      switch($identity->errorCode) 
      { 
       case UserIdentity::ERROR_NONE: 
        Yii::app()->user->login($identity); 
        break; 
       case UserIdentity::ERROR_USERNAME_INVALID: 
        $this->addError('email','Email address is incorrect.'); 
        break; 
       default: // UserIdentity::ERROR_PASSWORD_INVALID 
        $this->addError('password','Password is incorrect.'); 
        break; 
      } 
     } 
    }

UserIdentity.php

<?php 

/** 
* UserIdentity represents the data needed to identity a user. 
* It contains the authentication method that checks if the provided 
* data can identity the user. 
*/ 
class UserIdentity extends CUserIdentity 
{ 

    // Need to store the user's ID: 
    private $_merchantId; 


    /** 
    * Authenticates a user. 
    * The example implementation makes sure if the username and password 
    * are both 'demo'. 
    * In practical applications, this should be changed to authenticate 
    * against some persistent user identity storage (e.g. database). 
    * @return boolean whether authentication succeeds. 
    */ 
    public function authenticate() 
    { 
     $merchant= Merchant::model()->findByAttributes(array('email'=>$this->username)); 

     if ($merchant===null) { // No user found! 
      $this->errorCode=self::ERROR_USERNAME_INVALID; 
     } else if ($merchant->password!== SHA1($this->password)) { // Invalid password! 
      $this->errorCode=self::ERROR_PASSWORD_INVALID; 
     } else { // Okay! 
      $this->errorCode=self::ERROR_NONE; 
      // Store the role in a session: 
      $this->setState('role', $merchant->role); 
      $this->_merchantId= $merchant->merchantId; 
     } 
     return!$this->errorCode; 
    } 

    public function getId() 
    { 
    return $this->_merchantId; 
    } 


}

Department.php

public function accessRules() 
    { 
     return array(
      array('allow', // allow all users to perform 'index' and 'view' actions 
       'actions'=>array('index','view'), 
       'users'=>array('*'), 
      ), 
      array('allow', // allow authenticated user to perform 'create' and 'update' actions 
       'actions'=>array('create','update'), 
       'users'=>array('@'), 
      ), 
      array('allow', // allow admin user to perform 'admin' and 'delete' actions 
       'actions'=>array('admin','delete'), 
       'users'=>array('admin'), 
      ), 
      array('deny', // deny all users 
       'users'=>array('*'), 
      ), 
     ); 
    }

爲什麼?

來源

2014-02-22 Mohammad Nurdin

+0

什麼是您訪問以獲取此錯誤的URL? –

+0

r =部門/管理員 –

+0

你的用戶角色是什麼?只有'admin'角色可以訪問'admin'功能。 –

回答

0

在你department.php accessRules()改變'users'=>array('admin')'users'=>array('@')在以下行可以看到下面:

array('allow', // allow admin user to perform 'admin' and 'delete' actions 
    'actions'=>array('admin','delete'), 
    'users'=>array('@'), 
),

這應該可以解決了未經授權的錯誤。

來源

2014-02-24 08:54:56

1

由於訪問規則已定義在Admin用戶可以訪問此。 所以需要檢查的@kumar_v說

來源

2014-02-22 18:39:37

相關問題

 相關問題