我的项目中有一个针对用户的特殊情况。 如果用户的订阅已过期(我在login action
中检查此内容),他将被重定向到他的profile
以编辑一些选择。我怎样才能阻止他访问除profile
以外的任何页面。这是我的代码login action
if($subPaymentType == 'free'){
$subHours = $data[0]['sub_hours'];
$minutes = $subHours * 60 * 60;
$start_time = date('d-m-Y H:i:s', $startDate);
$endDate = $minutes + strtotime($start_time);
$endDate = date('d-m-Y H:i:s', $endDate);
if(strtotime(date('d-m-Y:')) < strtotime($endDate)){
$model->login();
}else{
$model->login();
//User can access this only page only
return $this->redirect(['user/view/?id='.Yii::$app->user->id]);
}
}
您可以在控制器中使用访问控制
yii'filters'AccessControl;
class YourSiteController extends Controller
{
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['login','profile'],
'allow' => true,
'roles' => ['*'],
],
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['post'],
],
],
];
}
有关更多详细信息,请参阅本指南 http://www.yiiframework.com/doc-2.0/yii-filters-accesscontrol.html
并在相关操作视图中
public function actionView($id)
{
if ($id != Yii::$app->user->id){
// not allowed ... perform the action you need in this case
} else {
return $this->render('view', [
'model' => $this->findModel($id),
]);
}
}