Class yii\filters\AccessRule

Inheritance	yii\filters\AccessRule » yii\base\Component » yii\base\Object
Implements	yii\base\Configurable
Available since version	2.0
Source Code	https://github.com/yiisoft/yii2/blob/master/framework/filters/AccessRule.php

This class represents an access rule defined by the yii\filters\AccessControl action filter

Public Properties

Property	Type	Description	Defined By
$actions	array	List of action IDs that this rule applies to.	yii\filters\AccessRule
$allow	boolean	Whether this is an 'allow' rule or 'deny' rule.	yii\filters\AccessRule
$behaviors	yii\base\Behavior[]	List of behaviors attached to this component	yii\base\Component
$controllers	array	List of the controller IDs that this rule applies to.	yii\filters\AccessRule
$denyCallback	callable	A callback that will be called if this rule determines the access to the current action should be denied.	yii\filters\AccessRule
$ips	array	List of user IP addresses that this rule applies to.	yii\filters\AccessRule
$matchCallback	callable	A callback that will be called to determine if the rule should be applied.	yii\filters\AccessRule
$roleParams	array|Closure	Parameters to pass to the yii\web\User::can() function for evaluating user permissions in $roles.	yii\filters\AccessRule
$roles	array	List of roles that this rule applies to (requires properly configured User component).	yii\filters\AccessRule
$verbs	array	List of request methods (e.g. GET, POST) that this rule applies to.	yii\filters\AccessRule

Public Methods

Method	Description	Defined By
__call()	Calls the named method which is not a class method.	yii\base\Object
__clone()	This method is called after the object is created by cloning an existing one.	yii\base\Component
__construct()	Constructor.	yii\base\Object
__get()	Returns the value of an object property.	yii\base\Object
__isset()	Checks if a property is set, i.e. defined and not null.	yii\base\Object
__set()	Sets value of an object property.	yii\base\Object
__unset()	Sets an object property to null.	yii\base\Object
allows()	Checks whether the Web user is allowed to perform the specified action.	yii\filters\AccessRule
attachBehavior()	Attaches a behavior to this component.	yii\base\Component
attachBehaviors()	Attaches a list of behaviors to the component.	yii\base\Component
behaviors()	Returns a list of behaviors that this component should behave as.	yii\base\Component
canGetProperty()	Returns a value indicating whether a property can be read.	yii\base\Object
canSetProperty()	Returns a value indicating whether a property can be set.	yii\base\Object
className()	Returns the fully qualified name of this class.	yii\base\Object
detachBehavior()	Detaches a behavior from the component.	yii\base\Component
detachBehaviors()	Detaches all behaviors from the component.	yii\base\Component
ensureBehaviors()	Makes sure that the behaviors declared in behaviors() are attached to this component.	yii\base\Component
getBehavior()	Returns the named behavior object.	yii\base\Component
getBehaviors()	Returns all behaviors attached to this component.	yii\base\Component
hasEventHandlers()	Returns a value indicating whether there is any handler attached to the named event.	yii\base\Component
hasMethod()	Returns a value indicating whether a method is defined.	yii\base\Object
hasProperty()	Returns a value indicating whether a property is defined.	yii\base\Object
init()	Initializes the object.	yii\base\Object
off()	Detaches an existing event handler from this component.	yii\base\Component
on()	Attaches an event handler to an event.	yii\base\Component
trigger()	Triggers an event.	yii\base\Component

Protected Methods

Method	Description	Defined By
matchAction()		yii\filters\AccessRule
matchController()		yii\filters\AccessRule
matchCustom()		yii\filters\AccessRule
matchIP()		yii\filters\AccessRule
matchRole()		yii\filters\AccessRule
matchVerb()		yii\filters\AccessRule

Property Details

$actions public property

List of action IDs that this rule applies to. The comparison is case-sensitive. If not set or empty, it means this rule applies to all actions.

public array $actions = null

$allow public property

Whether this is an 'allow' rule or 'deny' rule.

public boolean $allow = null

$controllers public property

List of the controller IDs that this rule applies to.

The comparison uses yii\base\Controller::$uniqueId, so each controller ID is prefixed with the module ID (if any). For a product controller in the application, you would specify this property like ['product'] and if that controller is located in a shop module, this would be ['shop/product'].

The comparison is case-sensitive.

If not set or empty, it means this rule applies to all controllers.

Since version 2.0.12 controller IDs can be specified as wildcards, e.g. module/*.

public array $controllers = null

$denyCallback public property

A callback that will be called if this rule determines the access to the current action should be denied. If not set, the behavior will be determined by yii\filters\AccessControl.

The signature of the callback should be as follows:

function ($rule, $action)

where $rule is this rule, and $action is the current action object.

public callable $denyCallback = null

$ips public property

List of user IP addresses that this rule applies to. An IP address can contain the wildcard * at the end so that it matches IP addresses with the same prefix. For example, '192.168.*' matches all IP addresses in the segment '192.168.'. If not set or empty, it means this rule applies to all IP addresses.

See also yii\web\Request::$userIP.

public array $ips = null

$matchCallback public property

A callback that will be called to determine if the rule should be applied. The signature of the callback should be as follows:

function ($rule, $action)

where $rule is this rule, and $action is the current action object. The callback should return a boolean value indicating whether this rule should be applied.

public callable $matchCallback = null

$roleParams public property (available since version 2.0.12)

Parameters to pass to the yii\web\User::can() function for evaluating user permissions in $roles.

If this is an array, it will be passed directly to yii\web\User::can(). For example for passing an ID from the current request, you may use the following:

['postId' => Yii::$app->request->get('id')]

You may also specify a closure that returns an array. This can be used to evaluate the array values only if they are needed, for example when a model needs to be loaded like in the following code:

'rules' => [
    [
        'allow' => true,
        'actions' => ['update'],
        'roles' => ['updatePost'],
        'roleParams' => function($rule) {
            return ['post' => Post::findOne(Yii::$app->request->get('id'))];
        },
    ],
],

A reference to the yii\filters\AccessRule instance will be passed to the closure as the first parameter.

See also $roles.

public array|Closure $roleParams = []

$roles public property

List of roles that this rule applies to (requires properly configured User component). Two special roles are recognized, and they are checked via yii\web\User::$isGuest:

• ?: matches a guest user (not authenticated yet)
• @: matches an authenticated user

If you are using RBAC (Role-Based Access Control), you may also specify role or permission names. In this case, yii\web\User::can() will be called to check access.

If this property is not set or empty, it means this rule applies to all roles.

See also $roleParams.

public array $roles = null

$verbs public property

List of request methods (e.g. GET, POST) that this rule applies to. If not set or empty, it means this rule applies to all request methods.

See also yii\web\Request::$method.

public array $verbs = null

Method Details