yii 权限控制

摘录以3种：

1,通过accessControl，

public function filters(){return array('accessControl', // perform access control for CRUD operations);}/** * Specifies the access control rules. * This method is used by the 'accessControl' filter. * @return array access control rules */public function accessRules(){return array(array('allow', // allow authenticated users to access all actions'users'=>array('@'),),array('deny',  // deny all users'users'=>array('*'),),);}

2，通过插件（如：right）

public function filters(){return array('rights',);}

3，混合模式:

/** * @return array action filters */public function filters(){return array('updateOwn + update', // Apply this filter only for the update action.'rights',);}/** * Filter method for checking whether the currently logged in user * is the author of the post being accessed. */public function filterUpdateOwn($filterChain){$post=$this->loadModel();// Remove the 'rights' filter if the user is updating an own post// and has the permission to do so.if(Yii::app()->user->checkAccess('PostUpdateOwn', array('userid'=>$post->author_id)))$filterChain->removeAt(1);$filterChain->run();}

如果有权限的基础上，开放某些动作的权限，可以通过allowedActions:

public function allowedActions(){ return 'autocomplate,autocomplate2';}