yii2 访问控制

class SiteController extends Controller
{
/**
* @inheritdoc
*/
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['signup','login'],
'allow' => true,
'roles' => ['?'],
],
[
'actions' => ['logout','index'],
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
],
],
];
}

}

 

？表示所有访客都可以看见和使用的页面，@表示通过验证的用户可以访问的页面

如果

public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only'=>'index',
'rules' => [
[
'actions' => ['signup','login'],
'allow' => true,
'roles' => ['?'],
],
[
'actions' => ['logout','index'],
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
],
],
];
}加上了only，则表示该控制器中的方法只能用于index页面，其他页面都不能访问。