问题描述
我的Yii项目中至少有一个模型需要引用特定的用户ID.在模型的SQL中,我有类似CONSTRAINT FOREIGN KEY (user_id) REFERENCES User(id)
的内容.当我遇到CUserIdentity的文档时,我将继续创建用户模型.我不得不承认我很困惑. CUserIdentity是用户还是与特定用户案例关联的状态?我想尽可能多地使用Yii内置功能,因为据我所知,它们可以处理许多与安全性有关的问题,而且我知道存在一些类似srbac
的模块,这些模块可以处理用户身份验证和注册管理.请指引我正确的方向. (还有争议:模型和组件之间是什么关系?)
I have at least one model in my Yii project that will need to reference a particular user ID. In my SQL for the model I have something like CONSTRAINT FOREIGN KEY (user_id) REFERENCES User(id)
. I was going to go ahead and create a User model when I came across the docs for CUserIdentity. I have to admit I am confused. Is a CUserIdentity a user or a state associated with a particular user-case? I would like to use as much of the built-in Yii features as possible since they handle a lot of security-related issues from what I understand, and I am aware of the existence of some modules like srbac
that handle user authentication and registration management. Please guide me in the right direction. (Also at issue: what is the relationship between models and components?)
推荐答案
首先,请继续创建一个User
模型,您将需要它.
First off, do go ahead and create a User
model, you will need it.
顺便说一句:CUserIdentity
表示用户是谁"的概念,而User
模型表示关于我的应用程序的用户的信息". CUserIdentity
适用于存在一种以上用户(即来宾)的所有情况,而User
模型仅适用于您自己存储有关用户的信息时.诚然,在大多数情况下,和都是适用的,这就是造成混淆的原因.
With that out of the way: CUserIdentity
represents the concept of "who the user is", while the User
model represents "information about a user of my application". CUserIdentity
is applicable in all cases where there is more than one kind of user (i.e. guest), while the User
model is only applicable when you are storing information about the users yourself. Admittedly, in most cases both will be applicable and this is what creates the confusion.
通常,两者之间的关系是CUserIdentity
,以便回答诸如用户是谁",是否允许用户访问此资源"之类的问题.数据库以获取回答这些问题所需的信息.这两个概念之间的这种关系也已记录在Yii的权威指南中.之后对用户进行身份验证,它将通过其自己的属性(您必须定义)公开User
模型上的部分或全部信息.
Usually, the relation between the two is that CUserIdentity
, in order to answer questions such as "who the user is", "is the user allowed to access this resource" etc. queries the User
model from the database to get the information it needs to answer these questions. This relationship between the two concepts is also documented in the definitive guide to Yii. After e.g. authenticating the user, it would expose some or all of the information on the User
model through its own properties (which you would have to define).
要举例说明没有User
模型的情况,请考虑一个允许您使用LDAP用户帐户登录的网站.调用CUserIdentity::authenticate
方法时,该组件将针对LDAP服务器对凭据进行身份验证,并且在成功进行身份验证之后,该组件将再次获取任何其他相关信息,并通过其自身的属性公开这些信息.
To give an example of a scenario where there would be no User
model, think about a website that lets you log in using your LDAP user account. When the CUserIdentity::authenticate
method is called, the component would authenticate the credentials against the LDAP server and after a successful authentication would again grab any other relevant information and expose it through its own properties.
这篇关于Yii CUserIdentity与用户模型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!