sathish
Reputation: 6765
Yii2 Access denied (ForbiddenHttpException) to backend controller
I installed new Yii advanced framework. Nginx server.
Below url is working fine: http://yii/backend/web/index.php?r=site/index
I created new CRUD using GII and accessed: http://yii/backend/web/index.php?r=user/index
It showing below error:
An Error occurred while handling another error:
exception 'yii\web\ForbiddenHttpException' with message 'You are not allowed to perform this action.' in /private/var/www/yii/advanced/vendor/yiisoft/yii2/filters/AccessControl.php:151
Stack trace:
#0 /private/var/www/yii/advanced/vendor/yiisoft/yii2/filters/AccessControl.php(134): yii\filters\AccessControl->denyAccess(Object(yii\web\User))
#1 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/ActionFilter.php(71): yii\filters\AccessControl->beforeAction(Object(yii\web\ErrorAction))
#2 [internal function]: yii\base\ActionFilter->beforeFilter(Object(yii\base\ActionEvent))
#3 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Component.php(541): call_user_func(Array, Object(yii\base\ActionEvent))
#4 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Controller.php(263): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent))
#5 /private/var/www/yii/advanced/vendor/yiisoft/yii2/web/Controller.php(108): yii\base\Controller->beforeAction(Object(yii\web\ErrorAction))
#6 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Controller.php(149): yii\web\Controller->beforeAction(Object(yii\web\ErrorAction))
#7 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Module.php(455): yii\base\Controller->runAction('error', Array)
#8 /private/var/www/yii/advanced/vendor/yiisoft/yii2/web/ErrorHandler.php(85): yii\base\Module->runAction('site/error')
#9 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/ErrorHandler.php(109): yii\web\ErrorHandler->renderException(Object(yii\web\NotFoundHttpException))
#10 [internal function]: yii\base\ErrorHandler->handleException(Object(yii\web\NotFoundHttpException))
#11 {main}
Previous exception:
exception 'yii\base\InvalidRouteException' with message 'Unable to resolve the request "user/index".' in /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Module.php:461
Stack trace:
#0 /private/var/www/yii/advanced/vendor/yiisoft/yii2/web/Application.php(84): yii\base\Module->runAction('user/index', Array)
#1 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))
#2 /private/var/www/yii/advanced/backend/web/index.php(18): yii\base\Application->run()
#3 {main}
Next exception 'yii\web\NotFoundHttpException' with message 'Page not found.' in /private/var/www/yii/advanced/vendor/yiisoft/yii2/web/Application.php:96
Stack trace:
#0 /private/var/www/yii/advanced/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))
#1 /private/var/www/yii/advanced/backend/web/index.php(18): yii\base\Application->run()
#2 {main}
Did i missed any configuration?
Upvotes: 1
Views: 8264
Answers (2)
Maksym Semenykhin
Reputation: 1945
exception 'yii\web\ForbiddenHttpException' with message 'You are not allowed to perform this action.' in /private/var/www/yii/advanced/vendor/yiisoft/yii2/filters/AccessControl.php:151
Here is yii2 code
/**
* Denies the access of the user.
* The default implementation will redirect the user to the login page if he is a guest;
* if the user is already logged, a 403 HTTP exception will be thrown.
* @param User $user the current user
* @throws ForbiddenHttpException if the user is already logged in.
*/
protected function denyAccess($user)
{
if ($user->getIsGuest()) {
$user->loginRequired();
} else {
throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
//this is 152 line
}
}
So I think its very clear that you need to login first, so go to http://yii/backend/web/index.php?r=user/login.
If dont have login user/login page then remove all behaviors section at the top of your UserController.
public function behaviors()
{
.
.
.
}
Upvotes: 0
Andrey
Reputation: 441
Yii2 isset AccessControl
public function behaviors()
{
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => ['create', 'update'],
'rules' => [
// deny all POST requests
[
'allow' => false,
'verbs' => ['POST']
],
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}
Upvotes: 0
Related Questions
- Php with Nginx - 403 Forbidden
- yii\base\InvalidRouteException: Unable to resolve the request in yii2
- Problem with ForbiddenHttpException in Yii2
- Forbidden (#403) - You are not allowed to perform this action [Yii2]
- Forbidden (#403) - You are not allowed to perform this action?
- Yii2 cannot reach the backend part
- Method not allowed(#405)
- Installing Yii2 - 403 Forbidden page
- yii2.0 gives 403 error while running http://localhost/~name/yii2hello/backend/web/index.php?r=site/say
- Yii - Error 403 You are not authorized to perform this action