• No se han encontrado resultados

Caso Ley General Forestal

4. Tipología de los conflictos ambientales

4.2. Decisiones de las autoridades

4.2.1. Caso Ley General Forestal

// everything else is denied by default ],

], ];

}

For more details about access control in general, please refer to the Authorization section.

Authentication method filters are used to authenticate a user using various methods, such as HTTP Basic Auth, OAuth 2.

These filter classes are all under the yii\filters\auth namespace.

The following example shows how you can use [[yii\filters\auth\HttpBasicAuth]] to authenticate a user using an access token based on HTTP Basic Auth method. Note that in order for this to work, your [[yii\web\User::identityClass|user identity class]] must implement the [[yii\web\IdentityInterface::findIdentityByAccessToken()|findIdentityByAccessToken()]] method.

use yii\filters\auth\HttpBasicAuth;

public function behaviors() {

return [

'basicAuth' => [

'class' => HttpBasicAuth::className(), ],

];

}

Authentication method filters are commonly used in implementing RESTful APIs. For more details, please refer to the RESTful Authentication section.

ContentNegotiator supports response format negotiation and application language negotiation. It will try to determine the response format and/or language by examining GET parameters and Accept HTTP header.

In the following example, ContentNegotiator is configured to support JSON and XML response formats, and English (United States) and German languages.

use yii\filters\ContentNegotiator;

use yii\web\Response;

public function behaviors() {

return [ [

'class' => ContentNegotiator::className(), 'formats' => [

'application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML, ],

'languages' => [ 'en-US', 'de', ], ], ];

}

Response formats and languages often need to be determined much earlier during the application lifecycle. For this

Authentication Method Filters

[[yii\filters\ContentNegotiator|ContentNegotiator]]

99 Filters

used as a filter. For example, you may configure it in the application configuration like the following:

use yii\filters\ContentNegotiator;

use yii\web\Response;

[

'bootstrap' => [ [

'class' => ContentNegotiator::className(), 'formats' => [

'application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML, ],

'languages' => [ 'en-US', 'de', ], ], ], ];

Info: In case the preferred content type and language cannot be determined from a request, the first format and language listed in [[formats]] and [[languages]] will be used.

HttpCache implements client-side caching by utilizing the Last-Modified and Etag HTTP headers. For example,

use yii\filters\HttpCache;

public function behaviors() {

return [ [

'class' => HttpCache::className(), 'only' => ['index'],

'lastModified' => function ($action, $params) { $q = new \yii\db\Query();

return $q->from('user')->max('updated_at');

}, ], ];

}

Please refer to the HTTP Caching section for more details about using HttpCache.

PageCache implements server-side caching of whole pages. In the following example, PageCache is applied to the index

action to cache the whole page for maximum 60 seconds or until the count of entries in the post table changes. It also stores different versions of the page depending on the chosen application language.

use yii\filters\PageCache;

use yii\caching\DbDependency;

public function behaviors() {

return [

'pageCache' => [

'class' => PageCache::className(), 'only' => ['index'],

'duration' => 60,

[[yii\filters\HttpCache|HttpCache]]

[[yii\filters\PageCache|PageCache]]

100 Filters

'dependency' => [

'class' => DbDependency::className(), 'sql' => 'SELECT COUNT(*) FROM post', ],

'variations' => [ \Yii::$app->language, ]

], ];

}

Please refer to the Page Caching section for more details about using PageCache.

RateLimiter implements a rate limiting algorithm based on the leaky bucket algorithm. It is primarily used in implementing RESTful APIs. Please refer to the Rate Limiting section for details about using this filter.

VerbFilter checks if the HTTP request methods are allowed by the requested actions. If not allowed, it will throw an HTTP 405 exception. In the following example, VerbFilter is declared to specify a typical set of allowed request methods for CRUD actions.

use yii\filters\VerbFilter;

public function behaviors() {

return [ 'verbs' => [

'class' => VerbFilter::className(), 'actions' => [

'index' => ['get'], 'view' => ['get'], 'create' => ['get', 'post'], 'update' => ['get', 'put', 'post'], 'delete' => ['post', 'delete'], ],

], ];

}

Cross-origin resource sharing CORS is a mechanism that allows many resources (e.g. fonts, JavaScript, etc.) on a Web page to be requested from another domain outside the domain the resource originated from. In particular, JavaScript's AJAX calls can use the XMLHttpRequest mechanism. Such "cross-domain" requests would otherwise be forbidden by Web browsers, per the same origin security policy. CORS defines a way in which the browser and the server can interact to determine whether or not to allow the cross-origin request.

The [[yii\filters\Cors|Cors filter]] should be defined before Authentication / Authorization filters to make sure the CORS headers will always be sent.

use yii\filters\Cors;

use yii\helpers\ArrayHelper;

public function behaviors() {

return ArrayHelper::merge([

[

'class' => Cors::className(), ],

[[yii\filters\RateLimiter|RateLimiter]]

[[yii\filters\VerbFilter|VerbFilter]]

[[yii\filters\Cors|Cors]]

101 Filters

The Cors filtering could be tuned using the cors property.

cors['Origin'] : array used to define allowed origins. Can be ['*'] (everyone) or ['http://www.myserver.net', 'http://www.myotherserver.com'] . Default to ['*'] .

cors['Access-Control-Request-Method'] : array of allowed verbs like ['GET', 'OPTIONS', 'HEAD'] . Default to ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'] .

cors['Access-Control-Request-Headers'] : array of allowed headers. Can be ['*'] all headers or specific ones ['X-Request-With'] . Default to ['*'] .

cors['Access-Control-Allow-Credentials'] : define if current request can be made using credentials. Can be true ,

false or null (not set). Default to null .

cors['Access-Control-Max-Age'] : define lifetime of pre-flight request. Default to 86400 .

For example, allowing CORS for origin : http://www.myserver.net with method GET , HEAD and OPTIONS :

use yii\filters\Cors;

use yii\helpers\ArrayHelper;

public function behaviors() {

return ArrayHelper::merge([

[

'class' => Cors::className(), 'cors' => [

'Origin' => ['http://www.myserver.net'],

'Access-Control-Request-Method' => ['GET', 'HEAD', 'OPTIONS'], ],

],

], parent::behaviors());

}

You may tune the CORS headers by overriding default parameters on a per action basis. For example adding the Access-Control-Allow-Credentials for the login action could be done like this :

use yii\filters\Cors;

use yii\helpers\ArrayHelper;

public function behaviors() {

return ArrayHelper::merge([

[

'class' => Cors::className(), 'cors' => [

'Origin' => ['http://www.myserver.net'],

'Access-Control-Request-Method' => ['GET', 'HEAD', 'OPTIONS'], ],

'actions' => [ 'login' => [

'Access-Control-Allow-Credentials' => true, ]

] ],

], parent::behaviors());

}

102 Filters

Widgets are reusable building blocks used in views to create complex and configurable user interface elements in an object-oriented fashion. For example, a date picker widget may generate a fancy date picker that allows users to pick a date as their input. All you need to do is just to insert the code in a view like the following:

<?php

use yii\jui\DatePicker;

?>

<?= DatePicker::widget(['name' => 'date']) ?>

There are a good number of widgets bundled with Yii, such as [[yii\widgets\ActiveForm|active form]],

[[yii\widgets\Menu|menu]], jQuery UI widgets, Twitter Bootstrap widgets. In the following, we will introduce the basic knowledge about widgets. Please refer to the class API documentation if you want to learn about the usage of a particular widget.

Widgets are primarily used in views. You can call the [[yii\base\Widget::widget()]] method to use a widget in a view. The method takes a configuration array for initializing the widget and returns the rendering result of the widget. For example, the following code inserts a date picker widget which is configured to use the Russian language and keep the input in the

from_date attribute of $model .

<?php

use yii\jui\DatePicker;

?>

<?= DatePicker::widget([

'model' => $model,

'attribute' => 'from_date', 'language' => 'ru', 'clientOptions' => [

'dateFormat' => 'yy-mm-dd', ],

]) ?>

Some widgets can take a block of content which should be enclosed between the invocation of [[yii\base\Widget::begin()]]

and [[yii\base\Widget::end()]]. For example, the following code uses the [[yii\widgets\ActiveForm]] widget to generate a login form. The widget will generate the opening and closing <form> tags at the place where begin() and end() are called, respectively. Anything in between will be rendered as is.

<?php

use yii\widgets\ActiveForm;

use yii\helpers\Html;

?>

<?php $form = ActiveForm::begin(['id' => 'login-form']); ?>

<?= $form->field($model, 'username') ?>

<?= $form->field($model, 'password')->passwordInput() ?>

<div class="form-group">

<?= Html::submitButton('Login') ?>

</div>

<?php ActiveForm::end(); ?>

Widgets

Descargar ahora "Los conflictos ambient..."

Outline

Documento similar