class="markdown_views prism-atom-one-light">
要想使用yii rbac组件 首先需要在我们的配置文件中开启 rbac组件
在common/config/main-local.php 中添加 下边的组建
class="prettyprint">class=" hljs php">class="hljs-string">'authManager' => [
class="hljs-string">'class' => class="hljs-string">'yii\rbac\DbManager',
class="hljs-string">'itemTable' => class="hljs-string">'auth_item',
class="hljs-string">'assignmentTable' => class="hljs-string">'auth_assignment',
class="hljs-string">'itemChildTable' => class="hljs-string">'auth_item_child',
],
接下来 创建我们的表
首先创建 控制权限的四张表
这四张表的sql在 我们的yii的核心文件中 具体路径是
vendor/yiisoft/yii2/rbac/migrations/schma-mysql.sql
这是我们操作mysql的sql语句
另外的文件分别操作 sql server oracle postgresql sqlite
然后 因为需要个我们的用户分配权限 我们还需要使用我们的yii的用户表 这个用户表的sql 下边给出
可以参考地址 http://www.yiichina.com/question/285
class="prettyprint">class=" hljs sql">class="hljs-operator">class="hljs-keyword">DROP class="hljs-keyword">TABLE class="hljs-keyword">IF class="hljs-keyword">EXISTS class="hljs-string">`user`;
class="hljs-operator">class="hljs-keyword">CREATE class="hljs-keyword">TABLE class="hljs-string">`user` (
class="hljs-string">`id` class="hljs-keyword">int(class="hljs-number">11) class="hljs-keyword">NOT class="hljs-keyword">NULL AUTO_INCREMENT,
class="hljs-string">`username` class="hljs-keyword">varchar(class="hljs-number">255) class="hljs-keyword">NOT class="hljs-keyword">NULL,
class="hljs-string">`auth_key` class="hljs-keyword">varchar(class="hljs-number">32) class="hljs-keyword">NOT class="hljs-keyword">NULL,
class="hljs-string">`password_hash` class="hljs-keyword">varchar(class="hljs-number">255) class="hljs-keyword">NOT class="hljs-keyword">NULL,
class="hljs-string">`password_reset_token` class="hljs-keyword">varchar(class="hljs-number">255) class="hljs-keyword">DEFAULT class="hljs-keyword">NULL,
class="hljs-string">`email` class="hljs-keyword">varchar(class="hljs-number">255) class="hljs-keyword">NOT class="hljs-keyword">NULL,
class="hljs-string">`role` class="hljs-keyword">smallint(class="hljs-number">6) class="hljs-keyword">NOT class="hljs-keyword">NULL class="hljs-keyword">DEFAULT class="hljs-string">'10',
class="hljs-string">`status` class="hljs-keyword">smallint(class="hljs-number">6) class="hljs-keyword">NOT class="hljs-keyword">NULL class="hljs-keyword">DEFAULT class="hljs-string">'10',
class="hljs-string">`created_at` class="hljs-keyword">int(class="hljs-number">11) class="hljs-keyword">NOT class="hljs-keyword">NULL,
class="hljs-string">`updated_at` class="hljs-keyword">int(class="hljs-number">11) class="hljs-keyword">NOT class="hljs-keyword">NULL,
class="hljs-keyword">PRIMARY class="hljs-keyword">KEY (class="hljs-string">`id`)
) ENGINE=InnoDB AUTO_INCREMENT=class="hljs-number">3 class="hljs-keyword">DEFAULT CHARSET=utf8;
在这里 我偷懒了一下 没有自己在写一个登录和注册功能 而是使用yii自带的登录功能 影响不大 因为 我们在进行权限操作时,只需要只要是谁有权限就行了,其他信息不需要。如果是在项目中,user表 可以自定义
下边开始 实现rbac。我们对自己要求高一点,代码都要符合yii的规范。尽量不要使用自己的方法而是用框架封装好的
首先 创建一个model层 Rbac.php
class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php
class="hljs-keyword">namespace class="hljs-title">frontend\class="hljs-title">models;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">base\class="hljs-title">Model;
class="hljs-class">class="hljs-keyword">class class="hljs-title">Rbac class="hljs-keyword">extends class="hljs-title">Model
{
class="hljs-keyword">public class="hljs-variable">$power;
class="hljs-keyword">public class="hljs-variable">$role;
}
然后创建控制器 RbacController.php
创建的方式在这里就不说了
下边开始权限的操作
第一步 添加权限
首先 来一个添加权限的页面
class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionIndexclass="hljs-params">(){
class="hljs-variable">$model = class="hljs-keyword">new Rbac();
class="hljs-keyword">return class="hljs-variable">$this->render(class="hljs-string">'index',[class="hljs-string">'model'=>class="hljs-variable">$model]);
}
然后创建 views 层
class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;
class="hljs-variable">$form = ActiveForm::begin([
class="hljs-string">'id' => class="hljs-string">'login-form',
class="hljs-string">'options' => [class="hljs-string">'class' => class="hljs-string">'form-horizontal'],
class="hljs-string">'action'=>class="hljs-string">'?r=rbac/power',
class="hljs-string">'method'=>class="hljs-string">'post',
]) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'power') class="hljs-preprocessor">?>
class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"form-group">
class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"col-lg-offset-1 col-lg-11">
class="php">class="hljs-preprocessor"><?= Html::submitButton(class="hljs-string">'添加权限', [class="hljs-string">'class' => class="hljs-string">'btn btn-primary']) class="hljs-preprocessor">?>
class="hljs-tag"></class="hljs-title">div>
class="hljs-tag"></class="hljs-title">div>
class="php">class="hljs-preprocessor"><?php ActiveForm::end() class="hljs-preprocessor">?>
然后在控制器里把权限入库
class="prettyprint">class=" hljs php"> class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionPowerclass="hljs-params">()
{
class="hljs-variable">$item = \Yii::class="hljs-variable">$app->request->post(class="hljs-string">'Rbac')[class="hljs-string">'power'];
class="hljs-variable">$auth = Yii::class="hljs-variable">$app->authManager;
class="hljs-variable">$createPost = class="hljs-variable">$auth->createPermission(class="hljs-variable">$item);
class="hljs-variable">$createPost->description = class="hljs-string">'创建了 ' . class="hljs-variable">$item . class="hljs-string">' 权限';
class="hljs-variable">$auth->add(class="hljs-variable">$createPost);
class="hljs-keyword">return class="hljs-variable">$this->redirect(class="hljs-string">'?r=rbac/role');
}
接下来 创建角色
首先创建一个添加角色的表单
//创建一个就角色的表单
class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionRoleclass="hljs-params">(){
class="hljs-variable">$model = class="hljs-keyword">new Rbac();
class="hljs-keyword">return class="hljs-variable">$this->render(class="hljs-string">'role',[class="hljs-string">'model'=>class="hljs-variable">$model]);
}
然后进入view层
class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;
class="hljs-variable">$form = ActiveForm::begin([
class="hljs-string">'id' => class="hljs-string">'login-form',
class="hljs-string">'options' => [class="hljs-string">'class' => class="hljs-string">'form-horizontal'],
class="hljs-string">'action'=>class="hljs-string">'?r=rbac/addrole',
class="hljs-string">'method'=>class="hljs-string">'post',
]) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'role') class="hljs-preprocessor">?>
class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"form-group">
class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"col-lg-offset-1 col-lg-11">
class="php">class="hljs-preprocessor"><?= Html::submitButton(class="hljs-string">'添加角色', [class="hljs-string">'class' => class="hljs-string">'btn btn-primary']) class="hljs-preprocessor">?>
class="hljs-tag"></class="hljs-title">div>
class="hljs-tag"></class="hljs-title">div>
class="php">class="hljs-preprocessor"><?php ActiveForm::end() class="hljs-preprocessor">?>
然后将角色入库
/添加角色入库
class="prettyprint">class=" hljs php"> class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionAddroleclass="hljs-params">(){
class="hljs-variable">$item = \Yii::class="hljs-variable">$app->request->post(class="hljs-string">'Rbac')[class="hljs-string">'role'];
class="hljs-variable">$auth = Yii::class="hljs-variable">$app->authManager;
class="hljs-variable">$role = class="hljs-variable">$auth->createRole(class="hljs-variable">$item);
class="hljs-variable">$role->description = class="hljs-string">'创建了 ' . class="hljs-variable">$item . class="hljs-string">' 角色';
class="hljs-variable">$auth->add(class="hljs-variable">$role);
class="hljs-keyword">return class="hljs-variable">$this->redirect(class="hljs-string">'?r=rbac/rp');
}
然后给角色分配权限
class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionRpclass="hljs-params">(){
class="hljs-variable">$model = class="hljs-keyword">new Rbac();
class="hljs-variable">$role = AuthItem::find()->where(class="hljs-string">'type=1')->asArray()->all();
class="hljs-keyword">foreach(class="hljs-variable">$role class="hljs-keyword">as class="hljs-variable">$value){
class="hljs-variable">$roles[class="hljs-variable">$value[class="hljs-string">'name']] = class="hljs-variable">$value[class="hljs-string">'name'];
}
class="hljs-variable">$power= AuthItem::find()->where(class="hljs-string">'type=2')->asArray()->all();
class="hljs-keyword">foreach(class="hljs-variable">$power class="hljs-keyword">as class="hljs-variable">$value){
class="hljs-variable">$powers[class="hljs-variable">$value[class="hljs-string">'name']] = class="hljs-variable">$value[class="hljs-string">'name'];
}
class="hljs-keyword">return class="hljs-variable">$this->render(class="hljs-string">'rp',[class="hljs-string">'model'=>class="hljs-variable">$model,class="hljs-string">'role'=>class="hljs-variable">$roles,class="hljs-string">'power'=>class="hljs-variable">$powers]);
}
然后到views层 进行分配
class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;
class="hljs-variable">$form = ActiveForm::begin([
class="hljs-string">'id' => class="hljs-string">'login-form',
class="hljs-string">'options' => [class="hljs-string">'class' => class="hljs-string">'form-horizontal'],
class="hljs-string">'action'=>class="hljs-string">'?r=rbac/empowerment',
class="hljs-string">'method'=>class="hljs-string">'post',
]) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'role')->checkboxList(class="hljs-variable">$role) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'power')->checkboxList(class="hljs-variable">$power) class="hljs-preprocessor">?>
class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"form-group">
class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"col-lg-offset-1 col-lg-11">
class="php">class="hljs-preprocessor"><?= Html::submitButton(class="hljs-string">'提交', [class="hljs-string">'class' => class="hljs-string">'btn btn-primary']) class="hljs-preprocessor">?>
class="hljs-tag"></class="hljs-title">div>
class="hljs-tag"></class="hljs-title">div>
class="php">class="hljs-preprocessor"><?php ActiveForm::end() class="hljs-preprocessor">?>
然后入库
class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionEmpowermentclass="hljs-params">(){
class="hljs-variable">$auth = Yii::class="hljs-variable">$app->authManager;
class="hljs-variable">$data = \Yii::class="hljs-variable">$app->request->post(class="hljs-string">'Rbac');
class="hljs-variable">$role = class="hljs-variable">$data[class="hljs-string">'role'];
class="hljs-variable">$power = class="hljs-variable">$data[class="hljs-string">'power'];
class="hljs-keyword">foreach(class="hljs-variable">$role class="hljs-keyword">as class="hljs-variable">$value){
class="hljs-keyword">foreach(class="hljs-variable">$power class="hljs-keyword">as class="hljs-variable">$v){
class="hljs-variable">$parent = class="hljs-variable">$auth->createRole(class="hljs-variable">$value);
class="hljs-variable">$child = class="hljs-variable">$auth->createPermission(class="hljs-variable">$v);
class="hljs-comment">//var_dump($child);
class="hljs-variable">$auth->addChild(class="hljs-variable">$parent, class="hljs-variable">$child);
}
}
class="hljs-keyword">return class="hljs-variable">$this->redirect(class="hljs-string">'?r=rbac/fenpei');
}
然后给用户分配角色
class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionFenpeiclass="hljs-params">(){
class="hljs-variable">$model = class="hljs-keyword">new Rbac();
class="hljs-variable">$role = AuthItem::find()->where(class="hljs-string">'type=1')->asArray()->all();
class="hljs-keyword">foreach(class="hljs-variable">$role class="hljs-keyword">as class="hljs-variable">$value){
class="hljs-variable">$roles[class="hljs-variable">$value[class="hljs-string">'name']] = class="hljs-variable">$value[class="hljs-string">'name'];
}
class="hljs-variable">$user= User::find()->asArray()->all();
class="hljs-keyword">foreach(class="hljs-variable">$user class="hljs-keyword">as class="hljs-variable">$value){
class="hljs-variable">$users[class="hljs-variable">$value[class="hljs-string">'id']] = class="hljs-variable">$value[class="hljs-string">'username'];
}
class="hljs-keyword">return class="hljs-variable">$this->render(class="hljs-string">'fenpei',[class="hljs-string">'model'=>class="hljs-variable">$model,class="hljs-string">'role'=>class="hljs-variable">$roles,class="hljs-string">'user'=>class="hljs-variable">$users]);
}
分配角色的views层
class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;
class="hljs-variable">$form = ActiveForm::begin([
class="hljs-string">'id' => class="hljs-string">'login-form',
class="hljs-string">'options' => [class="hljs-string">'class' => class="hljs-string">'form-horizontal'],
class="hljs-string">'action'=>class="hljs-string">'?r=rbac/ur',
class="hljs-string">'method'=>class="hljs-string">'post',
]) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'user')->checkboxList(class="hljs-variable">$user) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'role')->checkboxList(class="hljs-variable">$role) class="hljs-preprocessor">?>
class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"form-group">
class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"col-lg-offset-1 col-lg-11">
class="php">class="hljs-preprocessor"><?= Html::submitButton(class="hljs-string">'提交', [class="hljs-string">'class' => class="hljs-string">'btn btn-primary']) class="hljs-preprocessor">?>
class="hljs-tag"></class="hljs-title">div>
class="hljs-tag"></class="hljs-title">div>
class="php">class="hljs-preprocessor"><?php ActiveForm::end() class="hljs-preprocessor">?>
将给用户分配的角色入库
class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionUrclass="hljs-params">(){
class="hljs-variable">$auth = Yii::class="hljs-variable">$app->authManager;
class="hljs-variable">$data = \Yii::class="hljs-variable">$app->request->post(class="hljs-string">'Rbac');
class="hljs-variable">$role = class="hljs-variable">$data[class="hljs-string">'role'];
class="hljs-variable">$power = class="hljs-variable">$data[class="hljs-string">'user'];
class="hljs-keyword">foreach(class="hljs-variable">$role class="hljs-keyword">as class="hljs-variable">$value) {
class="hljs-keyword">foreach (class="hljs-variable">$power class="hljs-keyword">as class="hljs-variable">$v) {
class="hljs-variable">$reader = class="hljs-variable">$auth->createRole(class="hljs-variable">$value);
class="hljs-variable">$auth->assign(class="hljs-variable">$reader, class="hljs-variable">$v);
}
}
}
然后 在你想要使用权限控制的控制器 添加上下面的方法
class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">beforeActionclass="hljs-params">(class="hljs-variable">$action)
{
class="hljs-variable">$action = Yii::class="hljs-variable">$app->controller->action->id;
class="hljs-keyword">if(\Yii::class="hljs-variable">$app->user->can(class="hljs-variable">$action)){
class="hljs-keyword">return class="hljs-keyword">true;
}class="hljs-keyword">else{
class="hljs-keyword">throw class="hljs-keyword">new \yii\web\UnauthorizedHttpException(class="hljs-string">'对不起,您现在还没获此操作的权限');
}
}
这样你就可以实现 依据actionID的权限控制了