yii2.0 rbac权限控制

news/2024/7/4 0:53:44 标签: class, yii
class="baidu_pl">
class="article_content clearfix">
class="markdown_views prism-atom-one-light">

要想使用yii rbac组件 首先需要在我们的配置文件中开启 rbac组件

在common/config/main-local.php 中添加 下边的组建

class="prettyprint">class=" hljs php">class="hljs-string">'authManager' => [
    class="hljs-string">'class' => class="hljs-string">'yii\rbac\DbManager',
    class="hljs-string">'itemTable' => class="hljs-string">'auth_item',
    class="hljs-string">'assignmentTable' => class="hljs-string">'auth_assignment',
    class="hljs-string">'itemChildTable' => class="hljs-string">'auth_item_child',
],

接下来 创建我们的表

首先创建 控制权限的四张表

这四张表的sql在 我们的yii的核心文件中 具体路径是

vendor/yiisoft/yii2/rbac/migrations/schma-mysql.sql

这是我们操作mysql的sql语句

另外的文件分别操作 sql server oracle postgresql sqlite

然后 因为需要个我们的用户分配权限 我们还需要使用我们的yii的用户表 这个用户表的sql 下边给出

可以参考地址 http://www.yiichina.com/question/285

class="prettyprint">class=" hljs sql">class="hljs-operator">class="hljs-keyword">DROP class="hljs-keyword">TABLE class="hljs-keyword">IF class="hljs-keyword">EXISTS class="hljs-string">`user`;
class="hljs-operator">class="hljs-keyword">CREATE class="hljs-keyword">TABLE class="hljs-string">`user` (
  class="hljs-string">`id` class="hljs-keyword">int(class="hljs-number">11) class="hljs-keyword">NOT class="hljs-keyword">NULL AUTO_INCREMENT,
  class="hljs-string">`username` class="hljs-keyword">varchar(class="hljs-number">255) class="hljs-keyword">NOT class="hljs-keyword">NULL,
  class="hljs-string">`auth_key` class="hljs-keyword">varchar(class="hljs-number">32) class="hljs-keyword">NOT class="hljs-keyword">NULL,
  class="hljs-string">`password_hash` class="hljs-keyword">varchar(class="hljs-number">255) class="hljs-keyword">NOT class="hljs-keyword">NULL,
  class="hljs-string">`password_reset_token` class="hljs-keyword">varchar(class="hljs-number">255) class="hljs-keyword">DEFAULT class="hljs-keyword">NULL,
  class="hljs-string">`email` class="hljs-keyword">varchar(class="hljs-number">255) class="hljs-keyword">NOT class="hljs-keyword">NULL,
  class="hljs-string">`role` class="hljs-keyword">smallint(class="hljs-number">6) class="hljs-keyword">NOT class="hljs-keyword">NULL class="hljs-keyword">DEFAULT class="hljs-string">'10',
  class="hljs-string">`status` class="hljs-keyword">smallint(class="hljs-number">6) class="hljs-keyword">NOT class="hljs-keyword">NULL class="hljs-keyword">DEFAULT class="hljs-string">'10',
  class="hljs-string">`created_at` class="hljs-keyword">int(class="hljs-number">11) class="hljs-keyword">NOT class="hljs-keyword">NULL,
  class="hljs-string">`updated_at` class="hljs-keyword">int(class="hljs-number">11) class="hljs-keyword">NOT class="hljs-keyword">NULL,
  class="hljs-keyword">PRIMARY class="hljs-keyword">KEY (class="hljs-string">`id`)
) ENGINE=InnoDB AUTO_INCREMENT=class="hljs-number">3 class="hljs-keyword">DEFAULT CHARSET=utf8;

在这里 我偷懒了一下 没有自己在写一个登录和注册功能 而是使用yii自带的登录功能 影响不大 因为 我们在进行权限操作时,只需要只要是谁有权限就行了,其他信息不需要。如果是在项目中,user表 可以自定义

下边开始 实现rbac。我们对自己要求高一点,代码都要符合yii的规范。尽量不要使用自己的方法而是用框架封装好的

首先 创建一个model层 Rbac.php

class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php
class="hljs-keyword">namespace class="hljs-title">frontend\class="hljs-title">models;

class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">base\class="hljs-title">Model;

class="hljs-class">class="hljs-keyword">class class="hljs-title">Rbac class="hljs-keyword">extends class="hljs-title">Model
{
    class="hljs-keyword">public class="hljs-variable">$power;
    class="hljs-keyword">public class="hljs-variable">$role;
}

然后创建控制器 RbacController.php

创建的方式在这里就不说了

下边开始权限的操作

第一步 添加权限
首先 来一个添加权限的页面 

class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionIndexclass="hljs-params">(){
        class="hljs-variable">$model = class="hljs-keyword">new Rbac();
        class="hljs-keyword">return class="hljs-variable">$this->render(class="hljs-string">'index',[class="hljs-string">'model'=>class="hljs-variable">$model]);
}

然后创建 views 层

class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php

class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;

class="hljs-variable">$form = ActiveForm::begin([
    class="hljs-string">'id' => class="hljs-string">'login-form',
    class="hljs-string">'options' => [class="hljs-string">'class' => class="hljs-string">'form-horizontal'],
    class="hljs-string">'action'=>class="hljs-string">'?r=rbac/power',
    class="hljs-string">'method'=>class="hljs-string">'post',
]) class="hljs-preprocessor">?>
    class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'power') class="hljs-preprocessor">?>

    class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"form-group">
        class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"col-lg-offset-1 col-lg-11">
            class="php">class="hljs-preprocessor"><?= Html::submitButton(class="hljs-string">'添加权限', [class="hljs-string">'class' => class="hljs-string">'btn btn-primary']) class="hljs-preprocessor">?>
        class="hljs-tag"></class="hljs-title">div>
    class="hljs-tag"></class="hljs-title">div>
class="php">class="hljs-preprocessor"><?php ActiveForm::end() class="hljs-preprocessor">?>

然后在控制器里把权限入库 

class="prettyprint">class=" hljs php"> class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionPowerclass="hljs-params">()
{
        class="hljs-variable">$item = \Yii::class="hljs-variable">$app->request->post(class="hljs-string">'Rbac')[class="hljs-string">'power'];
        class="hljs-variable">$auth = Yii::class="hljs-variable">$app->authManager;
        class="hljs-variable">$createPost = class="hljs-variable">$auth->createPermission(class="hljs-variable">$item);
        class="hljs-variable">$createPost->description = class="hljs-string">'创建了 ' . class="hljs-variable">$item . class="hljs-string">' 权限';
        class="hljs-variable">$auth->add(class="hljs-variable">$createPost);
       class="hljs-keyword">return class="hljs-variable">$this->redirect(class="hljs-string">'?r=rbac/role');
}

接下来 创建角色

首先创建一个添加角色的表单

//创建一个就角色的表单

class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionRoleclass="hljs-params">(){
        class="hljs-variable">$model = class="hljs-keyword">new Rbac();
        class="hljs-keyword">return class="hljs-variable">$this->render(class="hljs-string">'role',[class="hljs-string">'model'=>class="hljs-variable">$model]);
}

然后进入view层

class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;

class="hljs-variable">$form = ActiveForm::begin([
    class="hljs-string">'id' => class="hljs-string">'login-form',
    class="hljs-string">'options' => [class="hljs-string">'class' => class="hljs-string">'form-horizontal'],
    class="hljs-string">'action'=>class="hljs-string">'?r=rbac/addrole',
    class="hljs-string">'method'=>class="hljs-string">'post',
]) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'role') class="hljs-preprocessor">?>
    class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"form-group">
        class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"col-lg-offset-1 col-lg-11">
            class="php">class="hljs-preprocessor"><?= Html::submitButton(class="hljs-string">'添加角色', [class="hljs-string">'class' => class="hljs-string">'btn btn-primary']) class="hljs-preprocessor">?>
        class="hljs-tag"></class="hljs-title">div>
    class="hljs-tag"></class="hljs-title">div>
class="php">class="hljs-preprocessor"><?php ActiveForm::end() class="hljs-preprocessor">?>

然后将角色入库

/添加角色入库

class="prettyprint">class=" hljs php">   class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionAddroleclass="hljs-params">(){
       class="hljs-variable">$item = \Yii::class="hljs-variable">$app->request->post(class="hljs-string">'Rbac')[class="hljs-string">'role'];
       class="hljs-variable">$auth = Yii::class="hljs-variable">$app->authManager;
       class="hljs-variable">$role = class="hljs-variable">$auth->createRole(class="hljs-variable">$item);
       class="hljs-variable">$role->description = class="hljs-string">'创建了 ' . class="hljs-variable">$item . class="hljs-string">' 角色';
       class="hljs-variable">$auth->add(class="hljs-variable">$role);

       class="hljs-keyword">return class="hljs-variable">$this->redirect(class="hljs-string">'?r=rbac/rp');
   }

然后给角色分配权限

class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionRpclass="hljs-params">(){
        class="hljs-variable">$model = class="hljs-keyword">new Rbac();
        class="hljs-variable">$role =  AuthItem::find()->where(class="hljs-string">'type=1')->asArray()->all();
        class="hljs-keyword">foreach(class="hljs-variable">$role class="hljs-keyword">as class="hljs-variable">$value){
            class="hljs-variable">$roles[class="hljs-variable">$value[class="hljs-string">'name']] = class="hljs-variable">$value[class="hljs-string">'name'];
        }
        class="hljs-variable">$power=  AuthItem::find()->where(class="hljs-string">'type=2')->asArray()->all();
        class="hljs-keyword">foreach(class="hljs-variable">$power class="hljs-keyword">as class="hljs-variable">$value){
            class="hljs-variable">$powers[class="hljs-variable">$value[class="hljs-string">'name']] = class="hljs-variable">$value[class="hljs-string">'name'];
        }

        class="hljs-keyword">return class="hljs-variable">$this->render(class="hljs-string">'rp',[class="hljs-string">'model'=>class="hljs-variable">$model,class="hljs-string">'role'=>class="hljs-variable">$roles,class="hljs-string">'power'=>class="hljs-variable">$powers]);
    }

然后到views层 进行分配

class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;

class="hljs-variable">$form = ActiveForm::begin([
    class="hljs-string">'id' => class="hljs-string">'login-form',
    class="hljs-string">'options' => [class="hljs-string">'class' => class="hljs-string">'form-horizontal'],
    class="hljs-string">'action'=>class="hljs-string">'?r=rbac/empowerment',
    class="hljs-string">'method'=>class="hljs-string">'post',
]) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'role')->checkboxList(class="hljs-variable">$role) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'power')->checkboxList(class="hljs-variable">$power) class="hljs-preprocessor">?>

    class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"form-group">
        class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"col-lg-offset-1 col-lg-11">
            class="php">class="hljs-preprocessor"><?= Html::submitButton(class="hljs-string">'提交', [class="hljs-string">'class' => class="hljs-string">'btn btn-primary']) class="hljs-preprocessor">?>
        class="hljs-tag"></class="hljs-title">div>
    class="hljs-tag"></class="hljs-title">div>
class="php">class="hljs-preprocessor"><?php ActiveForm::end() class="hljs-preprocessor">?>

然后入库

class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionEmpowermentclass="hljs-params">(){
        class="hljs-variable">$auth = Yii::class="hljs-variable">$app->authManager;
        class="hljs-variable">$data = \Yii::class="hljs-variable">$app->request->post(class="hljs-string">'Rbac');
        class="hljs-variable">$role = class="hljs-variable">$data[class="hljs-string">'role'];
        class="hljs-variable">$power = class="hljs-variable">$data[class="hljs-string">'power'];

       class="hljs-keyword">foreach(class="hljs-variable">$role class="hljs-keyword">as class="hljs-variable">$value){
           class="hljs-keyword">foreach(class="hljs-variable">$power class="hljs-keyword">as class="hljs-variable">$v){
               class="hljs-variable">$parent = class="hljs-variable">$auth->createRole(class="hljs-variable">$value);

               class="hljs-variable">$child = class="hljs-variable">$auth->createPermission(class="hljs-variable">$v);
               class="hljs-comment">//var_dump($child);
               class="hljs-variable">$auth->addChild(class="hljs-variable">$parent, class="hljs-variable">$child);
           }
       }
class="hljs-keyword">return class="hljs-variable">$this->redirect(class="hljs-string">'?r=rbac/fenpei');
    }

然后给用户分配角色

class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionFenpeiclass="hljs-params">(){
        class="hljs-variable">$model = class="hljs-keyword">new Rbac();
        class="hljs-variable">$role =  AuthItem::find()->where(class="hljs-string">'type=1')->asArray()->all();
        class="hljs-keyword">foreach(class="hljs-variable">$role class="hljs-keyword">as class="hljs-variable">$value){
            class="hljs-variable">$roles[class="hljs-variable">$value[class="hljs-string">'name']] = class="hljs-variable">$value[class="hljs-string">'name'];
        }
        class="hljs-variable">$user=  User::find()->asArray()->all();
        class="hljs-keyword">foreach(class="hljs-variable">$user class="hljs-keyword">as class="hljs-variable">$value){
            class="hljs-variable">$users[class="hljs-variable">$value[class="hljs-string">'id']] = class="hljs-variable">$value[class="hljs-string">'username'];
        }
        class="hljs-keyword">return class="hljs-variable">$this->render(class="hljs-string">'fenpei',[class="hljs-string">'model'=>class="hljs-variable">$model,class="hljs-string">'role'=>class="hljs-variable">$roles,class="hljs-string">'user'=>class="hljs-variable">$users]);
    }

分配角色的views层

class="prettyprint">class=" hljs xml">class="php">class="hljs-preprocessor"><?php

class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">helpers\class="hljs-title">Html;
class="hljs-keyword">use class="hljs-title">yii\class="hljs-title">widgets\class="hljs-title">ActiveForm;

class="hljs-variable">$form = ActiveForm::begin([
    class="hljs-string">'id' => class="hljs-string">'login-form',
    class="hljs-string">'options' => [class="hljs-string">'class' => class="hljs-string">'form-horizontal'],
    class="hljs-string">'action'=>class="hljs-string">'?r=rbac/ur',
    class="hljs-string">'method'=>class="hljs-string">'post',
]) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'user')->checkboxList(class="hljs-variable">$user) class="hljs-preprocessor">?>
class="php">class="hljs-preprocessor"><?= class="hljs-variable">$form->field(class="hljs-variable">$model, class="hljs-string">'role')->checkboxList(class="hljs-variable">$role) class="hljs-preprocessor">?>

    class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"form-group">
        class="hljs-tag"><class="hljs-title">div class="hljs-attribute">class=class="hljs-value">"col-lg-offset-1 col-lg-11">
            class="php">class="hljs-preprocessor"><?= Html::submitButton(class="hljs-string">'提交', [class="hljs-string">'class' => class="hljs-string">'btn btn-primary']) class="hljs-preprocessor">?>
        class="hljs-tag"></class="hljs-title">div>
    class="hljs-tag"></class="hljs-title">div>
class="php">class="hljs-preprocessor"><?php ActiveForm::end() class="hljs-preprocessor">?>

将给用户分配的角色入库

class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">actionUrclass="hljs-params">(){
        class="hljs-variable">$auth = Yii::class="hljs-variable">$app->authManager;
        class="hljs-variable">$data = \Yii::class="hljs-variable">$app->request->post(class="hljs-string">'Rbac');
        class="hljs-variable">$role = class="hljs-variable">$data[class="hljs-string">'role'];
        class="hljs-variable">$power = class="hljs-variable">$data[class="hljs-string">'user'];

        class="hljs-keyword">foreach(class="hljs-variable">$role class="hljs-keyword">as class="hljs-variable">$value) {
            class="hljs-keyword">foreach (class="hljs-variable">$power class="hljs-keyword">as class="hljs-variable">$v) {
                class="hljs-variable">$reader = class="hljs-variable">$auth->createRole(class="hljs-variable">$value);
                class="hljs-variable">$auth->assign(class="hljs-variable">$reader, class="hljs-variable">$v);
            }
        }
    }

然后 在你想要使用权限控制的控制器 添加上下面的方法

class="prettyprint">class=" hljs php">class="hljs-keyword">public class="hljs-function">class="hljs-keyword">function class="hljs-title">beforeActionclass="hljs-params">(class="hljs-variable">$action)
    {
        class="hljs-variable">$action = Yii::class="hljs-variable">$app->controller->action->id;
        class="hljs-keyword">if(\Yii::class="hljs-variable">$app->user->can(class="hljs-variable">$action)){
            class="hljs-keyword">return class="hljs-keyword">true;
        }class="hljs-keyword">else{
            class="hljs-keyword">throw class="hljs-keyword">new \yii\web\UnauthorizedHttpException(class="hljs-string">'对不起,您现在还没获此操作的权限');
        }
    }

这样你就可以实现 依据actionID的权限控制了


http://www.niftyadmin.cn/n/1813915.html

相关文章

sizeof 关键字!

sizeof 关键字!

括号分情况是可以省略的&#xff0c;所以它不是函数&#xff01; sizeof在计算变量 所占空间大小时&#xff0c;括号可以省略 在计算类型大小时&#xff0c;括号不能省略 转载于:https://www.cnblogs.com/ai616818/archive/2012/03/26/2418312.html
阅读更多...
yii2.0实现文件上传

yii2.0实现文件上传

本文档教授大家在yii2.0里实现文件上传 首先我们来实现单文件上传 第一步 首先建立一个关于上传的model层 如果你有已经建好的可以使用表单小部件的model层 也可以直接用这个。在这里我们新建一个新的model层 在model层新建文件 Upload.php <?phpnamespace frontend\mod…
阅读更多...
DP(hdu1058)

DP(hdu1058)

状态转移方程&#xff1a;f[i]min(f[x]*2f[y]*3f[p]*5f[q]*7);这题如果不打表超时&#xff0c;不懂为啥&#xff1f; #include<iostream>using namespace std;int f[6000];int min(int a,int b,int c,int d,int *q){if(a<b&&a<c&&a<d) { …
阅读更多...
lucene.Net学习一

lucene.Net学习一

建索引的代码&#xff0c;代码里面有注释 using System;using System.Collections.Generic;using System.Linq;using System.Text;using System.IO;using Lucene.Net.Index;using Lucene.Net.Store;using Lucene.Net.Util;using Lucene.Net.Analysis.Standard;using Lucene.Net…
阅读更多...
PHP几种常用算法

PHP几种常用算法

最近突然迷恋上算法了。温故而知新&#xff0c;这些简单而基础的东西是学习算法的基石&#xff0c;所以又必要再次练习下。以下为纪念版&#xff0c;有错误的地方请包涵哈&#xff0c;也许将某个稳定的排序写成了不稳定的了。 呵呵&#xff01;&#xff01;$arr array(35,66,2…
阅读更多...
15个常用的javaScript正则表达式

15个常用的javaScript正则表达式

1 用户名正则 //用户名正则&#xff0c;4到16位&#xff08;字母&#xff0c;数字&#xff0c;下划线&#xff0c;减号&#xff09; var uPattern /^[a-zA-Z0-9_-]{4,16}$/; //输出 true console.log(uPattern.test("iFat3")); 2 密码强度正则 //密码强度正则&am…
阅读更多...
登陆、注册

登陆、注册

登陆、注册的思想流程 在互联网世界&#xff0c;用户是一切&#xff0c;如果用户都只是匆匆过客那么很难在产品中形成固定的用户群&#xff0c;在用户行为统计上也很难形成有价值的数据&#xff0c;如今就算是工具类的应用也都在建立用户系统&#xff0c;更不要说社区或社交类…
阅读更多...
前端开发,请果断使用phpstorm

前端开发,请果断使用phpstorm

用了一个星期的phpstorm,果断放弃aptana,因为phpstorm的outline可以解析匿名函数执行后的结构&#xff0c;而aptana解析不了。遗憾的是phpstorm也解析不了$.extend.转载于:https://www.cnblogs.com/nomarker/archive/2012/03/31/2426468.html
阅读更多...
最新文章

Copyright @ 2022~2023