Yii2 RBAC使用详解
jerry Yii2 2015年11月15日
收藏
1.在/basic/config/console.php和/basic/config/web.php里,配置组件,这里只贴出console.php里的代码 :
<?php
Yii::setAlias('@tests', dirname(__DIR__) . '/tests');
$params = require(__DIR__ . '/params.php');
$db = require(__DIR__ . '/db.php');
return [
'id' => 'basic-console',
'basePath' => dirname(__DIR__),
'bootstrap' => ['log', 'gii'],
'controllerNamespace' => 'app\commands',
'modules' => [
'gii' => 'yii\gii\Module',
],
'components' => [
'cache' => [
'class' => 'yii\caching\FileCache',
],
'log' => [
'targets' => [
[
'class' => 'yii\log\FileTarget',
'levels' => ['error', 'warning'],
],
],
],
'db' => $db,'authManager' => [
'class' => 'yii\rbac\DbManager',
'itemTable' => 'web_auth_item',
'assignmentTable' => 'web_auth_assignment',
'itemChildTable' => 'web_auth_item_child',
'ruleTable'=>'web_auth_rule'
],
],
'params' => $params,
];如果console.php里没有配置,会报下面错误:
You should configure "authManager" component to use database before executing this migration.
2.打开命令行
3.cd 命令切换到/php/basic目录
4.输入命令:
yii migrate --migrationPath=@yii/rbac/migrations/
5.创建Permission:
public function createPermission($item)
{
$auth = Yii::$app->authManager;
$createPost = $auth->createPermission($item);
$createPost->description = '创建了 ' . $item . ' 许可';
$auth->add($createPost);
}6.创建Role:
public function createRole($item)
{
$auth = Yii::$app->authManager;
$role = $auth->createRole($item);
$role->description = '创建了 ' . $item . ' 角色';
$auth->add($role);
}7.Role分配Permission
static public function createEmpowerment($items)
{
$auth = Yii::$app->authManager;
$parent = $auth->createRole($items['name']);
$child = $auth->createPermission($items['description']);
$auth->addChild($parent, $child);
}8.角色分配用户:
static public function assign($item)
{
$auth = Yii::$app->authManager;
$reader = $auth->createRole($item['name']);
$auth->assign($reader, $item['description']);
}9.验证权限:
public function beforeAction($action)
{
$action = Yii::$app->controller->action->id;
if(\Yii::$app->user->can($action)){
return true;
}else{
throw new \yii\web\UnauthorizedHttpException('对不起,您现在还没获此操作的权限');
}
}10.Controller里的权限验证
class SiteController extends Controller
{
public function behaviors()
{
return [
'access' => [
'class' => \yii\web\AccessControl::className(),
'only' => ['login', 'logout', 'signup'],
'rules' => [
[
'actions' => ['login', 'signup'],
'allow' => true,
'roles' => ['?'],
],
[
'actions' => ['logout'],
'allow' => true,
'roles' => ['@'],
],
],
],
];
}
// ...11.在Controller里自定义验证
class SiteController extends Controller
{
public function behaviors()
{
return [
'access' => [
'class' => \yii\web\AccessControl::className(),
'only' => ['special-callback'],
'rules' => [
[
'actions' => ['special-callback'],
'allow' => true,
'matchCallback' => function ($rule, $action) {
return date('d-m') === '31-10';
}
],
// ...
// Match callback called! 此页面可以访问只有每个10月31日
public function actionSpecialCallback()
{
return $this->render('happy-halloween');
} 推荐文章
