1.在/basic/config/console.php和/basic/config/web.php里,配置组件,这里只贴出console.php里的代码 :
<?php Yii::setAlias('@tests', dirname(__DIR__) . '/tests'); $params = require(__DIR__ . '/params.php'); $db = require(__DIR__ . '/db.php'); return [ 'id' => 'basic-console', 'basePath' => dirname(__DIR__), 'bootstrap' => ['log', 'gii'], 'controllerNamespace' => 'app\commands', 'modules' => [ 'gii' => 'yii\gii\Module', ], 'components' => [ 'cache' => [ 'class' => 'yii\caching\FileCache', ], 'log' => [ 'targets' => [ [ 'class' => 'yii\log\FileTarget', 'levels' => ['error', 'warning'], ], ], ], 'db' => $db,'authManager' => [ 'class' => 'yii\rbac\DbManager', 'itemTable' => 'web_auth_item', 'assignmentTable' => 'web_auth_assignment', 'itemChildTable' => 'web_auth_item_child', 'ruleTable'=>'web_auth_rule' ], ], 'params' => $params, ];
如果console.php里没有配置,会报下面错误:
You should configure "authManager" component to use database before executing this migration.
2.打开命令行
3.cd 命令切换到/php/basic目录
4.输入命令:
yii migrate --migrationPath=@yii/rbac/migrations/
5.创建Permission:
public function createPermission($item) { $auth = Yii::$app->authManager; $createPost = $auth->createPermission($item); $createPost->description = '创建了 ' . $item . ' 许可'; $auth->add($createPost); }
6.创建Role:
public function createRole($item) { $auth = Yii::$app->authManager; $role = $auth->createRole($item); $role->description = '创建了 ' . $item . ' 角色'; $auth->add($role); }
7.Role分配Permission
static public function createEmpowerment($items) { $auth = Yii::$app->authManager; $parent = $auth->createRole($items['name']); $child = $auth->createPermission($items['description']); $auth->addChild($parent, $child); }
8.角色分配用户:
static public function assign($item) { $auth = Yii::$app->authManager; $reader = $auth->createRole($item['name']); $auth->assign($reader, $item['description']); }
9.验证权限:
public function beforeAction($action) { $action = Yii::$app->controller->action->id; if(\Yii::$app->user->can($action)){ return true; }else{ throw new \yii\web\UnauthorizedHttpException('对不起,您现在还没获此操作的权限'); } }
10.Controller里的权限验证
class SiteController extends Controller { public function behaviors() { return [ 'access' => [ 'class' => \yii\web\AccessControl::className(), 'only' => ['login', 'logout', 'signup'], 'rules' => [ [ 'actions' => ['login', 'signup'], 'allow' => true, 'roles' => ['?'], ], [ 'actions' => ['logout'], 'allow' => true, 'roles' => ['@'], ], ], ], ]; } // ...
11.在Controller里自定义验证
class SiteController extends Controller { public function behaviors() { return [ 'access' => [ 'class' => \yii\web\AccessControl::className(), 'only' => ['special-callback'], 'rules' => [ [ 'actions' => ['special-callback'], 'allow' => true, 'matchCallback' => function ($rule, $action) { return date('d-m') === '31-10'; } ], // ... // Match callback called! 此页面可以访问只有每个10月31日 public function actionSpecialCallback() { return $this->render('happy-halloween'); }