學習Yii Framework 2.0我試圖從Yii 2.0的文檔中使用Role Bases訪問控制。但是指南文件對我來說太短,我無法完成這一學習。我已將以下代碼添加到我的配置文件中。Yii Framework 2.0基於角色的訪問控制RBAC
'components' => [
'authManager' => [
'class' => 'yii\rbac\DbManager',
],
],
我用下面的sql腳本創建數據庫表。
drop table [auth_assignment];
drop table [auth_item_child];
drop table [auth_item];
drop table [auth_rule];
create table [auth_rule]
(
[name] varchar(64) not null,
[data] text,
[created_at] integer,
[updated_at] integer,
primary key ([name])
);
create table [auth_item]
(
[name] varchar(64) not null,
[type] integer not null,
[description] text,
[rule_name] varchar(64),
[data] text,
[created_at] integer,
[updated_at] integer,
primary key ([name]),
foreign key ([rule_name]) references [auth_rule] ([name]) on delete set null on update cascade
);
create index [idx-auth_item-type] on [auth_item] ([type]);
create table [auth_item_child]
(
[parent] varchar(64) not null,
[child] varchar(64) not null,
primary key ([parent],[child]),
foreign key ([parent]) references [auth_item] ([name]) on delete cascade on update cascade,
foreign key ([child]) references [auth_item] ([name]) on delete cascade on update cascade
);
create table [auth_assignment]
(
[item_name] varchar(64) not null,
[user_id] varchar(64) not null,
[created_at] integer,
primary key ([item_name], [user_id]),
foreign key ([item_name]) references [auth_item] ([name]) on delete cascade on update cascade
);
我已經建立了以下認證數據。
class RbacController extends Controller
{
public function actionInit()
{
$auth = Yii::$app->authManager;
// add "createPost" permission
$createPost = $auth->createPermission('createPost');
$createPost->description = 'Create a post';
$auth->add($createPost);
// add "updatePost" permission
$updatePost = $auth->createPermission('updatePost');
$updatePost->description = 'Update post';
$auth->add($updatePost);
// add "author" role and give this role the "createPost" permission
$author = $auth->createRole('author');
$auth->add($author);
$auth->addChild($author, $createPost);
// add "admin" role and give this role the "updatePost" permission
// as well as the permissions of the "author" role
$admin = $auth->createRole('admin');
$auth->add($admin);
$auth->addChild($admin, $updatePost);
$auth->addChild($admin, $author);
// Assign roles to users. 1 and 2 are IDs returned by IdentityInterface::getId()
// usually implemented in your User model.
$auth->assign($author, 2);
$auth->assign($admin, 1);
}
}
當經由該控制器訪問該actionInit()方法,在上述數據庫中的表中充滿了基於上述碼的數據。此外,在我的用戶表中,我有兩個用戶,admin用戶的ID號爲1,author用戶的ID號爲2.我使用以下代碼創建用戶。
public function create()
{
if ($this->validate()) {
$user = new User();
$user->username = $this->username;
$user->email = $this->email;
$user->setPassword($this->password);
$user->generateAuthKey();
$user->save(false);
// the following three lines were added:
$auth = Yii::$app->authManager;
$authorRole = $auth->getRole('author');
$auth->assign($authorRole, $user->getId());
return $user;
}
return null;
}
通過上面的代碼,所有新插入的用戶都將是作者。通過下面的if語句,我可以授予或拒絕訪問。
if (\Yii::$app->user->can('createPost')) {
// create post
}
if (\Yii::$app->user->can('updatePost')) {
// update post
}
到目前爲止好。一切正常。上述代碼的場景是,普通作者可以創建帖子,但不能更新帖子。管理員可以更新帖子,並可以做一切作者可以做的事。現在我想讓普通作者能夠更新他/她自己的帖子。我不知道該怎麼走。我遵循Yii Guide Documentation/Secury/Authorization段落基於角色的訪問控制(RBAC)。我從來沒有使用過Yii 1.這就是爲什麼我無法解釋Yii 2.0文檔RBAC的簡短解釋。
什麼是很難理解? – 2014-10-30 14:51:42
下面的文檔http://www.yiiframework.com/doc-2.0/guide-security-authorization.html我不能讓它與updateOwnPost一起工作,不知道變量$ post下的值是什麼部分訪問檢查您是否訪問鏈接。真的很感謝,如果你能幫助! – 2014-10-30 15:51:04
那是$ post模型。你能編輯你的問題,以特定的方式提出你想要的東西,解釋你已經做了什麼,以便給出具體的解決方案? – 2014-10-31 06:43:25