1
我有這個客戶表,我有客戶名,地址和salesmanagername。 發票數據存儲在另一張表 - 發票中,我有發票明細,客戶名。 我在customer.customername和invoice.customername之間有關係。 我有一個用戶表,通過它用戶登錄。SalesManager的全名存儲在用戶表中。 我的查詢是SalesManager只能在他登錄時查看其客戶相關數據。 我正在使用RBAC和DbManager & Yii框架。我創建了一個模塊,模型和crud應用程序 - 它顯示所有客戶的發票細節以及相應的銷售管理員名稱。 我希望SalesManager僅查看與他有關的數據。 如果需要更多信息,請讓我知道。 我讀過http://www.yiiframework.com/doc-2.0/guide-security-authorization.html,但無法完成。 請幫忙。管理員如何使用RBAC在yii2中查看他們自己的客戶
這裏是我的賬單型號
<?php
namespace frontend\modules\salebills\models;
use Yii;
/**
* This is the model class for table "bills".
*
* @property string $billid
* @property integer $bills_ebillid
* @property string $bills_year
* @property string $console
* @property string $billno
* @property string $billdate
* @property string $bills_partyname
* @property integer $billamount
* @property string $pdate1
* @property integer $payment1
* @property string $details1
* @property string $pdate2
* @property integer $payment2
* @property string $details2
* @property string $pdate3
* @property integer $payment3
* @property string $details3
* @property string $pdate4
* @property integer $payment4
* @property string $details4
* @property integer $totalpayment
* @property integer $bills_tc
* @property integer $bills_tc_approval
* @property integer $doctorsgift
* @property integer $mrcommision
* @property string $mrname
* @property integer $bills_other
* @property string $bills_specify_other
* @property integer $bills_other_approval
* @property integer $overdue
* @property string $cst
* @property string $wbst
* @property integer $caseno
* @property string $amount
* @property string $discount
* @property string $tot
* @property string $surcharge
* @property string $total
* @property string $tax
* @property string $mrpvalue
* @property string $cstpercent
* @property string $wbstpercent
* @property string $surpercent
* @property string $totpercent
* @property string $transport
*
* @property Parties $billsPartyname
* @property Productsales[] $productsales
*/
class Bills extends \yii\db\ActiveRecord
{
/**
* @inheritdoc
*/
public static function tableName()
{
return 'bills';
}
/**
* @inheritdoc
*/
public function rules()
{
return [
[['bills_ebillid'], 'required'],
[['bills_ebillid', 'billamount', 'payment1', 'payment2', 'payment3', 'payment4', 'totalpayment', 'bills_tc', 'bills_tc_approval', 'doctorsgift', 'mrcommision', 'bills_other', 'bills_other_approval', 'overdue', 'caseno'], 'integer'],
[['billdate', 'pdate1', 'pdate2', 'pdate3', 'pdate4'], 'safe'],
[['mrname', 'bills_specify_other'], 'string'],
[['bills_year'], 'string', 'max' => 8],
[['console', 'cstpercent', 'wbstpercent', 'surpercent', 'totpercent'], 'string', 'max' => 6],
[['billno'], 'string', 'max' => 10],
[['bills_partyname'], 'string', 'max' => 60],
[['details1', 'details2', 'details3', 'details4'], 'string', 'max' => 50],
[['cst', 'wbst', 'amount', 'discount', 'tot', 'surcharge', 'total', 'tax', 'mrpvalue'], 'string', 'max' => 15],
[['transport'], 'string', 'max' => 30],
[['bills_ebillid'], 'unique']
];
}
/**
* @inheritdoc
*/
public function attributeLabels()
{
return [
'billid' => 'Billid',
'bills_ebillid' => 'Bills Ebillid',
'bills_year' => 'Bills Year',
'console' => 'Console',
'billno' => 'Billno',
'billdate' => 'Billdate',
'bills_partyname' => 'Bills Partyname',
'billamount' => 'Billamount',
'pdate1' => 'Pdate1',
'payment1' => 'Payment1',
'details1' => 'Details1',
'pdate2' => 'Pdate2',
'payment2' => 'Payment2',
'details2' => 'Details2',
'pdate3' => 'Pdate3',
'payment3' => 'Payment3',
'details3' => 'Details3',
'pdate4' => 'Pdate4',
'payment4' => 'Payment4',
'details4' => 'Details4',
'totalpayment' => 'Totalpayment',
'bills_tc' => 'Bills Tc',
'bills_tc_approval' => 'Bills Tc Approval',
'doctorsgift' => 'Doctorsgift',
'mrcommision' => 'Mrcommision',
'mrname' => 'Mrname',
'bills_other' => 'Bills Other',
'bills_specify_other' => 'Bills Specify Other',
'bills_other_approval' => 'Bills Other Approval',
'overdue' => 'Overdue',
'cst' => 'Cst',
'wbst' => 'Wbst',
'caseno' => 'Caseno',
'amount' => 'Amount',
'discount' => 'Discount',
'tot' => 'Tot',
'surcharge' => 'Surcharge',
'total' => 'Total',
'tax' => 'Tax',
'mrpvalue' => 'Mrpvalue',
'cstpercent' => 'Cstpercent',
'wbstpercent' => 'Wbstpercent',
'surpercent' => 'Surpercent',
'totpercent' => 'Totpercent',
'transport' => 'Transport',
];
}
/**
* @return \yii\db\ActiveQuery
*/
public function getBillsPartyname()
{
return $this->hasOne(Parties::className(), ['parties_partyname' => 'bills_partyname']);
}
/**
* @return \yii\db\ActiveQuery
*/
public function getProductsales()
{
return $this->hasMany(Productsales::className(), ['productsales_ebillid' => 'bills_ebillid']);
}
}
這裏是我的BillsSearch型號
<?php
namespace frontend\modules\salebills\models;
use Yii;
use yii\base\Model;
use yii\data\ActiveDataProvider;
use frontend\modules\salebills\models\Bills;
/**
* BillsSearch represents the model behind the search form about `frontend\modules\salebills\models\Bills`.
*/
class BillsSearch extends Bills
{
/**
* @inheritdoc
*/
public function rules()
{
return [
[['billid', 'bills_ebillid', 'billamount', 'payment1', 'payment2', 'payment3', 'payment4', 'totalpayment', 'bills_tc', 'bills_tc_approval', 'doctorsgift', 'mrcommision', 'bills_other', 'bills_other_approval', 'overdue', 'caseno'], 'integer'],
[['bills_year', 'console', 'billno', 'billdate', 'bills_partyname', 'pdate1', 'details1', 'pdate2', 'details2', 'pdate3', 'details3', 'pdate4', 'details4', 'mrname', 'bills_specify_other', 'cst', 'wbst', 'amount', 'discount', 'tot', 'surcharge', 'total', 'tax', 'mrpvalue', 'cstpercent', 'wbstpercent', 'surpercent', 'totpercent', 'transport'], 'safe'],
];
}
/**
* @inheritdoc
*/
public function scenarios()
{
// bypass scenarios() implementation in the parent class
return Model::scenarios();
}
/**
* Creates data provider instance with search query applied
*
* @param array $params
*
* @return ActiveDataProvider
*/
public function search($params)
{
$query = Bills::find();
$dataProvider = new ActiveDataProvider([
'query' => $query,
]);
$this->load($params);
if (!$this->validate()) {
// uncomment the following line if you do not want to return any records when validation fails
// $query->where('0=1');
return $dataProvider;
}
$query->andFilterWhere([
'billid' => $this->billid,
'bills_ebillid' => $this->bills_ebillid,
'billdate' => $this->billdate,
'billamount' => $this->billamount,
'pdate1' => $this->pdate1,
'payment1' => $this->payment1,
'pdate2' => $this->pdate2,
'payment2' => $this->payment2,
'pdate3' => $this->pdate3,
'payment3' => $this->payment3,
'pdate4' => $this->pdate4,
'payment4' => $this->payment4,
'totalpayment' => $this->totalpayment,
'bills_tc' => $this->bills_tc,
'bills_tc_approval' => $this->bills_tc_approval,
'doctorsgift' => $this->doctorsgift,
'mrcommision' => $this->mrcommision,
'bills_other' => $this->bills_other,
'bills_other_approval' => $this->bills_other_approval,
'overdue' => $this->overdue,
'caseno' => $this->caseno,
]);
$query->andFilterWhere(['like', 'bills_year', $this->bills_year])
->andFilterWhere(['like', 'console', $this->console])
->andFilterWhere(['like', 'billno', $this->billno])
->andFilterWhere(['like', 'bills_partyname', $this->bills_partyname])
->andFilterWhere(['like', 'details1', $this->details1])
->andFilterWhere(['like', 'details2', $this->details2])
->andFilterWhere(['like', 'details3', $this->details3])
->andFilterWhere(['like', 'details4', $this->details4])
->andFilterWhere(['like', 'mrname', $this->mrname])
->andFilterWhere(['like', 'bills_specify_other', $this->bills_specify_other])
->andFilterWhere(['like', 'cst', $this->cst])
->andFilterWhere(['like', 'wbst', $this->wbst])
->andFilterWhere(['like', 'amount', $this->amount])
->andFilterWhere(['like', 'discount', $this->discount])
->andFilterWhere(['like', 'tot', $this->tot])
->andFilterWhere(['like', 'surcharge', $this->surcharge])
->andFilterWhere(['like', 'total', $this->total])
->andFilterWhere(['like', 'tax', $this->tax])
->andFilterWhere(['like', 'mrpvalue', $this->mrpvalue])
->andFilterWhere(['like', 'cstpercent', $this->cstpercent])
->andFilterWhere(['like', 'wbstpercent', $this->wbstpercent])
->andFilterWhere(['like', 'surpercent', $this->surpercent])
->andFilterWhere(['like', 'totpercent', $this->totpercent])
->andFilterWhere(['like', 'transport', $this->transport]);
return $dataProvider;
}
}
這裏是我的締約方模型
<?php
namespace frontend\modules\salebills\models;
use Yii;
/**
* This is the model class for table "parties".
*
* @property integer $party_id
* @property string $parties_partyname
* @property string $address
* @property string $district
* @property string $name_manager
* @property string $transport
* @property string $dlno
* @property string $instruction
*
* @property Bills[] $bills
* @property Productsales[] $productsales
*/
class Parties extends \yii\db\ActiveRecord
{
/**
* @inheritdoc
*/
public static function tableName()
{
return 'parties';
}
/**
* @inheritdoc
*/
public function rules()
{
return [
[['parties_partyname', 'district', 'name_manager'], 'required'],
[['parties_partyname'], 'string', 'max' => 60],
[['address', 'instruction'], 'string', 'max' => 100],
[['district'], 'string', 'max' => 20],
[['name_manager', 'transport', 'dlno'], 'string', 'max' => 30]
];
}
/**
* @inheritdoc
*/
public function attributeLabels()
{
return [
'party_id' => 'Party ID',
'parties_partyname' => 'Parties Partyname',
'address' => 'Address',
'district' => 'District',
'name_manager' => 'Name Manager',
'transport' => 'Transport',
'dlno' => 'Dlno',
'instruction' => 'Instruction',
];
}
/**
* @return \yii\db\ActiveQuery
*/
public function getBills()
{
return $this->hasMany(Bills::className(), ['bills_partyname' => 'parties_partyname']);
}
/**
* @return \yii\db\ActiveQuery
*/
public function getProductsales()
{
return $this->hasMany(Productsales::className(), ['productsales_partyname' => 'parties_partyname']);
}
}
這裏是我的BillsController
<?php
namespace frontend\modules\salebills\controllers;
use Yii;
use frontend\modules\salebills\models\Bills;
use frontend\modules\salebills\models\BillsSearch;
use yii\web\Controller;
use yii\web\NotFoundHttpException;
use yii\filters\VerbFilter;
/**
* BillsController implements the CRUD actions for Bills model.
*/
class BillsController extends Controller
{
public function behaviors()
{
return [
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['post'],
],
],
];
}
/**
* Lists all Bills models.
* @return mixed
*/
public function actionIndex()
{
$searchModel = new BillsSearch();
$dataProvider = $searchModel->search(Yii::$app->request->queryParams);
if (Yii::$app->User->can('s_viewownsalebills')){
$dataProvider->query->
andWhere(['billsPartyname.name_manager'=> 'Bibekananda Acharya']);
return $this->render('index', [
'dataProvider' => $dataProvider,
]);
}
}
// return $this->render('index', [
// 'searchModel' => $searchModel,
// 'dataProvider' => $dataProvider,
// ]);
// }
/**
* Displays a single Bills model.
* @param string $id
* @return mixed
*/
public function actionView($id)
{
return $this->render('view', [
'model' => $this->findModel($id),
]);
}
/**
* Creates a new Bills model.
* If creation is successful, the browser will be redirected to the 'view' page.
* @return mixed
*/
public function actionCreate()
{
$model = new Bills();
if ($model->load(Yii::$app->request->post()) && $model->save()) {
return $this->redirect(['view', 'id' => $model->billid]);
} else {
return $this->render('create', [
'model' => $model,
]);
}
}
/**
* Updates an existing Bills model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param string $id
* @return mixed
*/
public function actionUpdate($id)
{
$model = $this->findModel($id);
if ($model->load(Yii::$app->request->post()) && $model->save()) {
return $this->redirect(['view', 'id' => $model->billid]);
} else {
return $this->render('update', [
'model' => $model,
]);
}
}
/**
* Deletes an existing Bills model.
* If deletion is successful, the browser will be redirected to the 'index' page.
* @param string $id
* @return mixed
*/
public function actionDelete($id)
{
$this->findModel($id)->delete();
return $this->redirect(['index']);
}
/**
* Finds the Bills model based on its primary key value.
* If the model is not found, a 404 HTTP exception will be thrown.
* @param string $id
* @return Bills the loaded model
* @throws NotFoundHttpException if the model cannot be found
*/
protected function findModel($id)
{
if (($model = Bills::findOne($id)) !== null) {
return $model;
} else {
throw new NotFoundHttpException('The requested page does not exist.');
}
}
}
這是我更新的actionIndex
public function actionIndex()
{
//$salesManager = Yii::$app->user->identity->fullname;
$salesManageModel = User::find()->where(['fullname' => Yii::$app->user->identity->fullname])->one();
$salesManager = $salesManageModel->fullname;
$searchModel = new BillsSearch();
$dataProvider = $searchModel->search(Yii::$app->request->queryParams);
if (Yii::$app->User->can('s_viewownsalebills')){
$dataProvider->query->
andWhere(['billsPartyname.name_manager'=> $salesManager]);
return $this->render('index', [
'dataProvider' => $dataProvider,
]);
}
}
這裏是我的索引文件
<?php
use yii\helpers\Html;
use yii\grid\GridView;
/* @var $this yii\web\View */
/* @var $searchModel frontend\modules\salebills\models\BillsSearch */
/* @var $dataProvider yii\data\ActiveDataProvider */
$this->title = 'Bills';
$this->params['breadcrumbs'][] = $this->title;
?>
<div class="bills-index">
<h1><?= Html::encode($this->title) ?></h1>
<?php // echo $this->render('_search', ['model' => $searchModel]); ?>
<!-- <p>
<?= Html::a('Create Bills', ['create'], ['class' => 'btn btn-success']) ?>
</p> -->
<?= GridView::widget([
'dataProvider' => $dataProvider,
'filterModel' => $searchModel,
'columns' => [
['class' => 'yii\grid\SerialColumn'],
//'billid',
//'bills_ebillid',
//'bills_year',
//'console',
'billno',
'billdate',
'bills_partyname',
'billamount',
'billsPartyname.name_manager'
// 'pdate1',
// 'payment1',
// 'details1',
// 'pdate2',
// 'payment2',
// 'details2',
// 'pdate3',
// 'payment3',
// 'details3',
// 'pdate4',
// 'payment4',
// 'details4',
// 'totalpayment',
// 'bills_tc',
// 'bills_tc_approval',
// 'doctorsgift',
// 'mrcommision',
// 'mrname:ntext',
// 'bills_other',
// 'bills_specify_other:ntext',
// 'bills_other_approval',
// 'overdue',
// 'cst',
// 'wbst',
// 'caseno',
// 'amount',
// 'discount',
// 'tot',
// 'surcharge',
// 'total',
// 'tax',
// 'mrpvalue',
// 'cstpercent',
// 'wbstpercent',
// 'surpercent',
// 'totpercent',
// 'transport',
//['class' => 'yii\grid\ActionColumn'],
],
]); ?>
</div>
沒有得到$ dataProvider-> query-> andWhere(['your_sales_manager_key'=> $ actual_sales_manager_code]);部分。我有客戶表,我有經理姓名和cutomername。我有發票表,我有客戶名和發票細節。 customer.customername和invoice.customername之間有關係。 – Tanmay
如果你想渲染一個grdiview,那麼通常使用dataProvider ..你想要從模型中顯示數據? – scaisEdge
你在問什麼最後一條評論與RBAC無關,但是你如何在model/table之間的關係.. primarly似乎是一個應用程序設計問題..只是你已經定義了你的函數的關係,你可以將RBAC應用於使用正確的功能.. – scaisEdge