php后台权限的设计逻辑方法收集

1.设计admin_group表



2.建立群组，添加权限：



首页添加权限模型（model)：

<?php

class XAdminiAcl{

//一共分为三级，首页为一级，’action'下的name为第二级，'list_acl'下的name为第三级。
//权限配制数据
public static $aclList = array(
'首页' => array(
'controller'=>'home', 'url'=>'default/home','acl'=>'home','action'=>array(
array('name'=>'系统首页','url'=>'default/home','acl'=>'home_index','list_acl'=>array()),
array('name'=>'栏目管理','url'=>'catalog/index','acl'=>'config_catalog','list_acl'=>array(
'录入'=>'catalog_create', '编辑'=>'catalog_update','删除'=>'catalog_delete','排序'=>'catalog_sort_order'
)),
)
),

'设置' => array(
'controller'=>'config', 'url'=>'config/index', 'acl'=>'config','action'=>array(
array('name'=>'站点设置','url'=>'config/index','acl'=>'config_index','list_acl'=>array()),
array('name'=>'SEO设置','url'=>'config/seo','acl'=>'config_seo','list_acl'=>array()),
array('name'=>'上传设置','url'=>'config/upload','acl'=>'config_upload','list_acl'=>array()),
array('name'=>'自定义设置','url'=>'config/custom','acl'=>'config_custom','list_acl'=>array()),
)
),
'内容' => array(
'controller'=>'post', 'url'=>'post/index', 'acl'=>'post','action'=>array(
array('name'=>'内容管理','url'=>'post/index','acl'=>'post_index','list_acl'=>array(
'录入'=>'post_create', '编辑'=>'post_update', '批量审核'=>'post_verify', '批量推荐'=>'post_commend', '删除'=>'post_delete'
)),
array('name'=>'评论管理','url'=>'post/comment','acl'=>'post_comment','list_acl'=>array(
'回复'=>'post_comment_update',  '删除'=>'post_comment_delete'
)),
array('name'=>'专题管理','url'=>'post/special','acl'=>'post_special','list_acl'=>array(
'录入'=>'post_special_create', '编辑'=>'post_special_update',  '删除'=>'post_special_delete'
)),
array('name'=>'单页管理','url'=>'page/index','acl'=>'page_index','list_acl'=>array(
'录入'=>'page_create', '编辑'=>'page_update', '删除'=>'page_delete'
)),
)
),
'用户' => array(
'controller'=>'user', 'url'=>'admin/index', 'acl'=>'user','action'=>array(
array('name'=>'管理员列表','url'=>'admin/index','acl'=>'admin_index','list_acl'=>array(
'录入'=>'admin_create', '编辑'=>'admin_update', '删除'=>'admin_delete'
)),
array('name'=>'管理员权限','url'=>'admin/group','acl'=>'admin_group','list_acl'=>array(
'录入'=>'admin_group_create', '编辑'=>'admin_group_update', '删除'=>'admin_group_delete'
)),
array('name'=>'管理员日志','url'=>'logger/admin','acl'=>'admin_logger','list_acl'=>array(
'删除'=>'admin_logger_delete'
)),
array('name'=>'留言反馈','url'=>'question/index','acl'=>'question_index','list_acl'=>array(
'回复'=>'question_update', '删除'=>'question_delete'
)),
)
),

}

　然后views页面页面的获得：

<?php $i = 0; foreach((array)XAdminiAcl::$aclList as $key=>$menu):?>

<tr>
<td  colspan="2"><?php if($menu['controller'] !='home'):?>
<input name="acl[]" type="checkbox" value="<?php echo $menu['controller'] ?>"
<?php if(in_array($menu['controller'], explode(',', $model->acl))): ?>
checked="checked"<?php endif ?> level='0' onclick='javascript:checknode(this);'/>
<?php endif?>

<?php echo $key ?></td>  //获得第一级
</tr>

<?php foreach((array)$menu['action'] as $k=>$module):?>
<?php if($module['name'] != '首页'):?>
<tr >
<td  width="17%" >　　　　　
<input name="acl[]" type="checkbox" value="<?php echo $module['acl'] ?>"
<?php if(in_array($module['acl'], explode(',', $model->acl))): ?>
checked="checked"<?php endif ?> level='1' onclick='javascript:checknode(this);'/>
<?php echo $module['name']?></td>  //获得第二级

<td class="vtop tips2"><?php foreach((array)$module['list_acl'] as $aclName=>$acl):?>
<input name="acl[]" type="checkbox" value="<?php echo $acl ?>"
<?php if(in_array($acl, explode(',', $model->acl))): ?> checked="checked"<?php endif ?> level='2' onclick='javascript:checknode(this);'/>
<?php echo $aclName?> //获得第三级数据
<?php endforeach; ?></td> </tr>
<?php endif?>

<?php endforeach; ?>
<?php $i++;endforeach;?>

　　注意事项：当点击第三级，第二级的check的也要改为checked，所以需要添加js：

<script type="text/javascript">
function checknode(obj) {
var chk = $("input[type='checkbox']");
var count = chk.length;
var num = chk.index(obj);
var level_top = level_bottom = chk.eq(num).attr('level');
for (var i = num; i >= 0; i--) {
var le = chk.eq(i).attr('level');
if (eval(le) < eval(level_top)) {
chk.eq(i).attr("checked", true);
var level_top = level_top - 1
}
}
for (var j = num + 1; j < count; j++) {
var le = chk.eq(j).attr('level');
if (chk.eq(num).attr("checked") == true) {
if (eval(le) > eval(level_bottom)) chk.eq(j).attr("checked", true);
else if (eval(le) == eval(level_bottom)) break
} else {
if (eval(le) > eval(level_bottom)) chk.eq(j).attr("checked", false);
else if (eval(le) == eval(level_bottom)) break
}
}
}
</script>

　　

Controller里面:

/**
* 管理组录入
*
*/
public function actionGroupCreate ()
{
parent::_acl();
$model = new AdminGroup();
if (isset($_POST['AdminGroup'])) {
$model->attributes = $_POST['AdminGroup'];
$acl = Yii::app()->request->getPost('acl');  //获得权限
if (is_array($acl)) {
$model->acl = implode(',', array_unique($acl));
//取得唯一并且将数组转化成字符串
} else {
$model->acl = 'administrator';
}
if ($model->save()) {

$this->redirect(array ('group' ));
}
}
$this->render('group_create', array ('model' => $model ));
}

　　最后每个操作判断权限，如果没有权限就抛出提醒异常（父类控制器)：

protected function _acl ($action = false, $params = array('ajax'=>false, 'append'=>',default_index,default_home'))
{
$actionFormat = empty($action) ? strtolower($this->id . '_' . $this->action->id) : strtolower($action);
//$this->id等于控制器名字 $this->action->id等于动作的名字
$permission = self::_sessionGet('_adminiPermission');
if ($permission != 'administrator') {   //登陆时设置一个session存储它的permission，当permisson不是超级管理员时，那些操作要给与判断
$adminiGroup = self::_sessionGet('_adminiGroupId');
$aclDb = AdminGroup::model()->find('id=:id', array ('id' => $adminiGroup ));
if (! in_array($actionFormat, explode(',', strtolower($aclDb->acl) . $params['append']))) {
if($params['ajax'] == false){
XUtils::message('error', '当前角色组无权限进行此操作，请联系管理员授权', $this->createUrl('index'), 20);
}else{
$var['state'] = 'error';
$var['message'] = '当前角色组无权限进行此操作，请联系管理员授权';
exit(CJSON::encode($var));
}
}
}
}