Yii2.0中基于AccessControl的权限相关验证统一管理
2017-02-13 15:35
232 查看
Yii2.0中基于AccessControl的权限相关验证统一管理
编写一个统一的BaseController将所有的验证操作放在此控制器的beforeAction和behaviors中进行,然后将将所有需要用到验证的控制器继承这个控制器;并在需要验证和用户分组权限相关的配置放到特定的参数中即可!如下是本人写的一段简单的demo:BaseController ```class BaseController extends Controller{ /** * 验证模块 * @var array */ public $notlogin_validates = [];//不需登录匹配的 public $all_id_validates = [];//所有匹配的用户 public $post_validates = [];//需要post请求的 public $all = [];//所有匹配的用户 public $not_login = [];//不需登录的 public $post = [];//需要post请求的 /** * 用户分组权限 * @var array */ public $group = []; public $check = false; public function beforeAction($action){ if(!empty($action->controller->notlogin_validates)){ $this->not_login = [ 'actions' => $action->controller->notlogin_validates, 'allow' => true, ]; } if(!empty($action->controller->all_id_validates)){ $this->all = [ 'actions' => $action->controller->all_id_validates, 'allow' => true, 'roles' => ['@'], ]; } if(!empty($action->controller->post_validates)){ $this->post = [ 'actions'=>$action->controller->post_validates, 'allow' => true, 'verbs' => ['post'], ]; } $user = Yii::$app->user; $group = explode(",",$user->identity->group); if(count($group) > 1){ foreach ($group as $k=>$v){ $this->check = $this->check || in_array($v,$this->group); } }elseif (count($group) == 1 && $group[0] == 0){ $this->check = true; }else{ $this->check = false; } return parent::beforeAction($action); // TODO: Change the autogenerated stub } public function behaviors(){ if(!$this->check){ throw new Exception('无权访问!'); } return [ 'access' => [ 'class' => AccessControl::className(), 'rules' => [$this->not_login,$this->all, $this->post], ], ]; } 然后就是在自己的控制器内继承这个控制器如下: <div class="se-preview-section-delimiter"></div>
TestController
“`
class TestController extends BaseController{
public enableCsrfValidation=false;publicall_id_validates = [‘index’];
public notmatchvalidates=[‘@′];publicgroup = [‘0’,’4’];
public function actionIndex(){ } }
写的较为粗糙请多指教!
TestController
class TestController extends BaseController{ public $enableCsrfValidation = false; public $all_id_validates = ['index']; public $notmatch_validates = ['@']; public $group = ['0','4']; public function actionIndex(){ } }
写的较为粗糙请多指教!
相关文章推荐
- Android Native 绘图方法
- PostgreSQL教程(三):表的继承和分区表详解
- Vue.js中用v-bind绑定class的注意事项
- Vue.js绑定HTML class数组语法错误的原因分析
- C#中struct和class的区别详解
- Lua面向对象之类和继承浅析
- 浅析Ruby中继承和消息的相关知识
- VBS ArrayList Class vbs中的数组类
- 大家看了就明白了css样式中类class与标识id选择符的区别小结
- 设计引导--一个鸭子游戏引发的设计理念(多态,继承,抽象,接口,策略者模式)
- C++实现不能被继承的类实例分析
- 浅谈C++继承中的名字查找
- 有关C++继承与友元、继承与类型转换详解
- C# 面向对象三大特性:封装、继承、多态
- YII Framework框架教程之安全方案详解
- PHP类的封装与继承详解
- Yii PHP Framework实用入门教程(详细介绍)
- 深入了解PHP类Class的概念
- PHP的Yii框架中Model模型的学习教程
- 详解PHP的Yii框架中自带的前端资源包的使用