RBAC

//登陆控制器   
function  actionLogin(){
        $name=Yii::$app->request->post("name");

        $pass=Yii::$app->request->post("pass");
       $res= Yii::$app->db->createCommand("select * from user where name='$name' and pass='$pass'")->queryOne();

       if ($res){
             $session=Yii::$app->session;
            $session->set("uid",$res['id']);
             $id=$res['id'];

         $sql=Yii::$app->db->createCommand("SELECT * from user join u_t on  `user`.id=u_t.u_id join teacher on u_t.t_id=teacher.id JOIN t_p  on teacher.id=t_p.t_id join power on t_p.p_id=power.id where `user`.id=$id")->queryAll();

         $session->set("power",json_encode($sql));
         return $this->redirect(["one/show"]);

       }else{
           echo "<a href='add'>登陆失败</a>";
       }
    }
//权限控制器 
 function  init()
    {
      $session=Yii::$app->session;
      $id=$session->get("uid");

     if (empty($id)){
         echo "<a href='/mon/add'>权限不足</a>";
     }

     $power= $session->get("power");
      $power= json_decode($power);
     foreach ($power as $k=>$v){
             $arr[]=$v->controller.'/'.$v->function;
     }
      $res=Yii::$app->requestedRoute;

     if (!in_array($res,$arr)){
     echo "<a href='/mon/add'>权限不足</a>";die;
     }

    }


    function   actionShow(){
       $session=Yii::$app->session;
       $data=$session->get("power");
       $arr=json_decode($data,1);

      $res= $this->gettree($arr,0);
      return   $this->render("show",["res"=>$res]);
    }


   function  gettree($data,$pid){
         $tree=[];
        foreach ($data as $k=>$v){
             if ($v['pid']==$pid){
                 $v['son']=$this->gettree($data,$v['id']);
                 $tree[]=$v;
             }
        }
        return $tree;
   }
//权限展示
//权限展示
<!doctype html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport"
          content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>Document</title>
</head>
<body>
 <table>
     <?php  foreach ($res as $key=>$value){?>
    <tr>
        <?php  echo  $value['power'] ?><br>
        <?php  foreach ($value['son'] as $k=>$v){?>
             <a href="<?php echo $v['function'] ?>"><?php  echo  $v['power'] ?><br></a>

             </tr>
         <?php  }?>
  <?php  }?>



 </table>
</body>
</html>
上一篇:应对“角色爆炸”,PBAC 真香!


下一篇:JWT与RBAC权限模型