如何在 Yii 中从数据库获取用户权限

发布于 2025-01-04 07:06:05 字数 1254 浏览 0 评论 0原文

我对 Yii 非常陌生。我正在开发一个现实世界的例子。 我有一个表,因此有一个模型,称为用户,它从数据库获取数据。数据库中的三个主要字段是用户名、密码和用户角色。 用户名和密码工作得很好。 我需要查看数据库中的 userRole 并基于此为用户分配角色。 例如用户的userRole字段==1,用户是admin,可以创建、读取、更新和删除(CRUD)。 但如果用户的userRole ==2,则用户可以更新和创建,但不能删除。 我尝试在 UserController.php 中使用“表达式” ib accessRules() 来完成此操作,但它不起作用。 然后我读到它并发现我应该用角色来做。 这就是我写的:

public function accessRules()
    {
        $auth = Yii::app()->authManager;

        $auth->createOperation('createUser','create a user');
        $auth->createOperation('updateUser','update a user');
        $auth->createOperation('deleteUser','delete a user');

        $role=$auth->createRole('creator');
        $role->addChild('createUser');

        $role=$auth->createRole('updater');
        $role->addChild('updateUser');

        $role=$auth->createRole('deleter');
        $role->addChild('deleteUser');


        return array(
................................
        array('allow',
            'actions'=>array('create','update'),
            'users'=>array('@'),
            'roles'=>????,

.....................

???我不知道该做什么。 我是否在正确的位置/文件中定义了 createOperation/addChild ? 如何在返回数组中使用“角色”? 另外我应该从数据库哪里获取 userRole?

我正在拼命寻找答案,因为 Yii 论坛不活跃,

谢谢

I am very very new to Yii. I am developing a real world example.
I have a table,hence a model, called user which gets the data from database. Three main fields in Database are username,password and userRole.
Username and password work just fine.
All I need to look at the userRole in database and based on that, assign a role to a user.
For example is the user's userRole field ==1, the user is admin and can Create, Read,Update and Delete (CRUD).
But if user's userRole ==2, user can Update and Create but not delete.
I tried to do it with 'expression' ib accessRules() in UserController.php but it didnt work.
Then I read about it and found I should do it with role.
That's what I wrote:

public function accessRules()
    {
        $auth = Yii::app()->authManager;

        $auth->createOperation('createUser','create a user');
        $auth->createOperation('updateUser','update a user');
        $auth->createOperation('deleteUser','delete a user');

        $role=$auth->createRole('creator');
        $role->addChild('createUser');

        $role=$auth->createRole('updater');
        $role->addChild('updateUser');

        $role=$auth->createRole('deleter');
        $role->addChild('deleteUser');


        return array(
................................
        array('allow',
            'actions'=>array('create','update'),
            'users'=>array('@'),
            'roles'=>????,

.....................

??? is where I have no idea what to do.
Am I defining the createOperation/addChild in a right place/file?
How can I use 'roles' in the returning array?
Also where should I get the userRole from Database?

I am desperately looking for answer as Yii Forum is not active

Thank you

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

彻夜缠绵 2025-01-11 07:06:05

您必须将角色分配给已登录的用户(或通过已知的用户 ID)

$auth->assign('creator',user()->id);
$auth->assign('updater', 102); //102 as user id
//...

并且在 accessRules 中您必须写入

'actions'=>array('create','update'),
'roles'=>array('creator','updater'),

这是您正在寻找的答案吗?

you must assign role(s) to logged user (or by known user id)

$auth->assign('creator',user()->id);
$auth->assign('updater', 102); //102 as user id
//...

And in accessRules you must write

'actions'=>array('create','update'),
'roles'=>array('creator','updater'),

Is this answeryou are looking for?

风吹过旳痕迹 2025-01-11 07:06:05

操作和角色的创建是一次性活动(无论何时创建或编辑它们)。您需要有一个单独的方法,您将调用一次。

如果您想要建立一个基于角色的访问系统,您需要向数据库添加其他表。该模式可以在文件夹 - yii/framework/web/auth/schema.sql 中找到。

但实现 RBAC 最简单的方法是使用类似 Rights 的扩展 - http://www.yiiframework。 com/扩展/权利/

The creation of operations and roles is a one time activity (whenever you create or edit them). You need to have a separate method which you will call once.

And if you want to have a role based access system in place you need to add additional tables to your database. The schema can be found in the folder - yii/framework/web/auth/schema.sql.

But the easiest way to implement RBAC would be to use an extension like Rights - http://www.yiiframework.com/extension/rights/

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文