Home >php教程 >php手册 >Yotaku's development diary (1)

Yotaku's development diary (1)

WBOY
WBOYOriginal
2016-07-06 13:30:301106browse

2015-12-1821:17:46 I have been looking at the Thinkphp framework for several days and now I see role-based user access control. The relevant code is as follows: Database User Table (Administrator) mg_id mg_name mg_pwd mg_time mg_role_id 0 creatint 123 2587413547 1 1 yotaku 123 258744984 4 CREAATE TABLE `sw_manager

2015-12-18 21:17:46

I have been looking at the Thinkphp framework for several days and now I see role-based user access control.

The relevant code is as follows:

Database

User table (administrator)

mg_id mg_name mg_pwd mg_time mg_role_id
0 creatint 123 2587413547 1
1 yotaku 123 258744984 4
CREAATE TABLE `sw_manager` (
    `mg_id` int(11) NOT NULL AUTO_INCREMENT,
    `mg_name` varchar(32) NOT NULL,
    `mg_pwd` varchar(32) NOT NULL, 
    `mg_time` int(10) unsigned NOT NULL COMMENT '时间',
    `mg_role_id` tinyint(3) unsigned NOT NULL DEFAULT '0' COMMENT '角色id',
    PRIMARY KEY (`mg_id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;

Permission table

auth_id(权限ID) auth_name(权限名称) auth_pid(父id) auth_c(控制器) auth_a(操作方法) auth_path(全路径) auth_level(权限级别)
100 产品中心 0 '' '' 100 0
101 产品展示 100 ManagerController show 100-101 1
CREATE TABLE `sw_auth` (
    `auth_id` smallint(6) unsigned NOT NULL AUTO_INCREMENT,
    `auth_name` varchar(20) NOT NULL COMMENT '权限名称',
    `auth_pid` smallint(6) unsigned NOT NULL COMMENT'父id',
    `auth_c` varchar(32) NOT NULL DEFAULT '' COMMENT '控制器',
    `auth_a` varchar(32) NOT NULL DEFAULT '' COMMENT '操作方法',
    `auth_path` varchar(32) NOT NULL COMMENT '全路径',
    `auth_level` tinyint(4) NOT NULL DEFAULT '0' COMMENT '级别',
    PRIMARY KEY(`auth_id`)
) ENGING-InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;

Character List

role_id role_name role_auth_ids role_auth_ac
0 站主 1,3,9 操作器-控制器,操作器-控制器,...
1 高级管理员 1,2,3,9,12 操作器-控制器,操作器-控制器,...
CREATE TABLE `sw_role` (
    `role_id` smallint(6) unsigned NOT NULL AUTO_INCREMENT,
    `role_name` varchar(20) NOT NULL COMMENT '角色名称',
    `role_auth_ids` varchar(128) NOT NULL DEFAULT '' COMMENT '权限id,1,3,..',
    `role_auth_ac` text COMMENT '控制器2-操作3,控制器1-操作6,...',
    PRIMARY KEY(`role_id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;<br><br>

 


数据模拟

1.权限数据

  产品中心(产品展示,最新产品,分类管理,子类管理) 高级管理(用户留言,留言簿,产品订购,文件管理) 系统管理(基本设置,样式管理,首页设置,管理员列表)

<span class="zhushi">顶级权限</span>
insert into sw_auth values ( 100,'产品中心',0,'','',100,0 );
insert into sw_auth values ( 101,'高级管理',0,'','',101,0 );
insert into sw_auth values ( 102,'系统管理',0,'','',102,0 );
insert into sw_auth values ( 103,'权限管理',0,'','',103,0 );

<span class="zhushi">次级权限</span>
insert into sw_auth values ( 104,'产品展示',100,'Goods','show','100-104',1 );
insert into sw_auth values ( 105,'最新产品',100,'Goods','showlist','100-105',1 );
insert into sw_auth values ( 106,'分类管理',100,'Goods','cate','100-106',1 );

insert into sw_auth values ( 107,'用户留言',101,'Goods','Words','101-107',1 );
insert into sw_auth values ( 108,'留言簿',  101,'Goods','wordsbook','101-108',1 );

insert into sw_auth values ( 109,'基本设置',102,'Goods','set','102-109',1 );
insert into sw_auth values ( 110,'样式管理',102,'Goods','CSS','102-110',1 );

insert into sw_auth values ( 111,'用户列表',103,'Goods','userlist','103-111',1 );
insert into sw_auth values ( 112,'角色管理',103,'Goods','role','103-112',1 );
insert into sw_auth values ( 113,'权限列表',103,'Goods','auth','103-113',1 );

2.角色数据

  sw_role 站主 所有权限(103,104,105,106,107,108,109) 管理员 部分权限(104,105,109) 版主 部分权限(103,108)

<span class="zhushi">角色</span>
insert into sw_role values (10,'站主','100,101,102,103,104,105,106,107,108,109,110,111,112,113','Goods-show,Goods-showlist,Goods-cate,Goods-words,Goods-wordsbook,Goods-set,Goods-css');
insert into sw_role values (11,'管理员','100,102,104,105,109','Goods-showlist,Goods-cate,Goods-css');
insert into sw_role values (12,'版主','100,101,103,106,108,113','Goods-show,Goods-set');

3.流程说明

  Index控制器内 获取用户的角色id,进而获得角色权限 进行判断是否展现数据 Index控制器--->left方法--->left.html模板 Index控制器

//(1)根据用户id获取本身记录信息
        $mg_id = session('admin_id');
        
//D('Manager')实例化了一个Manager的Model对象
        $manager_info = D('Manager')->find($mg_id);
        $role_id = $manager_info['mg_role_id'];
        
//(2)根据role_id 获得本身记录信息
        $role_info = D('Role')->find($role_id);
        $auth_ids = $role_info['role_auth_ids'];
        
//(3)根据$auth_ids 获得具体权限
        $auth_infoA = D('Auth')->where("auth_level=0 and auth_id in($auth_ids)")->select();
//父级
        $auth_infoB = D('Auth')->where("auth_level=1 and auth_id in($auth_ids)")->select();
//子级
        $this->assign('auth_infoA',$auth_infoA);
        $this->assign('auth_infoB',$auth_infoB);
        
//传到模板中
        $this->assign('auth_info',$auth_info);
        $this->display();

4.模板 left.html

  {foreach $auth_infoA as $k=>$v}         
      background={$smarty.const.ADMIN_IMG_URL}/menu_bt.jpg >{$v.auth_id})       href="javascript:void(0);">{$v.auth_name}
    {$v.auth_id} style="display: none" cellspacing=0 cellpadding=0 width=150 border=0>       {foreach $auth_infoB as $k2=>$v2}        {if $v2.auth_pid == $v.auth_id}                              {/if}      {/foreach}          
{$smarty.const.ADMIN_IMG_URL}/menu_icon.gif" width=9>{$smarty.const.__MODULE__}/{$v2.auth_c}/{$v2.auth_a}" target=right>{$v2.auth_name}           
  {/foreach}  
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn