20181104 tp中的权限(RBAC)

Posted sp1234

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了20181104 tp中的权限(RBAC)相关的知识,希望对你有一定的参考价值。

目录文件(仅仅写的权限的代码)

技术分享图片                   技术分享图片

Role/showlist.html 代码

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
    <head>
        <meta http-equiv="content-type" content="text/html; charset=UTF-8" />

        <title>角色列表</title>

        <link href="__CSS__/mine.css" type="text/css" rel="stylesheet" />
    </head>
    <body>
        <style>
            .tr_color{background-color: #9F88FF}
        </style>
        <div class="div_head">
            <span>
                <span style="float: left;">当前位置是:权限管理-》角色列表</span>
                <span style="float: right; margin-right: 8px; font-weight: bold;">
                    <a style="text-decoration: none;" href="__URL__/add">【添加角色】</a>
                </span>
            </span>
        </div>
        <div style="font-size: 13px; margin: 10px 5px;">
            <table class="table_a" border="1" width="100%">
                <tbody><tr style="font-weight: bold;">
                        <td >角色id</td>
                        <td >角色名称</td>
                        <td >权限ids</td>
                        <td >role_auth_ac</td>
                        <td  align="center">操作</td>
                    </tr>
             <volist name="list" id="vo">
                    
                    <tr id="product{$i}">
                        <td>{$vo.role_id}</td>
                        <td><a href="#">{$vo.role_name}</a></td>
                        <td>{$vo.role_auth_ids}</td>
                        <td>{$vo.role_auth_ac}</td>
                        <td>
                        <a href="__URL__/showauth/rid/{$vo.role_id}">分配权限</a>
                        <a href="#">修改</a>
                        <a href="#">删除</a>
                        </td>
                    </tr>
             </volist>
                    <tr>
                        <td colspan="20" style="text-align: center;">
                            {$page}
                        </td>
                    </tr>
                </tbody>
            </table>
        </div>
    </body>
</html>

  

Role/showautht.html 代码

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
    <head>
        <title>给角色分配权限</title>
        <meta http-equiv="content-type" content="text/html;charset=utf-8" />
        <link href="__CSS__/mine.css" type="text/css" rel="stylesheet" />
    </head>

    <body>
        <div class="div_head">
            <span>
                <span style="float:left">当前位置是:角色管理-》分配权限信息【{$role_info[‘role_name‘]}】</span>
                <span style="float:right;margin-right: 8px;font-weight: bold">
                    <a style="text-decoration: none" href="__CONTROLLER__/showlist">【返回】</a>
                </span>
            </span>
        </div>
        <div></div>

        <div style="font-size: 13px;margin: 10px 5px">
            <form action=‘__SELF__‘ method=‘post‘>
                <table cellspacing=‘1‘ id="list-table">
                    <volist name=‘auth_infoA‘ id=‘v‘>
                    <tr>
                        <td width="25%" valign="top" class="first-cell" style=‘border-bottom:2px solid gray; font-weight:bold;‘>
                            <input type="checkbox" name="auth_id[]" value="{$v[‘auth_id‘]}" class="checkbox"
                                   <if condition="in_array($v[‘auth_id‘],$authidsarr)">checked=‘checked‘</if>
                                   />{$v[‘auth_name‘]}
                                   </td>
                        <td width=‘75%‘ style=‘border-bottom:2px solid gray;‘>
                            <volist name=‘auth_infoB‘ id="vv">
                            <if condition="$vv[‘auth_pid‘]  eq $v[‘auth_id‘]">
                            <div style="width:200px;float:left;">
                                <input type="checkbox" name="auth_id[]" value="{$vv[‘auth_id‘]}" 
                                     <if condition="in_array($vv[‘auth_id‘],$authidsarr)">checked=‘checked‘</if>
                                       />{$vv[‘auth_name‘]}
                            </div>
                            </if>
                            </volist>
                        </td>
                    </tr>
                    </volist>
                </table>
                <input type=‘submit‘ value=‘分配权限‘ />
            </form>
        </div>
    </body>
</html>

  

Auth/showlist.html  代码

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
    <head>
        <meta http-equiv="content-type" content="text/html; charset=UTF-8" />

        <title>权限列表</title>

        <link href="__CSS__/mine.css" type="text/css" rel="stylesheet" />
    </head>
    <body>
        <style>
            .tr_color{background-color: #9F88FF}
        </style>
        <div class="div_head">
            <span>
                <span style="float: left;">当前位置是:权限管理-》权限列表</span>
                <span style="float: right; margin-right: 8px; font-weight: bold;">
                    <a style="text-decoration: none;" href="__URL__/addauth">【添加权限】</a>
                </span>
            </span>
        </div>
        <div style="font-size: 13px; margin: 10px 5px;">
            <table class="table_a" border="1" width="100%">
                <tbody><tr style="font-weight: bold;">
                        <td >序号</td>
                        <td >权限名称</td>
                        <td >父权限id</td>
                        <td >控制器</td>
                        <td >方法</td>
                        <td >全路径</td>
                        <td >级别</td>
                        <td  align="center">操作</td>
                    </tr>
             <volist name="list" id="vo">
                    
                    <tr id="product{$i}">
                        <td>{$vo.auth_id}</td>
                        <td>{$ge|str_repeat=$vo[‘auth_level‘]}{$vo.auth_name}</td>
                        <td>{$vo.auth_pid}</td>
                        <td>{$vo.auth_c}</td>
                        <td>{$vo.auth_a}</td>
                        <td>{$vo.auth_path}</td>
                        <td>{$vo.auth_level}</td>
                        <td>
                        <a href="#">修改</a>
                        <a href="__URL__/del/id/{$vo.auth_id}">删除</a>
                        </td>
                    </tr>
             </volist>
                    <tr>
                        <td colspan="20" style="text-align: center;">
                            {$page}
                        </td>
                    </tr>
                </tbody>
            </table>
        </div>
    </body>
</html>

  

Auth/addauth.html  代码

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
    <head>
        <title>添加权限</title>
        <meta http-equiv="content-type" content="text/html;charset=utf-8">
        <link href="./css/mine.css" type="text/css" rel="stylesheet">
    </head>

    <body>

        <div class="div_head">
            <span>
                <span style="float:left">当前位置是:权限管理-》添加权限信息</span>
                <span style="float:right;margin-right: 8px;font-weight: bold">
                    <a style="text-decoration: none" href="__URL__/showlist">【返回】</a>
                </span>
            </span>
        </div>
        <div></div>

        <div style="font-size: 13px;margin: 10px 5px">
            <form action="__SELF__" method="post" enctype="multipart/form-data">
            <table border="1" width="100%" class="table_a">
                <tr>
                    <td>权限名称</td>
                    <td><input type="text" name="auth_name" /></td>
                </tr>
                <tr>
                    <td>权限父id</td>
                    <td>
                        <select name="auth_pid">
                            <option value="0">请选择</option>
                             <foreach name="list" item="vo">
                            <option value="{$vo.auth_id}">{$vo.auth_name}</option>
                           </foreach>
                        </select>
                    </td>
                </tr>
                  <tr>
                    <td>控制器</td>
                    <td><input type="text" name="auth_c" /></td>
                </tr>
                  <tr>
                    <td>方法</td>
                    <td><input type="text" name="auth_a" /></td>
                </tr>
                <tr>
                    <td colspan="2" align="center">
                        <input type="submit" value="添加">
                    </td>
                </tr>  
            </table>
            </form>
        </div>
    </body>
</html>

  

Model/AuthModel.class.php  代码

<?php
namespace AdminModel;
use ThinkModel;
//Admin模块的manager控制器
class  AuthModel  extends  Model{
	function  saveDate($info){
		//根据已有的四个字段生成一条记录
		$newid=$this->add($info);
		//根据新增主键进一步制作auth_path和auth——level
		if($info["auth_pid"]==0){
			//dingji 
			$path=$newid;
		}else{
			//非顶级
			$pinfo=$this->find($info["auth_pid"]);
			$p_path=$pinfo["auth_path"];
			$path=$p_path."-".$newid;
		}
		//全路径数组之后的个数减一的结果
		$level=count(explode("-",$path))-1;
		$sql="update tp_auth  set auth_path=‘$path‘,auth_level=‘$level‘where auth_id=‘$newid‘";
		return $this->execute($sql);
		
	}
}
	

  

Controller/RoleController.class.PHP   代码

<?php
namespace AdminController;//声明
use ThinkController;//用Controller在什么位置
//Admin模块的login控制器
class  RoleController  extends  Controller{
	function showlist(){
		$list=M("role")->select();
		$this->assign("list",$list);
		
		$this->display();
	}
	function showauth($rid){
		if(IS_POST){
		   $auth_ids=$_POST["auth_id"];//接收表单
			$role_auth_ids=implode(",",$auth_ids);//数组转字符串
			$authnames=M("auth")->field("auth_c,auth_a")->where("auth_id in($role_auth_ids)")->select();//根据权限id查控制器方法
			
			
			//组织成字符串313883132
			
			$str="";
			foreach($authnames as $v){
				if(!empty($v["auth_c"]))
				$str.=$v["auth_c"]."-".$v["auth_a"].",";
			}
			$str=rtrim($str,",");//去除逗号
			
			//执行SQL语句
		  $aql="update tp_role set role_auth_ids=‘$role_auth_ids‘,role_auth_ac=‘$str‘ where role_id=$rid";
			M("role")->execute($aql);
			$this->redirect("showlist",array("rid"=>$rid),1,"分配完成");	
				
		
		}
		//增加权限
		$auth_infoA=M("auth")->where("auth_level=0 ")->select();
		$auth_infoB=M("auth")->where("auth_level=1 ")->select();
			
		$role=M("role")->find($rid);
		$authidsarr=explode(",",$role["role_auth_ids"]);
	     //注册到模板
		$this->assign("auth_infoA",$auth_infoA);
		$this->assign("auth_infoB",$auth_infoB);
		$this->assign("authidsarr",$authidsarr);
			
		$this->display();
	
  }
}

  

Controller/AuthController.class.PHP   代码

<?php
namespace AdminController;//声明
use ThinkController;//用Controller在什么位置
//Admin模块的login控制器
class  AuthController  extends  Controller{
	function showlist(){
		$data=M("auth")->order(‘auth_path‘)->select();
		$this->assign("list",$data);
		$this->assign(‘ge‘,"--/");
		$this->display();
	}
	function addauth(){
		$auth=new AdminModelAuthModel();
		if(!empty($_POST)){
			$info=$auth->create();
			if($auth->saveDate($info)){
				
				
				 $this->redirect("showlist",array(),1,"添加成功");
			}else{
				echo  "老哥,干啥呢!";
			}
		  }
		  
		
		$pid=M("auth")->field("auth_id,auth_name")->where("auth_level=0")->select();
		$this->assign("list",$pid);
		
		$this->display();
	}
	//删除的方法
	function del( $id){//参数的键名叫id
		$goods=M(‘auth‘);
		if($goods->delete($id)){
			$this->success("删除成功",U("showlist"),1);
		}else{
			$this->error("删除失败",U("showlist"),1);
		}
	}
	
	
	
	
	
	
	
}

  

以上是关于20181104 tp中的权限(RBAC)的主要内容,如果未能解决你的问题,请参考以下文章

RBAC的禁止翻墙访问

UML相关工具一览(20181104 更新)

phpcms中的RBAC权限系统

k8s集群中的rbac权限管理

Yii2全面解析之权限管理RBAC

尚硅谷RBAC权限实战视频