如何在yii中分配角色和checkaccess方法?

时间:2015-04-01 05:41:59

标签: php yii

我是yii的新角色管理人员 我有2个角色,如Admin1,Admin2
我有2个控制器,它的动作像

一样 (1)UserController - 创建,更新,删除
(2)CategoryController - 查看,创建,更新

我想为Admin1提供checkaccess方法,如
(1)UserController - 更新,删除
(2)CategoryController - 更新

我想为Admin2提供checkaccess方法,如
(1)UserController - 创建,更新,删除
(2)CategoryController - 创建,查看

如何为特定管理员提供此2控制器的检查权限? 任何帮助都将非常感激。

这是我的checkaccess方法,但它给了我错误

class UserIdentity extends CUserIdentity
{
    private $_id;
        public $role;
        public $roleName;

    /**
     * Authenticates a user.
     * @return boolean whether authentication succeeds.
     */
    public function authenticate()
    {
        $username = $this->username;
        $password = md5($this->password);
        $user=Login_User::model()->findByAttributes(array('Email'=>$username,'Password'=>$password,'Status'=>'1'));
        if(empty($user))
        {
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        }
        elseif($password != $user->Password)
        {
            $this->errorCode=self::ERROR_PASSWORD_INVALID;
        }
        else
        {
            $this->_id=$user->UserID;
            $this->username=$user->Email;
                        $this->role=$user->RoleID;

                        $roleQuery = "SELECT * FROM role WHERE RoleID = ".$user->RoleID." ";
                        $roleData = Yii::app()->db->createCommand($roleQuery)->queryAll();

                        if(isset($roleData[0]['Title']) && $roleData[0]['Title'] != '') {
                            $this->roleName = $roleData[0]['Title'];
                        }  

                        if($user->RoleID != '') {
                            $query = "SELECT * FROM rolepermission WHERE RoleID = ".$user->RoleID." AND Status = 1 ";
                            $permissionData = Yii::app()->db->createCommand($query)->queryAll();
                        }

                        $auth=Yii::app()->authManager;
                        $rolePemirssion=$auth->createRole($this->roleName);
                        foreach($permissionData as $key => $value) {
                            $rolePemirssion->addChild($value['Controller'].$value['Action']);
                        }
            $this->errorCode=self::ERROR_NONE;
        }
        return $this->errorCode==self::ERROR_NONE;
    }

}

1 个答案:

答案 0 :(得分:1)

您应该使用yii access control filters 

 class UserController extends CController
 {
   …
   public function accessRules()
   {
       return array(
           ...
           array('allow',
               'actions'=>array('update', 'delete'),
               'roles'=>array('admin1'),
           ),
           array('allow',
               'actions'=>array('update'),
               'roles'=>array('admin2'),
           ),
           ...
       );
   }
 }
 class CategoryController extends CController
 {
   …
   public function accessRules()
   {
       return array(
           ...
           array('allow',
               'actions'=>array('create', 'update', 'delete' ),
               'roles'=>array('admin1'),
           ),
           array('allow',
               'actions'=>array('create', 'view'),
               'roles'=>array('admin2'),
           ),
           ...
       );
   }
 }
相关问题
最新问题