yii2-RBAC-rest api开发思路

向修谨
2023-12-01

rest api是通过资源请求的,所以不像一般的/add /edit等来判断是否拥有权限。
我们可以写个方法一键写入权限的时候默认增加 ,其实和常规的YII2 RBAC权限一样的做法,我就不在这里详细说RBAC怎么做了,网上也有很多资料,我会提下,网上教程没有的,角色添加后的编辑怎么操作
/index = get请求
/create = post请求
/update = put/patch请求
/options = delete;

  • 一键写入权限
 //一键插入所有权限
    public function actionInit()
    {
        $trans = Yii::$app->db->beginTransaction();
        $controllers_name = array();
        try {
            $dir = yii::$app->basePath . '/modules';
            $controllers = glob($dir . '/*');
            foreach ($controllers as $k => $value) {
                $controllers[$k] = $value . '/controllers/OrmController.php';
                $controllers_name[$k] = substr($value, strrpos($value, '/') + 1);
            }
            $permissions = [];
            foreach ($controllers as $k => $controller) {
                $content = file_get_contents($controller);
                //正则匹配拿到控制器名称,但我们一般都是Orm
                preg_match('/class ([a-zA-Z]+)Controller/', $content, $match);
                $cName = $match[1];
                $permissions[] = strtolower($controllers_name[$k] . '/' . $cName . '/*');
                $permissions[] = strtolower($controllers_name[$k] . '/' . $cName . '/index');
                $permissions[] = strtolower($controllers_name[$k] . '/' . $cName . '/create');
                $permissions[] = strtolower($controllers_name[$k] . '/' . $cName . '/update');
                $permissions[] = strtolower($controllers_name[$k] . '/' . $cName . '/options');
                //正则找方法
                preg_match_all('/public function action([a-zA-Z_]+)/', $content, $matches);
                foreach ($matches[1] as $aName) {
                    $permissions[] = strtolower($controllers_name[$k] . '/' . $cName . '/' . $aName);
                }
            }
            foreach ($permissions as $k => $v) {
                if (substr($v, -2) === '/s') {
                    unset($permissions[$k]);
                }
            }
            $permissions = array_values($permissions);
            $auth = Yii::$app->authManager;
            foreach ($permissions as $permission) {
                if (!$auth->getPermission($permission)) {
                    $obj = $auth->createPermission($permission);
                    $obj->description = $permission;
                    $auth->add($obj);
                }
            }
            $trans->commit();
            return "import success";
        } catch (\Exception $e) {
            $trans->rollback();
            return "import failed ";
        }
    }
  • 控制器继承的公共控制器进行判断资源请求
       $controller = $action->controller->module->id;//控制器名称
        $actionName = $action->id;//方法名称
        $method = Yii::$app->request->method;
        if (Yii::$app->user->can($controller. '/orm/*')) {
            return true;
        }
        if ($method == 'POST') {
            if (!Yii::$app->user->can($controller . '/orm/create')) {
                throw new UserException('请求不允许');
            }
        }
        if ($method == 'GET') {
            if (!Yii::$app->user->can($controller . '/orm/index')) {
                throw new UserException('请求不允许');
            }
        }
        if ($method == 'PATCH' || $method == 'PUT') {
            if (!Yii::$app->user->can($controller . '/orm/update')) {
                throw new UserException('请求不允许');
            }
        }
        if (Yii::$app->user->can($controller . '/orm/' . $actionName)) {
            return true;
        }
        return true;
        throw new UserException('对不起,您没有访问' . $controller . '/' . $actionName . '的权限');
  • 角色添加后的编辑怎么操作
    public function actionEditrole($name)
    {
        if (Yii::$app->request->isPost) {
            $authManager = Yii::$app->authManager;
            $post=Yii::$app->request->post();
            $role = $authManager->getRole($name);
            $role->name = $post['name'];
            $role->description = $post['description'];
            if(!$authManager->update($name,$role)){
            //$name:老名字 $role:新对象
                throw new UserException('编辑失败');
            };
            return '编辑角色成功';
        }
    }
 类似资料: