Thinkphp RBAC details

Introduction: This is a detailed page of thinkphp RBAC. It introduces PHP, related knowledge, skills, experience, and some PHP source code.

Class = 'pingjiaf' frameborder = '0' src = 'HTTP: // biancheng.dnbc?info/pingjia.php? Id = 325730 'rolling = 'no'>
Source: http://www.cnblogs.com/gzrhappy/articles/1850572.html

Recently used ??? Thinkphp made a project. Today, the customer submitted a new request for administrator privilege management. I have read the introduction of RBAC in thinkphp before, but I have not studied it carefully. Now I have used it to find a place to remember my understanding of RBAC, so that I will not forget it later.

Let's take a look at the data table used by the official instance.

RBAC uses five data tables

Think_user(User table)

Think_role(User group table)

Think_node(Operation node)

? Think_role_user(User and user group)

Think_access(Corresponding operations and user groups)

Think_note

Think_note records the project name Module name and operation name corresponding to the entire website operation.

The field name is the name of the project, module, or operation.

Field PID records their subordination. For example, the project of a module and the module of an operation.

Field level indicates the level of the node. In other words, level = 1 indicates the project, level = 2 indicates the module, and level = 3 indicates the operation.

For example, for the admin project, his PID is 0 (the project's PID is 0) level is 1, and nane is admin. For the user module under the admin project, its level should be 2, PID is the admin ID. For the add operation of the user module under admin, level is 3, and PID is the ID corresponding to the previous user.

Next, let's talk about RBAC methods.

Authenticate($ Map, $ model = '') the method is used to pass in the query user's condition and the model of the User table. The returned array contains the user's information.

Saveaccesslist($ Authid = NULL) method to pass in the user's ID. This method does not return a value, but sets the value of $ _ session ['_ access_list, it contains all nodes with Operation permissions for all user groups corresponding to the user $ _ session ['_ access_list'] ['Project name'] ['module name'] ['operation '], after determining the permission, you can determine whether the current project, module, and operation can be found in $ _ session ['_ access_list. S

Checkaccess() Method to check whether the current module and operation need to verify that the return bool type is returned

Checklogin() Method detection Logon

Accessdemo-The ($ appname = app_name) method is used to check whether the current project module operation is in the $ _ session ['_ access_list'] array, that is, in the $ _ session ['_ access_list'] array, $ _ session ['_ access_list'] ['current operation'] ['current module'] ['current operation'] whether it exists. If yes, you have the permission. Otherwise, flase is returned.

GetaccesslistThe ($ authid) method returns the permission list $ _ session ['_ access_list'] value by querying the database.

The above record is my personal understanding of RBAC. I still encountered a problem in the development process. I have one project, but I want to manage several modules separately. After half a day, you can find that accessdemo-( $ appname = app_name) is a project name. Then, we should first divide the modules into several groups, namely level = 1 and PID = 0, and then manage the modules in groups. It is troublesome to use it. Each group has a base class. In the base class, if (! RBAC: accessdeparameters () {manually add a parameter to accessdeparameters, that is, the name of the current group. Then the module that belongs to a group references this base class. In this way, the group management module function of the same project is achieved.

More articles on thinkphp RBAC

Love J2EE follow Java Michael Jackson video station JSON online tools

Http://biancheng.dnbcw.info/php/325730.html pageno: 13.