Before we yii2 build the background and RBAC in the detailed tutorial, do not know you once wondered if there is not a problem, the rule table is what to do, why in the whole process we did not involve this table?
Believe me not to say, some people will also try, or Baidu or Google, in the end will also bamboo basket, this part of the content of the explanation is less ah!
For the general permission system, the RBAC we have done in the past is generally sufficient, without the rule at once, and I believe you can also implement the functions we have implemented with rule.
We will take the official website example to give a specific operation of the tutorial, to see what this mysterious rule is exactly what to do!
See Requirements:
We have administrators and ordinary users, for the article system, we allow the administrator to any action on the article, but only allow ordinary users to create articles and modify their own created articles, note oh, is allowed to modify their own creation of the article, not not allowed to modify the article, not to modify all articles!
See yii2 RBAC rule How to achieve, the focus is to teach you how to use this rule, but also to unlock the hearts of many people in the festival!
Before we add rule, we need to implement the Execute method of the Yii\rbac\rule class first.
<?phpnamespace backend\components;use yii;use yii\rbac\rule;class articlerule extends Rule{public $name = ' Article '; The Public function execute ($user, $item, $params) { //here is set to false first, logically followed by the return false; }}Then we can go to the background rule list (/admin/rule/index) to add rule. For specific additions, refer to below
Note that many people in this step will die in the class name additions, remember to add our Articlerule file where the namespace!
We look at the third step, this step is also a very error-prone place! This tutorial please pay attention to focus, high energy ahead!
Our Access rights list (/admin/permission/index) has new permissions, which are only for the modification of the article, and then we assign it to the role that the user belongs to
It is important to note here that the newly added permissions control the route that is the update operation of the article (/article/update) is assigned to the current user only once, repeatedly assigning the current operation to the owning role or user, may cause rule invalidation, failure reason is overwrite!
Now again refresh the article update page (/ARTICLE/UPDATE/1), it is obvious directly to US 403 Forbidden No access to the prompt, that is, we just added the rule to take effect! If this is not the case, please check the two points above!
Then we implement the Articlerule::execute method within the business logic, can refer to the following:
Class Articlerule extends rule{public $name = ' article '; /** * @param string|integer $user The UID of the currently logged on user * @param Item $item rule, which is the new rule that we want to make later * @param array $par The parameters carried by the AMS current request. * @return True or False.true user can access false user unreachable * /Public Function execute ($user, $item, $params) { $id = Isset ($params [' id '])? $params [' id ']: null; if (! $id) { return false; } $model = Article::findone ($id); if (! $model) { return false; } $username = Yii:: $app->user->identity->username; $role = Yii:: $app->user->identity->role; if ($role = = User::role_admin | | $username = = $model->operate) { return true; } return false; }}The last is to verify that the rule certification we've implemented has worked?
The test steps can be consulted as follows:
YII2 Authority control RBAC rule detailed explanation (turn)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
