權限管理在thinkphp有兩種方式,比較常見用是RBAC,也是比較人用,容易理解,是基於節點的權限管理,Auth也可以做權限管理基於規則的權限管理,下面分別說說
1,Thinkphp RBAC權限管理,5張表就可以輕鬆搞點權限管理
用戶表 think_username
id name password
用戶組表(也被稱爲角色表) think_group
gid gname
用戶和角色之間關係表 think_group_user
id uid gid
權限表(也被稱爲訪問權限表,控制器,方法之間的表,也被稱爲節點表)think_role
id jname
角色和權限之間的表 think_role_group
id gid jid
#代碼找不到了,具體可參考幕課網RBAC視頻教程
2,Thinkphp Auth權限管理基於規則的
Auth權限認證是按規則進行認證。 在數據庫中我們有
規則表(think_auth_rule)
用戶組表(think_auth_group)
用戶組明顯表(think_auth_group_access)
我們在規則表中定義權限規則, 在用戶組表中定義每個用戶組有哪些權限規則,在用戶組明顯表中定義用戶所屬的用戶組。
<?php
namespace Home\Controller;
use Think\Auth;
use Think\Controller;
use Think\Page;
class AuthController extends CommonController
{
/**
* 規則列表
*/
public function index()
{
$rules = M('AuthRule')->select();
$count = count($rules);
$page = new Page($count,10);// 實例化分頁類 傳入總記錄數和每頁顯示的記錄數(10)
$show = $page->show();// 分頁顯示輸出
$menu1 = M('AuthRule')->where(array('pid'=>0))->select();
$rules = M('AuthRule')->limit($page->firstRow.','.$page->listRows)->select();
$this->assign('page',$show);
$this->assign("count",$count);
$this->assign("rules",$rules);
$this->assign("menurules",$menu1);
$this->display();
}
/**
* 查找規則
*/
public function findrule()
{
$cond = array('id'=>$_POST['id']);
$rule = M('AuthRule')->where($cond)->find();
$this->ajaxReturn($rule,'json');
}
/**
* 添加規則
*/
public function add()
{
$rules = M('AuthRule')->where(array('pid'=>0))->select();
if ($_POST){
$name = $_POST['name'];
$title = $_POST['title'];
$type = $_POST['type'];
$status = $_POST['status']?$_POST['status']:0;
$condition = $_POST['condition'];
$pid = $_POST['pid'];
$ismenu = $_POST['ismenu'];
$sort_order = $_POST['sort_order'];
$data = compact('name','title','type','status','condition','pid','ismenu','sort_order');
M('AuthRule')->add($data);
alert('添加成功','/home/auth/index');
}
$this->assign("rules",$rules);
$this->display();
}
/**
* 修改規則
*/
public function editrule()
{
if ($_POST['id'])
{
$data = array(
'name'=>$_POST['name'],
'title'=>$_POST['title'],
'status'=>$_POST['status']?$_POST['status']:0,
'condition'=>$_POST['condition']?$_POST['condition']:0,
'pid'=>$_POST['pid'],
'ismenu'=>$_POST['ismenu'],
'sort_order'=>$_POST['sort_order']
);
M('AuthRule')->where(array('id'=>$_POST['id']))->save($data);
}
$re = array(
'code'=>1,
'message'=>'success'
);
$this->ajaxReturn($re,'json');
}
/**
* 刪除規則
*/
public function delrule()
{
$id = $_GET['id'];
if ($id)
{
M('AuthRule')->where(array('id'=>$id))->delete();
alert("刪除成功!",'/home/auth/index');
}else{
alert("刪除失敗",'/home/auth/index');
}
}
/**
* 規則組
*/
public function authGroup()
{
$groupRules = M('AuthGroup')->select();
$count = count($groupRules);
$this->assign("count",$count);
$this->assign('groupRules',$groupRules);
$this->display();
}
/**
* 添加規則組
*/
public function addAuthGroup()
{
$rules = M('AuthRule')->select();
$auth = new Auth();
$rules = $auth->unlimitedForLayer($rules);
if ($_POST)
{
$postrules = $_POST['rules'];
$cond['id'] = array('in',$postrules);
$crules = M('AuthRule')->where($cond)->select();
$auth = new Auth();
$data = $auth->childForLayer($crules);
$saverules = implode(",",array_column($data,'id'));
$data = array(
'title'=>$_POST['title'],
'status'=>$_POST['status'],
'rules'=>$saverules
);
M('AuthGroup')->add($data);
alert("添加成功",'/home/auth/authGroup');
}
$this->assign('rules',$rules);
$this->display();
}
/**
* 修改規則組頁面
*/
public function editAuthGroup()
{
$id = $_GET['id'];
$group = M('AuthGroup')->where(array('id'=>$id))->find();
$grouprules = explode(',', trim($group['rules'], ','));
$rules = M('AuthRule')->select();
/**************************************************/
$auth = new Auth();
$rules = $auth->unlimitedForLayer($rules);
// print_r($rules);die();
/**************************************************/
$this->assign('rules',$rules);
$this->assign('grouprules',$grouprules);
$this->assign('group',$group);
$this->display();
}
/**
* 修改規則組邏輯
*/
public function updateAuthGroup()
{
$postrules = $_POST['rules'];
$cond['id'] = array('in',$postrules);
$rules = M('AuthRule')->where($cond)->select();
$auth = new Auth();
$data = $auth->childForLayer($rules);
$rules = implode(",",array_column($data,'id'));
$data = array(
'title'=>$_POST['title'],
'status'=>$_POST['status']?$_POST['status']:0,
'rules'=>$rules
);
M('AuthGroup')->where(array('id'=>$_POST['id']))->save($data);
alert("添加成功",'/home/auth/authGroup');
}
/**
* 刪除規則組
*/
public function delGroup()
{
$id = $_GET['id'];
$re = M('AuthGroup')->where(array('id'=>$id))->delete();
if ($re)
{
alert('刪除成功','/home/auth/authGroup');
}else{
alert('刪除失敗','/home/auth/authGroup');
}
}
/**
* 用戶組
*/
public function userGroup()
{
$users = M('admin a')
->join('yixiang_auth_group_access agc on a.id=agc.uid')
->join('yixiang_auth_group ag on ag.id = agc.group_id')
->field('a.id as id,a.username as username,ag.title as title')
->select();
// dump($users);die();
$groups = M('AuthGroup ag')->select();
$count = count($users);
$this->assign('users',$users);
$this->assign('groups',$groups);
$this->assign('count',$count);
$this->display();
}
/**
* 編輯用戶組
*/
public function editgroup()
{
if ($_POST)
{
$uid = $_POST['userid'];
$groupid = $_POST['groupid'];
$data = array(
'group_id'=>$groupid
);
M('AuthGroupAccess')->where(array('uid'=>$uid))->save($data);
$returndata = array(
'code'=>1,
'message'=>'success'
);
$this->ajaxReturn($returndata);
}
}
public function getOnemenu()
{
$menu = M('AuthRole')->where(array('pid'=>0))->select();
return $menu;
}
public function setmenu()
{
$this->display('Common/nav');
}
}