权限管理在thinkphp有两种方式,比较常见用是RBAC,也是比较人用,容易理解,是基于节点的权限管理,Auth也可以做权限管理基于规则的权限管理,下面分别说说
1,Thinkphp RBAC权限管理,5张表就可以轻松搞点权限管理
用户表 think_username
id name password
用户组表(也被称为角色表) think_group
gid gname
用户和角色之间关系表 think_group_user
id uid gid
权限表(也被称为访问权限表,控制器,方法之间的表,也被称为节点表)think_role
id jname
角色和权限之间的表 think_role_group
id gid jid
#代码找不到了,具体可参考幕课网RBAC视频教程
2,Thinkphp Auth权限管理基于规则的
Auth权限认证是按规则进行认证。 在数据库中我们有
规则表(think_auth_rule)
用户组表(think_auth_group)
用户组明显表(think_auth_group_access)
我们在规则表中定义权限规则, 在用户组表中定义每个用户组有哪些权限规则,在用户组明显表中定义用户所属的用户组。
<?php
namespace Home\Controller;
use Think\Auth;
use Think\Controller;
use Think\Page;
class AuthController extends CommonController
{
/**
* 规则列表
*/
public function index()
{
$rules = M('AuthRule')->select();
$count = count($rules);
$page = new Page($count,10);// 实例化分页类 传入总记录数和每页显示的记录数(10)
$show = $page->show();// 分页显示输出
$menu1 = M('AuthRule')->where(array('pid'=>0))->select();
$rules = M('AuthRule')->limit($page->firstRow.','.$page->listRows)->select();
$this->assign('page',$show);
$this->assign("count",$count);
$this->assign("rules",$rules);
$this->assign("menurules",$menu1);
$this->display();
}
/**
* 查找规则
*/
public function findrule()
{
$cond = array('id'=>$_POST['id']);
$rule = M('AuthRule')->where($cond)->find();
$this->ajaxReturn($rule,'json');
}
/**
* 添加规则
*/
public function add()
{
$rules = M('AuthRule')->where(array('pid'=>0))->select();
if ($_POST){
$name = $_POST['name'];
$title = $_POST['title'];
$type = $_POST['type'];
$status = $_POST['status']?$_POST['status']:0;
$condition = $_POST['condition'];
$pid = $_POST['pid'];
$ismenu = $_POST['ismenu'];
$sort_order = $_POST['sort_order'];
$data = compact('name','title','type','status','condition','pid','ismenu','sort_order');
M('AuthRule')->add($data);
alert('添加成功','/home/auth/index');
}
$this->assign("rules",$rules);
$this->display();
}
/**
* 修改规则
*/
public function editrule()
{
if ($_POST['id'])
{
$data = array(
'name'=>$_POST['name'],
'title'=>$_POST['title'],
'status'=>$_POST['status']?$_POST['status']:0,
'condition'=>$_POST['condition']?$_POST['condition']:0,
'pid'=>$_POST['pid'],
'ismenu'=>$_POST['ismenu'],
'sort_order'=>$_POST['sort_order']
);
M('AuthRule')->where(array('id'=>$_POST['id']))->save($data);
}
$re = array(
'code'=>1,
'message'=>'success'
);
$this->ajaxReturn($re,'json');
}
/**
* 删除规则
*/
public function delrule()
{
$id = $_GET['id'];
if ($id)
{
M('AuthRule')->where(array('id'=>$id))->delete();
alert("删除成功!",'/home/auth/index');
}else{
alert("删除失败",'/home/auth/index');
}
}
/**
* 规则组
*/
public function authGroup()
{
$groupRules = M('AuthGroup')->select();
$count = count($groupRules);
$this->assign("count",$count);
$this->assign('groupRules',$groupRules);
$this->display();
}
/**
* 添加规则组
*/
public function addAuthGroup()
{
$rules = M('AuthRule')->select();
$auth = new Auth();
$rules = $auth->unlimitedForLayer($rules);
if ($_POST)
{
$postrules = $_POST['rules'];
$cond['id'] = array('in',$postrules);
$crules = M('AuthRule')->where($cond)->select();
$auth = new Auth();
$data = $auth->childForLayer($crules);
$saverules = implode(",",array_column($data,'id'));
$data = array(
'title'=>$_POST['title'],
'status'=>$_POST['status'],
'rules'=>$saverules
);
M('AuthGroup')->add($data);
alert("添加成功",'/home/auth/authGroup');
}
$this->assign('rules',$rules);
$this->display();
}
/**
* 修改规则组页面
*/
public function editAuthGroup()
{
$id = $_GET['id'];
$group = M('AuthGroup')->where(array('id'=>$id))->find();
$grouprules = explode(',', trim($group['rules'], ','));
$rules = M('AuthRule')->select();
/**************************************************/
$auth = new Auth();
$rules = $auth->unlimitedForLayer($rules);
// print_r($rules);die();
/**************************************************/
$this->assign('rules',$rules);
$this->assign('grouprules',$grouprules);
$this->assign('group',$group);
$this->display();
}
/**
* 修改规则组逻辑
*/
public function updateAuthGroup()
{
$postrules = $_POST['rules'];
$cond['id'] = array('in',$postrules);
$rules = M('AuthRule')->where($cond)->select();
$auth = new Auth();
$data = $auth->childForLayer($rules);
$rules = implode(",",array_column($data,'id'));
$data = array(
'title'=>$_POST['title'],
'status'=>$_POST['status']?$_POST['status']:0,
'rules'=>$rules
);
M('AuthGroup')->where(array('id'=>$_POST['id']))->save($data);
alert("添加成功",'/home/auth/authGroup');
}
/**
* 删除规则组
*/
public function delGroup()
{
$id = $_GET['id'];
$re = M('AuthGroup')->where(array('id'=>$id))->delete();
if ($re)
{
alert('删除成功','/home/auth/authGroup');
}else{
alert('删除失败','/home/auth/authGroup');
}
}
/**
* 用户组
*/
public function userGroup()
{
$users = M('admin a')
->join('yixiang_auth_group_access agc on a.id=agc.uid')
->join('yixiang_auth_group ag on ag.id = agc.group_id')
->field('a.id as id,a.username as username,ag.title as title')
->select();
// dump($users);die();
$groups = M('AuthGroup ag')->select();
$count = count($users);
$this->assign('users',$users);
$this->assign('groups',$groups);
$this->assign('count',$count);
$this->display();
}
/**
* 编辑用户组
*/
public function editgroup()
{
if ($_POST)
{
$uid = $_POST['userid'];
$groupid = $_POST['groupid'];
$data = array(
'group_id'=>$groupid
);
M('AuthGroupAccess')->where(array('uid'=>$uid))->save($data);
$returndata = array(
'code'=>1,
'message'=>'success'
);
$this->ajaxReturn($returndata);
}
}
public function getOnemenu()
{
$menu = M('AuthRole')->where(array('pid'=>0))->select();
return $menu;
}
public function setmenu()
{
$this->display('Common/nav');
}
}