kak / rbac

为 Yii2 的 rbac 管理器

维护者

详细信息

github.com/sanchezzzhak/kak-rbac

源代码

问题

安装次数: 927

依赖项: 0

建议者: 0

安全: 0

星标: 7

关注者: 3

分支: 0

开放问题: 0

1.0.7 2023-03-24 12:01 UTC

Requires

MIT 283d2bdcaaac7b2324974bf9a7e7a276c818c0fb

  • Tutik Alexsandr <sanchezzzhak.woop@ya.ru>

yii2rbac managerkak rbac

This package is auto-updated.

Last update: 2024-09-24 14:59:43 UTC

README

仪表板预览

分支给

安装

步骤 1

安装此扩展的首选方式是通过 composer。运行以下命令之一:

php composer.phar require --prefer-dist kak/rbac ">=1.0"

或添加

"kak/rbac": ">=1.0"
步骤 2

添加配置 web.php

    'authManager' => [
        'class' => 'kak\rbac\components\DbManager',
        'defaultRoles' => [
            'guest',
            'user'
        ],
    ],
步骤 3

创建表格

yii migrate --migrationPath=@yii/rbac/migrations

插入基本 rbac 规则

yii migrate --migrationPath=@vendor/kak/rbac/migrations

步骤 4

使用模块 admin RBAC

$config['modules']['rbac'] = [
    'class' => 'kak\rbac\Module',
    // set custom Layout
    'mainLayout' => '@app/modules/dashboard/views/layouts/main.php',
    'layout' => 'main',
    'userAttributes' => [
        'username',
        'email'
    ]
    // desable check rbac - default true
    'checkAccessPermissionAdministrateRbac' => false
];

控制器规则基础

常量

interface PermissionConst
{
    const
        ItemView   = 'ItemView',
        ItemUpdate = 'ItemUpdate',
        ItemCreate = 'ItemCreate',
        ItemDelete = 'ItemDelete',

        UpdateOwn  = 'UpdateOwn',
        DeleteOwn  = 'DeleteOwn',
        AuthorRule  = 'AuthorRule';
}

public function behaviors()
{
    return [
        'access' => [
            'class' => yii\filters\AccessControl::className(),
            'rules' => [
                [
                    'actions' => ['index', 'create'],
                    'allow' => true,
                    'roles' => [User::ROLE_ADMIN,User::ROLE_MANAGER],
                ],[
                    'actions' => ['update'],
                    'allow' => true,
                    'roles' => [User::ROLE_ADMIN, User::ROLE_MANAGER ],
                ],[
                    'actions' => ['delete'],
                    'allow' => true,
                    'roles' => [User::ROLE_ADMIN],
                ],[
                  'actions' => ['about'],
                  'allow' => true,
                  'roles' => ["?" , "@"],
                ]
            ],
        ],
    ];
}

使用上下文访问规则

public function behaviors()
{
    return [
        'access' => [
            'class' => AccessControl::className(),
            'rules' => [
                [
                    'actions' => ['index', 'create'],
                    'allow' => true,
                    'roles' => ['@'],
                ],[
                    'class' => 'kak\rbac\rules\ContextAccessRule',
                    'modelClass' => 'app\models\Stream',
                    'actions' => ['update'],
                    'roles' => [PermissionConst::UpdateOwn],
                ],[
                    'class' => 'kak\rbac\rules\ContextAccessRule',
                    'modelClass' => 'app\models\Stream',
                    'actions' => ['delete'],
                    'roles' => [PermissionConst::DeleteOwn],
                ]
            ],
        ],

    ];
}

是当前用户个人检查权限

$isAccess = Yii::$app->user->can(PermissionConst::ItemCreate) 
            && Yii::$app->user->can(User::ROLE_ADMIN);