Skip to content

N
newShopBack
Commit a28ad944 authored by 郭勇志's avatar 郭勇志
Browse files
Options

授权

parent d13d08f3
Hide whitespace changes
Inline Side-by-side
Showing with 30 additions and 32 deletions
backend/components/v1/authorizationFilter.php
View file @ a28ad944
...@@ -5,7 +5,8 @@ namespace backend\components\v1; ...@@ -5,7 +5,8 @@ namespace backend\components\v1;
use Yii; use Yii;
use yii\base\ActionFilter; use yii\base\ActionFilter;
use yii\helpers\StringHelper; use yii\helpers\StringHelper;
use app\models\v1\rbacuser\ShopRbacUser;
use yii\web\HttpException;
class authorizationFilter extends ActionFilter class authorizationFilter extends ActionFilter
{ {
public $optional; public $optional;
...@@ -15,11 +16,21 @@ class authorizationFilter extends ActionFilter ...@@ -15,11 +16,21 @@ class authorizationFilter extends ActionFilter
if ($this->isOptional($action)) { if ($this->isOptional($action)) {
return true; return true;
} }
// Yii::$app->user->identity; $userGuid = Yii::$app->user->identity->GUID;
Yii::$app->request->pathInfo; $url = Yii::$app->request->pathInfo;
$shopRbacUser = ShopRbacUser::find()
->from('shop_rbac_user sru')
->select('sru.GUID')
->leftJoin('shop_rbac_role_user srru', 'srru.USER_ID = sru.GUID')
->leftJoin('shop_rbac_role_access srra', 'srra.ROLE_ID = srru.ROLE_ID')
->leftJoin('shop_rbac_node srn', 'srn.ID = srra.NODE_ID')
->where(['srn.NAME' => $url])
->andWhere(['sru.GUID' => $userGuid])
->all();
if (!empty($shopRbacUser)) {
return true;
}
throw new HttpException('403','没有权限访问此接口');
} }
/** /**
* Checks, whether authentication is optional for the given action. * Checks, whether authentication is optional for the given action.
......
backend/config/main.php
View file @ a28ad944
...@@ -59,11 +59,10 @@ return [ ...@@ -59,11 +59,10 @@ return [
'GET,OPTIONS test'=>'test', 'GET,OPTIONS test'=>'test',
'GET swagger'=>'swagger', 'GET swagger'=>'swagger',
'POST login'=>'login', 'POST login'=>'login',
'GET get'=>'login', 'GET get'=>'get',
], ],
], ],
'GET swaggers/swagger/<id>'=>'swagger/swagger', 'GET swaggers/swagger/<id>'=>'swagger/swagger',
'GET rbacuser/rbac-user/<id>'=>'rbacuser/rbac-user',
], ],
], ],
'redis' => [ 'redis' => [
......
backend/controllers/v1/BaseController.php
View file @ a28ad944
...@@ -57,10 +57,10 @@ class BaseController extends ActiveController ...@@ -57,10 +57,10 @@ class BaseController extends ActiveController
'optional' => ['login'], 'optional' => ['login'],
]; ];
// 授权 // 授权
// $behaviors['authorizationFilter']=[ $behaviors['authorizationFilter']=[
// 'class' => authorizationFilter::className(), 'class' => authorizationFilter::className(),
// 'optional' => ['login'],//过滤不需要验证的action 'optional' => ['login'],//过滤不需要验证的action
// ]; ];
return $behaviors; return $behaviors;
} }
} }
backend/controllers/v1/rbacuser/RbacUserController.php
View file @ a28ad944
...@@ -43,16 +43,5 @@ class RbacUserController extends BaseController ...@@ -43,16 +43,5 @@ class RbacUserController extends BaseController
return $model; return $model;
} }
} }
/**
* @OA\Get(
* path="/backend/web/v1/rbacuser/rbac-users/{id}",
* tags={"用户&员工接口"},
* description="根据id取得用户",
* summary="根据id取得用户",
* operationId="returnuser",
* @OA\Parameter(name="id",in="path",required=true,@OA\Schema(type="string")),
* @OA\Response(response="200",description="OK。一切正常"),
* security={{"Authorization": {}}}
* )
*/
} }
backend/models/v1/rbacuser/ShopRbacNode.php
View file @ a28ad944
...@@ -24,7 +24,7 @@ use yii\web\HttpException; ...@@ -24,7 +24,7 @@ use yii\web\HttpException;
* @property string $PID 父级菜单ID * @property string $PID 父级菜单ID
* @property int $LEVEL 菜单层级等级 * @property int $LEVEL 菜单层级等级
*/ */
class ShopRbacNode extends BaseModel implements IdentityInterface class ShopRbacNode extends BaseModel
{ {
/** /**
* {@inheritdoc} * {@inheritdoc}
......
backend/models/v1/rbacuser/ShopRbacRole.php
View file @ a28ad944
...@@ -19,7 +19,7 @@ use yii\web\HttpException; ...@@ -19,7 +19,7 @@ use yii\web\HttpException;
* @property string $REMARK 备注 * @property string $REMARK 备注
* @property int $SORT 排序 * @property int $SORT 排序
*/ */
class ShopRbacRole extends BaseModel implements IdentityInterface class ShopRbacRole extends BaseModel
{ {
/** /**
* {@inheritdoc} * {@inheritdoc}
......
backend/models/v1/rbacuser/ShopRbacRoleAccess.php
View file @ a28ad944
...@@ -2,8 +2,7 @@ ...@@ -2,8 +2,7 @@
namespace app\models\v1\rbacuser; namespace app\models\v1\rbacuser;
use Yii; use Yii;
use yii\web\IdentityInterface;
use app\models\v1\BaseModel; use app\models\v1\BaseModel;
use yii\web\HttpException; use yii\web\HttpException;
...@@ -14,7 +13,7 @@ use yii\web\HttpException; ...@@ -14,7 +13,7 @@ use yii\web\HttpException;
* @property string $NODE_ID 角色所对应的权限菜单ID集合 * @property string $NODE_ID 角色所对应的权限菜单ID集合
* @property string $ORG_GUID 组织机构号 * @property string $ORG_GUID 组织机构号
*/ */
class ShopRbacRoleAccess extends BaseModel implements IdentityInterface class ShopRbacRoleAccess extends BaseModel
{ {
/** /**
* {@inheritdoc} * {@inheritdoc}
......
backend/models/v1/rbacuser/ShopRbacRoleUser.php
View file @ a28ad944
...@@ -2,8 +2,7 @@ ...@@ -2,8 +2,7 @@
namespace app\models\v1\rbacuser; namespace app\models\v1\rbacuser;
use Yii; use Yii;
use yii\web\IdentityInterface;
use app\models\v1\BaseModel; use app\models\v1\BaseModel;
use yii\web\HttpException; use yii\web\HttpException;
...@@ -14,7 +13,7 @@ use yii\web\HttpException; ...@@ -14,7 +13,7 @@ use yii\web\HttpException;
* @property string $ROLE_ID 用户对应的权限角色表ID * @property string $ROLE_ID 用户对应的权限角色表ID
* @property string $ORG_GUID 组织机构号 * @property string $ORG_GUID 组织机构号
*/ */
class ShopRbacRoleUser extends BaseModel implements IdentityInterface class ShopRbacRoleUser extends BaseModel
{ {
/** /**
* {@inheritdoc} * {@inheritdoc}
......
backend/models/v1/rbacuser/ShopRbacUser.php
View file @ a28ad944
...@@ -183,6 +183,7 @@ class ShopRbacUser extends BaseModel implements IdentityInterface ...@@ -183,6 +183,7 @@ class ShopRbacUser extends BaseModel implements IdentityInterface
{ {
return Yii::$app->security->validatePassword($password, $this->password_hash); return Yii::$app->security->validatePassword($password, $this->password_hash);
} }
// 取得shop_rbac_role_user表关联信息
public function getShopRbacRoleUser() public function getShopRbacRoleUser()
{ {
return $this->hasOne(ShopRbacRoleUser::className(), ['USER_ID' => 'GUID']); return $this->hasOne(ShopRbacRoleUser::className(), ['USER_ID' => 'GUID']);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment