角色-权限分配

Signed-off-by: sunlei <sunlei@romens.cn>

角色-权限分配
Signed-off-by: sunlei <sunlei@romens.cn>
d886dfd2 · 孙磊 · 08e53b3a · d886dfd2
Commit d886dfd2 authored Dec 10, 2019 by 孙磊
Show whitespace changes
Inline Side-by-side

Showing with 137 additions and 18 deletions

AuthorityRoleController.php backend/controllers/v1/authority/AuthorityRoleController.php +137 -18

No files found.
--- a/backend/controllers/v1/authority/AuthorityRoleController.php
+++ b/backend/controllers/v1/authority/AuthorityRoleController.php
@@ -41,7 +41,7 @@ class AuthorityRoleController extends BaseController
        $rbac = new ShopRbacUser();
        $userGuid = Yii::$app->user->identity->GUID;
        $userinfo = $rbac->getRbacUserInfo($userGuid);
-        if($userinfo['ROLE_ID'] != USER_ROLE_HEADQUARTERS_ADMIN){
+        if ($userinfo['ROLE_ID'] != USER_ROLE_HEADQUARTERS_ADMIN) {
            throw new BadRequestHttpException('您没有查看角色列表的权限，请联系管理员');
        }
@@ -78,7 +78,7 @@ class AuthorityRoleController extends BaseController
     */
    public function actionAuthorityRoleDetail()
    {
-        $model=new $this->modelClass();
+        $model = new $this->modelClass();
        //用户输入数据赋值到模型属性
        $ID = $model->ID = Yii::$app->request->get('ID');
@@ -125,7 +125,7 @@ class AuthorityRoleController extends BaseController
        $rbac = new ShopRbacUser();
        $userGuid = Yii::$app->user->identity->GUID;
        $userinfo = $rbac->getRbacUserInfo($userGuid);
-        if($userinfo['ROLE_ID'] != USER_ROLE_HEADQUARTERS_ADMIN){
+        if ($userinfo['ROLE_ID'] != USER_ROLE_HEADQUARTERS_ADMIN) {
            throw new BadRequestHttpException('您没有添加角色的权限，请联系管理员');
        }
@@ -133,8 +133,8 @@ class AuthorityRoleController extends BaseController
        $model = new $this->modelClass();
        $other_param = array(
-            //'ID'=>Func::create_guid(),
+            // 'ID' => Func::create_guid(),
-            'ORG_GUID'=>Yii::$app->user->identity->ORG_GUID
+            'ORG_GUID' => Yii::$app->user->identity->ORG_GUID
        );
        $model->setAttributes($other_param);
        $model->setAttributes($params);
@@ -177,19 +177,19 @@ class AuthorityRoleController extends BaseController
        $rbac = new ShopRbacUser();
        $userGuid = Yii::$app->user->identity->GUID;
        $userinfo = $rbac->getRbacUserInfo($userGuid);
-        if($userinfo['ROLE_ID'] != USER_ROLE_HEADQUARTERS_ADMIN){
+        if ($userinfo['ROLE_ID'] != USER_ROLE_HEADQUARTERS_ADMIN) {
            throw new BadRequestHttpException('您没有修改角色的权限，请联系管理员');
        }
        $id = Yii::$app->getRequest()->post('ID');
        $model = $this->modelClass::findOne($id);
-        if(!$model){
+        if (!$model) {
            throw new BadRequestHttpException('没有找到要修改的记录');
        }
        //修改人信息
        $other_param = array(
-            'UPDATE_TIME'=>date('Y-m-d H:i:s',time()),
+            'UPDATE_TIME' => date('Y-m-d H:i:s', time()),
-            'UPDATE_USER_CODE'=>Yii::$app->user->identity->CODE
+            'UPDATE_USER_CODE' => Yii::$app->user->identity->CODE
        );
        $model->setAttributes($other_param);
        $model->setAttributes(Yii::$app->getRequest()->post());
@@ -200,5 +200,124 @@ class AuthorityRoleController extends BaseController
        Yii::$app->getResponse()->setStatusCode(202);
        return $model;
    }
+    /**
+     * @OA\Get(
+     *   path="/backend/web/v1/authority/authority-roles/role-authorities",
+     *   tags={"权限管理"},
+     *   description="角色的权限信息",
+     *   summary="角色的权限信息(孙磊)",
+     *   @OA\Parameter(name="ID",in="query",required=true,description="角色主键ID",@OA\Schema(type="string")),
+     *   @OA\Parameter(name="NAME",in="query",required=true,description="角色名称",@OA\Schema(type="string")),
+     *   @OA\Response(response="200",description="
+     *         ROLE_ID:角色ID,
+     *         ROLE_NAME:角色名称,
+     *         NODE_ID:角色对应的权限ID,
+     * "),
+     *   security={{"Authorization": {}}}
+     * )
+     */
+    public function actionRoleAuthorities()
+    {
+        $model = new $this->modelClass();
+        $roleAcessModel = new ShopRbacRoleAccess();
+        //用户输入数据赋值到模型属性
+        $params = Yii::$app->request->queryParams;
+        $id = $model->ID = $params['ID'];
+        $name = $model->ID = $params['NAME'];
+        if ($model->validate()) {
+            //获取角色的权限
+            $info = $roleAcessModel->getRoleAuthorities($id);
+            if (!$info) {
+                throw new BadRequestHttpException('没有找到角色的权限信息');
+            }
+            $info[0]['ROLE_NAME'] = $name;
+            return $info;
+        } else {
+            //验证失败：$errors 是一个包含错误信息的数组
+            Yii::$app->response->statusCode = 422;
+            return $model->errors;
+        }
+    }
+    /**
+     * @OA\Get(
+     *   path="/backend/web/v1/authority/authority-roles/authority-nodes",
+     *   tags={"权限管理"},
+     *   description="权限全部节点",
+     *   summary="权限全部节点(孙磊)",
+     *   @OA\Response(response="200",description="权限全部节点获取成功"),
+     *   security={{"Authorization": {}}}
+     * )
+     */
+    public function actionAuthorityNodes()
+    {
+        $model = new $this->modelClass();
+        $authNodesModel = new ShopRbacNode();
+        //用户输入数据赋值到模型属性
+        $model->attributes = Yii::$app->request->queryParams;
+        if ($model->validate()) {
+            //获取全部的权限节点
+            $info = $authNodesModel->getAuthorityNodes();
+            return $info;
+        } else {
+            //验证失败：$errors 是一个包含错误信息的数组
+            Yii::$app->response->statusCode = 422;
+            return $model->errors;
+        }
+    }
+    /**
+     * @OA\POST(
+     *     path="/backend/web/v1/authority/authority-roles/assign-authority-role",
+     *     tags={"权限管理"},
+     *     description="给角色分配权限",
+     *     summary="给角色分配权限(孙磊)",
+     *     @OA\RequestBody(
+     *       required=true,
+     *       @OA\MediaType(
+     *           mediaType="application/x-www-form-urlencoded",
+     *           @OA\Schema(
+     *               type="object",
+     *               required={"ROLE_ID","NODE_ID"},
+     *               @OA\Property(property="ROLE_ID",description="角色ID",type="string"),
+     *               @OA\Property(property="NODE_ID",description="角色所对应的权限节点ID集合",type="string"),
+     *           )
+     *       )
+     *     ),
+     *     @OA\Response(response=203,description="给角色分配权限成功"),
+     *     security={{"Authorization": {}}}    
+     * )
+     */
+    public function actionAssignAuthorityRole()
+    {
+        //权限信息
+        $rbac = new ShopRbacUser();
+        $userGuid = Yii::$app->user->identity->GUID;
+        $userinfo = $rbac->getRbacUserInfo($userGuid);
+        if ($userinfo['ROLE_ID'] != USER_ROLE_HEADQUARTERS_ADMIN) {
+            throw new BadRequestHttpException('您没有给角色分配权限的权限，请联系管理员');
+        }
+        $params = Yii::$app->getRequest()->post();
+        $model = new ShopRbacRoleAccess();
+        $model->scenario = 'create'; //创建的场景
+        //先删除原有角色的权限
+        if (!empty($params['ROLE_ID']) && !empty($params['NODE_ID'])) {
+            $res = $model->delRoleAuthorities($params['ROLE_ID']);
+        }
+        //验证
+        if (!$res) {
+            throw new BadRequestHttpException('删除原有角色的权限失败，请稍后重试');
+        }
+        //然后添加角色的权限
+        $other_param = array(
+            'ORG_GUID' => Yii::$app->user->identity->ORG_GUID
+        );
+        $model->setAttributes($other_param);
+        $model->setAttributes($params);
+        //保存
+        if ($model->save()) {
+            Yii::$app->getResponse()->setStatusCode(203);
+        } elseif (!$model->hasErrors()) {
+            throw new ServerErrorHttpException('Failed to create the object for unknown reason.');
+        }
+        return $model;
+    }
 }