Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
N
newShopBack
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
newshop
newShopBack
Commits
d886dfd2
Commit
d886dfd2
authored
Dec 10, 2019
by
孙磊
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
角色-权限分配
Signed-off-by:
sunlei
<
sunlei@romens.cn
>
parent
08e53b3a
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
137 additions
and
18 deletions
+137
-18
AuthorityRoleController.php
backend/controllers/v1/authority/AuthorityRoleController.php
+137
-18
No files found.
backend/controllers/v1/authority/AuthorityRoleController.php
View file @
d886dfd2
...
...
@@ -41,7 +41,7 @@ class AuthorityRoleController extends BaseController
$rbac
=
new
ShopRbacUser
();
$userGuid
=
Yii
::
$app
->
user
->
identity
->
GUID
;
$userinfo
=
$rbac
->
getRbacUserInfo
(
$userGuid
);
if
(
$userinfo
[
'ROLE_ID'
]
!=
USER_ROLE_HEADQUARTERS_ADMIN
)
{
if
(
$userinfo
[
'ROLE_ID'
]
!=
USER_ROLE_HEADQUARTERS_ADMIN
)
{
throw
new
BadRequestHttpException
(
'您没有查看角色列表的权限,请联系管理员'
);
}
...
...
@@ -78,7 +78,7 @@ class AuthorityRoleController extends BaseController
*/
public
function
actionAuthorityRoleDetail
()
{
$model
=
new
$this
->
modelClass
();
$model
=
new
$this
->
modelClass
();
//用户输入数据赋值到模型属性
$ID
=
$model
->
ID
=
Yii
::
$app
->
request
->
get
(
'ID'
);
...
...
@@ -125,7 +125,7 @@ class AuthorityRoleController extends BaseController
$rbac
=
new
ShopRbacUser
();
$userGuid
=
Yii
::
$app
->
user
->
identity
->
GUID
;
$userinfo
=
$rbac
->
getRbacUserInfo
(
$userGuid
);
if
(
$userinfo
[
'ROLE_ID'
]
!=
USER_ROLE_HEADQUARTERS_ADMIN
)
{
if
(
$userinfo
[
'ROLE_ID'
]
!=
USER_ROLE_HEADQUARTERS_ADMIN
)
{
throw
new
BadRequestHttpException
(
'您没有添加角色的权限,请联系管理员'
);
}
...
...
@@ -133,8 +133,8 @@ class AuthorityRoleController extends BaseController
$model
=
new
$this
->
modelClass
();
$other_param
=
array
(
//
'ID'=>
Func::create_guid(),
'ORG_GUID'
=>
Yii
::
$app
->
user
->
identity
->
ORG_GUID
//
'ID' =>
Func::create_guid(),
'ORG_GUID'
=>
Yii
::
$app
->
user
->
identity
->
ORG_GUID
);
$model
->
setAttributes
(
$other_param
);
$model
->
setAttributes
(
$params
);
...
...
@@ -177,19 +177,19 @@ class AuthorityRoleController extends BaseController
$rbac
=
new
ShopRbacUser
();
$userGuid
=
Yii
::
$app
->
user
->
identity
->
GUID
;
$userinfo
=
$rbac
->
getRbacUserInfo
(
$userGuid
);
if
(
$userinfo
[
'ROLE_ID'
]
!=
USER_ROLE_HEADQUARTERS_ADMIN
)
{
if
(
$userinfo
[
'ROLE_ID'
]
!=
USER_ROLE_HEADQUARTERS_ADMIN
)
{
throw
new
BadRequestHttpException
(
'您没有修改角色的权限,请联系管理员'
);
}
$id
=
Yii
::
$app
->
getRequest
()
->
post
(
'ID'
);
$model
=
$this
->
modelClass
::
findOne
(
$id
);
if
(
!
$model
)
{
if
(
!
$model
)
{
throw
new
BadRequestHttpException
(
'没有找到要修改的记录'
);
}
//修改人信息
$other_param
=
array
(
'UPDATE_TIME'
=>
date
(
'Y-m-d H:i:s'
,
time
()),
'UPDATE_USER_CODE'
=>
Yii
::
$app
->
user
->
identity
->
CODE
'UPDATE_TIME'
=>
date
(
'Y-m-d H:i:s'
,
time
()),
'UPDATE_USER_CODE'
=>
Yii
::
$app
->
user
->
identity
->
CODE
);
$model
->
setAttributes
(
$other_param
);
$model
->
setAttributes
(
Yii
::
$app
->
getRequest
()
->
post
());
...
...
@@ -200,5 +200,124 @@ class AuthorityRoleController extends BaseController
Yii
::
$app
->
getResponse
()
->
setStatusCode
(
202
);
return
$model
;
}
/**
* @OA\Get(
* path="/backend/web/v1/authority/authority-roles/role-authorities",
* tags={"权限管理"},
* description="角色的权限信息",
* summary="角色的权限信息(孙磊)",
* @OA\Parameter(name="ID",in="query",required=true,description="角色主键ID",@OA\Schema(type="string")),
* @OA\Parameter(name="NAME",in="query",required=true,description="角色名称",@OA\Schema(type="string")),
* @OA\Response(response="200",description="
* ROLE_ID:角色ID,
* ROLE_NAME:角色名称,
* NODE_ID:角色对应的权限ID,
* "),
* security={{"Authorization": {}}}
* )
*/
public
function
actionRoleAuthorities
()
{
$model
=
new
$this
->
modelClass
();
$roleAcessModel
=
new
ShopRbacRoleAccess
();
//用户输入数据赋值到模型属性
$params
=
Yii
::
$app
->
request
->
queryParams
;
$id
=
$model
->
ID
=
$params
[
'ID'
];
$name
=
$model
->
ID
=
$params
[
'NAME'
];
if
(
$model
->
validate
())
{
//获取角色的权限
$info
=
$roleAcessModel
->
getRoleAuthorities
(
$id
);
if
(
!
$info
)
{
throw
new
BadRequestHttpException
(
'没有找到角色的权限信息'
);
}
$info
[
0
][
'ROLE_NAME'
]
=
$name
;
return
$info
;
}
else
{
//验证失败:$errors 是一个包含错误信息的数组
Yii
::
$app
->
response
->
statusCode
=
422
;
return
$model
->
errors
;
}
}
/**
* @OA\Get(
* path="/backend/web/v1/authority/authority-roles/authority-nodes",
* tags={"权限管理"},
* description="权限全部节点",
* summary="权限全部节点(孙磊)",
* @OA\Response(response="200",description="权限全部节点获取成功"),
* security={{"Authorization": {}}}
* )
*/
public
function
actionAuthorityNodes
()
{
$model
=
new
$this
->
modelClass
();
$authNodesModel
=
new
ShopRbacNode
();
//用户输入数据赋值到模型属性
$model
->
attributes
=
Yii
::
$app
->
request
->
queryParams
;
if
(
$model
->
validate
())
{
//获取全部的权限节点
$info
=
$authNodesModel
->
getAuthorityNodes
();
return
$info
;
}
else
{
//验证失败:$errors 是一个包含错误信息的数组
Yii
::
$app
->
response
->
statusCode
=
422
;
return
$model
->
errors
;
}
}
/**
* @OA\POST(
* path="/backend/web/v1/authority/authority-roles/assign-authority-role",
* tags={"权限管理"},
* description="给角色分配权限",
* summary="给角色分配权限(孙磊)",
* @OA\RequestBody(
* required=true,
* @OA\MediaType(
* mediaType="application/x-www-form-urlencoded",
* @OA\Schema(
* type="object",
* required={"ROLE_ID","NODE_ID"},
* @OA\Property(property="ROLE_ID",description="角色ID",type="string"),
* @OA\Property(property="NODE_ID",description="角色所对应的权限节点ID集合",type="string"),
* )
* )
* ),
* @OA\Response(response=203,description="给角色分配权限成功"),
* security={{"Authorization": {}}}
* )
*/
public
function
actionAssignAuthorityRole
()
{
//权限信息
$rbac
=
new
ShopRbacUser
();
$userGuid
=
Yii
::
$app
->
user
->
identity
->
GUID
;
$userinfo
=
$rbac
->
getRbacUserInfo
(
$userGuid
);
if
(
$userinfo
[
'ROLE_ID'
]
!=
USER_ROLE_HEADQUARTERS_ADMIN
)
{
throw
new
BadRequestHttpException
(
'您没有给角色分配权限的权限,请联系管理员'
);
}
$params
=
Yii
::
$app
->
getRequest
()
->
post
();
$model
=
new
ShopRbacRoleAccess
();
$model
->
scenario
=
'create'
;
//创建的场景
//先删除原有角色的权限
if
(
!
empty
(
$params
[
'ROLE_ID'
])
&&
!
empty
(
$params
[
'NODE_ID'
]))
{
$res
=
$model
->
delRoleAuthorities
(
$params
[
'ROLE_ID'
]);
}
//验证
if
(
!
$res
)
{
throw
new
BadRequestHttpException
(
'删除原有角色的权限失败,请稍后重试'
);
}
//然后添加角色的权限
$other_param
=
array
(
'ORG_GUID'
=>
Yii
::
$app
->
user
->
identity
->
ORG_GUID
);
$model
->
setAttributes
(
$other_param
);
$model
->
setAttributes
(
$params
);
//保存
if
(
$model
->
save
())
{
Yii
::
$app
->
getResponse
()
->
setStatusCode
(
203
);
}
elseif
(
!
$model
->
hasErrors
())
{
throw
new
ServerErrorHttpException
(
'Failed to create the object for unknown reason.'
);
}
return
$model
;
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
sunlei <sunlei@romens.cn>sunlei <sunlei@romens.cn>