如何简化权限控制
发布于:2022-01-17 09:50:54
#1 homexigua
public function check($acl_name = SPANONYMOUS, $controller, $action)
{
$rows = array('controller' => $controller, 'action' => $action );
if( $acl = $this->findAll($rows) ){
foreach($acl as $v){
if($v["acl_name"] == SPANONYMOUS || $v["acl_name"] == $acl_name)return 1;
}
return 0;
}else{
return -1;
}
}
现在是这样的,我是想如果action为*的时候,这个controller下的所有方法都有权限。就不用为每一个增删改增加权限了,实际中很少用到那么细的权限划分。都是根据模块划分的
代码该如何修改
2010-10-13 08:28:32
#2 jake
两步:
1. 增加数据库记录,controller=某控制器 action=* 权限=xx
2. 然后把查找条件改成查询*的记录来判断
2010-10-13 08:48:56
#3 homexigua
我改成这样还是不行,只有SPANONYMOUS这个用户可以使用*号,其他用户都不行
public function check($acl_name = SPANONYMOUS, $controller, $action)
{
$rows = array('controller' => $controller, 'action' => '*' );
if( $acl = $this->findAll($rows) ){
foreach($acl as $v){
if($v["user_name"] == SPANONYMOUS || $v["user_name"] == $acl_name)return 1;
}
return 0;
}else{
return -1;
}
}
2010-10-20 15:55:53
#4 homexigua
public function check($acl_name = SPANONYMOUS, $controller, $action)
{
$rows = array('controller' => $controller, 'action' => '*' );
if( $acl = $this->findAll($rows) ){
foreach($acl as $v){
if($v["user_name"] == SPANONYMOUS || $v["user_name"] == $_SESSION['userinfo']['user_name'])return 1;
}
return 0;
}else{
return -1;
}
}
这样好像就可以了
2010-10-20 16:08:23