- 配置/config/main.php 'components'=>array( 'authManager' => array( 'class' => 'CDbAuthManager', 'connectionID' => 'db' ), :
- 创建需要的数据表.AuthItem(操作定义表, 用户和操作定义). AuthItemChild(权限定义表 角色---操作). AuthAsignment (授权表,用户--角色 ) CREATE TABLE
AuthItem(namevarchar(64) NOT NULL,typeint(11) NOT NULL,descriptiontext,bizruletext,datatext, PRIMARY KEY (name) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 CREATE TABLEAuthItemChild(parentvarchar(64) NOT NULL,childvarchar(64) NOT NULL, PRIMARY KEY (parent,child), KEYchild(child) ) ENGINE=MyISAM DEFAULT CHARSET=utf8
CREATE TABLE AuthAssignment ( itemname varchar(64) NOT NULL, userid varchar(64) NOT NULL, bizrule text, data text, PRIMARY KEY (itemname,userid) ) ENGINE=MyISAM DEFAULT CHARSET=utf8
- 在项目中的人一个controller 中添加一方法: 如site/config. 在该actionConfig()方法中加如如下实例代码. $auth=Yii::app()->authManager; $auth->createOperation('createPost','create a post'); $auth->createOperation('readPost','read a post'); $auth->createOperation('updatePost','update a post'); $auth->createOperation('deletePost','delete a post');
$bizRule='return Yii::app()->user->id==$params["post"]->authID;'; $task=$auth->createTask('updateOwnPost','update a post by author himself',$bizRule); $task->addChild('updatePost');
$role=$auth->createRole('reader'); $role->addChild('readPost');
$role=$auth->createRole('author'); $role->addChild('reader'); $role->addChild('createPost'); $role->addChild('updateOwnPost');
$role=$auth->createRole('editor'); $role->addChild('reader'); $role->addChild('updatePost');
$role=$auth->createRole('admin'); $role->addChild('editor'); $role->addChild('author'); $role->addChild('deletePost');
$auth->assign('reader','readerA'); $auth->assign('author','authorB'); $auth->assign('editor','editorC'); $auth->assign('admin','adminD'); 然后再执行 test.cn?r=site/config.即可加入以上的权限定义到数据库. 然后在需要的时候用rules 和filter就OK了.
