- 配置/config/main.php 'components'=>array( 'authManager' => array( 'class' => 'CDbAuthManager', 'connectionID' => 'db' ), :
- 创建需要的数据表.AuthItem(操作定义表, 用户和操作定义). AuthItemChild(权限定义表 角色---操作). AuthAsignment (授权表,用户--角色 ) CREATE TABLE
AuthItem
(name
varchar(64) NOT NULL,type
int(11) NOT NULL,description
text,bizrule
text,data
text, PRIMARY KEY (name
) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 CREATE TABLEAuthItemChild
(parent
varchar(64) NOT NULL,child
varchar(64) NOT NULL, PRIMARY KEY (parent
,child
), KEYchild
(child
) ) ENGINE=MyISAM DEFAULT CHARSET=utf8
CREATE TABLE AuthAssignment
( itemname
varchar(64) NOT NULL, userid
varchar(64) NOT NULL, bizrule
text, data
text, PRIMARY KEY (itemname
,userid
) ) ENGINE=MyISAM DEFAULT CHARSET=utf8
- 在项目中的人一个controller 中添加一方法: 如site/config. 在该actionConfig()方法中加如如下实例代码. $auth=Yii::app()->authManager; $auth->createOperation('createPost','create a post'); $auth->createOperation('readPost','read a post'); $auth->createOperation('updatePost','update a post'); $auth->createOperation('deletePost','delete a post');
$bizRule='return Yii::app()->user->id==$params["post"]->authID;'; $task=$auth->createTask('updateOwnPost','update a post by author himself',$bizRule); $task->addChild('updatePost');
$role=$auth->createRole('reader'); $role->addChild('readPost');
$role=$auth->createRole('author'); $role->addChild('reader'); $role->addChild('createPost'); $role->addChild('updateOwnPost');
$role=$auth->createRole('editor'); $role->addChild('reader'); $role->addChild('updatePost');
$role=$auth->createRole('admin'); $role->addChild('editor'); $role->addChild('author'); $role->addChild('deletePost');
$auth->assign('reader','readerA'); $auth->assign('author','authorB'); $auth->assign('editor','editorC'); $auth->assign('admin','adminD'); 然后再执行 test.cn?r=site/config.即可加入以上的权限定义到数据库. 然后在需要的时候用rules 和filter就OK了.