下载rights的扩展http://www.yiiframework.com/extension/rights/,解压到protected下的modules目录
接下来按照如下顺序进行操作:
一.用gii生成User模型
安装rights之前,需要先打开gii,对应自己的用户表,生成User模型,修改相应modules里面的配置字段(配置文件main.php的更改见第三步);也就是说,你需要自己先有用户表;我测试的用户表是id,usrname,password
二.修改UserIdentify.php认证
需要修改protected,components下面的UserIdentify.php里面的认证过程,如下:
- <?php
- class UserIdentity extends CUserIdentity
- {
- private $_id;
- public function authenticate()
- {
- $userFromDB = User::model()->find('usrname=?',array(strtolower($this->username)));
- if( !isset($this->username) || null === $userFromDB )
- {
- $this->errorCode=self::ERROR_USERNAME_INVALID;
- }
- elseif( !isset($this->password) || null === $userFromDB )
- {
- $this->errorCode=self::ERROR_PASSWORD_INVALID;
- }
- elseif( $userFromDB->password === md5($this->password) )
- {
- $this->username = $userFromDB->usrname;
- $this->_id = $userFromDB->id;
- $this->errorCode=self::ERROR_NONE;
- }
- return !$this->errorCode;
- }
- //必须返回id,不能返回usrName
- public function getId()
- {
- return $this->_id;
- }
- }
- ?>
三.更改main.php配置文件
在config/main.php里面配置如下:
- 'import'=>array(
- 'application.models.*',
- 'application.components.*',
- 'application.modules.rights.*',
- 'application.modules.rights.components.*',//这一行,在官方文档里面没有,不写的话,会导致RWebUser找不到
- ),
- 'modules'=>array(
- 'rights'=>array(
- 'superuserName'=>'admin',//自己用户表里面的用户,这个作为超级用户
- 'userClass'=>'User',//自己用户表对应的用户模型类
- 'authenticatedName'=>'Authenticated',//自定义名称
- 'userIdColumn'=>'id',//自己用户表对应的id
- 'userNameColumn'=>'usrname',//自己用户表对应的用户名称
- 'enableBizRule'=>true,
- 'enableBizRuleData'=>false,
- 'displayDescription'=>true,
- 'flashSuccessKey'=>'RightsSuccess',
- 'flashErrorKey'=>'RightsError',
- 'baseUrl'=>'/rights',
- 'layout'=>'rights.views.layouts.main',
- 'appLayout'=>'application.views.layouts.main',
- 'cssFile'=>'rights.css',
- 'install'=>true,//第一次安装需要为true,安装成功以后记得改成false
- 'debug'=>false,
- ),
- 'components'=>array(
- 'user'=>array(
- // enable cookie-based authentication
- 'allowAutoLogin'=>true,
- 'class'=>'RWebUser',
- ),
- 'authManager' => array(
- 'class' => 'RDbAuthManager',
- 'assignmentTable' => 'authassignment',
- 'itemTable' => 'authitem',
- 'itemChildTable' => 'authitemchild',
- 'rightsTable' => 'rights',
- 'defaultRoles'=>array('Guest'),
- ),
四.修改controller.php
controller需要继承rights的控制器RController,直接改protected/components/Controller.php,继承自RController即可,如下:
- <?php
- /**
- * Controller is the customized base controller class.
- * All controller classes for this application should extend from this base class.
- */
- class Controller extends RController
- {
- /**
- * @var string the default layout for the controller view. Defaults to '//layouts/column1',
- * meaning using a single column layout. See 'protected/views/layouts/column1.php'.
- */
- public $layout='//layouts/column1';
- /**
- * @var array context menu items. This property will be assigned to {@link CMenu::items}.
- */
- public $menu=array();
- /**
- * @var array the breadcrumbs of the current page. The value of this property will
- * be assigned to {@link CBreadcrumbs::links}. Please refer to {@link CBreadcrumbs::links}
- * for more details on how to specify this property.
- */
- public $breadcrumbs=array();
- }
- ?>
五.控制层需重写filters并给以rights验证(这个很重要)
每个控制层,都需要重写filters方法,并赋予rights验证,才可以启用rights验证,否则,rights不起作用
- <?php
- class HomeController extends Controller
- {
- /**
- * @var string the default layout for the views. Defaults to '//layouts/column2', meaning
- * using two-column layout. See 'protected/views/layouts/column2.php'.
- */
- public $layout='layout';
- /**
- * @return array action filters
- */
- public function filters()
- {
- return array(
- 'postOnly + delete', // 只允许post请求的删除操作,这个是为了避免用户通过url直接请求删除某数据
- 'rights',//采用rights的权限过滤
- );
- }
- /**
- * Displays a particular model.
- * @param integer $id the ID of the model to be displayed
- */
- public function actionView($id)
- {
- $this->render('view',array(
- 'model'=>$this->loadModel($id),
- ));
- }
- /**
- * Creates a new model.
- * If creation is successful, the browser will be redirected to the 'view' page.
- */
- public function actionCreate()
- {
- $model=new Home;
- // Uncomment the following line if AJAX validation is needed
- // $this->performAjaxValidation($model);
- if(isset($_POST['Home']))
- {
- $model->attributes=$_POST['Home'];
- $model->Addtime=date("Y-m-d H:i:s");
- if($model->save())
- $this->redirect(array('view','id'=>$model->ID));
- }
- $this->render('create',array(
- 'model'=>$model,
- ));
- }
- /**
- * Updates a particular model.
- * If update is successful, the browser will be redirected to the 'view' page.
- * @param integer $id the ID of the model to be updated
- */
- public function actionUpdate($id)
- {
- $model=$this->loadModel($id);
- // Uncomment the following line if AJAX validation is needed
- // $this->performAjaxValidation($model);
- if(isset($_POST['Home']))
- {
- $model->attributes=$_POST['Home'];
- $model->Addtime=date("Y-m-d H:i:s");
- if($model->save())
- $this->redirect(array('view','id'=>$model->ID));
- }
- $this->render('update',array(
- 'model'=>$model,
- ));
- }
- /**
- * Deletes a particular model.
- * If deletion is successful, the browser will be redirected to the 'admin' page.
- * @param integer $id the ID of the model to be deleted
- */
- public function actionDelete($id)
- {
- $this->loadModel($id)->delete();
- // if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
- if(!isset($_GET['ajax']))
- $this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
- }
- /**
- * Lists all models.
- */
- public function actionIndex()
- {
- $dataProvider=new CActiveDataProvider('Home');
- $this->render('index',array(
- 'dataProvider'=>$dataProvider,
- ));
- }
- /**
- * Performs the AJAX validation.
- * @param Home $model the model to be validated
- */
- protected function performAjaxValidation($model)
- {
- if(isset($_POST['ajax']) && $_POST['ajax']==='mpos-list-form')
- {
- echo CActiveForm::validate($model);
- Yii::app()->end();
- }
- }
- }
- ?>
安装rights之前,需要用superUser权限的账号登陆,即配置文件main.php中,superuserName对应的用户,如下:
- 'superuserName'=>'admin',
第一次登陆rights,访问地址为:
http://localhost/testApp/index.php?r=rights/install
安装成功以后,可以访问下面的地址
http://localhost/testApp/index.php?r=rights/authItem
七.注意
1.rights里面的sql不需要手工执行,rights会自己安装;如果提示sql不对,先手工导入,然后刷新页面,然后再删除手工导入的表试试。
2.(如果顺序没错,这个步骤应该不需要)在modules,rights,components,RAuthorizer.php里面303,304行注释掉,如下:
- if( $superusers===array() )
- throw new CHttpException(403, Rights::t('core', 'There must be at least one superuser!'));
3.rights插件界面中若css丢失,则修改modules/rights/RightsModule.php的154行,如下:
- // Make sure we want to register a style sheet.
- if( $this->cssFile!==false )
- {
- //改成这个
- $this->cssFile = $assetsUrl.'/css/default.css';
- //原始代码
- // if( $this->cssFile===null )
- // $this->cssFile = $assetsUrl.'/css/default.css';
- // else
- // $this->cssFile = Yii::app()->request->baseUrl. '/' .$this->cssFile;
- // Register the style sheet
- $cs->registerCssFile($this->cssFile);
- }