Yii2 restful接口方式开发,权限控制(yii2-rest-rbac) [ 技术分享 ]
根据yii2-admin(https://github.com/mdmsoft/yii2-admin)修改,yii2-admin只是web方式,这个相当于yii2-admin的rest版本。适合用于前后端分离项目,rest方式提供接口,实现对接口的权限控制。 项目地址:https://github.com/windhoney/yii2-rest-rbac
yii2-rest-rbac
Yii2权限系统,rest版,根据yii2-admin(https://github.com/mdmsoft/yii2-admin)修改
- 安装:
composer require windhoney/yii2-rest-rbac
使用
- 配置oauth2和rbac
'modules' => [ 'rbac' => [ 'class' => 'wind\rest\modules' ], 'oauth2' => [ 'class' => 'filsh\yii2\oauth2server\Module', 'tokenParamName' => 'access_token', 'tokenAccessLifetime' => 3600 * 24, 'storageMap' => [ 'user_credentials' => 'backend\models\User', ], 'grantTypes' => [ 'user_credentials' => [ 'class' => 'OAuth2\GrantType\UserCredentials', ], 'client_credentials' => [ 'class' => 'OAuth2\GrantType\ClientCredentials', ], 'refresh_token' => [ 'class' => 'OAuth2\GrantType\RefreshToken', 'always_issue_new_refresh_token' => true ], 'authorization_code' => [ 'class' => 'OAuth2\GrantType\AuthorizationCode' ], ] ] ], - 配置权限
'as access' => [ 'class' => 'wind\rest\components\AccessControl', 'allowActions' => [ 'site/*',//允许访问的节点,可自行添加 'rbac/menu/user-menu', 'oauth2/*', ] ],
创建所需要的表 //用户表user和菜单表menu
yii migrate --migrationPath=@vendor/windhoney/yii2-rest-rbac/migrations//rbac相关权限表
yii migrate --migrationPath=@yii/rbac/migrations///oauth2相关表
yii migrate --migrationPath=@vendor/filsh/yii2-oauth2-server/migrations添加路由配置
将yii2-rest-rbac/example/rbac_route.php文件内容配置到项目的urlManager的rules规则下 也可在main.php文件中 添加
$dir = __DIR__ . "/route";
$main = wind\rest\helper\RbacHelper::addRoute($dir, $main);
return $main;
直接将此文件放到config/route/rbac_route.php
- 接口文档参考
觉得很赞共 7 条回复
-
auth_item表中没有‘parent_name’字段,但是你的代码中
public function getRoutes() { $manager = Yii::$app->getAuthManager(); $routes = $this->getAppRoutes(); // print_r($routes);die; $exists = []; foreach ($manager->getPermissions() as $name) { $name = ArrayHelper::toArray($name); if ($name['name'][0] !== '/') { continue; } $route['name'] = $name['name']; $route['description'] = $name['description']; $route['parent_name'] = $name['parent_name']; $exists[] = $route; unset($routes[$name['name']]); } $exists = ArrayHelper::index($exists, null, 'parent_name'); return [ 'avaliable' => array_keys($routes), 'assigned' => $exists ]; }这里面怎么取了‘parent_name’字段了呢,我这里就报错了
-
-
配置文件中
{'storageMap' => ['user_credentials' => 'backend\models\User',]}
我把改成common\models\User(我这有这个文件)继承了UserCredentialsInterface并实现了checkUserCredentials和getUserDetails方法:class User extends ActiveRecord implements IdentityInterface,UserCredentialsInterface { const STATUS_DELETED = 0; const STATUS_ACTIVE = 10; ... public function checkUserCredentials($username, $password) { $user = static::findByUsername($username); if(!$user){ return false; } return $this->validatePassword($password); } public function getUserDetails($username) { $user = static::findByUsername($username); return ['user_id' => $user->getId()]; } }但还是提示错误:
{ "name": "Exception", "message": "Argument 1 passed to OAuth2\\Server::verifyResourceRequest() must be an instance of OAuth2\\RequestInterface, instance of yii\\web\\Request given, called in D:\\phpStudy\\WWW\\advanced\\vendor\\filsh\\yii2-oauth2-server\\Server.php on line 31", "code": 0, "type": "TypeError", "file": "D:\\phpStudy\\WWW\\advanced\\vendor\\bshaffer\\oauth2-server-php\\src\\OAuth2\\Server.php", "line": 423, "stack-trace": [ "#0 D:\\phpStudy\\WWW\\advanced\\vendor\\filsh\\yii2-oauth2-server\\Server.php(31): OAuth2\\Server->verifyResourceRequest(Object(yii\\web\\Request), NULL, NULL)", "#1 D:\\phpStudy\\WWW\\advanced\\vendor\\filsh\\yii2-oauth2-server\\filters\\auth\\CompositeAuth.php(15): filsh\\yii2\\oauth2server\\Server->verifyResourceRequest()", "#2 D:\\phpStudy\\WWW\\advanced\\vendor\\yiisoft\\yii2\\base\\ActionFilter.php(77): filsh\\yii2\\oauth2server\\filters\\auth\\CompositeAuth->beforeAction(Object(yii\\base\\InlineAction))", "#3 [internal function]: yii\\base\\ActionFilter->beforeFilter(Object(yii\\base\\ActionEvent))", "#4 D:\\phpStudy\\WWW\\advanced\\vendor\\yiisoft\\yii2\\base\\Component.php(627): call_user_func(Array, Object(yii\\base\\ActionEvent))", "#5 D:\\phpStudy\\WWW\\advanced\\vendor\\yiisoft\\yii2\\base\\Controller.php(274): yii\\base\\Component->trigger('beforeAction', Object(yii\\base\\ActionEvent))", "#6 D:\\phpStudy\\WWW\\advanced\\vendor\\yiisoft\\yii2\\web\\Controller.php(164): yii\\base\\Controller->beforeAction(Object(yii\\base\\InlineAction))", "#7 D:\\phpStudy\\WWW\\advanced\\vendor\\yiisoft\\yii2\\base\\Controller.php(155): yii\\web\\Controller->beforeAction(Object(yii\\base\\InlineAction))", "#8 D:\\phpStudy\\WWW\\advanced\\vendor\\yiisoft\\yii2\\base\\Module.php(528): yii\\base\\Controller->runAction('user-menu', Array)", "#9 D:\\phpStudy\\WWW\\advanced\\vendor\\yiisoft\\yii2\\web\\Application.php(103): yii\\base\\Module->runAction('rbac/menu/user-...', Array)", "#10 D:\\phpStudy\\WWW\\advanced\\vendor\\yiisoft\\yii2\\base\\Application.php(386): yii\\web\\Application->handleRequest(Object(yii\\web\\Request))", "#11 D:\\phpStudy\\WWW\\advanced\\api\\web\\index.php(18): yii\\base\\Application->run()", "#12 {main}" ] }这个怎么解决啊?
共 1 条回复 yii2 -2.0.13版本以后getRequest() 有些变化
oauth2 模块下可以增加一行设置“components”'oauth2' => [ 'class' => 'filsh\yii2\oauth2server\Module', 'tokenParamName' => 'access_token', 'tokenAccessLifetime' => 3600 * 24, 'storageMap' => [ 'user_credentials' => 'app\models\User', ], 'grantTypes' => [ 'user_credentials' => [ 'class' => 'OAuth2\GrantType\UserCredentials', ], 'client_credentials' => [ 'class' => 'OAuth2\GrantType\ClientCredentials', ], 'refresh_token' => [ 'class' => 'OAuth2\GrantType\RefreshToken', 'always_issue_new_refresh_token' => true ], 'authorization_code' => [ 'class' => 'OAuth2\GrantType\AuthorizationCode' ], ], 'components' => [ 'request' => function () { return \filsh\yii2\oauth2server\Request::createFromGlobals(); }, 'response' => [ 'class' => \filsh\yii2\oauth2server\Response::class, ], ], ] -
-
遇到同样的错误,有人解决了吗共 1 条回复 yii2 -2.0.13版本以后getRequest() 有些变化
oauth2 模块下可以增加一行设置“components”'oauth2' => [ 'class' => 'filsh\yii2\oauth2server\Module', 'tokenParamName' => 'access_token', 'tokenAccessLifetime' => 3600 * 24, 'storageMap' => [ 'user_credentials' => 'app\models\User', ], 'grantTypes' => [ 'user_credentials' => [ 'class' => 'OAuth2\GrantType\UserCredentials', ], 'client_credentials' => [ 'class' => 'OAuth2\GrantType\ClientCredentials', ], 'refresh_token' => [ 'class' => 'OAuth2\GrantType\RefreshToken', 'always_issue_new_refresh_token' => true ], 'authorization_code' => [ 'class' => 'OAuth2\GrantType\AuthorizationCode' ], ], 'components' => [ 'request' => function () { return \filsh\yii2\oauth2server\Request::createFromGlobals(); }, 'response' => [ 'class' => \filsh\yii2\oauth2server\Response::class, ], ], ] -
部分文档有更新 可以到这里查看:https://github.com/windhoney/yii2-rest-rbac
分组表需要新增
CREATE TABLEauth_groups(
group_idvarchar(50) NOT NULL COMMENT '分组id',
group_namevarchar(100) NOT NULL DEFAULT '' COMMENT '分组名称',
group_statusvarchar(50) NOT NULL DEFAULT '' COMMENT '状态(开启,关闭)',
PRIMARY KEY (group_id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='分组';CREATE TABLE
auth_groups_child(
idint(11) NOT NULL AUTO_INCREMENT,
group_idvarchar(50) NOT NULL COMMENT '分组id',
user_idvarchar(64) NOT NULL COMMENT '用户id',
PRIMARY KEY (id),
UNIQUE KEYgroup_id_2(group_id,user_id),
KEYgroup_id(group_id),
KEYuser_group_id(user_id) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=795 DEFAULT CHARSET=utf8 COMMENT='分组子集'; -
windhoney
最后登录:2024-03-22
在线时长:16小时45分
- 粉丝6
- 金钱70
- 威望0
- 积分230