Analysis of four usages of RBAC class in ThinkPHP

This paper illustrates four uses of RBAC class in ThinkPHP. Share it for your reference. The specific methods are as follows:

Class 1: Placed in the login operation of the login controller

1.RBAC::authenticate();

The data used to look up the user name submitted by the form in the user table is essentially a user table lookup statement:

return M(modle)->where(array)->find();

This operation takes two parameters

a. array () Array Writing and Function and Table Search Array 1 Sample:

array(' Field '=>' Value ',' Field '=>array(' Condition ',' Value '));

b. model is the table name, which is the configuration parameter by default

C('USER_AUTH_MODEL');

The return value is a query result displayed in a 1-dimensional array.
Note: It is a single record search method for the user table. We can use the search statement directly without it.

2.RBAC::saveAccessList();

Write the application name (group name), controller name and operation name that users can control into session in the form of a 3-dimensional array.

Parameter is user id, 1. We will write user id into session after user login verification is passed

C('USER_AUTH_KEY');

In this method, the parameter $_SESSION (C ('USER_AUTH_KEY') is taken by default.

Class 2: Placed in a public controller (all controller classes participating in permission authentication should be inherited into this class)

3.RBAC::AccessDecision();

It is used to judge whether the current user has permission to the current manipulation. The parameter defaults to the application name APP_NAME. If it is a grouping mode, the grouping name GROUP_NAME must be passed in

There is a method called

RBAC::checkAccess();

Used to verify whether the current controller or operation participates in this judgment.

Note: There are 4 configuration parameters, and we need to write two.

Validation Controller Required: REQUIRE_AUTH_MODULE Validation Operation Required: REQUIRE_AUTH_ACTION

No validation controller required: NOT_AUTH_MODULE No validation operation required: NOT_AUTH_ACTION

If all write is required: Write operations in REQUIRE_AUTH_ACTION must be accompanied by writes in REQUIRE_AUTH_MODULE to its own controller.

If all write is not required: If the controller is written in NOT_AUTH_MODULE, all methods in its controller will not need validation.

If you write the operation in NOT_AUTH_ACTION alone, you need to pay attention to the problem of duplicate operation names.

4.RBAC::checkLogin();

Used to judge whether the user logs in or not.
Note: The first page after landing shows that this operation must participate in verification, so each role must join the permission of this operation.

You can also directly judge whether $_ SESSION [C ('USER_AUTH_KEY')] exists without this method. If it does not exist, you can jump to the login interface, so that the homepage after login can show that this operation does not participate in verification.

I hope this article is helpful to everyone's ThinkPHP framework programming.