ThinkPHP3 中APP_GROUP_LIST分组后RBAC无权限有关问题解决方法!
ThinkPHP3 中APP_GROUP_LIST分组后RBAC无权限问题解决办法!!!
转载请注明出处:http://tyllxx.iteye.com/blog/1693553
今天在官网下的rbac示例,解压出来放到网站根目录,配合TP3.1的框架,运行正常,进入也正常。权限也正常,数据库无问题。
将配置文件改名为config.inc.php,放在App目录下,配置文件中加入
? ?? ???'APP_GROUP_LIST'=>'admin,member',
? ?? ???'DEFAULT_GROUP'=>'',
采用分组后Conf文件夹下新建admin,member文件夹,目录中包含config.php,Conf文件夹下也含config.php(不是原先的),内容如下:
$config=require './App/config.inc.php';
$array=array();
return array_merge($config,$array);
转载请注明出处:http://tyllxx.iteye.com/blog/1693553?
CommonAction文件中:
if (!RBAC::AccessDecision(GROUP_NAME)) {//增加GROUP_NAME参数
\Lib\Action文件夹下新建admin,member文件夹,复制\Lib\Action文件夹下IndexAction.class.php文件到新建的admin,member两个文件夹中。
\Tpl文件夹下新建admin,member文件夹,复制\Tpl文件夹下Index文件夹到新建的admin,member两个文件夹中。
配置数据库中权限(为了方便测试删除了数据表中原有的权限):
?
以下node表:
?
以下?access表:
?
?
以下role表:
以下role_user表:
按照以上方式配置登录成功,但是提示无权限!
?
?
目前找到的解决办法是:
修改RBAC主文件:\Lib\ORG\Util\RBAC.class.php
其中通过数据库读取level=1的数据时无法找打匹配值而造成无权限问题。
问题语句:
?
?
$db = Db::getInstance(C('RBAC_DB_DSN'));
$table = array('role'=>C('RBAC_ROLE_TABLE'),'user'=>C('RBAC_USER_TABLE'),'access'=>C('RBAC_ACCESS_TABLE'),'node'=>C('RBAC_NODE_TABLE'));
$sql = "select node.id,node.name from ".
$table['role']." as role,".
$table['user']." as user,".
$table['access']." as access ,".
$table['node']." as node ".
"where user.user_id='{$authId}' and user.role_id=role.id and ( access.role_id=role.id or (access.role_id=role.pid and role.pid!=0 ) ) and role.status=1 and access.node_id=node.id and node.level=1 and node.status=1";
$apps = $db->query($sql);
转载请注明出处:http://tyllxx.iteye.com/blog/1693553
?
其中的:
"where user.user_id='{$authId}' and user.role_id=role.id and ( access.role_id=role.id ?or (access.role_id=role.pid and role.pid!=0 ) ) and role.status=1 and access.node_id=node.id and node.level=1 and node.status=1";
?
改为:
?
"where user.user_id='{$authId}' and user.role_id=role.id ?and role.status=1 and access.node_id=node.id and node.level=1 and node.status=1";
?
就可以正确识别分组后的权限。。。。
?
配置文件中
'RBAC_GROUP_NAME'=>'admin,member',
这句话不知道是否有用,未测试。
?
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to disable background applications in Windows 11_Windows 11 tutorial to disable background applications
May 07, 2024 pm 04:20 PM
1. Open settings in Windows 11. You can use Win+I shortcut or any other method. 2. Go to the Apps section and click Apps & Features. 3. Find the application you want to prevent from running in the background. Click the three-dot button and select Advanced Options. 4. Find the [Background Application Permissions] section and select the desired value. By default, Windows 11 sets power optimization mode. It allows Windows to manage how applications work in the background. For example, once you enable battery saver mode to preserve battery, the system will automatically close all apps. 5. Select [Never] to prevent the application from running in the background. Please note that if you notice that the program is not sending you notifications, failing to update data, etc., you can
How to convert deepseek pdf
Feb 19, 2025 pm 05:24 PM
DeepSeek cannot convert files directly to PDF. Depending on the file type, you can use different methods: Common documents (Word, Excel, PowerPoint): Use Microsoft Office, LibreOffice and other software to export as PDF. Image: Save as PDF using image viewer or image processing software. Web pages: Use the browser's "Print into PDF" function or the dedicated web page to PDF tool. Uncommon formats: Find the right converter and convert it to PDF. It is crucial to choose the right tools and develop a plan based on the actual situation.
What does dao mean in java
Apr 21, 2024 am 02:08 AM
DAO (Data Access Object) in Java is used to separate application code and persistence layer, its advantages include: Separation: Independent from application logic, making it easier to modify it. Encapsulation: Hide database access details and simplify interaction with the database. Scalability: Easily expandable to support new databases or persistence technologies. With DAOs, applications can call methods to perform database operations such as create, read, update, and delete entities without directly dealing with database details.
Can't allow access to camera and microphone in iPhone
Apr 23, 2024 am 11:13 AM
Are you getting "Unable to allow access to camera and microphone" when trying to use the app? Typically, you grant camera and microphone permissions to specific people on a need-to-provide basis. However, if you deny permission, the camera and microphone will not work and will display this error message instead. Solving this problem is very basic and you can do it in a minute or two. Fix 1 – Provide Camera, Microphone Permissions You can provide the necessary camera and microphone permissions directly in settings. Step 1 – Go to the Settings tab. Step 2 – Open the Privacy & Security panel. Step 3 – Turn on the “Camera” permission there. Step 4 – Inside, you will find a list of apps that have requested permission for your phone’s camera. Step 5 – Open the “Camera” of the specified app
What does field mean in java
Apr 25, 2024 pm 10:18 PM
In Java, a "field" is a data member in a class or interface that is used to store data or state. The properties of field include: type (can be any Java data type), access rights, static (belongs to a class rather than an instance), final (immutable) and transient (not serialized). Field is used to store state information of a class or interface, such as storing object data and maintaining object state.
How does the Java reflection mechanism modify the behavior of a class?
May 03, 2024 pm 06:15 PM
The Java reflection mechanism allows programs to dynamically modify the behavior of classes without modifying the source code. By operating the Class object, you can create instances through newInstance(), modify private field values, call private methods, etc. Reflection should be used with caution, however, as it can cause unexpected behavior and security issues, and has a performance overhead.
Pi Node Teaching: What is a Pi Node? How to install and set up Pi Node?
Mar 05, 2025 pm 05:57 PM
Detailed explanation and installation guide for PiNetwork nodes This article will introduce the PiNetwork ecosystem in detail - Pi nodes, a key role in the PiNetwork ecosystem, and provide complete steps for installation and configuration. After the launch of the PiNetwork blockchain test network, Pi nodes have become an important part of many pioneers actively participating in the testing, preparing for the upcoming main network release. If you don’t know PiNetwork yet, please refer to what is Picoin? What is the price for listing? Pi usage, mining and security analysis. What is PiNetwork? The PiNetwork project started in 2019 and owns its exclusive cryptocurrency Pi Coin. The project aims to create a one that everyone can participate
How to cross-domain iframe in vue
May 02, 2024 pm 10:48 PM
Ways to solve iframe cross-domain issues in Vue: CORS: Enable CORS support in the backend server and use XMLHttpRequest or fetch API to send CORS requests in Vue. JSONP: Dynamically load JSONP scripts in Vue using the JSONP endpoint in the backend server. Proxy server: Set up a proxy server to forward requests, use a third-party library (such as axios) in Vue to send requests and set the proxy server URL.
