ThinkPHP is an excellent PHP framework, widely used in the field of web development. In the project implementation process, permission setting is a crucial link. This article will introduce in detail the permission setting method of the ThinkPHP project team.
1. Understanding ThinkPHP permission settings
Permission setting refers to assigning operation permissions to users so that they can operate according to the permission scope. In the ThinkPHP framework, permission settings can be implemented through RBAC (Role-Based Access Control). RBAC role-based access control refers to an access control model that assigns roles to users and reassigns permissions to the roles. RBAC has the following characteristics:
2. RBAC-based permission setting steps
Step 1 Create permission table
Step 2 Create a role table
Step 3 Create user table
Step 4 Create a user role association table
Step 5 Create a role permission association table
Step 6 Implement permission control
In the ThinkPHP project, the method to implement permission control is as follows:
public function _initialize(){ if(!authcheck()){ } } public function authcheck(){ $auth=new Auth; if($auth->check(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME,session('uid'))){ return true; }else{ return false; } }
class Auth { //检查权限 public function check($name, $uid){ if(in_array($uid, C('AUTH_SUPER_ADMIN'))){ return true; } $infos=M('user')->field('role_id')->where('id='.$uid)->find(); $role_id=$infos['role_id']; $rules=M('access')->where('role_id='.$role_id)->select(); foreach($rules as $v){ $rule_ids[]=$v['rule_id']; } $rules=M('rule')->where('id in ('.implode(',',$rule_ids).')')->select(); foreach($rules as $r){ $urls[]=$r['name']; } if(in_array($name,$urls)){ return true; }else{ return false; } } }
The logic implemented by the above code is to add permission verification for all user operation requests. If the operation requested by the user requires permission control, the validator first checks whether the user is a super administrator. If the user is a super administrator, the verification is passed directly; if the user is not a super administrator, the list of permission IDs owned by the role is found (query from the association table) based on the user's role ID (query from the user table), and then Search the corresponding permission name list according to the permission ID list; if the requested operation name is in the permission name list, the verification is passed; otherwise, the permission verification fails.
3. Summary
Permission setting is an indispensable part of website development. This article details how to implement permission control based on RBAC in the ThinkPHP project. Based on this idea, you can set corresponding operation permissions based on your actual project needs.
The above is the detailed content of Detailed introduction to the permission setting method of the ThinkPHP project team. For more information, please follow other related articles on the PHP Chinese website!