Giter Site home page Giter Site logo

Comments (4)

windhoney avatar windhoney commented on August 19, 2024

才看到
如果在同一个页面,“价格、数量、利润这三个查询项是以三个button来展示的”,首先权限控制上肯定是可以的,创建这3个不同的路由,然后控制路由的访问权限,可以限制其他人查询(点击报403)

但是你要的是控制前端不展示这些按钮,那就只能由后台返回,后台通过读取当前用户的权限,来返回展示按钮,--我之前做过一个,也许能满足你这个需求,把“价格、数量、利润”这3个按钮添加到菜单,控制菜单下的路由的权限,返回当前用户的,这个父级菜单下的子菜单
$menus = MenuHelper::getAssignedMenu(Yii::$app->user->id, Yii::$app->params["you_menu_root__id"]);

you_menu_root__id是这3个菜单的父级菜单

from yii2-rest-rbac.

wayne798 avatar wayne798 commented on August 19, 2024

我可能没表述明白,我这个三个按钮不是对应的三个路由,而是代表的查询的三个参数项,其实点击查询后走得都是一个路由比如说actionSearch,只是传的不同的参数['价格','数量','利润']。我想的是,让admin可以在页面上选择这三项,而user只能看到其中的某一些项。我现在想到的是,创建三个控制这几个选项显隐的权限,然后分配给不同的角色,后台通过判断权限来给前台可以显示的部分。再就是前段提交查询后,后端还要做判断处理,因为如果前端传过来了三个参数,但是当前用户只能查询两个,那么就得返错了,那么这个判断处理应该放在哪里呢,放在actionSearch里面?拿到post参数后逐个判断?还是写一个规则,添加到search权限中?或者还是有其他好的解决方案呢

from yii2-rest-rbac.

windhoney avatar windhoney commented on August 19, 2024

规则应该也可以的,不过只是个别情况也可以简单做,创建3个路由分别代表'价格','数量','利润'(type1,type2,type3--名字随便起跟3个参数有关就行),设置好权限控制这3个路由,放到菜单里。还是getAssignedMenu 这么去查询当前用户的,给前端-让前端显示;前端显示没问题了,
后端在actionSearch里面去验证参数,还是通过这个方法去获取当前用户的菜单(type1,type2,type3)和传过来的参数比对验证

from yii2-rest-rbac.

wayne798 avatar wayne798 commented on August 19, 2024

嗯,是一种解决方案。多谢多谢!我先采用规则的方式来实现一下。
还有一个问题,就是路由的parent_name,这样的话可以对路由分组处理,但是只能方便处理成二级菜单,如果是多级的呢?再开一个issue😁

from yii2-rest-rbac.

Related Issues (10)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.