PHP Laravel5实现的RBAC权限管理操作示例
根据不同的权限,在菜单栏显示不同的功能,只对菜单进行了限制,若对路由也进行限制,可以根据菜单的例子,请自行完善,开发。下面请认真学习一下laravel的RBAC设计
1、建表(用户表、角色表、权限表、用户角色表、角色权限表)
1 CREATE TABLE IF NOT EXISTS mr_role 2 ( 3 id int(11) PRIMARY KEY AUTO_INCREMENT COMMENT '自增id', 4 name varchar(30) NOT NULL COMMENT '角色名' 5 )ENGINE=innodb DEFAULT CHARSET=utf8 COMMENT='角色表'; 6 7 8 CREATE TABLE IF NOT EXISTS mr_privilege 9 ( 10 id int(11) PRIMARY KEY AUTO_INCREMENT COMMENT '自增id', 11 name varchar(30) NOT NULL COMMENT '权限名', 12 route varchar(50) NOT NULL COMMENT '权限所有的路由', 13 description varchar(100) NOT NULL COMMENT '权限的描述' 14 )ENGINE=innodb DEFAULT CHARSET=utf8 COMMENT='权限表'; 15 16 17 CREATE TABLE IF NOT EXISTS mr_user_role 18 ( 19 id int(11) PRIMARY KEY AUTO_INCREMENT COMMENT '自增id', 20 user_id int(11) NOT NULL COMMENT '用户id', 21 role_id int(11) NOT NULL COMMENT '角色id' 22 )ENGINE=innodb DEFAULT CHARSET=utf8 COMMENT='用户角色表'; 23 24 25 CREATE TABLE IF NOT EXISTS mr_role_privilege 26 ( 27 id int(11) PRIMARY KEY AUTO_INCREMENT COMMENT '自增id', 28 role_id int(11) NOT NULL COMMENT '角色id', 29 privilege_id int(11) NOT NULL COMMENT '权限id' 30 )ENGINE=innodb DEFAULT CHARSET=utf8 COMMENT='角色权限表';
2、在用户模型和角色模型中实现多对多
1 class User extends Model 2 { 3 protected $primaryKey = 'id'; 4 protected $table = 'user'; 5 public $timestamps = false; 6 public $guarded = []; 7 public function roles() 8 { 9 return $this->belongsToMany('App\Model\Role', 'user_role', 'user_id', 'role_id')->withPivot('user_id', 'role_id'); 10 } 11 } 12 13 14 15 class Role extends Model 16 { 17 protected $table = 'role'; 18 protected $primaryKey = 'id'; 19 public $timestamps = false; 20 public $guarded = []; 21 public function privileges() 22 { 23 return $this->belongsToMany('App\Model\Privilege', 'role_privilege', 'role_id', 'privilege_id')->withPivot(['role_id', 'privilege_id']); 24 }
}
3、将菜单视为公共区域,在app\Providers\AppServiceProvider.php里写
1 public function boot() 2 { 3 \View::composer('layout.slide', function($view) { 4 $roles_id = User::find(session('user')['id'])->roles->map(function ($role) { 5 return $role->id; 6 }); // 使用map,最终得到的结果$roles_id = [1, 2, ...] 7 $privileges = []; 8 foreach ($roles_id as $role) { 9 $privileges = array_merge($privileges, Role::find($role)->privileges->map(function ($privilege) { 10 return [$privilege->name, $privilege->route]; 11 })->toArray()); 12 } // 得到的结果,$prpvileges = [['index/..', '列表'], ['', '']] 13 $view->with('privileges', $privileges); 14 }); 15 }
4、菜单的实现(可以直接遍历一个div,我这里因为有不同的样式,便用了判断)
1 @foreach ($privileges as $privilege) 2 @if ($privilege[1] == 'key/index' && $privilege[0] == '键名列表') 3 <div class="slide__left__key" style="margin-top: 10px;"><a href="{{ url('key/index') }}" rel="external nofollow" ><span class="glyphicon glyphicon-th"></span> 键名列表</a></div> 4 @endif 5 @if ($privilege[1] == 'key/create' && $privilege[0] == '添加键名') 6 <div class="slide__left__key"><a href="{{ url('key/create') }}" rel="external nofollow" ><span class="glyphicon glyphicon-plus"></span> 添加键名</a></div> 7 @endif 8 @if ($privilege[1] == 'project/index' && $privilege[0] == '项目列表') 9 <div class="slide__left__key" style="margin-top: 20px;"><a href="{{ url('project/index') }}" rel="external nofollow" ><span class="glyphicon glyphicon-th-list"></span> 项目列表</a></div> 10 @endif 11 @if ($privilege[1] == 'project/create' && $privilege[0] == '添加项目') 12 <div class="slide__left__key"><a href="{{ url('project/create') }}" rel="external nofollow" ><span class="glyphicon glyphicon-edit"></span> 添加项目</a></div> 13 @endif 14 @if ($privilege[1] == 'user/index' && $privilege[0] == '用户列表') 15 <div class="slide__left__key" style="margin-top: 20px;"><a href="{{ url('user/index') }}" rel="external nofollow" ><span class="glyphicon glyphicon-th-large"></span> 用户列表</a></div> 16 @endif 17 @if ($privilege[1] == 'user/create' && $privilege[0] == '添加用户') 18 <div class="slide__left__key"><a href="{{ url('user/create') }}" rel="external nofollow" ><span class="glyphicon glyphicon-plus-sign"></span> 添加用户</a></div> 19 @endif 20 @endforeach
- 很多PHPer在进阶的时候总会遇到一些问题和瓶颈,业务代码写多了没有方向感,不知道该从那里入手去提升,对此我整理了一些资料,包括但不限于:分布式架构、高可扩展、高性能、高并发、服务器性能调优、TP6,laravel,YII2,Redis,Swoole、Swoft、Kafka、Mysql优化、shell脚本、Docker、微服务、Nginx等多个知识点高级进阶干货需要的可以免费分享给大家,需要的加群(点击→)677079770