角色权限探索2
<p><a href="https://blog.csdn.net/qq_33410077/article/details/90791774?utm_medium=distribute.pc_aggpage_search_result.none-task-blog-2~all~first_rank_v2~rank_v25-6-90791774.nonecase&utm_term=%E6%8C%89%E9%92%AE%E7%BA%A7%E5%88%AB%E6%9D%83%E9%99%90%E6%8E%A7%E5%88%B6%E8%AE%BE%E8%AE%A1" title="页面菜单访问权限控制,表单访问权限控制,按钮级别权限控制,数据权限控制">页面菜单访问权限控制,表单访问权限控制,按钮级别权限控制,数据权限控制</a></p>
<p><a href="http://www.woshipm.com/pd/3408583.html/comment-page-1" title="经验总结:B端产品的数据权限设计">经验总结:B端产品的数据权限设计</a></p>
<p>PHP
ROTER_POWER
API_POWER</p>
<p>基于api(接口)
在控制器控制,
读取API_POWER,去掉接api_power,再用API_POWER剩下的数据过滤掉结果集</p>
<p>db
table:roles
auth_power
api_power</p>
<p>js
增改
ROTER_POWER
API_POWER
匹配
auth_power
api_power</p>
<p>浏览 配合v指令
合并为vauth</p>
<h4>fullRoutesArr 后台所有路由的PHP数组</h4>
<pre><code class="language-php">//php源数组
$fullRoutesArr = [
[
'level'=>'login',//public/login/auth
'ismenu'=>false,
'title'=> '登录页',
'key'=> 'Login',//route
'icon'=> 'icon-disc',
'apis'=>['get1.php','get2.php'],
'elems'=>['elem1','elem2'],
'children'=> [
'level'=>'auth',
'ismenu'=>true,
'title'=> '模糊匹配',
'key'=> 'AutoComplete-folder',//route
'icon'=> 'icon-disc',
'apis'=>['get1.php','get2.php'],
'elems'=>['elem1','elem2']
]
]
];</code></pre>
<h4>fullRoutesJson 从fullRoutesArr转换</h4>
<pre><code class="language-php">//转换json之后
[{
"level": "login",
"ismenu": false,
"title": "登录页",
"key": "Login",
"icon": "icon-disc",
"apis": ["get1.php", "get2.php"],//页面权限api
"elems": ["elem1", "elem2"], //页面权限元素
"children": {
"level": "auth",
"ismenu": true,
"title": "模糊匹配",
"key": "AutoComplete-folder",
"icon": "icon-disc",
"apis": ["get1.php", "get2.php"],
"elems": ["elem1", "elem2"]
}
}]</code></pre>
<h4>apisArr 后台所有API的PHP数组</h4>
<pre><code class="language-php">//方案一
$apisArr = [
'get.php'=>[
'params'=>['p1','p2'],
'fields'=>['tb1-field_1','tb1-field_2','tb2-field_2']
],
'add.php'=>[
'params'=>['p1','p2'],
'fields'=>['tb1-field_1','tb1-field_2','tb2-field_2']
]
];
//方案二
$apisArr = [
[
'url'=>'get.php',
'params'=>['p1','p2'],
'fields'=>['tb1-field_1','tb1-field_2','tb2-field_2']
],
[
'url'=>'add.php',
'params'=>['p1','p2'],
'fields'=>['tb1-field_1','tb1-field_2','tb2-field_2']
]
];</code></pre>
<h4>apisJson 从apisArr转换</h4>
<pre><code class="language-php">//方案一
{
"get.php": {
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
},
"add.php": {
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
}
}
//方案二
[{
"url": "get.php",
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
},
{
"url": "add.php",
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
}]</code></pre>
<h4>角色权限页面数组</h4>
<blockquote>
<ol>
<li>只保留level=='auth'的</li>
<li>将apis关联入fullRoutes</li>
</ol>
</blockquote>
<pre><code class="language-php">[
[
'level'=>'login',//public/login/auth
'ismenu'=>false,
'title'=> '登录页',
'key'=> 'Login',//route
'icon'=> 'icon-disc',
'target'=>'blank',
'apis'=>[
'get1.php'=>[
"params"=>["p1", "p2"],
"fields"=>["tb1-field_1", "tb1-field_2", "tb2-field_2"]
],
'get2.php'=>[
"params"=>["p1", "p2"],
"fields"=>["tb1-field_1", "tb1-field_2", "tb2-field_2"]
]
],
'elems'=>['elem1','elem2'],
'children'=> [
'level'=>'auth',
'ismenu'=>true,
'target'=>'blank',
'title'=> '模糊匹配',
'key'=> 'AutoComplete-folder',//route
'icon'=> 'icon-disc',
'apis'=>['get1.php','get2.php'],
'elems'=>['elem1','elem2']
]
]
];
//Json形式
[{
"level": "login",
"ismenu": false,
"title": "登录页",
"key": "Login",
"target": '',
"icon": "icon-disc",
"apis": {
"get1.php": {
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
},
"get2.php": {
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
}
},
"elems": ["elem1", "elem2"],
"children": {
"level": "auth",
"ismenu": true,
"target":'',
"title": "模糊匹配",
"key": "AutoComplete-folder",
"icon": "icon-disc",
"apis": ["get1.php", "get2.php"],
"elems": ["elem1", "elem2"]
}
}]
</code></pre>
<h4>RoleRoute当前用户权限数组</h4>
<blockquote>
<p>将没有权限的删掉,并考虑如何记录的问题</p>
</blockquote>