角色权限探索2
[页面菜单访问权限控制,表单访问权限控制,按钮级别权限控制,数据权限控制](https://blog.csdn.net/qq_33410077/article/details/90791774?utm_medium=distribute.pc_aggpage_search_result.none-task-blog-2~all~first_rank_v2~rank_v25-6-90791774.nonecase&utm_term=%E6%8C%89%E9%92%AE%E7%BA%A7%E5%88%AB%E6%9D%83%E9%99%90%E6%8E%A7%E5%88%B6%E8%AE%BE%E8%AE%A1 "页面菜单访问权限控制,表单访问权限控制,按钮级别权限控制,数据权限控制")
[经验总结:B端产品的数据权限设计](http://www.woshipm.com/pd/3408583.html/comment-page-1 "经验总结:B端产品的数据权限设计")
PHP ROTER_POWER API_POWER
基于api(接口) 在控制器控制, 读取API_POWER,去掉接api_power,再用API_POWER剩下的数据过滤掉结果集
db table:roles auth_power api_power
js 增改 ROTER_POWER API_POWER 匹配 auth_power api_power
浏览 配合v指令 合并为vauth
fullRoutesArr 后台所有路由的PHP数组
//php源数组
$fullRoutesArr = [
[
'level'=>'login',//public/login/auth
'ismenu'=>false,
'title'=> '登录页',
'key'=> 'Login',//route
'icon'=> 'icon-disc',
'apis'=>['get1.php','get2.php'],
'elems'=>['elem1','elem2'],
'children'=> [
'level'=>'auth',
'ismenu'=>true,
'title'=> '模糊匹配',
'key'=> 'AutoComplete-folder',//route
'icon'=> 'icon-disc',
'apis'=>['get1.php','get2.php'],
'elems'=>['elem1','elem2']
]
]
];
fullRoutesJson 从fullRoutesArr转换
//转换json之后
[{
"level": "login",
"ismenu": false,
"title": "登录页",
"key": "Login",
"icon": "icon-disc",
"apis": ["get1.php", "get2.php"],//页面权限api
"elems": ["elem1", "elem2"], //页面权限元素
"children": {
"level": "auth",
"ismenu": true,
"title": "模糊匹配",
"key": "AutoComplete-folder",
"icon": "icon-disc",
"apis": ["get1.php", "get2.php"],
"elems": ["elem1", "elem2"]
}
}]
apisArr 后台所有API的PHP数组
//方案一
$apisArr = [
'get.php'=>[
'params'=>['p1','p2'],
'fields'=>['tb1-field_1','tb1-field_2','tb2-field_2']
],
'add.php'=>[
'params'=>['p1','p2'],
'fields'=>['tb1-field_1','tb1-field_2','tb2-field_2']
]
];
//方案二
$apisArr = [
[
'url'=>'get.php',
'params'=>['p1','p2'],
'fields'=>['tb1-field_1','tb1-field_2','tb2-field_2']
],
[
'url'=>'add.php',
'params'=>['p1','p2'],
'fields'=>['tb1-field_1','tb1-field_2','tb2-field_2']
]
];
apisJson 从apisArr转换
//方案一
{
"get.php": {
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
},
"add.php": {
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
}
}
//方案二
[{
"url": "get.php",
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
},
{
"url": "add.php",
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
}]
角色权限页面数组
>1. 只保留level=='auth'的
- 将apis关联入fullRoutes
[
[
'level'=>'login',//public/login/auth
'ismenu'=>false,
'title'=> '登录页',
'key'=> 'Login',//route
'icon'=> 'icon-disc',
'target'=>'blank',
'apis'=>[
'get1.php'=>[
"params"=>["p1", "p2"],
"fields"=>["tb1-field_1", "tb1-field_2", "tb2-field_2"]
],
'get2.php'=>[
"params"=>["p1", "p2"],
"fields"=>["tb1-field_1", "tb1-field_2", "tb2-field_2"]
]
],
'elems'=>['elem1','elem2'],
'children'=> [
'level'=>'auth',
'ismenu'=>true,
'target'=>'blank',
'title'=> '模糊匹配',
'key'=> 'AutoComplete-folder',//route
'icon'=> 'icon-disc',
'apis'=>['get1.php','get2.php'],
'elems'=>['elem1','elem2']
]
]
];
//Json形式
[{
"level": "login",
"ismenu": false,
"title": "登录页",
"key": "Login",
"target": '',
"icon": "icon-disc",
"apis": {
"get1.php": {
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
},
"get2.php": {
"params": ["p1", "p2"],
"fields": ["tb1-field_1", "tb1-field_2", "tb2-field_2"]
}
},
"elems": ["elem1", "elem2"],
"children": {
"level": "auth",
"ismenu": true,
"target":'',
"title": "模糊匹配",
"key": "AutoComplete-folder",
"icon": "icon-disc",
"apis": ["get1.php", "get2.php"],
"elems": ["elem1", "elem2"]
}
}]
RoleRoute当前用户权限数组
>将没有权限的删掉,并考虑如何记录的问题