Stones on the beach 830

1. What is permission management? Permission management is the subdivision of back-end functions and the management of different tasks for different staff.

How is RBAC implemented? Through restrictions on different controllers and different methods of controllers, Realized management.

To implement RBAC, three tables are needed, a user table, a role table, and a permission table

User table:

id ****** role_id

Role table

role_id **** ** access_ids (record all accessible permission IDs)

Permission table

access_id

Record all controllers or actions under the controller

2. How to control, in the parent class of the controller or the initialization of the controller Just make the judgment in the method

$role_id = $_SESSION['role_id'];

$role = $db->role->findByPk($role_id);

$access = $db->access ->findAllByPk($role['access_id']);

Get the controller or controller method to be executed according to the router class

$m = current_method();//Get the current method to be accessed

if( !in_array($m, $access)){

redirect('/index');

}

The above has introduced the seaside stone 830, including the relevant content. I hope it will be helpful to friends who are interested in PHP tutorials.