Exemplo n.º 1
0
 /**
  * 删除单个控制器授权项
  * 此action要检查已经纳入控制的action是否有效(无效状态为数据库中存在,但代码中已经不存在)
  * @author lixupeng
  */
 public function actionDeleteAction()
 {
     $params = Yii::$app->request->queryParams;
     $module = isset($params['module']) ? $params['module'] : '';
     $controller = isset($params['controller']) ? $params['controller'] : '';
     $this->validateController($module, $controller);
     // 已经存在的action
     $existsActions = models\RbacAuthitems::getExistsControllerAction($module, $controller);
     $actions = Yii::$app->request->post('actions');
     if ($actions) {
         // 安全过滤出待删除的action 因为已经存在的action的主键name是完整的Controller+Action的地址
         // 页面提交过来的也是完整的name,所以使用已经存在的键值(name)比较合集,安全过滤出真实数据
         $actions = array_intersect($actions, array_keys($existsActions));
         // 然后再通过actions name 来删除关系表中的数据
         if (models\RbacAuthitems::deleteAuthItemByNames($actions)) {
             //刷新总允许运行的权限缓存
             models\RbacAuthitems::getAllowedAccess(false);
         }
         $existsActions = array_diff(array_keys($existsActions), $actions);
     }
     $controllerActions = $this->getPublicActions($controller, $module);
     // 检查已失效项目
     $faieldActions = [];
     if ($existsActions) {
         foreach ($existsActions as $name => $action) {
             if (!in_array($action, $controllerActions)) {
                 $faieldActions[$name] = $action;
             }
         }
     }
     return $this->render('/rbac/authitems/deleteAction', ['module' => $module, 'controller' => $controller, 'faieldActions' => $faieldActions, 'existsActions' => $existsActions]);
 }