public function actionCheckAuthitems() { $model = new models\RbacAuthitems(); //检测此表权限的有效性 $notExistAuthitems = $model->checkAuthitems(); $actions = Yii::$app->request->post('actions'); if ($actions) { //安全过滤 防止删除掉不应该删掉的权限 $actions = array_intersect($actions, $notExistAuthitems); // 然后再通过actions name 来删除关系表中的数据 if (models\RbacAuthitems::deleteAuthItemByNames($actions)) { //刷新总允许运行的权限缓存 models\RbacAuthitems::getAllowedAccess(false); } $notExistAuthitems = array_diff($notExistAuthitems, $actions); } return $this->render('/rbac/authitems/checkAuthitems', ['model' => $model, 'notExistAuthitems' => $notExistAuthitems]); }
/** * The auth items that access is always allowed. Configured in srbac module's * configuration * @return The always allowed auth items */ protected function allowedAccess() { return RbacAuthitems::getAllowedAccess(); }