/** * 删除单个控制器授权项 * 此action要检查已经纳入控制的action是否有效(无效状态为数据库中存在,但代码中已经不存在) * @author lixupeng */ public function actionDeleteAction() { $params = Yii::$app->request->queryParams; $module = isset($params['module']) ? $params['module'] : ''; $controller = isset($params['controller']) ? $params['controller'] : ''; $this->validateController($module, $controller); // 已经存在的action $existsActions = models\RbacAuthitems::getExistsControllerAction($module, $controller); $actions = Yii::$app->request->post('actions'); if ($actions) { // 安全过滤出待删除的action 因为已经存在的action的主键name是完整的Controller+Action的地址 // 页面提交过来的也是完整的name,所以使用已经存在的键值(name)比较合集,安全过滤出真实数据 $actions = array_intersect($actions, array_keys($existsActions)); // 然后再通过actions name 来删除关系表中的数据 if (models\RbacAuthitems::deleteAuthItemByNames($actions)) { //刷新总允许运行的权限缓存 models\RbacAuthitems::getAllowedAccess(false); } $existsActions = array_diff(array_keys($existsActions), $actions); } $controllerActions = $this->getPublicActions($controller, $module); // 检查已失效项目 $faieldActions = []; if ($existsActions) { foreach ($existsActions as $name => $action) { if (!in_array($action, $controllerActions)) { $faieldActions[$name] = $action; } } } return $this->render('/rbac/authitems/deleteAction', ['module' => $module, 'controller' => $controller, 'faieldActions' => $faieldActions, 'existsActions' => $existsActions]); }