Auth \u7c7b\u5df2\u7ecf\u5728ThinkPHP\u4ee3\u7801\u4ed3\u5e93\u4e2d\u5b58\u5728\u5f88\u4e45\u4e86\uff0c\u4f46\u662f\u56e0\u4e3a\u4e00\u76f4\u6ca1\u6709\u51fa\u8fc7\u5b83\u7684\u6559\u7a0b\uff0c \u5f88\u5c11\u4eba\u77e5\u9053\u5b83\uff0c \u5b83\u5176\u5b9e\u6bd4RBAC\u66f4\u65b9\u4fbf \u3002
\nRBAC\u662f\u6309\u8282\u70b9\u8fdb\u884c\u8ba4\u8bc1\u7684\uff0c\u5982\u679c\u8981\u63a7\u5236\u6bd4\u8282\u70b9\u66f4\u7ec6\u7684\u6743\u9650\u5c31\u6709\u70b9\u56f0\u96be\u4e86\uff0c\u6bd4\u5982\u9875\u9762\u4e0a\u9762\u7684\u64cd\u4f5c\u6309\u94ae\uff0c \u6211\u60f3\u5224\u65ad\u7528\u6237\u6743\u9650\u6765\u663e\u793a\u8fd9\u4e2a\u6309\u94ae\uff0c \u5982\u679c\u6ca1\u6709\u6743\u9650\u5c31\u4e0d\u4f1a\u663e\u793a\u8fd9\u4e2a\u6309\u94ae\uff1b \u518d\u6bd4\u5982\u6211\u60f3\u6309\u79ef\u5206\u8fdb\u884c\u6743\u9650\u8ba4\u8bc1\uff0c \u79ef\u5206\u57280-100\u65f6\u80fd\u5e72\u4ec0\u4e48\uff0c \u5728101-200\u65f6\u80fd\u5e72\u4ec0\u4e48\u3002 \u8fd9\u4e9b\u6743\u9650\u8ba4\u8bc1\u7528RABC\u90fd\u5f88\u56f0\u96be\u3002
\n\u4e0b\u9762\u4ecb\u7ecd Auth\u6743\u9650\u8ba4\u8bc1\uff0c \u5b83\u51e0\u4e4e\u662f\u5168\u80fd\u7684\uff0c \u9664\u4e86\u80fd\u8fdb\u884c\u8282\u70b9\u8ba4\u8bc1\uff0c \u4e0a\u9762\u8bf4\u7684RABC\u5f88\u96be\u8ba4\u8bc1\u7684\u4e24\u79cd\u60c5\u51b5\uff0c\u5b83\u90fd\u80fd\u5b9e\u73b0\u3002
\nAuth\u6743\u9650\u8ba4\u8bc1\u662f\u6309\u89c4\u5219\u8fdb\u884c\u8ba4\u8bc1\u3002\u6211\u5148\u8bf4\u8bf4\u5b83\u7684\u539f\u7406\u3002 \u5728\u6570\u636e\u5e93\u4e2d\u6211\u4eec\u6709 \u89c4\u5219\u8868\uff08think_auth_rule\uff09 \u7528\u6237\u7ec4\u8868(think_auth_group) \u7528\u6237\u7ec4\u660e\u663e\u8868\uff08think_auth_group_access\uff09
\n\u6211\u4eec\u5728\u89c4\u5219\u8868\u4e2d\u5b9a\u4e49\u6743\u9650\u89c4\u5219 \uff0c \u5728\u7528\u6237\u7ec4\u8868\u4e2d\u5b9a\u4e49\u6bcf\u4e2a\u7528\u6237\u7ec4\u6709\u54ea\u4e9b\u6743\u9650\u89c4\u5219\uff0c\u5728\u7528\u6237\u7ec4\u660e\u663e\u8868\u4e2d \u5b9a\u4e49\u7528\u6237\u6240\u5c5e\u7684\u7528\u6237\u7ec4\u3002 \u4e0b\u9762\u4e3e\u4f8b\u8bf4\u660e\u3002
\n\u6211\u4eec\u8981\u5224\u65ad\u7528\u6237\u662f\u5426\u6709\u663e\u793a\u4e00\u4e2a\u64cd\u4f5c\u6309\u94ae\u7684\u6743\u9650\uff0c \u9996\u5148\u5b9a\u4e49\u4e00\u4e2a\u89c4\u5219\uff0c \u5728\u89c4\u5219\u8868\u4e2d\u6dfb\u52a0\u4e00\u4e2a\u540d\u4e3a show_button \u7684\u89c4\u5219\u3002 \u7136\u540e\u5728\u7528\u6237\u7ec4\u8868\u6dfb\u52a0\u4e00\u4e2a\u7528\u6237\u7ec4\uff0c\u5b9a\u4e49\u8fd9\u4e2a\u7528\u6237\u7ec4\u6709show_button \u7684\u6743\u9650\u89c4\u5219\uff08think_auth_group\u8868\u4e2drules\u5b57\u6bb5\u5b58\u5f97\u65f6\u89c4\u5219ID\uff0c\u591a\u4e2a\u4ee5\u9017\u53f7\u9694\u5f00\uff09\uff0c \u7136\u540e\u5728\u7528\u6237\u7ec4\u660e\u7ec6\u8868\u5b9a\u4e49 UID \u4e3a1 \u7684\u7528\u6237 \u5c5e\u4e8e\u521a\u624d\u8fd9\u4e2a\u7684\u8fd9\u4e2a\u7528\u6237\u7ec4\u3002
\nok\uff0c\u8868\u6570\u636e\u5b9a\u4e49\u597d\u540e\uff0c \u5224\u65ad\u6743\u9650\u5f88\u7b80\u5355<\/p>\n
import('ORG.Util.Auth');\/\/\u52a0\u8f7d\u7c7b\u5e93\r\n $auth=new Auth();\r\n if($auth->check('show_button',1)){\/\/ \u7b2c\u4e00\u4e2a\u53c2\u6570\u662f\u89c4\u5219\u540d\u79f0,\u7b2c\u4e8c\u4e2a\u53c2\u6570\u662f\u7528\u6237UID\r\n \/\/\u6709\u663e\u793a\u64cd\u4f5c\u6309\u94ae\u7684\u6743\u9650\r\n }else{\r\n \/\/\u6ca1\u6709\u663e\u793a\u64cd\u4f5c\u6309\u94ae\u7684\u6743\u9650\r\n }<\/pre>\nAuth\u7c7b\u540c\u6837\u53ef\u4ee5\u505a\u50cfRBAC\u4e00\u6837\u7684\u5bf9\u8282\u70b9\u8fdb\u884c\u8ba4\u8bc1\u3002 \u6211\u4eec\u53ea\u8981\u5c06\u89c4\u5219\u540d\u79f0\uff0c\u5b9a\u4e49\u4e3a\u8282\u70b9\u540d\u79f0\u5c31\u884c\u4e86\u3002
\n\u548cRABC\u4e00\u6837 \u5728\u516c\u5171\u63a7\u5236\u5668CommonAction \u4e2d\u5b9a\u4e49_initialize \u65b9\u6cd5\uff0c<\/p>\n
<?php\r\nclass CommonAction extends Action{\r\n public function _initialize(){\r\n import('ORG.Util.Auth');\/\/\u52a0\u8f7d\u7c7b\u5e93\r\n $auth=new Auth();\r\n if(!$auth->check(MODULE_NAME.'-'.ACTION_NAME,session('uid'))){\r\n $this->error('\u4f60\u6ca1\u6709\u6743\u9650');\r\n }\r\n }\r\n}<\/pre>\n\u8fd9\u65f6\u5019\u6211\u4eec\u53ef\u4ee5\u5728\u6570\u636e\u5e93\u4e2d\u6dfb\u52a0\u7684\u8282\u70b9\u89c4\u5219\uff0c \u683c\u5f0f\u4e3a\uff1a \u201c\u63a7\u5236\u5668\u540d\u79f0-\u65b9\u6cd5\u540d\u79f0\u201d<\/p>\n
Auth \u7c7b \u8fd8\u53ef\u4ee5\u591a\u4e2a\u89c4\u5219\u4e00\u8d77\u8ba4\u8bc1 \u5982\uff1a<\/p>\n
$auth->check('rule1,rule2',uid);<\/pre>\n\u8868\u793a \u8ba4\u8bc1\u7528\u6237\u53ea\u8981\u6709rule1\u7684\u6743\u9650\u6216rule2\u7684\u6743\u9650\uff0c\u53ea\u8981\u6709\u4e00\u4e2a\u89c4\u5219\u7684\u6743\u9650\uff0c\u8ba4\u8bc1\u8fd4\u56de\u7ed3\u679c\u5c31\u4e3atrue \u5373\u8ba4\u8bc1\u901a\u8fc7\u3002 \u9ed8\u8ba4\u591a\u4e2a\u6743\u9650\u7684\u5173\u7cfb\u662f \u201cor\u201d \u5173\u7cfb\uff0c\u4e5f\u5c31\u662f\u8bf4\u591a\u4e2a\u6743\u9650\u4e2d\uff0c\u53ea\u8981\u6709\u4e2a\u6743\u9650\u901a\u8fc7\u5219\u901a\u8fc7\u3002 \u6211\u4eec\u4e5f\u53ef\u4ee5\u5b9a\u4e49\u4e3a \u201cand\u201d \u5173\u7cfb<\/p>\n
$auth->check('rule1,rule2',uid,'and');<\/pre>\n\u7b2c\u4e09\u4e2a\u53c2\u6570\u6307\u5b9a\u4e3a”and” \u8868\u793a\u591a\u4e2a\u89c4\u5219\u4ee5and\u5173\u7cfb\u8fdb\u884c\u8ba4\u8bc1\uff0c \u8fd9\u65f6\u5019\u591a\u4e2a\u89c4\u5219\u540c\u65f6\u901a\u8fc7\u8ba4\u8bc1 \u624d\u6709\u6743\u9650\u3002\u53ea\u8981\u4e00\u4e2a\u89c4\u5219\u6ca1\u6709\u6743\u9650\u5219\u5c31\u4f1a\u8fd4\u56defalse\u3002<\/p>\n
Auth\u8ba4\u8bc1\uff0c\u4e00\u4e2a\u7528\u6237\u53ef\u4ee5\u5c5e\u4e8e\u591a\u4e2a\u7528\u6237\u7ec4\u3002 \u6bd4\u5982\u6211\u4eec\u5bf9 show_button\u8fd9\u4e2a\u89c4\u5219\u8fdb\u884c\u8ba4\u8bc1\uff0c \u7528\u6237A \u540c\u65f6\u5c5e\u4e8e \u7528\u6237\u7ec41 \u548c\u7528\u6237\u7ec42 \u4e24\u4e2a\u7528\u6237\u7ec4 \uff0c \u7528\u6237\u7ec41 \u6ca1\u6709show_button \u89c4\u5219\u6743\u9650\uff0c \u4f46\u5982\u679c\u7528\u6237\u7ec42 \u6709show_button \u89c4\u5219\u6743\u9650\uff0c\u5219\u4e00\u6837\u4f1a\u6743\u9650\u8ba4\u8bc1\u901a\u8fc7\u3002<\/p>\n
$auth->getGroups(uid)\r\n<\/pre>\n\u901a\u8fc7\u4e0a\u9762\u4ee3\u7801\uff0c\u53ef\u4ee5\u83b7\u5f97\u7528\u6237\u6240\u5c5e\u7684\u6240\u6709\u7528\u6237\u7ec4\uff0c\u65b9\u4fbf\u6211\u4eec\u5728\u7f51\u7ad9\u4e0a\u9762\u663e\u793a\u3002<\/p>\n
Auth\u7c7b\u8fd8\u53ef\u4ee5\u6309\u7528\u6237\u5c5e\u6027\u8fdb\u884c\u5224\u65ad\u6743\u9650\uff0c \u6bd4\u5982 \u6309\u7167\u7528\u6237\u79ef\u5206\u8fdb\u884c\u5224\u65ad\uff0c \u5047\u8bbe\u6211\u4eec\u7684\u7528\u6237\u8868 (think_members) \u6709\u5b57\u6bb5 score \u8bb0\u5f55\u4e86\u7528\u6237\u79ef\u5206\u3002
\n\u6211\u5728\u89c4\u5219\u8868\u6dfb\u52a0\u89c4\u5219\u65f6\uff0c\u5b9a\u4e49\u89c4\u5219\u8868\u7684condition \u5b57\u6bb5\uff0ccondition\u5b57\u6bb5\u662f\u89c4\u5219\u6761\u4ef6\uff0c \u9ed8\u8ba4\u4e3a\u7a7a \u8868\u793a\u6ca1\u6709\u9644\u52a0\u6761\u4ef6\uff0c \u7528\u6237\u7ec4\u4e2d\u53ea\u6709\u89c4\u5219 \u5c31\u901a\u8fc7\u8ba4\u8bc1\u3002 \u5982\u679c\u5b9a\u4e49\u4e86 condition\u5b57\u6bb5\uff0c \u7528\u6237\u7ec4\u4e2d\u6709\u89c4\u5219 \u4e0d\u4e00\u5b9a\u80fd\u901a\u8fc7\u8ba4\u8bc1\uff0c \u7a0b\u5e8f\u8fd8\u4f1a\u5224\u65ad\u662f\u5426\u6ee1\u8db3 \u9644\u52a0\u6761\u4ef6\u3002 \u6bd4\u5982\u6211\u4eec\u6dfb\u52a0\u51e0\u6761\u89c4\u5219\uff1a <\/p>\n
\r\nname\u5b57\u6bb5\uff1a grade1 condition\u5b57\u6bb5\uff1a {score}<100 \r\nname\u5b57\u6bb5\uff1a grade2 condition\u5b57\u6bb5\uff1a {score}>100 and {score}<200\r\nname \u5b57\u6bb5: grade3 condition\u5b57\u6bb5 : {score}>200 and {score}<300\r\n<\/pre>\n\u8fd9\u91cc {score} \u8868\u793a think_members \u8868 \u4e2d\u5b57\u6bb5 score\u7684\u503c\u3002 <\/p>\n
\u90a3\u4e48\u8fd9\u65f6\u5019
\n$auth->check(‘grade1’uid) \u662f\u5224\u65ad\u7528\u6237\u79ef\u5206\u662f\u4e0d\u662f0-100
\n$auth->check(‘grade2’uid) \u5224\u65ad\u7528\u6237\u79ef\u5206\u662f\u4e0d\u662f\u5728100-200
\n$auth->check(‘grade3’uid) \u5224\u65ad\u7528\u6237\u79ef\u5206\u662f\u4e0d\u662f\u5728200-300<\/p>\n
Auth \u7c7b\u8ba4\u8bc1\u7684\u4f7f\u7528\u65b9\u6cd5 \u5927\u81f4\u5982\u4e0a\uff0c\u662f\u5426\u6709\u70b9\u76f8\u89c1\u6068\u665a\u7684\u611f\u89c9\uff1f <\/p>\n
—————————————————-<\/p>\n
\u5728\u4f7f\u7528Auth\u7c7b\u524d\u9700\u8981\u914d\u7f6econfig.php<\/p>\n
'AUTH_CONFIG'=>array(\r\n 'AUTH_ON' => true, \/\/\u8ba4\u8bc1\u5f00\u5173\r\n 'AUTH_TYPE' => 1, \/\/ \u8ba4\u8bc1\u65b9\u5f0f\uff0c1\u4e3a\u65f6\u65f6\u8ba4\u8bc1\uff1b2\u4e3a\u767b\u5f55\u8ba4\u8bc1\u3002\r\n 'AUTH_GROUP' => 'think_auth_group', \/\/\u7528\u6237\u7ec4\u6570\u636e\u8868\u540d\r\n 'AUTH_GROUP_ACCESS' => 'think_auth_group_access', \/\/\u7528\u6237\u7ec4\u660e\u7ec6\u8868\r\n 'AUTH_RULE' => 'think_auth_rule', \/\/\u6743\u9650\u89c4\u5219\u8868\r\n 'AUTH_USER' => 'think_members'\/\/\u7528\u6237\u4fe1\u606f\u8868\r\n )<\/pre>\n\u9700\u8981\u5bfc\u5165\u6570\u636e\u5e93<\/p>\n
-- ----------------------------\r\n-- think_auth_rule\uff0c\u89c4\u5219\u8868\uff0c\r\n-- id:\u4e3b\u952e\uff0cname\uff1a\u89c4\u5219\u552f\u4e00\u6807\u8bc6, title\uff1a\u89c4\u5219\u4e2d\u6587\u540d\u79f0 status \u72b6\u6001\uff1a\u4e3a1\u6b63\u5e38\uff0c\u4e3a0\u7981\u7528\uff0ccondition\uff1a\u89c4\u5219\u8868\u8fbe\u5f0f\uff0c\u4e3a\u7a7a\u8868\u793a\u5b58\u5728\u5c31\u9a8c\u8bc1\uff0c\u4e0d\u4e3a\u7a7a\u8868\u793a\u6309\u7167\u6761\u4ef6\u9a8c\u8bc1\r\n-- ----------------------------\r\n DROP TABLE IF EXISTS `think_auth_rule`;\r\nCREATE TABLE `think_auth_rule` ( \r\n `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, \r\n `name` char(80) NOT NULL DEFAULT '', \r\n `title` char(20) NOT NULL DEFAULT '', \r\n `status` tinyint(1) NOT NULL DEFAULT '1', \r\n `condition` char(100) NOT NULL DEFAULT '', \r\n PRIMARY KEY (`id`), \r\n UNIQUE KEY `name` (`name`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=utf8;\r\n-- ----------------------------\r\n-- think_auth_group \u7528\u6237\u7ec4\u8868\uff0c \r\n-- id\uff1a\u4e3b\u952e\uff0c title:\u7528\u6237\u7ec4\u4e2d\u6587\u540d\u79f0\uff0c rules\uff1a\u7528\u6237\u7ec4\u62e5\u6709\u7684\u89c4\u5219id\uff0c \u591a\u4e2a\u89c4\u5219\",\"\u9694\u5f00\uff0cstatus \u72b6\u6001\uff1a\u4e3a1\u6b63\u5e38\uff0c\u4e3a0\u7981\u7528\r\n-- ----------------------------\r\n DROP TABLE IF EXISTS `think_auth_group`;\r\nCREATE TABLE `think_auth_group` ( \r\n `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, \r\n `title` char(100) NOT NULL DEFAULT '', \r\n `status` tinyint(1) NOT NULL DEFAULT '1', \r\n `rules` char(80) NOT NULL DEFAULT '', \r\n PRIMARY KEY (`id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=utf8;\r\n-- ----------------------------\r\n-- think_auth_group_access \u7528\u6237\u7ec4\u660e\u7ec6\u8868\r\n-- uid:\u7528\u6237id\uff0cgroup_id\uff1a\u7528\u6237\u7ec4id\r\n-- ----------------------------\r\nDROP TABLE IF EXISTS `think_auth_group_access`;\r\nCREATE TABLE `think_auth_group_access` ( \r\n `uid` mediumint(8) unsigned NOT NULL, \r\n `group_id` mediumint(8) unsigned NOT NULL, \r\n UNIQUE KEY `uid_group_id` (`uid`,`group_id`), \r\n KEY `uid` (`uid`), \r\n KEY `group_id` (`group_id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=utf8;<\/pre>\n\u6700\u540e\u9700\u8981\u4e0b\u8f7dAuth\u7c7b\u6587\u4ef6\u5230\u4f60\u7684\u9879\u76ee\u4e2d\uff0c\u5927\u5bb6\u53ef\u4ee5\u4e0b\u8f7d\u6211\u4e0a\u4f20\u7684\u9644\u4ef6\uff0c Auth\u7c7b\u5728ThinkPHP\u4ee3\u7801\u4ed3\u5e93\u4e2d\u7684\u4f4d\u7f6e\u5728\uff1a https:\/\/github.com\/liu21st\/extend\/blob\/master\/Extend\/Library\/ORG\/Util\/Auth.class.php<\/p>\n
Auth.class.php<\/p>\n
<?php\r\n\/\/ +----------------------------------------------------------------------\r\n\/\/ | ThinkPHP [ WE CAN DO IT JUST THINK IT ]\r\n\/\/ +----------------------------------------------------------------------\r\n\/\/ | Copyright (c) 2011 http:\/\/thinkphp.cn All rights reserved.\r\n\/\/ +----------------------------------------------------------------------\r\n\/\/ | Licensed ( http:\/\/www.apache.org\/licenses\/LICENSE-2.0 )\r\n\/\/ +----------------------------------------------------------------------\r\n\/\/ | Author: luofei614 <weibo.com\/luofei614>\u3000\r\n\/\/ +----------------------------------------------------------------------\r\n\/**\r\n * \u6743\u9650\u8ba4\u8bc1\u7c7b\r\n * \u529f\u80fd\u7279\u6027\uff1a\r\n * 1\uff0c\u662f\u5bf9\u89c4\u5219\u8fdb\u884c\u8ba4\u8bc1\uff0c\u4e0d\u662f\u5bf9\u8282\u70b9\u8fdb\u884c\u8ba4\u8bc1\u3002\u7528\u6237\u53ef\u4ee5\u628a\u8282\u70b9\u5f53\u4f5c\u89c4\u5219\u540d\u79f0\u5b9e\u73b0\u5bf9\u8282\u70b9\u8fdb\u884c\u8ba4\u8bc1\u3002\r\n * $auth=new Auth(); $auth->check('\u89c4\u5219\u540d\u79f0','\u7528\u6237id')\r\n * 2\uff0c\u53ef\u4ee5\u540c\u65f6\u5bf9\u591a\u6761\u89c4\u5219\u8fdb\u884c\u8ba4\u8bc1\uff0c\u5e76\u8bbe\u7f6e\u591a\u6761\u89c4\u5219\u7684\u5173\u7cfb\uff08or\u6216\u8005and\uff09\r\n * $auth=new Auth(); $auth->check('\u89c4\u52191,\u89c4\u52192','\u7528\u6237id','and') \r\n * \u7b2c\u4e09\u4e2a\u53c2\u6570\u4e3aand\u65f6\u8868\u793a\uff0c\u7528\u6237\u9700\u8981\u540c\u65f6\u5177\u6709\u89c4\u52191\u548c\u89c4\u52192\u7684\u6743\u9650\u3002 \u5f53\u7b2c\u4e09\u4e2a\u53c2\u6570\u4e3aor\u65f6\uff0c\u8868\u793a\u7528\u6237\u503c\u9700\u8981\u5177\u5907\u5176\u4e2d\u4e00\u4e2a\u6761\u4ef6\u5373\u53ef\u3002\u9ed8\u8ba4\u4e3aor\r\n * 3\uff0c\u4e00\u4e2a\u7528\u6237\u53ef\u4ee5\u5c5e\u4e8e\u591a\u4e2a\u7528\u6237\u7ec4(think_auth_group_access\u8868 \u5b9a\u4e49\u4e86\u7528\u6237\u6240\u5c5e\u7528\u6237\u7ec4)\u3002\u6211\u4eec\u9700\u8981\u8bbe\u7f6e\u6bcf\u4e2a\u7528\u6237\u7ec4\u62e5\u6709\u54ea\u4e9b\u89c4\u5219(think_auth_group \u5b9a\u4e49\u4e86\u7528\u6237\u7ec4\u6743\u9650)\r\n * \r\n * 4\uff0c\u652f\u6301\u89c4\u5219\u8868\u8fbe\u5f0f\u3002\r\n * \u5728think_auth_rule \u8868\u4e2d\u5b9a\u4e49\u4e00\u6761\u89c4\u5219\u65f6\uff0c\u5982\u679ctype\u4e3a1\uff0c condition\u5b57\u6bb5\u5c31\u53ef\u4ee5\u5b9a\u4e49\u89c4\u5219\u8868\u8fbe\u5f0f\u3002 \u5982\u5b9a\u4e49{score}>5 and {score}<100 \u8868\u793a\u7528\u6237\u7684\u5206\u6570\u57285-100\u4e4b\u95f4\u65f6\u8fd9\u6761\u89c4\u5219\u624d\u4f1a\u901a\u8fc7\u3002\r\n * @category ORG\r\n * @package ORG\r\n * @subpackage Util\r\n * @author luofei614<weibo.com\/luofei614>\r\n *\/\r\n\r\n\/\/\u6570\u636e\u5e93\r\n\/*\r\n-- ----------------------------\r\n-- think_auth_rule\uff0c\u89c4\u5219\u8868\uff0c\r\n-- id:\u4e3b\u952e\uff0cname\uff1a\u89c4\u5219\u552f\u4e00\u6807\u8bc6, title\uff1a\u89c4\u5219\u4e2d\u6587\u540d\u79f0 status \u72b6\u6001\uff1a\u4e3a1\u6b63\u5e38\uff0c\u4e3a0\u7981\u7528\uff0ccondition\uff1a\u89c4\u5219\u8868\u8fbe\u5f0f\uff0c\u4e3a\u7a7a\u8868\u793a\u5b58\u5728\u5c31\u9a8c\u8bc1\uff0c\u4e0d\u4e3a\u7a7a\u8868\u793a\u6309\u7167\u6761\u4ef6\u9a8c\u8bc1\r\n-- ----------------------------\r\n DROP TABLE IF EXISTS `think_auth_rule`;\r\nCREATE TABLE `think_auth_rule` ( \r\n `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, \r\n `name` char(80) NOT NULL DEFAULT '', \r\n `title` char(20) NOT NULL DEFAULT '', \r\n `status` tinyint(1) NOT NULL DEFAULT '1', \r\n `condition` char(100) NOT NULL DEFAULT '', \r\n PRIMARY KEY (`id`), \r\n UNIQUE KEY `name` (`name`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=utf8;\r\n-- ----------------------------\r\n-- think_auth_group \u7528\u6237\u7ec4\u8868\uff0c \r\n-- id\uff1a\u4e3b\u952e\uff0c title:\u7528\u6237\u7ec4\u4e2d\u6587\u540d\u79f0\uff0c rules\uff1a\u7528\u6237\u7ec4\u62e5\u6709\u7684\u89c4\u5219id\uff0c \u591a\u4e2a\u89c4\u5219\",\"\u9694\u5f00\uff0cstatus \u72b6\u6001\uff1a\u4e3a1\u6b63\u5e38\uff0c\u4e3a0\u7981\u7528\r\n-- ----------------------------\r\n DROP TABLE IF EXISTS `think_auth_group`;\r\nCREATE TABLE `think_auth_group` ( \r\n `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT, \r\n `title` char(100) NOT NULL DEFAULT '', \r\n `status` tinyint(1) NOT NULL DEFAULT '1', \r\n `rules` char(80) NOT NULL DEFAULT '', \r\n PRIMARY KEY (`id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=utf8;\r\n-- ----------------------------\r\n-- think_auth_group_access \u7528\u6237\u7ec4\u660e\u7ec6\u8868\r\n-- uid:\u7528\u6237id\uff0cgroup_id\uff1a\u7528\u6237\u7ec4id\r\n-- ----------------------------\r\nDROP TABLE IF EXISTS `think_auth_group_access`;\r\nCREATE TABLE `think_auth_group_access` ( \r\n `uid` mediumint(8) unsigned NOT NULL, \r\n `group_id` mediumint(8) unsigned NOT NULL, \r\n UNIQUE KEY `uid_group_id` (`uid`,`group_id`), \r\n KEY `uid` (`uid`), \r\n KEY `group_id` (`group_id`)\r\n) ENGINE=MyISAM DEFAULT CHARSET=utf8;\r\n *\/\r\n\r\nclass Auth{\r\n\r\n \/\/\u9ed8\u8ba4\u914d\u7f6e\r\n protected $_config = array(\r\n 'AUTH_ON' => true, \/\/\u8ba4\u8bc1\u5f00\u5173\r\n 'AUTH_TYPE' => 1, \/\/ \u8ba4\u8bc1\u65b9\u5f0f\uff0c1\u4e3a\u65f6\u65f6\u8ba4\u8bc1\uff1b2\u4e3a\u767b\u5f55\u8ba4\u8bc1\u3002\r\n 'AUTH_GROUP' => 'think_auth_group', \/\/\u7528\u6237\u7ec4\u6570\u636e\u8868\u540d\r\n 'AUTH_GROUP_ACCESS' => 'think_auth_group_access', \/\/\u7528\u6237\u7ec4\u660e\u7ec6\u8868\r\n 'AUTH_RULE' => 'think_auth_rule', \/\/\u6743\u9650\u89c4\u5219\u8868\r\n 'AUTH_USER' => 'think_members'\/\/\u7528\u6237\u4fe1\u606f\u8868\r\n );\r\n\r\n public function __construct() {\r\n if (C('AUTH_CONFIG')) {\r\n \/\/\u53ef\u8bbe\u7f6e\u914d\u7f6e\u9879 AUTH_CONFIG, \u6b64\u914d\u7f6e\u9879\u4e3a\u6570\u7ec4\u3002\r\n $this->_config = array_merge($this->_config, C('AUTH_CONFIG'));\r\n }\r\n }\r\n\r\n \/\/\u83b7\u5f97\u6743\u9650$name \u53ef\u4ee5\u662f\u5b57\u7b26\u4e32\u6216\u6570\u7ec4\u6216\u9017\u53f7\u5206\u5272\uff0c uid\u4e3a \u8ba4\u8bc1\u7684\u7528\u6237id\uff0c $or \u662f\u5426\u4e3aor\u5173\u7cfb\uff0c\u4e3atrue\u662f\uff0c name\u4e3a\u6570\u7ec4\uff0c\u53ea\u8981\u6570\u7ec4\u4e2d\u6709\u4e00\u4e2a\u6761\u4ef6\u901a\u8fc7\u5219\u901a\u8fc7\uff0c\u5982\u679c\u4e3afalse\u9700\u8981\u5168\u90e8\u6761\u4ef6\u901a\u8fc7\u3002\r\n public function check($name, $uid, $relation='or') {\r\n if (!$this->_config['AUTH_ON'])\r\n return true;\r\n $authList = $this->getAuthList($uid);\r\n if (is_string($name)) {\r\n if (strpos($name, ',') !== false) {\r\n $name = explode(',', $name);\r\n } else {\r\n $name = array($name);\r\n }\r\n }\r\n $list = array(); \/\/\u6709\u6743\u9650\u7684name\r\n foreach ($authList as $val) {\r\n if (in_array($val, $name))\r\n $list[] = $val;\r\n }\r\n if ($relation=='or' and !empty($list)) {\r\n return true;\r\n }\r\n $diff = array_diff($name, $list);\r\n if ($relation=='and' and empty($diff)) {\r\n return true;\r\n }\r\n return false;\r\n }\r\n\r\n \/\/\u83b7\u5f97\u7528\u6237\u7ec4\uff0c\u5916\u90e8\u4e5f\u53ef\u4ee5\u8c03\u7528\r\n public function getGroups($uid) {\r\n static $groups = array();\r\n if (isset($groups[$uid]))\r\n return $groups[$uid];\r\n $user_groups = M()->table($this->_config['AUTH_GROUP_ACCESS'] . ' a')->where(\"a.uid='$uid' and g.status='1'\")->join($this->_config['AUTH_GROUP'].\" g on a.group_id=g.id\")->select();\r\n $groups[$uid]=$user_groups?$user_groups:array();\r\n return $groups[$uid];\r\n }\r\n\r\n \/\/\u83b7\u5f97\u6743\u9650\u5217\u8868\r\n protected function getAuthList($uid) {\r\n static $_authList = array();\r\n if (isset($_authList[$uid])) {\r\n return $_authList[$uid];\r\n }\r\n if(isset($_SESSION['_AUTH_LIST_'.$uid])){\r\n return $_SESSION['_AUTH_LIST_'.$uid];\r\n }\r\n \/\/\u8bfb\u53d6\u7528\u6237\u6240\u5c5e\u7528\u6237\u7ec4\r\n $groups = $this->getGroups($uid);\r\n $ids = array();\r\n foreach ($groups as $g) {\r\n $ids = array_merge($ids, explode(',', trim($g['rules'], ',')));\r\n }\r\n $ids = array_unique($ids);\r\n if (empty($ids)) {\r\n $_authList[$uid] = array();\r\n return array();\r\n }\r\n \/\/\u8bfb\u53d6\u7528\u6237\u7ec4\u6240\u6709\u6743\u9650\u89c4\u5219\r\n $map=array(\r\n 'id'=>array('in',$ids),\r\n 'status'=>1\r\n );\r\n $rules = M()->table($this->_config['AUTH_RULE'])->where($map)->select();\r\n \/\/\u5faa\u73af\u89c4\u5219\uff0c\u5224\u65ad\u7ed3\u679c\u3002\r\n $authList = array();\r\n foreach ($rules as $r) {\r\n if (!empty($r['condition'])) {\r\n \/\/\u6761\u4ef6\u9a8c\u8bc1\r\n $user = $this->getUserInfo($uid);\r\n $command = preg_replace('\/\\{(\\w*?)\\}\/', '$user[\\'\\\\1\\']', $r['condition']);\r\n \/\/dump($command);\/\/debug\r\n @(eval('$condition=(' . $command . ');'));\r\n if ($condition) {\r\n $authList[] = $r['name'];\r\n }\r\n } else {\r\n \/\/\u5b58\u5728\u5c31\u901a\u8fc7\r\n $authList[] = $r['name'];\r\n }\r\n }\r\n $_authList[$uid] = $authList;\r\n if($this->_config['AUTH_TYPE']==2){\r\n \/\/session\u7ed3\u679c\r\n $_SESSION['_AUTH_LIST_'.$uid]=$authList;\r\n }\r\n return $authList;\r\n }\r\n \/\/\u83b7\u5f97\u7528\u6237\u8d44\u6599,\u6839\u636e\u81ea\u5df1\u7684\u60c5\u51b5\u8bfb\u53d6\u6570\u636e\u5e93\r\n protected function getUserInfo($uid) {\r\n static $userinfo=array();\r\n if(!isset($userinfo[$uid])){\r\n $userinfo[$uid]=M()->table($this->_config['AUTH_USER'])->find($uid);\r\n }\r\n return $userinfo[$uid];\r\n }\r\n\r\n}\r\n<\/pre>\n <\/p>\n","protected":false},"excerpt":{"rendered":"
Auth \u7c7b\u5df2\u7ecf\u5728ThinkPHP\u4ee3\u7801\u4ed3\u5e93\u4e2d\u5b58\u5728\u5f88\u4e45\u4e86\uff0c\u4f46\u662f\u56e0\u4e3a\u4e00\u76f4\u6ca1\u6709\u51fa\u8fc7\u5b83\u7684\u6559\u7a0b\uff0c \u5f88\u5c11\u4eba\u77e5\u9053\u5b83\uff0c \u5b83\u5176\u5b9e […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[54],"class_list":["post-933","post","type-post","status-publish","format-standard","hentry","category-php","tag-auth"],"_links":{"self":[{"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/posts\/933","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=933"}],"version-history":[{"count":2,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/posts\/933\/revisions"}],"predecessor-version":[{"id":937,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=\/wp\/v2\/posts\/933\/revisions\/937"}],"wp:attachment":[{"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=933"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=933"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.siediyer.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=933"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}