所以我的 schemca 非常类似于:
users
--------------
userid, name, password, email
userinroles
--------------
pk, userid, roleid
roles
-----------
roleid, level, description
正如您所看到的,角色表通过 userinroles 表与用户相关联,这样用户就可以在不同的组中拥有编辑权限,并对不同的事物拥有不同级别的访问权限。例如,他们可能需要成为页面编辑器,同时对模块拥有超级管理员权限。
问题是当我更新或创建记录时,我不知道如何列出角色,以便您可以选中他们应该拥有的角色的框并将其插入到 userinroles 表中。
关于如何做到这一点的任何想法?
模型:
Yii::import('application.models._base.BaseUser');
class User extends BaseUser
{
public static function model($className=__CLASS__) {
return parent::model($className);
}
public function rules() {
return array(
array('username, password, email', 'required'),
array('isActive, isDeleted, isLocked', 'numerical', 'integerOnly'=>true),
array('username', 'length', 'max'=>50),
// Throws error if user name is not unique
array('username', 'unique', 'attributeName'=> 'username', 'caseSensitive' => 'false'),
array('password', 'length', 'max'=>255),
array('email, organization, position', 'length', 'max'=>100),
array('salt', 'length', 'max'=>32),
array('organization, position, salt, isActive, isDeleted, isLocked', 'default', 'setOnEmpty' => true, 'value' => null),
array('userid, username, password, email, organization, position, salt, isActive, isDeleted, isLocked', 'safe', 'on'=>'search'),
);
}
public function relations() {
return array(
'toolaccesses' => array(self::HAS_MANY, 'Toolaccess', 'userID'),
'usergalleries' => array(self::HAS_MANY, 'Usergallery', 'userid'),
'userinroles' => array(self::HAS_MANY, 'Userinroles', 'userid'),
'tools' =>array(self::MANY_MANY, 'Tool', 'toolid'),
);
}
}
控制器:
class UserController extends GxController {
public function actionView($id) {
$this->render('view', array(
'model' => $this->loadModel($id, 'User'),
));
}
public function actionCreate() {
$model = new User;
if (isset($_POST['User'])) {
$model->setAttributes($_POST['User']);
// salting the user's password before we insert
$model->password = md5(Yii::app()->params["salt"] . $model->password);
if ($model->save()) {
if (Yii::app()->getRequest()->getIsAjaxRequest())
Yii::app()->end();
else
$this->redirect(array('view', 'id' => $model->userid));
}
}
$this->render('create', array( 'model' => $model));
}
public function actionUpdate($id) {
$model = $this->loadModel($id, 'User');
if (isset($_POST['User'])) {
// testing if we need to salt the password.
if(strcmp($_POST['User']['password'], $model->password)!=0)
{ // passwords passed in are not the same. We need to now modify the post password
$_POST['User']['password'] = md5(Yii::app()->params["salt"] . $_POST['User']['password']);
}
$model->setAttributes($_POST['User']);
if ($model->save()) {
$this->redirect(array('view', 'id' => $model->userid));
}
}
$this->render('update', array(
'model' => $model,
));
}
public function actionDelete($id) {
// prevent the deletion of the super user, who has the ID 1.
// This is sort of like a Unix "root" user or a Window's Administrator
if($id == 1)
{
throw new CHttpException(400, Yii::t('app', 'You cannot delete the super admin.'));
}
else
{
if (Yii::app()->getRequest()->getIsPostRequest()) {
$this->loadModel($id, 'User')->delete();
if (!Yii::app()->getRequest()->getIsAjaxRequest())
$this->redirect(array('admin'));
} else
throw new CHttpException(400, Yii::t('app', 'Your request is invalid.'));
}
}
public function actionIndex() {
$dataProvider = new CActiveDataProvider('User');
$this->render('index', array(
'dataProvider' => $dataProvider,
));
}
public function actionAdmin() {
$model = new User('search');
$model->unsetAttributes();
if (isset($_GET['User']))
$model->setAttributes($_GET['User']);
$this->render('admin', array(
'model' => $model,
));
}
}