0

我正在使用角色验证,我目前只使用 phprbca,还没有进入 databaserbca。

我的控制器上编码了一些自定义验证,如果他以管理员身份登录,我想让用户能够忽略某些规则。我怎么能这样做?

<?php
use app\models\User;
#Next line, how would i do it? or if (username=Richard)
if (userid=100){
    if($model->driver_identitynum!=null){
       $count = Drivers::find()->select('drivers.*')->joinWith('archives')->where('archive.DateCreated > DATE(CURDATE())')->andWhere(['archive.driver_identitynum' => $model->driver_identitynum])->count();

       if($count>0)
        $valid=false;  
       \Yii::$app->getSession()->setFlash('error', 'Can\'t proceed, already added today.'); 
       $model->addError('driver_identitynum',"El conductor ha salido {$count} veces.");
    }
}
?>

我的用户模型:

<?php

namespace app\models;

class User extends \yii\base\Object implements \yii\web\IdentityInterface
{
    public $id;
    public $username;
    public $password;
    public $authKey;
    public $accessToken;

    private static $users = [
        '100' => [
            'id' => '100',
            'username' => 'admin',
            'password' => 'admin',
            'authKey' => 'test100key',
            'accessToken' => '100-token',

        ],
        '101' => [
            'id' => '101',
            'username' => 'demo',
            'password' => 'demo',
            'authKey' => 'test101key',
            'accessToken' => '101-token',
        ],
    ];

    /**
     * @inheritdoc
     */
    public static function findIdentity($id)
    {
        return isset(self::$users[$id]) ? new static(self::$users[$id]) : null;
    }

    /**
     * @inheritdoc
     */
    public static function findIdentityByAccessToken($token, $type = null)
    {
        foreach (self::$users as $user) {
            if ($user['accessToken'] === $token) {
                return new static($user);
            }
        }

        return null;
    }

    /**
     * Finds user by username
     *
     * @param  string      $username
     * @return static|null
     */
    public static function findByUsername($username)
    {
        foreach (self::$users as $user) {
            if (strcasecmp($user['username'], $username) === 0) {
                return new static($user);
            }
        }

        return null;
    }

    /**
     * @inheritdoc
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * @inheritdoc
     */
    public function getAuthKey()
    {
        return $this->authKey;
    }

    /**
     * @inheritdoc
     */
    public function validateAuthKey($authKey)
    {
        return $this->authKey === $authKey;
    }

    /**
     * Validates password
     *
     * @param  string  $password password to validate
     * @return boolean if password provided is valid for current user
     */
    public function validatePassword($password)
    {
        return $this->password === $password;
    }


}
4

1 回答 1

0

如果您对您的用户拥有 rbac 权限admin,则可以使用 eval 评估用户角色

Yii::$app->User->can('admin')

 if ( Yii::$app->User->can('admin') ) {
   //  your code fro admin 
 }
于 2016-05-12T17:36:44.223 回答