6

我了解 ActionColumn 按钮的可见性可以这样控制:

<?= GridView::widget([
        'dataProvider' => $dataProvider,
        'filterModel' => $searchModel,
        'columns' => [
            ['class' => 'yii\grid\SerialColumn'],

            'id',
            'title',
            'body:ntext',

            // ['class' => 'yii\grid\ActionColumn'],
            [
            'class' => 'yii\grid\ActionColumn',
            'visibleButtons' =>
            [
                'update' => Yii::$app->user->can('updatePost'),
                'delete' => Yii::$app->user->can('updatePost')
            ]

          ],
        ],
    ]);
?>

我创建了 RBAC 授权,以及基于 yii2 文档
http://www.yiiframework.com/doc-2.0/guide-security-authorization.html的 AuthorRule Rule 类

在 roleParams 的情况下,我已经实现了如下(在视图模板中):

if (\Yii::$app->user->can('updatePost', ['post' =>$model]){
//if the post is created by current user then do this
}

如何找出 GridView 小部件中的模型或至少 id 以便我执行以下操作:

    'visibleButtons' =>
    [
        'update' => Yii::$app->user->can('updatePost',['post' => \app\models\Post::findOne($howToGetThisId)]),
        'delete' => Yii::$app->user->can('updatePost',['post' => \app\models\Post::findOne($howToGetThisId)])
    ]

我的最终目标是,对于具有作者角色的用户,更新和删除按钮只有在帖子由该用户创建时才可见。也欢迎任何其他想法来实现这一目标。

谢谢 !

4

1 回答 1

10

你可以对visibleButtons做同样的事情:

'visibleButtons' => [
    'update' => function ($model) {
        return \Yii::$app->user->can('updatePost', ['post' => $model]);
    },
    'delete' => function ($model) {
        return \Yii::$app->user->can('updatePost', ['post' => $model]);
    },
]
于 2017-11-24T11:13:10.297 回答