upadte

backend/controllers/AuthController.php

@@ -165,9 +165,9 @@ class AuthController extends BaseController
             if (!$role) {
                 $this->error('角色不存在');
             }
-            if ($role_update->name == 'administrator') {
-                $this->error('超级管理员权限不允许修改');
-            }
+            // if ($role_update->name == 'administrator') {
+            //     $this->error('超级管理员权限不允许修改');
+            // }
             // 获取操作者角色的所有权限
             $role_self = current($auth->getRolesByUser(Yii::$app->user->id));
             $all_permissions = array_keys($auth->getPermissionsByRole($role_self->name));
@@ -179,6 +179,7 @@ class AuthController extends BaseController
             $remove = array_intersect(array_diff($all_permissions, $rules), $can_permissions);
             //需要添加的权限
             $add = array_diff($rules, $can_permissions);
+
             if (is_array($add)) {
                 foreach ($add as $rule) {
                     /* 更新auth_item_child表 */

backend/controllers/MenuController.php

@@ -2,10 +2,11 @@
 
 namespace backend\controllers;
 
-use Yii;
-use common\models\Menu;
+use common\core\rbac\Rule;
 use common\helpers\ArrayHelper;
+use common\models\Menu;
 use common\models\search\MenuSearch;
+use Yii;
 use yii\web\NotFoundHttpException;
 
 /**
@@ -49,6 +50,14 @@ class MenuController extends BaseController
             $data['status'] = 1;
 
             if ($this->saveRow($model, $data)) {
+                //添权限
+                $auth       = Yii::$app->authManager;
+                $rule       = new Rule();
+                $rule->name = $data['url'];
+                $auth->add($rule);
+                $permission           = $auth->createPermission($data['url']);
+                $permission->ruleName = $rule->name;
+                $auth->add($permission);
                 $this->success('操作成功', $this->getForward());
             } else {
                 $this->error('操作错误');
@@ -77,8 +86,22 @@ class MenuController extends BaseController
         if (Yii::$app->request->isPost) {
             /* 表单验证 */
             $data = Yii::$app->request->post('Menu');
+            //删除原来的权限
+            $auth = Yii::$app->authManager;
 
+            $rule       = $auth->getRule($model->url);
+            $permission = $auth->getPermission($model->url);
             if ($this->saveRow($model, $data)) {
+
+                $auth->remove($permission);
+                $auth->remove($rule);
+                //添权限
+                $rule       = new Rule();
+                $rule->name = $data['url'];
+                $auth->add($rule);
+                $permission           = $auth->createPermission($data['url']);
+                $permission->ruleName = $rule->name;
+                $auth->add($permission);
                 $this->success('操作成功', $this->getForward());
             } else {
                 $this->error('操作错误');
@@ -109,8 +132,8 @@ class MenuController extends BaseController
      * Finds the Article model based on its primary key value.
      * If the model is not found, a 404 HTTP exception will be thrown.
      * @param  integer               $id
-	 * @return Menu the loaded model
      * @throws NotFoundHttpException if the model cannot be found
+     * @return Menu                  the loaded model
      */
     protected function findModel($id)
     {
@@ -134,7 +157,7 @@ class MenuController extends BaseController
         $lists                      = Menu::find()->orderBy('sort asc')->where(['hide' => 0])->asArray()->all();
         $lists                      = ArrayHelper::list_to_tree($lists, 'id', 'pid');
         $lists                      = ArrayHelper::jstree($lists);
-		Yii::$app->response->format='json';
+        Yii::$app->response->format = 'json';
         return $lists;
     }