環境
Windows 10
PHP 8
nginx
MySQL 8.0.18
yiisoft/yii2 2.0.45
dmstr/yii2-adminlte-asset 2.6.2
mdmsoft/yii2-admin 2.12
安裝 Yii 2 Advanced Project Template
https://www.yiiframework.com/extension/yiisoft/yii2-app-advanced/doc/guide/2.0/en/start-installation Yii 2 Advanced Project Template
https://github.com/yiisoft/yii2-app-advanced yiisoft/yii2-app-advanced
使用composer 安裝
$ composer2 create-project --prefer-dist yiisoft/yii2-app-advanced yii-application
準備
初始化
在 yii-application/ 目錄中執行
$ php init
Yii Application Initialization Tool v1.0
Which environment do you want the application to be initialized in?
[0] Development
[1] Production
Your choice [0-1, or "q" to quit] 0
Initialize the application under 'Development' environment? [yes|no] yes
Start initialization ...
generate backend/config/codeception-local.php
generate backend/config/main-local.php
generate backend/config/params-local.php
generate backend/config/test-local.php
generate backend/web/index-test.php
generate backend/web/index.php
generate backend/web/robots.txt
generate common/config/codeception-local.php
generate common/config/main-local.php
generate common/config/params-local.php
generate common/config/test-local.php
generate console/config/main-local.php
generate console/config/params-local.php
generate console/config/test-local.php
generate frontend/config/codeception-local.php
generate frontend/config/main-local.php
generate frontend/config/params-local.php
generate frontend/config/test-local.php
generate frontend/web/index-test.php
generate frontend/web/index.php
generate frontend/web/robots.txt
generate yii
generate yii_test
generate yii_test.bat
generate cookie validation key in backend/config/main-local.php
generate cookie validation key in common/config/codeception-local.php
generate cookie validation key in frontend/config/main-local.php
chmod 0777 backend/runtime
chmod 0777 backend/web/assets
chmod 0777 console/runtime
chmod 0777 frontend/runtime
chmod 0777 frontend/web/assets
chmod 0755 yii
chmod 0755 yii_test
... initialization completed.
配置DB
common/config/main-local.php
migration
$ php yii migrate
Yii Migration Tool (based on Yii v2.0.45)
Creating migration history table "migration"...Done.
Total 2 new migrations to be applied:
m130524_201442_init
m190124_110200_add_verification_token_column_to_user_table
Apply the above migrations? (yes|no) [no]:yes
*** applying m130524_201442_init
> create table {{%user}} ... done (time: 0.064s)
*** applied m130524_201442_init (time: 0.097s)
*** applying m190124_110200_add_verification_token_column_to_user_table
> add column verification_token string NULL DEFAULT NULL to table {{%user}} ... done (time: 0.040s)
*** applied m190124_110200_add_verification_token_column_to_user_table (time: 0.064s)
2 migrations were applied.
Migrated up successfully.
nginx
前端目錄 root /path/to/yii-application/frontend/web/
後端目錄 root /path/to/yii-application/backend/web/
偽靜態
location / {
# Redirect everything that isn't a real file to index.php
try_files $uri $uri/ /index.php$is_args$args;
}
避免存取assets/目錄下的php文件
# deny accessing php files for the /assets directory
location ~ ^/assets/.*\.php$ {
deny all;
}
hosts
略
寶塔open_basedir報錯
Warning: require(): open_basedir restriction in effect. File(C:\path\yii-application\vendor\autoload.php) is not within the allowed path(s): (C:/path/yii-application/backend/web/;C:/Windows/Temp/;C:/Temp/;C:/BtSoft/temp/session/) in C:\path\yii-application\backend\web\index.php on line 6
Warning: require(C:\path\yii-application\vendor\autoload.php): Failed to open stream: Operation not permitted in C:\path\yii-application\backend\web\index.php on line 6
Fatal error: Uncaught Error: Failed opening required 'C:\path\yii-application\backend\web/../../vendor/autoload.php' (include_path='.;C:\php\pear') in C:\path\yii-application\backend\web\index.php:6 Stack trace: #0 {main} thrown in C:\path\yii-application\backend\web\index.php on line 6
寶塔面板 => 網站 => 設置 => 網站目錄 => 取消勾選 防跨站攻击(open_basedir)
測試用戶
backend/tests/_data/login_data.php 中有測試的user資料
return [ [ 'username' => 'erau', 'auth_key' => 'tUu1qHcde0diwUol3xeI-18MuHkkprQI', // password_0 'password_hash' => '$2y$13$nJ1WDlBaGcbCdbNC5.5l4.sgy.OMEKCqtDQOdQ2OWpgiKRWYyzzne', 'password_reset_token' => 'RkD_Jw0_8HEedzLk7MM-ZKEFfYR7VbMr_1392559490', 'created_at' => '1392559490', 'updated_at' => '1392559490', 'email' => 'sfriesen@jenkins.info', ], ];
把他換成SQL
INSERT INTO `user` ( `username`, `auth_key`, `password_hash`, `password_reset_token`, `email`, `created_at`, `updated_at` ) VALUES ( 'erau', 'tUu1qHcde0diwUol3xeI-18MuHkkprQI', '$2y$13$nJ1WDlBaGcbCdbNC5.5l4.sgy.OMEKCqtDQOdQ2OWpgiKRWYyzzne', 'RkD_Jw0_8HEedzLk7MM-ZKEFfYR7VbMr_1392559490', 'sfriesen@jenkins.info', 1392559490, 1392559490);
s
然後就能用用戶 erau (密碼password_0)登錄了,
或是登錄時斷點在 User->validatePassword() 時打印 Yii::$app->security->generatePasswordHash("password") 設置你要的密碼
安裝AdminLTE
https://github.com/dmstr/yii2-adminlte-asset dmstr/yii2-adminlte-asset
https://www.cnblogs.com/topshooter/p/yii2_adminlte_asset_yii2_admin_install.html yii2-adminlte-asset / yii2-admin 安装配置
$ composer2 require dmstr/yii2-adminlte-asset "^2.1"
複製 vendor/dmstr/yii2-adminlte-asset/example-views/yiisoft/yii2-app/ 到 backend/views/
不要使用bootstrap4
https://adminlte.io/themes/AdminLTE/index2.html AdminLTE 2.4.13
因為 AdminLTE 2.4.13 使用 bootstrap 3 ,但是 yii2-app-advanced 2.0.43 以後的 backend/assets/AppAsset.php 改用了 bootstrap4 ,會造成樣式衝突
所以改回bootstrap 3
diff --git a/backend/assets/AppAsset.php b/backend/assets/AppAsset.php index a93f5c3..ee9d874 100644 --- a/backend/assets/AppAsset.php +++ b/backend/assets/AppAsset.php @@ -18,6 +18,7 @@ class AppAsset extends AssetBundle ]; public $depends = [ 'yii\web\YiiAsset', - 'yii\bootstrap4\BootstrapAsset', + // 'yii\bootstrap4\BootstrapAsset', + 'yii\bootstrap\BootstrapAsset', ]; }
s
安裝yii2-admin
https://github.com/mdmsoft/yii2-admin mdmsoft/yii2-admin
http://static.kancloud.cn/curder/yii/247758 Yii2中使用yii2-admin搭建RBAC权限控制
http://static.kancloud.cn/curder/yii/247759 Yii2项目后台整合yii2-admin模块
$ composer2 require mdmsoft/yii2-admin "~2.0"
Migration
新增menu菜單表
$ php yii migrate --migrationPath=@mdm/admin/migrations
Yii Migration Tool (based on Yii v2.0.45)
Total 2 new migrations to be applied:
m140602_111327_create_menu_table
m160312_050000_create_user
Apply the above migrations? (yes|no) [no]:yes
*** applying m140602_111327_create_menu_table
> create table {{%menu}} ... done (time: 0.197s)
*** applied m140602_111327_create_menu_table (time: 0.414s)
*** applying m160312_050000_create_user
*** applied m160312_050000_create_user (time: 0.037s)
2 migrations were applied.
Migrated up successfully.
新增 rbac 相關表(auth_rule、auth_item、auth_item_child、auth_assignment)
$ php yii migrate --migrationPath=@yii/rbac/migrations
Yii Migration Tool (based on Yii v2.0.45)
Total 4 new migrations to be applied:
m140506_102106_rbac_init
m170907_052038_rbac_add_index_on_auth_assignment_user_id
m180523_151638_rbac_updates_indexes_without_prefix
m200409_110543_rbac_update_mssql_trigger
Apply the above migrations? (yes|no) [no]:yes
*** applying m140506_102106_rbac_init
> create table {{%auth_rule}} ... done (time: 0.058s)
> create table {{%auth_item}} ... done (time: 0.059s)
> create index idx-auth_item-type on {{%auth_item}} (type) ... done (time: 0.039s)
> create table {{%auth_item_child}} ... done (time: 0.060s)
> create table {{%auth_assignment}} ... done (time: 0.042s)
*** applied m140506_102106_rbac_init (time: 0.445s)
*** applying m170907_052038_rbac_add_index_on_auth_assignment_user_id
> create index auth_assignment_user_id_idx on {{%auth_assignment}} (user_id) ... done (time: 0.037s)
*** applied m170907_052038_rbac_add_index_on_auth_assignment_user_id (time: 0.091s)
*** applying m180523_151638_rbac_updates_indexes_without_prefix
> drop index auth_assignment_user_id_idx on {{%auth_assignment}} ... done (time: 0.018s)
> create index {{%idx-auth_assignment-user_id}} on {{%auth_assignment}} (user_id) ... done (time: 0.021s)
> drop index idx-auth_item-type on {{%auth_item}} ... done (time: 0.046s)
> create index {{%idx-auth_item-type}} on {{%auth_item}} (type) ... done (time: 0.034s)
*** applied m180523_151638_rbac_updates_indexes_without_prefix (time: 0.185s)
*** applying m200409_110543_rbac_update_mssql_trigger
*** applied m200409_110543_rbac_update_mssql_trigger (time: 0.049s)
4 migrations were applied.
Migrated up successfully.
配置
diff --git a/backend/config/main.php b/backend/config/main.php index 6e2fe57..1483c5c 100644 --- a/backend/config/main.php +++ b/backend/config/main.php @@ -11,7 +11,12 @@ 'basePath' => dirname(__DIR__), 'controllerNamespace' => 'backend\controllers', 'bootstrap' => ['log'], - 'modules' => [], + 'modules' => [ + 'admin' => [ + 'class' => 'mdm\admin\Module', + // 'layout' => 'left-menu',//yii2-admin的导航菜单 + ] + ], 'components' => [ 'request' => [ 'csrfParam' => '_csrf-backend', @@ -37,14 +42,34 @@ 'errorHandler' => [ 'errorAction' => 'site/error', ], - /* + // 開啟enablePrettyUrl 'urlManager' => [ 'enablePrettyUrl' => true, 'showScriptName' => false, 'rules' => [ ], ], - */ + + 'authManager' => [ + // 'class' => 'yii\rbac\PhpManager', // or use 'yii\rbac\DbManager' + 'class' => 'yii\rbac\DbManager', // 使用DB做RBAC + ], ], 'params' => $params, + 'as access' => [ + 'class' => 'mdm\admin\components\AccessControl', + 'allowActions' => [ + 'site/*', + 'admin/*', // 臨時開啟admin 路由 + 'gii/*', // 臨時開啟gii + 'debug/*', // debug bar + // '*', // 臨時開啟所有權限 + 'some-controller/some-action', + // The actions listed here will be allowed to everyone including guests. + // So, 'admin/*' should not appear here in the production, of course. + // But in the earlier stages of your development, you may probably want to + // add a lot of actions here until you finally completed setting up rbac, + // otherwise you may not even take a first step. + ] + ], ];
s
開啟enablePrettyUrl前的訪問地址是: /index.php?r=admin
使用
Users(用戶)
Routes(路由)
Permissions(權限)
分配路由
創建permission後,可以在view裡面對該permission設置多個route
Roles(角色)
分配路由和權限
創建role後,可以在view裡面對該role設置多個route、permission和role
Assignments(分配)
分配角色和權限
根據現有的user,可以在view裡面對該user設置多個role和permission
無權限訪問顯示403
如果沒對該用戶分配有delete權限的role和delete的permissionRules(規則)
要和代碼配合,可以不用Menus(菜單)
設置父菜單
獲取有權限的菜單
diff --git a/backend/views/layouts/left.php b/backend/views/layouts/left.php index 53b2cb3..f2b64a1 100644 --- a/backend/views/layouts/left.php +++ b/backend/views/layouts/left.php @@ -1,3 +1,8 @@ +<?php + +use mdm\admin\components\MenuHelper; + +?> <aside class="main-sidebar"> <section class="sidebar"> @@ -25,42 +30,57 @@ </div> </form> <!-- /.search form --> + <?php + $items = MenuHelper::getAssignedMenu(Yii::$app->user->id); + ?> <?= dmstr\widgets\Menu::widget( [ 'options' => ['class' => 'sidebar-menu tree', 'data-widget'=> 'tree'], + 'items' => $items, ] ) ?>
s
設置父菜單js錯誤
Uncaught TypeError: elem.getClientRects is not a function
因為 jQuery 是v3.6.0 (vendor/bower-asset/jquery/dist/jquery.js)而 jQuery UI 是 v1.11.4 (vendor/mdmsoft/yii2-admin/assets/jquery-ui.js)
升級jQuery UI(未使用)
https://github.com/mdmsoft/yii2-admin/issues/386 jquery-ui.js need to update !!!
https://github.com/mdmsoft/yii2-admin/pull/363 Fix menu. Update jquery-ui.
根據 https://github.com/mdmsoft/yii2-admin/blob/69ef20b8d31d14d032c92b13d1f2381aaca496d8/assets/jquery-ui.js 把你本地的vendor/mdmsoft/yii2-admin/assets/jquery-ui.js 替換成 https://raw.githubusercontent.com/mdmsoft/yii2-admin/69ef20b8d31d14d032c92b13d1f2381aaca496d8/assets/jquery-ui.js 的內容
加入 jquery-migrate
https://stackoverflow.com/a/38314852 jQuery UI error - f.getClientRects is not a function
加入 jquery-migrate-3.0.0.js 讓jquery 3+ 兼容低版本jquery ui
diff --git a/backend/assets/AppAsset.php b/backend/assets/AppAsset.php index ee9d874..ac1f620 100644 --- a/backend/assets/AppAsset.php +++ b/backend/assets/AppAsset.php @@ -15,6 +15,7 @@ class AppAsset extends AssetBundle 'css/site.css', ]; public $js = [ + 'js/jquery-migrate-3.0.0.js', ]; public $depends = [ 'yii\web\YiiAsset', diff --git a/backend/web/js/jquery-migrate-3.0.0.js b/backend/web/js/jquery-migrate-3.0.0.js new file mode 100644 index 0000000..350b799 --- /dev/null +++ b/backend/web/js/jquery-migrate-3.0.0.js @@ -0,0 +1,540 @@ +/*! + * jQuery Migrate - v3.0.0 - 2016-06-09 ...
s
Gii
https://www.yiichina.com/tutorial/695 gii的命令行用法 [ 2.0 版本 ]
https://www.yiiframework.com/doc/guide/2.0/en/start-gii Generating Code with Gii
先建表,以水果表為例:
CREATE TABLE `fruits` ( `id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'ID', `name` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '' COMMENT '名字', `created_at` datetime NOT NULL COMMENT '創建時間', `updated_at` datetime NOT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT '修改時間', PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
s
網頁生成CRUD代碼
Table Name 可以下拉用選的,選完後 Model Class Name 會自動填入命令行生成CRUD代碼
為了和前面區分,這裡model和controller用單數的Fruit
$ php yii gii/model --ns=common\\models --tableName=fruits --modelClass=Fruit
Running 'Model Generator'...
The following files will be generated:
[new] C:\path\yii-application\common\models\Fruit.php
Ready to generate the selected files? (yes|no) [yes]:
Files were generated successfully!
Generating code using template "C:\path\yii-application\vendor\yiisoft\yii2-gii\src\generators\model/default"...
generated C:\path\yii-application\common\models\Fruit.php
done!
--ns=common\\models - 指定Model的路徑
--tableName=fruits - 表名用複數
--modelClass=Fruit - Model名用單數
$ php yii gii/crud --modelClass=common\\models\\Fruit --controllerClass=backend\\controllers\\FruitController --viewPath=@backend/views/fruit --searchModelClass=common\\models\\FruitSearch
Running 'CRUD Generator'...
The following files will be generated:
[new] C:\path\yii-application\backend\controllers\FruitController.php
[new] C:\path\yii-application\common\models\FruitSearch.php
[new] C:\path\yii-application\backend\views\fruit\_form.php
[new] C:\path\yii-application\backend\views\fruit\_search.php
[new] C:\path\yii-application\backend\views\fruit\create.php
[new] C:\path\yii-application\backend\views\fruit\index.php
[new] C:\path\yii-application\backend\views\fruit\update.php
[new] C:\path\yii-application\backend\views\fruit\view.php
Ready to generate the selected files? (yes|no) [yes]:
Files were generated successfully!
Generating code using template "C:\path\yii-application\vendor\yiisoft\yii2-gii\src\generators\crud/default"...
generated C:\path\yii-application\backend\controllers\FruitController.php
generated C:\path\yii-application\common\models\FruitSearch.php
generated C:\path\yii-application\backend\views\fruit\_form.php
generated C:\path\yii-application\backend\views\fruit\_search.php
generated C:\path\yii-application\backend\views\fruit\create.php
generated C:\path\yii-application\backend\views\fruit\index.php
generated C:\path\yii-application\backend\views\fruit\update.php
generated C:\path\yii-application\backend\views\fruit\view.php
done!
--modelClass=common\\models\\Fruit - 指定所使用的model路徑
--controllerClass=backend\\controllers\\FruitController - 設置控制器路徑
--viewPath=@backend/views/fruit - 設置視圖路徑,fruit用單數
--searchModelClass=common\\models\\FruitSearch= 設定搜索模型
如何知道命令行有哪些參數可用
如 searchModelClass
可在開發者工具裡的表單查看即可有水果表(fruits)的CRUD
debugbar
內建debugbar,laravel則需要另外安裝路由
CVE
https://packagist.org/packages/yiisoft/yii2 yiisoft/yii2
https://packagist.org/packages/yiisoft/yii2/advisories?version=4339826 yiisoft/yii2 Security Advisories for 2.0.37
2.0.37之前的版本有 遠程代碼執行(remote code execution)漏洞
https://github.com/yiisoft/yii2/security/advisories/GHSA-699q-wcff-g9mj Unsafe unserialization
總結
和laravel相比,官方更新沒有那麼快搭建後台系統比較麻煩(dmstr/yii2-adminlte-asset + mdmsoft/yii2-admin),不像laravel-admin直接搞定,網上的文檔也比較舊
其他
update
https://stackoverflow.com/a/38692364 Yii2: update field with query builder
\Yii::$app->db->createCommand()
->update('fruits', ['status' => 1], 'id > 1')
->execute();
=> UPDATE `fruits` SET `status`=1 WHERE id > 1