php - 如何确保每个事件只能通过 codeigniter 中的 role_id 查看(只有超级管理员可以查看所有列表)?
问题描述
我的数据可以在 CodeIgniter 的这张图片中看到。
我想确保每个事件只能通过角色 ID 查看。我试图改变控制器Event.php:
public function index($school_id = null, $id = null, $role_id=null) {
check_permission(VIEW);
$this->data['events'] = $this->event->get_event_list($school_id, $role_id);
$this->data['roles'] = $this->event->get_list('roles', array('status' => 1), '', '', 'id','ASC');
$this->data['filter_school_id'] = $school_id;
$this->data['schools'] = $this->schools;
$this->data['list'] = TRUE;
$this->layout->title($this->lang->line('manage_event') . ' | ' . SMS);
$this->layout->view('event/index', $this->data);
}
我也尝试更改 event_model.php:
public function get_event_list($school_id = null, $role_id=null) {
$this->db->select('E.*, S.school_name, R.name');
$this->db->from('events AS E');
$this->db->join('roles AS R', 'R.id = E.role_id', 'left');
$this->db->join('schools AS S', 'S.id = E.school_id', 'left');
if($this->session->userdata('role_id') != SUPER_ADMIN){
$this->db->where('E.school_id', $this->session->userdata('school_id'));
$this->db->where('R.role_id', $this->session->userdata('role_id'));
}
if($this->session->userdata('role_id') == SUPER_ADMIN && $school_id){
$this->db->where('E.school_id', $school_id);
}
$this->db->where('S.status', 1);
$this->db->order_by('E.id', 'DESC');
return $this->db->get()->result();
}
解决方案
我已经知道怎么做,所以我只是在事件模型上更改了一些编码:
public function get_event_list($school_id = null, $role_id ){
$this->db->select('E.*, S.school_name, R.name');
$this->db->from('events AS E');
$this->db->join('roles AS R', 'R.id = E.role_id', 'left');
$this->db->join('schools AS S', 'S.id = E.school_id', 'left');
if($this->session->userdata('role_id') != SUPER_ADMIN){
$this->db->where('E.school_id', $this->session->userdata('school_id'));
$this->db->where('E.role_id', $this->session->userdata('role_id'));
}
if($this->session->userdata('role_id') == SUPER_ADMIN && $school_id){
$this->db->where('E.school_id', $school_id);
}
$this->db->where('S.status', 1);
$this->db->order_by('E.id', 'DESC');
return $this->db->get()->result();
这个是用于事件控制器的:
公共函数索引($school_id = null,$id = null,$role_id=null){
check_permission(VIEW);
$this->data['school'] = array();
$school_id = $this->session->userdata('school_id');
$class_id = $this->session->userdata('class_id');
$role_id = $this->session->userdata('role_id');
$this->data['events'] = $this->event->get_event_list($school_id, $role_id);
$this->data['roles'] = $this->event->get_list('roles', array('status' => 1,), '', '', 'id', 'ASC');
$this->data['filter_school_id'] = $school_id;
$this->data['schools'] = $this->schools;
$this->data['list'] = TRUE;
$this->layout->title($this->lang->line('manage_event') . ' | ' . SMS);
$this->layout->view('event/index', $this->data);
}
推荐阅读
- python - 如何将列表/字典转换为数据框?
- angular - 在 WAS 服务器中部署 Angular js 应用程序的问题
- python - python 正则表达式来分隔字符串中的列表子字符串
- python-2.7 - 如何在python中匹配模式之前和之后提取文本?
- amazon-web-services - 如何按属性对 DynamoDB 行进行排序
- mysql - 查询 WHERE NOT IN (SELECT) INNER JOIN
- rxjs - RxJs - 使用地图和运算符而不是嵌套的条件订阅链
- javascript - 单击提交按钮时,在下拉列表中显示值和用户输入的输入字段值未清除的问题 - Jquery
- swift - 审查期间的应用内购买无效标识符(在开发中工作正常)
- arrays - 将命名数组传递给另一个 bash 脚本