You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
92 lines
2.1 KiB
92 lines
2.1 KiB
<?php
|
|
|
|
namespace api\controllers;
|
|
|
|
use api\logic\AddressLogic;
|
|
use api\logic\CartLogic;
|
|
use api\logic\CollectionLogic;
|
|
use api\logic\CommentLogic;
|
|
use api\logic\OrderLogic;
|
|
use api\logic\WxPaymentLogic;
|
|
use yii\filters\auth\HttpBearerAuth;
|
|
use yii\helpers\ArrayHelper;
|
|
use yii\rest\ActiveController;
|
|
use yii\web\NotFoundHttpException;
|
|
use yii\base\InvalidConfigException;
|
|
use Yii;
|
|
|
|
/**
|
|
* @author iron
|
|
* @email weiriron@gmail.com
|
|
*/
|
|
class CommonController extends ActiveController
|
|
{
|
|
|
|
public $className;
|
|
/**
|
|
* @var OrderLogic|CommentLogic|CartLogic|CollectionLogic|AddressLogic|WxPaymentLogic;
|
|
*/
|
|
public $object;
|
|
|
|
/**
|
|
* @throws InvalidConfigException
|
|
*/
|
|
public function init()
|
|
{
|
|
parent::init();
|
|
$this->object = Yii::createObject([
|
|
'class' => $this->className,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* @return array
|
|
*/
|
|
public function behaviors()
|
|
{
|
|
return ArrayHelper::merge(parent::behaviors(), [
|
|
'authenticatior' => [
|
|
'class' => HttpBearerAuth::className(),
|
|
'except' => ['token'],
|
|
]
|
|
]);
|
|
}
|
|
|
|
public function actions()
|
|
{
|
|
$action = parent::actions();
|
|
unset($action['create']);
|
|
unset($action['update']);
|
|
unset($action['index']);
|
|
return $action;
|
|
}
|
|
|
|
protected function getFilter()
|
|
{
|
|
return [];
|
|
}
|
|
|
|
/**
|
|
* @param string $action
|
|
* @param null $model
|
|
* @param array $params
|
|
* @throws NotFoundHttpException
|
|
* 权限控制
|
|
*/
|
|
public function checkAccess($action, $model = null, $params = [])
|
|
{
|
|
if ($model && isset($model->user_id) && $model->user_id !== Yii::$app->user->getId()) {
|
|
switch ($action) {
|
|
case 'view':
|
|
$message = '您无权访问该数据';
|
|
break;
|
|
case 'delete':
|
|
$message = '您无权删除该数据';
|
|
break;
|
|
default:
|
|
$message = '无相关权限';
|
|
}
|
|
throw new NotFoundHttpException($message);
|
|
}
|
|
}
|
|
}
|