haoshengxin/backend/controllers/BaseController.php

<?php

namespace backend\controllers;

use Yii;
use yii\helpers\Url;
class BaseController extends \yii\web\Controller
{
    public function beforeAction($event){
        if(Yii::$app->user->isGuest){
            return true;
        }
        $auth  = Yii::$app->authManager;
        $auth->getPermissionsByUser(Yii::$app->user->id);
        $controller = Yii::$app->controller->id;
        $controller = str_replace('-','',$controller);
        $access = ucfirst($controller).'Controller::'.$event->actionMethod;
        $auth = Yii::$app->authManager;
        //没有配置权限，即无权限限制
        if(!$a = $auth->getPermission($access) && Yii::$app->getErrorHandler()->exception === null) {

            return true;
        }

        if(!Yii::$app->user->can($access) && Yii::$app->getErrorHandler()->exception === null) {
            $permission = $auth->getPermission($access);
            if(Yii::$app->request->isAjax){
                echo json_encode(['status'=>0,'msg'=>'您无权限访问该方法']);
                Yii::$app->end();
            }else{
                Yii::$app->getSession()->setFlash('error','没有权限访问或执行。');
                if(empty(Yii::$app->request->referrer)){
                    Yii::$app->response->redirect(Url::toRoute(['site/home']));
                }else{
                    Yii::$app->response->redirect(Yii::$app->request->referrer);
                }
                return false;
                Yii::$app->end();
            }
        }

        return true;
    }


    public static function navChecked($controller,$action){

        $access = ucfirst($controller).'Controller::action'.ucfirst($action);
        if(Yii::$app->user->can($access)){
            return true;
        }
        return false;
    }


}