/**
* 获取最新增加的文件
*
* @return Array
*/
public function getRecently()
{
$userid = Session::get(USER_AUTH_KEY);
if (!$userid) {
return false;
}
$listDao = null;
$whereStr = "";
if (Session::is_setLocal('administrator')) {
$listDao = new View_objectsDao();
$whereStr = "object_type = 2";
} else {
$groups = Session::get('_USER_GROUPS');
if ($groups) {
$groupStr = implode(',', $groups);
} else {
$groupStr = 0;
}
$roles = Session::get('_USER_ROLES');
if ($roles) {
$roleStr = implode(',', $roles);
} else {
$roleStr = 0;
}
$listDao = new View_objects_permDao();
$whereStr = "( (object_owner={$userid} or other_bitset >=1 or (owner_group in({$groupStr}) and group_bitset >= 1)) or ";
$whereStr .= " ((userid = {$userid} or roleid in({$roleStr}) or groupid in({$groupStr})) and bitset >=1) ) and object_type =2";
}
$vol = $listDao->findAllDistinct($whereStr, '', 'id,name,create_date,status', 'id DESC', '0,10');
if ($vol->isEmpty()) {
return false;
}
$arr = $vol->toResultSet();
return $arr;
}
/**
* 检查用户是否可以读取Swf模块
*
* @param string $modular ep:Email.inbox
* @return bool
*/
public function checkSwfPermission($modular)
{
if ($this->checkNotAuthSwf($modular) && !$this->checkRequireAuthSwf($modular)) {
return true;
}
if (!($uid = Session::get(USER_AUTH_KEY))) {
return false;
}
if (Session::is_setLocal('administrator')) {
return true;
}
if ("MDI.Desktop" == $modular) {
return true;
}
$accessList = Session::get('_ACCESS_LIST');
if (!$accessList) {
$accessList = UserPermissions::getGUIPermissions($uid);
}
if (array_key_exists($modular, $accessList)) {
return true;
}
return false;
}
static function AccessDecision()
{
//检查是否需要认证
if (RBAC::checkAccess()) {
//检查认证识别号
if (!Session::is_set(C('USER_AUTH_KEY'))) {
//跳转到认证网关
redirect(PHP_FILE . C('USER_AUTH_GATEWAY'));
}
//存在认证识别号,则进行进一步的访问决策
$accessGuid = md5(APP_NAME . MODULE_NAME . ACTION_NAME);
if (!Session::is_setLocal('administrator')) {
//管理员无需认证
if (C('USER_AUTH_TYPE') == 2) {
//加强验证和即时验证模式 更加安全 后台权限修改可以即时生效
//通过数据库进行访问检查
$accessList = RBAC::getAccessList();
} else {
// 如果是管理员或者当前操作已经认证过,无需再次认证
if (Session::is_set($accessGuid)) {
return;
}
//登录验证模式,比较登录后保存的权限访问列表
$accessList = Session::get('_ACCESS_LIST');
}
if (!isset($accessList[strtoupper(APP_NAME)][strtoupper(MODULE_NAME)][strtoupper(ACTION_NAME)])) {
throw_exception(L('_VALID_ACCESS_'));
} else {
Session::set($accessGuid, true);
}
}
}
return true;
}
/**
* 获取查看目录的成员
*
* @param int $parentid
* @return Array
* @return Boolean
*/
public function getViewObjects($parentid)
{
if (!Session::is_set(USER_AUTH_KEY)) {
return false;
}
$listDao = null;
$userid = Session::get(USER_AUTH_KEY);
$whereStr = "";
if (Session::is_setLocal('administrator')) {
$listDao = new View_objectsDao();
$whereStr = "parentid = {$parentid}";
} else {
$groups = Session::get('_USER_GROUPS');
if ($groups) {
$groupStr = implode(',', $groups);
} else {
$groupStr = 0;
}
$roles = Session::get('_USER_ROLES');
if ($roles) {
$roleStr = implode(',', $roles);
} else {
$roleStr = 0;
}
$listDao = new View_objects_permDao();
$whereStr = "( (object_owner={$userid} or other_bitset >=1 or (owner_group in({$groupStr}) and group_bitset >= 1)) or ";
$whereStr .= " ((userid = {$userid} or roleid in({$roleStr}) or groupid in({$groupStr})) and bitset >=1) ) and parentid = {$parentid}";
}
$vol = $listDao->findAll($whereStr, '', '*', 'object_type,status_date');
if (!$vol->isEmpty()) {
$result = $vol->toResultSet();
return $result;
} else {
return false;
}
}
