Beispiel #1
0
 /**
  * 编辑用户的资料
  *
  * @access public
  */
 public function edit(User $userModel, Acl $acl, Group $groupModel)
 {
     if (Request::method() == 'POST') {
         return $this->updateUserInfo();
     }
     Session::flashInput(['http_referer' => Session::getOldInput('http_referer')]);
     $id = Request::input('id');
     $userId = url_param_decode($id);
     if (!$userId or !is_numeric($userId)) {
         return Js::error(Lang::get('common.illegal_operation'), true);
     }
     $userInfo = $userModel->getOneUserById($userId);
     if (empty($userInfo)) {
         return Js::error(Lang::get('user.user_not_found'), true);
     }
     if (!$acl->checkGroupLevelPermission($userId, Acl::GROUP_LEVEL_TYPE_USER)) {
         return Js::error(Lang::get('common.account_level_deny'), true);
     }
     $groupInfo = $groupModel->getOneGroupById(SC::getLoginSession()->group_id);
     if ($acl->isSuperSystemManager()) {
         $groupInfo['level'] = 0;
     }
     $groupList = $groupModel->getGroupLevelLessThenCurrentUser($groupInfo['level']);
     $formUrl = route('foundation.user.edit');
     return view('admin.user.add', compact('userInfo', 'formUrl', 'id', 'groupList'));
 }
Beispiel #2
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $param = $this->buildAclParam($request);
     $aclObject = new AclManager();
     $ret = $aclObject->checkUriPermission($param->module, $param->class, $param->action);
     if (!$ret) {
         return abort(401);
     }
     $ret = $aclObject->checkIfHasReg($param->module, $param->class, $param->action);
     if (!$ret) {
         return abort(404, 'function hasn`t been registered');
     }
     $this->bindAclParams($param);
     $response = $next($request);
     return $response;
 }
Beispiel #3
0
 /**
  * 开始登录处理,并保存用户的权限信息
  *
  * @param App\Services\Admin\Login\Process $loginProcess 登录核心处理
  * @access public
  */
 public function getProc(LoginProcess $loginProcess, Acl $aclObj)
 {
     $username = Request::input('username');
     $password = Request::input('password');
     $callback = Request::input('callback');
     if ($error = $loginProcess->getProcess()->validate($username, $password)) {
         return response()->json(['msg' => $error, 'result' => false])->setCallback($callback);
     }
     //开始登录验证
     if ($userInfo = $loginProcess->getProcess()->check($username, $password)) {
         //设置用户的权限
         SC::setUserPermissionSession($aclObj->getUserAccessPermission($userInfo));
     }
     $result = $userInfo ? ['msg' => '登录成功', 'result' => true, 'jumpUrl' => R('common', 'foundation.index.index')] : ['msg' => '登录失败', 'result' => false];
     return response()->json($result)->setCallback($callback);
 }
Beispiel #4
0
 /**
  * 编辑用户组
  *
  * @access public
  */
 public function edit(GroupModel $groupModel, Acl $acl)
 {
     if (Request::method() == 'POST') {
         return $this->updateGroup();
     }
     Session::flashInput(['http_referer' => Session::getOldInput('http_referer')]);
     $id = Request::input('id');
     $groupId = url_param_decode($id);
     if (!$groupId or !is_numeric($groupId)) {
         return Js::error(Lang::get('common.illegal_operation'));
     }
     $groupInfo = $groupModel->getOneGroupById($groupId);
     if (empty($groupInfo)) {
         return Js::error(Lang::get('group.group_not_found'));
     }
     if (!$acl->checkGroupLevelPermission($groupId, Acl::GROUP_LEVEL_TYPE_GROUP)) {
         return Js::error(Lang::get('common.account_level_deny'), true);
     }
     $formUrl = route('foundation.group.edit');
     return view('admin.group.add', compact('groupInfo', 'formUrl', 'id'));
 }
Beispiel #5
0
 /**
  * 对用户组进行权限设置
  * 
  * @access public
  */
 public function group(GroupModel $groupModel, Acl $acl, AclProcess $process)
 {
     if (Request::method() == 'POST') {
         return $this->saveGroupPermission();
     }
     $id = url_param_decode(Request::input('id'));
     if (!$id or !is_numeric($id)) {
         return Js::error(Lang::get('common.illegal_operation'), true);
     }
     $info = $groupModel->getOneGroupById(intval($id));
     if (empty($info)) {
         return Js::error(Lang::get('common.illegal_operation'), true);
     }
     if (!$acl->checkGroupLevelPermission($id, Acl::GROUP_LEVEL_TYPE_GROUP)) {
         return Js::error(Lang::get('common.account_level_deny'), true);
     }
     $zTree = $process->prepareDataForZtree($process->getGroupAccessPermissionIds($id));
     $all = $process->prepareUserPermissionIds();
     $router = 'group';
     return view('admin.acl.setpermission', compact('zTree', 'id', 'info', 'router', 'all'));
 }