/** * 按父ID查找菜单子项 * @param integer $parentid 父菜单ID * @param integer $with_self 是否包括他自己 */ public function admin_menu($parentid, $with_self = false) { //父节点ID $parentid = (int) $parentid; $result = $this->where(array('parentid' => $parentid, 'status' => 1))->order(array("listorder" => "ASC"))->select(); if ($with_self) { $result2[] = $this->where(array('id' => $parentid))->find(); $result = array_merge($result2, $result); } //权限检查 if (sp_get_current_admin_id() == 1) { //如果是超级管理员 直接通过 return $result; } $array = array(); foreach ($result as $v) { //方法 $action = $v['action']; //public开头的通过 if (preg_match('/^public_/', $action)) { $array[] = $v; } else { if (preg_match('/^ajax_([a-z]+)_/', $action, $_match)) { $action = $_match[1]; } $rule_name = strtolower($v['app'] . "/" . $v['model'] . "/" . $action); if (sp_auth_check(sp_get_current_admin_id(), $rule_name)) { $array[] = $v; } } } return $array; }
private function check_access($uid) { //如果用户角色是1,则无需判断 if ($uid == 1) { return true; } $rule = MODULE_NAME . CONTROLLER_NAME . ACTION_NAME; $no_need_check_rules = array("AdminIndexindex", "AdminMainindex"); if (!in_array($rule, $no_need_check_rules)) { return sp_auth_check($uid); } else { return true; } }
?> </span> <i class="fa fa-caret-down"></i> </a> <ul class="user-menu pull-right dropdown-menu dropdown-yellow dropdown-caret dropdown-closer"> <?php if (sp_auth_check(sp_get_current_admin_id(), 'admin/setting/site')) { ?> <li><a href="javascript:openapp('<?php echo U('setting/site'); ?> ','index_site','站点管理');"><i class="fa fa-cog"></i> 站点管理</a></li><?php } ?> <?php if (sp_auth_check(sp_get_current_admin_id(), 'admin/user/userinfo')) { ?> <li><a href="javascript:openapp('<?php echo U('user/userinfo'); ?> ','index_userinfo','个人资料');"><i class="fa fa-user"></i> 个人资料</a></li><?php } ?> <li><a href="<?php echo U('Public/logout'); ?> "><i class="fa fa-sign-out"></i> 退出</a></li> </ul> </li> </ul> </div>
private function check_access($uid) { //如果用户角色是1,则无需判断 if ($uid == 1) { return true; } if (MODULE_NAME . CONTROLLER_NAME . ACTION_NAME != "AdminIndexindex") { return sp_auth_check($uid); } else { return true; } }