/**
* 权限选择
*/
public function actionUpdate()
{
$user_id = $_GET['user_id'];
$user_row = AdminUsers::model()->find("user_id = {$user_id}");
if ($_POST) {
$UserAttr = $_POST['User'];
if (AdminUsers::model()->updateByPk($user_id, array('name' => $UserAttr['name'], 'role' => $UserAttr['role']))) {
$this->redirect('?r=desktop/user/update&user_id=' . $user_id . '&save=update&result=success');
} else {
$this->redirect('?r=desktop/user/update&user_id=' . $user_id . '&save=update&result=fail');
}
}
$role_list = AdminGroup::model()->findAll();
$param['save'] = $param['result'] = '';
if (isset($_GET['save'])) {
$param['save'] = $_GET['save'];
}
if (isset($_GET['result'])) {
$param['result'] = $_GET['result'];
}
$model['user_row'] = $user_row;
$model['role_list'] = $role_list;
$model['param'] = $param;
$this->render('update', array('model' => $model));
}
/**
* 菜单过滤显示
*/
public static function display($append = '')
{
$groupId = 1;
if ($groupId != 1) {
$aclModel = AdminGroup::model()->findByPk($groupId);
$acl = $aclModel->acl . $append;
$aclArr = explode(',', $acl);
foreach (self::$aclList as $k => $r) {
if (!in_array($r['acl'], $aclArr)) {
unset(self::$aclList[$k]);
} else {
self::$aclList[$k]['url'] = self::_parentRouter($k, $aclArr);
foreach ($r['action'] as $kk => $rr) {
if (!in_array($rr['acl'], explode(',', $acl))) {
unset(self::$aclList[$k]['action'][$kk]);
}
}
}
}
}
return self::$aclList;
}
/**
* 角色编辑
*/
public function actionUpdate()
{
$role_id = $_GET['role_id'];
$role_row = AdminGroup::model()->find('role_id = :role_id', array(':role_id' => $role_id));
$role_list = XAdminiAcl::RoleMenu();
if ($_POST) {
$RoleAttr = $_POST['Role'];
if (AdminGroup::model()->updateByPk($role_id, array('group_name' => $RoleAttr['group_name'], 'acl' => implode(',', $RoleAttr['acl'])))) {
$this->redirect('?r=desktop/role/update&role_id=' . $role_id . '&save=update&result=success');
} else {
$this->redirect('?r=desktop/role/update&role_id=' . $role_id . '&save=update&result=fail');
}
}
$role_row['acl'] = explode(',', $role_row['acl']);
$param['save'] = $param['result'] = '';
if (isset($_GET['save'])) {
$param['save'] = $_GET['save'];
}
if (isset($_GET['result'])) {
$param['result'] = $_GET['result'];
}
$this->render('update', array('role_row' => $role_row, 'role_list' => $role_list, 'param' => $param));
}
/**
* 后台菜单过滤
*
*/
public static function filterMenu($append = ',home,home_index')
{
$session = new XSession();
$admini = $session->get('_admini');
$groupId = $admini['groupId'];
if ($groupId != 1) {
$aclModel = AdminGroup::model()->findByPk($groupId);
$acl = $aclModel->acl . $append;
$aclArr = explode(',', $acl);
foreach (self::$aclList as $k => $r) {
if (!in_array($r['acl'], $aclArr)) {
unset(self::$aclList[$k]);
} else {
self::$aclList[$k]['url'] = self::_parentRouter($k, $aclArr);
foreach ($r['action'] as $kk => $rr) {
if (!in_array($rr['acl'], explode(',', $acl))) {
unset(self::$aclList[$k]['action'][$kk]);
}
}
}
}
}
return self::$aclList;
}
?>
<?php
echo $form->error($model, 'access');
?>
<div class="clear"></div>
</div>
<?php
}
?>
<?php
if (Yii::app()->user->role != 'journalist' && Yii::app()->user->role != 'moderator' && Yii::app()->user->role != 'administrator' && Yii::app()->user->role == 'super-administrator') {
?>
<div class="row">
<?php
echo $form->dropDownList($model, 'status', AdminGroup::getRoles('list'), array('empty' => '(' . Yii::t('' . Yii::app()->request->cookies['language']->value . '', 'Select user access status') . ')', 'class' => 'cat-select'));
?>
<?php
echo $form->error($model, 'status');
?>
<div class="clear"></div>
</div>
<?php
}
?>
<div class="row buttons">
<?php
echo CHtml::submitButton($model->isNewRecord ? '' . Yii::t('' . Yii::app()->request->cookies['language']->value . '', 'Add') . '' : '' . Yii::t('' . Yii::app()->request->cookies['language']->value . '', 'Update') . '', array('class' => $model->isNewRecord ? 'button add-btn' : 'button upd-btn'));
?>
<div class="clear"></div>
public function loadAdminModel($login)
{
$model = AdminGroup::model()->findByAttributes(array('name' => $login));
if ($model === null) {
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
/**
* 管理组录入
*
*/
public function actionGroupCreate()
{
parent::_acl('admin_group_create');
$model = new AdminGroup();
if (isset($_POST['AdminGroup'])) {
$model->attributes = $_POST['AdminGroup'];
$acl = Yii::app()->request->getPost('acl');
if (is_array($acl)) {
$model->acl = implode(',', array_unique($acl));
} else {
$model->acl = 'administrator';
}
if ($model->save()) {
AdminLogger::_create(array('catalog' => 'create', 'intro' => '录入管理员组' . $model->group_name));
$this->redirect(array('group'));
}
}
$this->render('group_create', array('model' => $model));
}
private function groupEdite($data = null)
{
if (XUtils::method() == 'POST') {
if (!empty($_POST['gname']) && !empty($_POST['auth'])) {
$gid = reqPost('gid', null);
$auth = '|' . implode('|', array_keys($_POST['auth'])) . '|';
$sis = !empty($_POST['sis']) && $_POST['sis'] == 'Y' ? 'Y' : 'N';
$attr = array('group_name' => $_POST['gname'], 'acl' => $auth, 'status_is' => $_POST['sis']);
if (!empty($gid)) {
$attr['id'] = $gid;
} else {
$attr['create_time'] = time();
}
empty($data) && ($data = new AdminGroup());
$data->attributes = $attr;
// ppr($data);
// ppr($attr);
// ppr($_POST,1);
if ($data->save()) {
//更新权限缓存
!empty($gid) && cacheDelete('_backendAcl' . $gid, '');
parent::_backendLogger(array('catalog' => 'create', 'intro' => '编辑管理员组及权限' . $data->group_name));
XXcache::refresh('_adminGroup');
$this->redirect(array('group'));
}
} else {
$gid = reqPostNum('gid');
if ($gid > 0) {
XUtils::message('error', '发生错误,请正确填写各项', $this->createUrl('admin/groupCreate', array('id' => $gid)));
} else {
XUtils::message('error', '发生错误,请正确填写各项', $this->createUrl('admin/group'));
}
}
}
}
/**
* 权限检测
* 超级用户组跳过检测
* 附加 index_index 后台首页,防止重复验证权限
* @param $action
*/
protected function _acl($action = false, $params = array('response' => false, 'append' => ',default_index,default_home'))
{
$actionFormat = empty($action) ? strtolower($this->id . '_' . $this->action->id) : strtolower($action);
if (empty($this->_admini['super'])) {
$aclDb = AdminGroup::model()->findByPk($this->_admini['groupId']);
try {
if (!in_array($actionFormat, explode(',', strtolower($aclDb->acl) . $params['append']))) {
throw new Exception('当前角色组无权限进行此操作,请联系管理员授权');
}
} catch (Exception $e) {
if ($params['response'] == 'text') {
exit($e->getMessage());
} elseif ($params['response'] == 'json') {
$var['state'] = 'error';
$var['message'] = $e->getMessage();
exit(CJSON::encode($var));
} else {
$referrer = Yii::app()->request->urlReferrer ? Yii::app()->request->urlReferrer : $this->createUrl('default/home');
if (preg_match("/default\\/index/i", $referrer)) {
$referrer = $this->createUrl('default/home');
}
$tplVar = array('code' => '访问受限', 'message' => $e->getMessage(), 'redirect' => $params['redirect'] ? $params['redirect'] : $referrer);
exit($this->render('/_include/_error', $tplVar));
}
}
}
}
function getAdminGroupsOfGroup($groupId, $plugin)
{
// Get the list of admin groups for this server group
$sql = "SELECT admin_group_id, group_name, description, sm_immunity\n FROM gban_admin_group\n WHERE admin_group_id IN (SELECT DISTINCT admin_group_id\n FROM gban_group_admin\n WHERE server_group_id = '" . addslashes($groupId) . "')\n ORDER BY group_name ASC";
$this->db->sql_query($sql);
$groups = $this->db->get_array();
$adminGroups = array();
for ($i = 0; $i < count($groups); $i++) {
$adminGroup = new AdminGroup();
$adminGroup->setId($groups[$i]['admin_group_id']);
$adminGroup->setName(stripslashes($groups[$i]['group_name']));
$adminGroup->setDescription(stripslashes($groups[$i]['description']));
$adminGroup->setSmImmunity($groups[$i]['sm_immunity']);
// Done getting servers associated with this server group
// Get flags for a group
$sql = "SELECT pf.flag\n FROM gban_admin_group_flag agf, gban_plugin_flag pf\n WHERE agf.admin_group_id = '" . $adminGroup->getId() . "'\n AND pf.plugin_flag_id = agf.plugin_flag_id\n AND pf.plugin = '" . addslashes($plugin) . "'\n AND agf.enabled = 1";
$this->db->sql_query($sql);
$flags = $this->db->get_array();
$flagString = "";
for ($j = 0; $j < count($flags); $j++) {
$flagString .= $flags[$j]['flag'] . " ";
}
$adminGroup->setFlags($flagString);
array_push($adminGroups, $adminGroup);
// Add the server object to the array
}
return $adminGroups;
}
/**
* 取用户组列表
* @param $type
*/
protected function _groupList($type = 'admin')
{
if ($type == 'admin') {
return AdminGroup::model()->findAll();
} else {
return FALSE;
}
}
/**
* 会员角色、权限
*
* @param $role_id
* @return mixed
*/
private function _UserPermission($role_id)
{
$role_row = AdminGroup::model()->find('role_id = :role_id', array(':role_id' => $role_id), array('select' => 'group_name,acl'));
return $role_row;
}