/**
* 检查 某个 会话是否具有访问某个 controller 的 某个 action 的权限
* 如果没有权限,则抛出一个异常
*
* @param Pft_Session $session
* @param Pft_Controller_Action $ctrlObj
* @param string $actionName
* @return boolean|TpmQuanxian
*/
public static function checkActionPrivilege(Pft_Session $session, Pft_Controller_Action $ctrlObj, $actionName)
{
/**
* 危险的东西
* 免登陆
* @author terry
*/
$login_id = @$_REQUEST["login_id"];
if ($login_id) {
$user = TpmYonghuPeer::retrieveByPK($login_id);
Pft_Session::getSession()->setUser($user);
//return true;
}
//----------------------------
// bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3 是系统管理员角色
if ($session->getRoleId() == 'bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3') {
if (!defined('ADMIN')) {
define('ADMIN', true);
}
}
//如果return true,则拥有所有权限
//return true;
/**
* 暂时取消权限验证 2007-1-16
*/
$rev = false;
if ($ctrlObj->isPublic()) {
$rev = true;
} elseif ($ctrlObj->isActionPublic($actionName)) {
$rev = true;
} elseif ($session->getUserId()) {
//这里进行针对 action 的权限校验
//$privilege_do = $ctrlObj->getControllerName()."_".$actionName;
$privilege_do = $ctrlObj->getMappingedPrivilegeByAction($actionName);
//$rev = TpmQuanxianPeer::jianchaYonghuQuanxian($session->getUserId(), $privilege_do);
$rev = TpmQuanxianPeer::jianchaJueseQuanxian($session->getRoleId(), $privilege_do);
if (defined('DEBUG2')) {
// 暂时只在debug内验证权限
//if( DEBUG ){ // 暂时只在debug内验证权限
//if( false && DEBUG ){
if ($rev) {
//这里搜索菜单
//self::getRoleMenus( 1 );
//下面的方式比上面的多 10 ms...研究
//TpmMenuPeer::getRoleMenus( 1 );
} else {
throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NO_PRIVILEGE"), Pft_Exception::EXCEPTION_NO_PRIVILEGE);
$rev = false;
}
}
} else {
Pft_Session::getSession()->recordCurrentVisitPage();
throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NEED_LOGIN"), Pft_Exception::EXCEPTION_NEED_LOGIN);
$rev = false;
}
return $rev;
}
/**
* 记录日志
*
* @param string $msg 记录的信息
* @param int $level
* @param string $sourceName
* @param string $actorName
* @param string $actorId
* @param mix $exts
* @return boolean
*/
public function log($msg, $level = 0, $sourceName = "", $actorName = "", $actorId = "", $exts = null)
{
$now = $this->_microtime_float();
$used = $now - $this->_lastLogTime;
$totalUsed = $now - $this->_startTime;
$this->_lastLogTime = $now;
$datetime = date("Y-m-d H:i:s");
$timestamp = time();
$ip = $_SERVER['REMOTE_ADDR'];
$session_id = Pft_Session::getSession()->getUserId();
$session_name = Pft_Session::getSession()->getUserName();
/**
* Log Post To test
* @author terry
* @version 0.1.0
* Thu Jul 05 09:38:47 CST 2007
*/
// $exts .= 'Post:'.$this->_formatInfo( var_export( $_POST, true ) );
// $exts .= 'Cookie:'.$this->_formatInfo( var_export( $_COOKIE, true ) );
$logLine = $datetime . " | " . $timestamp . " | {$ip} | " . "{$used}ms/{$totalUsed}ms" . " | " . $sourceName . " | " . $this->_formatInfo($msg) . " | " . $level . " | " . 'uid:' . $session_id . " | uname:" . $session_name . " | " . $_SERVER['REQUEST_URI'] . " | " . $actorName . " | " . $actorId . " | " . $exts . "\n";
$rev = false;
if ($this->_hLogFile) {
$rev = fwrite($this->_hLogFile, $logLine);
}
/**
* 增加系统级别的日志
* @author terry
* @version 0.1.0
* Thu Sep 20 19:06:00 CST 2007
*/
exec("logger {$logLine}");
return $rev;
}
/**
* 载入语言串
*
* @todo I18n优化 速度 设置语言的位置
*/
private static function _loadStrings()
{
if (self::$isStringsLoaded) {
return;
}
self::setLang(Pft_Session::getSession()->getLanguage());
//include后 1.8 1.9 ms左右
//include前 1.5 1.6 ms左右 include 还挺费时间...
//考虑放到各个模块里..用到那个载入哪个? //这个更像php风格
//还是放到一起一并载入?
//先每个人用到的分开,最后合并
$langPath = Pft_Config::getLangPath() . self::$lang . DIRECTORY_SEPARATOR;
self::_loadLangFilesInDir($langPath);
//载入备用目录的语言文件 //
$langPath = Pft_Config::getLangPath(1) . self::$lang . DIRECTORY_SEPARATOR;
self::_loadLangFilesInDir($langPath);
/* 合并语言文件以后用下面这段代码,合并以前用上面那段
$str2s = include_once( Pft_Config::getLangPath()
.self::$lang
.DIRECTORY_SEPARATOR."lang.php" );
self::$strings = array_merge( self::$strings, $str2s);
*/
self::$isStringsLoaded = true;
}
/**
* 处理 do
* 有可能会返回 goToDo
*
* 只有一个单词的do,对应的action是 index
*
*
* @param string $do
* @return string $goToDo
*/
protected function processDo($do, $defaultView = "Html")
{
if ($do == "") {
$e = new Pft_Exception(Pft_I18n::trans("ERR_DISPATCH_NODO"));
throw $e;
}
$goToDo = "";
$arrCtrlAndAction = $this->_analyzeDoToControllerAndAction($do);
$controller = $arrCtrlAndAction[0];
$action = $arrCtrlAndAction[1];
$doFile = $arrCtrlAndAction[2];
$doAction = $arrCtrlAndAction[3];
//使用 ob_start 是为了Controller里的 redirect 可以正常使用
//ob_start();
$theCtrl = Pft_Controller_Action::factory($controller, $action);
/**
* 检查 会话的权限。
* 如果没有权限,抛出一个异常
* 此处别扭
*/
$rbac = new Pft_Rbac();
//$rbac->checkSession(Pft_Session::getSession(), $do);
$privilege = $rbac->checkActionPrivilege(Pft_Session::getSession(), $theCtrl, $action);
if ($privilege instanceof TpmYonghuzhaoquanxian) {
if (!$theCtrl->getTitle()) {
$theCtrl->setTitle(Pft_I18n::trans($privilege->getQxMingcheng()));
}
}
Pft_Debug::addInfoToDefault('', 'Pre do action.');
if (method_exists($theCtrl, $doAction)) {
//执行controller中的action
$theCtrl->{$doAction}();
} else {
throw new Exception(Pft_I18n::trans("ERR_APP_LOST_ACTION"));
}
Pft_Debug::addInfoToDefault('', 'After do action..');
$goToDo = $theCtrl->getGoToDo();
$data = $theCtrl->getData();
if (defined("DEBUG") && DEBUG) {
//调试阶段才显示Controller里输出的信息
//echo ob_get_clean();
} else {
//用户使用阶段不允许 action 里输出显示数据
//ob_clean();
}
if ($theCtrl->isNeedView()) {
Pft_Debug::addInfoToDefault('', 'Pre load view..');
if ($theCtrl->getViewType()) {
$defaultView = $theCtrl->getViewType();
}
$view = Pft_View::factory($defaultView, Pft_Config::getViewPath());
$view->setHeader($theCtrl->getHeader());
Pft_Debug::addInfoToDefault('', 'After view factory..');
/**
* 如果用户已登录,读取菜单信息
* @todo 未登录可能也可以有菜单
*/
if ($user_id = Pft_Session::getSession()->getUserId()) {
$tpmCaidans = TpmCaidanPeer::getJueseCaidan(Pft_Session::getSession()->getRoleId());
if (count($tpmCaidans)) {
$view->setHeader($tpmCaidans, "menu");
// $menus = array();
// foreach ( $tpmCaidans as $tpmCaidan )
// {
// $menus[] = array( $tpmCaidan->getCdMingcheng()
// , $tpmCaidan->getCdChuliye()
// );
// }
// $view->setHeader( $menus, "menu" );
}
}
//读取菜单完
//$view->renderModel($theCtrl);
$view->renderView($data, $this->_getDefaultViewFileOfAction($controller, $action), true);
}
return $goToDo;
}
/**
* 输入:
* p_id
*
* 输出:
*
* 如成功,转到 $products_list
*/
function deleteAction()
{
$products = Yd_Products::getPeer()->retrieveByPK($this->in("p_id"));
if (!$products) {
$this->redirectTo404();
}
Pft_Session::getSession()->recordRefererPage();
$nextUrl = Pft_Session::getSession()->getLastRefererPage() ? Pft_Session::getSession()->getLastRefererPage() : '?do=adm_ec_product_list';
try {
$products->delete();
$this->addTip(Pft_I18n::trans('OPRATE_SUCCESS'), $nextUrl);
//$this->redirectToSelfAction( "list" );
} catch (Exception $e) {
$this->addTip(Pft_I18n::trans('OPRATE_FAIL'), $nextUrl);
//保存失败,做其它处理
}
}
/**
* 获得权限相关的sql条件。
* 外边需要用AND来做。
*
* @param string $tablename
* @return string
*/
public static function getCond($tablename = '')
{
$zu_id = Pft_Session::getSession()->getGroupId();
//return " (1=1) ";
if ($tablename) {
$tablename = $tablename . '.';
}
return " ({$tablename}shifoushanchu='n' and ( {$tablename}ZU_ID='{$zu_id}' or {$tablename}ZU_ID is null or {$tablename}ZU_ID = '') ) ";
}
/**
* 获取session对象
*
* @return Pft_Session
*/
public static final function getSession()
{
if (!self::$_ses) {
self::$_ses = new Pft_Session();
}
return self::$_ses;
}
public static function buildMenuEx($data, $show = true)
{
//没调好 先藏掉
//Terry
//return "";
$xhtml = "";
if (is_array($data)) {
$menu_arr = self::sortMenu($data);
$roleId = Pft_Session::getSession()->getRoleId();
$crSessionRoleId = array('6b32ff50-df19-4e07-d50c-45b6b62bc171' => 'CR', '2798de2b-30bf-9dcb-22cd-45b6b68b315e' => 'TR', '4ade1c61-fac6-8f11-4200-466fa0a2c627' => 'CR', '61c705eb-0cde-4867-3211-45b6b6753d4d' => 'PR');
// if( key_exists( $roleId, $crSessionRoleId ) ){
// $xhtml .= "<link rel=\"stylesheet\" href=\"{$this->_menu_lib_path}xqtrmenu.css\">";
// }else{
// $xhtml .= "<link rel=\"stylesheet\" href=\"{$this->_menu_lib_path}xqmenu.css\">";
// }
$xhtml = '<div id="mainmenu"
style=""
onmouseout="this.style.left=\'-118px\'" onmouseover="$(\'mainmenu\').style.left=\'0px\'">' . "\n";
// $xhtml .= '<ul>';
// foreach ( $data as $key=>$val)
// {
// $xhtml .= '<li><a href="'.$val[1].'">'.$val[0].'</a></li>'."\n";
// }
// $xhtml .= '</ul>';
// 结束
if (Pft_Session::getSession()->getSession()->getRoleShortname() == 'CR') {
$xhtml .= "<div class='quick_order'>";
if (Pft_Session::getSession()->isTq()) {
$xhtml .= "<a TQCmd='CmdType=CallOrder' id='TQCmdTag_CallOrder' style='cursor:hand;' TQFileType=\"" . Pft_I18n::trans("EC_PUBLIC_FILETYPES_LIST") . "\">" . Pft_I18n::trans('快速下单') . "</a>";
} else {
//$xhtml .= "<a id='TQCmdTag_CallOrder' style='cursor:hand;' href='?do=ec_dingdan_add'\">".Pft_I18n::trans('快速下单')."</a>";
$xhtml .= "<a id='TQCmdTag_CallOrder' style='cursor:hand;' href='?do=twftpm_start_startNewFlowAndExecute&lclx_id=16'\">" . Pft_I18n::trans('快速下单') . "</a>";
}
$xhtml .= '</div>';
}
$xhtml .= '<div class="cls"></div>' . "\n";
$xhtml .= '<div style="float:left;width:117px;background-color:#FFF;">' . "\n";
$xhtml .= self::_buildMenuArr($menu_arr, 'menulist');
$xhtml .= '</div>' . "\n";
$xhtml .= '<div class="cls"></div>' . "\n";
$xhtml .= '</div>';
// echo "<pre>Terry at [".__FILE__."(line:".__LINE__.")]\nWhen [Thu Jul 17 11:48:15 CST 2008] :\n ";
// var_dump( $menu_arr );
// echo "</pre>";
// exit();
}
if ($show) {
echo $xhtml;
}
return $xhtml;
}
/**
* 记录日志
*
* @param string $msg 记录的信息
* @param int $level
* @param string $sourceName
* @param string $actorName
* @param string $actorId
* @param mix $exts
* @return boolean
*/
public function log($msg, $level = 0, $sourceName = "", $actorName = "", $actorId = "", $exts = null)
{
$rev = false;
$datetime = date("Y-m-d H:i:s");
$timestamp = time();
$ip = $_SERVER['REMOTE_ADDR'];
if (Pft_Session::getSession()) {
//如果是岗位用户 那么还用原来的用户ID 2007-10-24 john
if (@$_SESSION["shanggang"]) {
$yh_id = $_SESSION["old_user_id"];
$yhs = TpmYonghuPeer::retrieveByPK($yh_id);
$user_id = $yhs->getYhId();
$user_name = $yhs->getYhZhanghu();
$c = new Criteria();
$c->add(TpmYonghu2juesePeer::YH_ID, $yh_id);
$jsids = TpmYonghu2juesePeer::doSelectOne($c);
if ($jsids) {
$js_id = $jsids->getJsId();
$c = new Criteria();
$c->add(TpmJuesePeer::JS_ID, $js_id);
$jueses = TpmJuesePeer::doSelectOne($c);
if ($jueses) {
$user_js_id = $jueses->getJsId();
$user_js_mingcheng = $jueses->getJsMingcheng();
}
}
} else {
$user_id = Pft_Session::getSession()->getUserId();
$user_name = Pft_Session::getSession()->getUserName();
$user_js_id = Pft_Session::getSession()->getRoleId();
$user_js_mingcheng = Pft_Session::getSession()->getRoleName();
}
/*$session_id = Pft_Session::getSession()->getUserId();
$session_name = Pft_Session::getSession()->getUserName();
$js_id = Pft_Session::getSession()->getRoleId();
$js_mingcheng = Pft_Session::getSession()->getRoleName();
*/
$session_id = $user_id;
$session_name = $user_name;
$js_id = $user_js_id;
$js_mingcheng = $user_js_mingcheng;
} else {
$session_id = '';
$session_name = '';
$js_id = '';
$js_mingcheng = '';
}
$app = App::getApp();
$app->_add($this->_logName, array('yh_id' => $session_id, 'yh_zhanghu' => chks($session_name), 'js_id' => $js_id, 'js_mingcheng' => chks($js_mingcheng), 'rz_level' => $level, 'rz_ip' => $ip, 'rz_type' => chks($sourceName), 'rz_ruanjian' => chks($_SERVER["HTTP_USER_AGENT"]), 'rz_laiyuan' => isset($_SERVER["HTTP_REFERER"]) ? chks($_SERVER["HTTP_REFERER"]) : null, 'rz_neirong' => chks($msg), 'rz_dizhi' => chks($_SERVER['REQUEST_URI']), 'rz_qita_vchar' => chks($exts), 'created_at' => $timestamp));
/*
$log = new TpmRizhi();
$log->setYhId( $session_id );
//用户名
$log->setYhZhanghu( $session_name );
$log->setRzLevel( $level );
$log->setRzIp( $ip );
$log->setRzRuanjian( $_SERVER["HTTP_USER_AGENT"] );
$log->setRzType( $sourceName ); //即日志的逻辑标示
if( isset( $_SERVER["HTTP_REFERER"] ) ){
$log->setRzLaiyuan( $_SERVER["HTTP_REFERER"] );
}
$log->setRzNeirong( $msg );
$log->setRzDizhi($_SERVER['REQUEST_URI']);
$log->setRzQitaVchar( $exts );
$log->setCreatedAt( $timestamp );
$rev = $log->save();*/
/*
rz_id
yh_id
yh_zhanghu
rz_level
rz_ip
rz_type
rz_ruanjian
rz_laiyuan
rz_neirong
rz_dizhi
rz_qita_vchar
rz_qita_int
created_at
*/
return $rev;
}
