public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['user_name'] = $validator->required('用户名不能为空')->validate('user_name'); $input['password'] = $validator->required('密码不能为空')->validate('password'); $p_captcha = $validator->required('验证码不能为空')->validate('captcha'); if (!$this->validate($validator)) { goto out_fail; } // 检查验证码是否有效 $captchaController = new \Controller\Image\Captcha(); if (!$captchaController->validateCaptcha($p_captcha)) { $this->addFlashMessage("验证码错误"); goto out_fail; } $adminService = new AdminUserService(); // 验证用户登陆 $admin = $adminService->doAuthAdmin($input['user_name'], $input['user_name'], $input['password']); if (!$admin) { $this->addFlashMessage("登陆失败,用户名、密码错误"); goto out_fail; } // 记录用户的登陆信息 $adminUserInfo = $admin->toArray(); unset($adminUserInfo['password']); // 不要记录密码 // 取得用户的角色权限 $adminUserInfo['role_action_list'] = ''; if ($adminUserInfo['role_id'] > 0) { $metaRoleService = new MetaRoleService(); $role = $metaRoleService->loadRoleById($adminUserInfo['role_id']); if (!$role->isEmpty()) { // 赋值角色权限 $adminUserInfo['role_action_list'] = $role['meta_data']; } } AuthHelper::saveAuthUser($adminUserInfo); try { // 记录用户登录日志 AdminLog::logAdminOperate('user.login', '用户登录', 'IP:' . $f3->get('IP')); } catch (\Exception $e) { // do nothing } $this->addFlashMessage("登陆成功"); // 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页 RouteHelper::jumpBack($this, '/', true); return; // 这里正常返回 out_fail: // 失败从这里入口 $smarty->display('user_login.tpl', 'User|Login|post'); }
public function ListRole($f3) { // 检查缓存 $cacheKey = md5(__NAMESPACE__ . '\\' . __CLASS__ . '\\' . __METHOD__); $roleArray = $f3->get($cacheKey); if (!empty($roleArray)) { goto out; } $metaRoleService = new MetaRoleService(); $roleArray = $metaRoleService->fetchRoleArray(); $f3->set($cacheKey, $roleArray, 300); //缓存 5 分钟 out: Ajax::header(); echo Ajax::buildResult(null, null, $roleArray); }
/** * 角色权限管理 * * @param $f3 */ public function Privilege($f3) { // 权限检查 $this->requirePrivilege('manage_account_role_privilege_get'); global $smarty; // 参数验证 $validator = new Validator($f3->get('GET')); $meta_id = $validator->required()->digits()->min(1)->validate('meta_id'); if (!$this->validate($validator)) { goto out_fail; } // 查询角色信息 $metaRoleService = new MetaRoleService(); $role = $metaRoleService->loadRoleById($meta_id); if ($role->isEmpty()) { // 不存在的角色 $this->addFlashMessage('角色不存在'); goto out_fail; } if (!Request::isRequestPost()) { // 没有 post ,只是普通的显示 goto out_display; } // 权限检查 $this->requirePrivilege('manage_account_role_privilege_post'); $action_list_str = ''; $actionCodeArray = $f3->get('POST[action_code]'); if (empty($actionCodeArray)) { // 清空了所有权限 $action_list_str = ''; goto update_privilege; } // 清除掉 privilegeAll,角色不能设置最高权限 while ($actionCodeArrayIndex = array_search(AdminUserService::privilegeAll, $actionCodeArray)) { unset($actionCodeArray[$actionCodeArrayIndex]); } // 生成权限字符串 $action_list_str = implode(',', $actionCodeArray); update_privilege: $role->meta_data = $action_list_str; $role->save(); $this->addFlashMessage('角色权限保存成功'); out_display: $smarty->assign($role->toArray()); // 取得权限显示列表 $metaPrivilegeService = new MetaPrivilegeService(); $smarty->assign('privilegeArray', $metaPrivilegeService->fetchPrivilegeArray()); $smarty->display('account_role_privilege.tpl'); return; // 正常从这里返回 out_fail: // 失败,返回角色列表 RouteHelper::reRoute($this, '/Account/Role/ListRole'); }
/** * 管理员列表显示 */ public function ListUser($f3) { // 权限检查 $this->requirePrivilege('manage_account_admin_listuser'); global $smarty; // 参数验证 $validator = new Validator($f3->get('GET')); $pageNo = $validator->digits()->min(0)->validate('pageNo'); $pageSize = $validator->digits()->min(0)->validate('pageSize'); //查询条件 $formQuery = array(); $formQuery['user_name'] = $validator->validate('user_name'); $formQuery['user_real_name'] = $validator->validate('user_real_name'); $formQuery['user_desc'] = $validator->validate('user_desc'); $formQuery['role_id'] = $validator->digits()->validate('role_id'); // 设置缺省值 $pageNo = isset($pageNo) && $pageNo > 0 ? $pageNo : 0; $pageSize = isset($pageSize) && $pageSize > 0 ? $pageSize : 10; if (!$this->validate($validator)) { goto out_display; } // 建立查询条件 $condArray = QueryBuilder::buildQueryCondArray($formQuery); // 查询管理员列表 $adminUserService = new AdminUserService(); $totalCount = $adminUserService->countAdminArray($condArray); if ($totalCount <= 0) { // 没用户,可以直接退出了 goto out_display; } // 页数超过最大值,返回第一页 if ($pageNo * $pageSize >= $totalCount) { RouteHelper::reRoute($this, '/Account/Admin/ListUser'); } // 管理员列表 $adminUserArray = $adminUserService->fetchAdminArray($condArray, $pageNo * $pageSize, $pageSize); // 取得角色列表 $metaRoleService = new MetaRoleService(); $roleArray = $metaRoleService->fetchRoleArray(); // 建立 roleId --> role 的倒查表 $roleIdToRoleArray = array(); foreach ($roleArray as $roleItem) { $roleIdToRoleArray[$roleItem['meta_id']] = $roleItem; } // 给管理员添加角色信息 foreach ($adminUserArray as &$adminUser) { if (array_key_exists($adminUser['role_id'], $roleIdToRoleArray)) { $adminUser['role_name'] = $roleIdToRoleArray[$adminUser['role_id']]['meta_name']; } else { $adminUser['role_name'] = ''; } } unset($adminUser); // 给模板赋值 $smarty->assign('totalCount', $totalCount); $smarty->assign('pageNo', $pageNo); $smarty->assign('pageSize', $pageSize); $smarty->assign('adminUserArray', $adminUserArray); out_display: $smarty->display('account_admin_listuser.tpl'); }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['user_real_name'] = $validator->required('管理员名称不能为空')->validate('user_real_name'); $input['oldpassword'] = $validator->validate('oldpassword'); $input['password'] = $validator->validate('password'); $input['user_desc'] = $validator->validate('user_desc'); // 用户打算修改密码 if (!Utils::isBlank($input['password'])) { $validator->required('必须提供旧密码才能修改密码')->validate('oldpassword'); if ($f3->get('sysConfig[is_demo]')) { $this->addFlashMessage('演示系统不允许修改密码'); goto out; } } // 提供的旧密码,但是新密码为空 if (!Utils::isBlank($input['oldpassword'])) { $validator->required('新密码不能为空')->validate('password'); } if (!$this->validate($validator)) { goto out; } $authAdminUser = AuthHelper::getAuthUser(); $adminUserService = new AdminUserService(); // 验证用户登陆 $adminUser = $adminUserService->loadAdminById($authAdminUser['user_id']); if ($adminUser->isEmpty()) { $this->addFlashMessage("非法登陆用户"); RouteHelper::reRoute($this, '/User/Logout', false); } // 用户打算修改密码,但是旧密码不对 if (!empty($input['password']) && !$adminUserService->verifyPassword($authAdminUser['user_id'], $input['oldpassword'])) { $this->addFlashMessage('旧密码不对'); goto out; } // 更新数据 unset($input['oldpassword']); $adminUserService->updateAdmin($adminUser, $input); // 记录用户的登陆信息 $adminUserInfo = $adminUser->toArray(); unset($adminUserInfo['password']); // 不要记录密码 // 取得用户的角色权限 $adminUserInfo['role_action_list'] = ''; if ($adminUserInfo['role_id'] > 0) { $metaRoleService = new MetaRoleService(); $role = $metaRoleService->loadRoleById($adminUserInfo['role_id']); if (!$role->isEmpty()) { // 赋值角色权限 $adminUserInfo['role_action_list'] = $role['meta_data']; } } AuthHelper::saveAuthUser($adminUserInfo); $this->addFlashMessage("修改资料成功"); $smarty->assign($adminUserInfo); out: // 从这里出去 $smarty->display('my_profile.tpl'); }