/**
* 检查用户权限
* @param Request_Abstract
* @param Response_Abstract
* @return [type]
*/
public function checkMemberPermission(Request_Abstract $request, Response_Abstract $response)
{
$config = Application::app()->getConfig()->get("roles")->toArray();
// 是否开启权限检查
if ($config and $config['permission'] == false) {
return;
}
$rest = RegisterRest::initRegister();
// 获取当前路由
$this->current_key = $this->getSystemAction($request->getControllerName(), $request->getActionName(), $rest);
// 如果路由不存在,跳转到默认路由位置。
// 必须在 RegisterRest 注册 route 才能获取访问权限
if (!$this->current_key) {
$request->setControllerName('Index');
$request->setActionName('index');
return;
}
$check = explode(',', $config['check']);
$member = explode(',', $config['member']);
if ($this->current_key) {
$members = MembersManage::instance();
$user = $members->getCurrentSession();
$controlName = explode('_', $this->current_key);
$userpermission = isset($user['permission']) ? explode(',', $user['permission']) : array();
// 如果是超级管理员,不检查权限。
if ($user && $user['role_id'] == 1) {
return;
}
if ($user) {
// 检查普通用户的权限
if ($user and $user['role_id'] > 1 and !in_array($this->current_key, $userpermission)) {
$request->setControllerName('Index');
$request->setActionName('index');
}
} else {
//获取匿名用户禁止路由权限
if (in_array($controlName[0], $check)) {
$request->setControllerName('Index');
$request->setActionName('index');
}
}
}
}
public function collectionCategoryPostAction($ccid = false)
{
$views = $this->getView();
$data = $this->getRequest();
$members = MembersManage::instance();
$app = $members->getCurrentSession();
if (!$app) {
exit;
}
$collectionControl = new AdminCollectionManage();
$type = 'create';
$category = false;
if ($ccid > 0) {
$type = 'edit';
$category = $collectionControl->getCollectionCategoryForID($ccid);
}
$views->assign('title', '采集分类编辑');
$views->assign('category', $category);
$views->assign('type', $type);
$views->display('admin/collectioncategory/post-modal.html.twig');
}
public function lessonArticleImageAction($cid, $ccid, $action = 'upload')
{
$data = $this->getRequest();
$rest = Restful::instance();
$members = MembersManage::instance();
$app = $members->getCurrentSession();
if (!$app) {
exit;
}
$image = new ImagesManage();
if ($action == 'upload' and $data->isPost()) {
if ($filepath = $image->saveImagesCourseArticle($data->getFiles('file'), $cid, $ccid, $app['uid'], true, 1, true)) {
$rest->assign('filelink', ImagesManage::getRelativeImage($filepath));
$rest->response();
}
} elseif ($action == 'list') {
$list = $image->getImagesCourseArticleForID($cid);
if ($list) {
$images = array();
foreach ($list as $key => $value) {
$thumb = $value['thumb'] > 0 ? $image->getRealCoverSize($value['path'], 'small', 'jpg') : '';
$images[] = array('thumb' => $thumb, 'image' => ImagesManage::getRelativeImage($value['path']), 'title' => $value['filename'], 'folder' => $ccid);
}
echo stripslashes(json_encode($images));
exit;
}
}
exit;
}
public function logoutAction()
{
$views = $this->getView();
$data = $this->getRequest();
$members = MembersManage::instance();
if ($members->logout()) {
header('Location: /');
}
exit;
}
public function linkAddAction($cid)
{
$views = $this->getView();
$rest = Restful::instance();
$data = $this->getRequest();
$members = MembersManage::instance();
$app = $members->getCurrentSession();
$courseControl = AdminCourseManage::instance();
$message = array('error' => '无法收集该链接内容', 'content' => '');
$success = 0;
if (!$app) {
$message['error'] = '没有权限';
}
if ($data->isPost()) {
$contents = $courseControl->addLinkToArticle($cid, $data->getPost('_link'), $data->getPost('_summary'));
$owner = false;
if (isset($app['uid']) and $app['uid']) {
$course = $courseControl->getCourseRow(array('course.cid' => $contents['cid'], "course.verified" => 3, "course.published" => 4));
if ($course and $app['uid'] == $course['uid']) {
$owner = true;
}
}
$views->assign('owner', $owner);
$views->assign('menu', $contents);
$views->display("index/course/article-menu-li-modal.html.twig");
}
$rest->assign('success', $success);
$rest->assign('message', $message);
$rest->response();
}
