/** * 检测用户的权限 * */ private function _checkpriv() { $controller = isset($_GET['c']) ? $_GET['c'] : QP_Controller::DEFAULT_CONTROLLER; $action = isset($_GET['a']) ? $_GET['a'] : QP_Controller::DEFAULT_ACTION; // 如果有权限则返回 $ret = Priv::check(QP_Session_Session::get('login_userid'), $controller, $action); if ($ret) { return; } // 如果是异步访问则直接输出错误 if (QP_Request::getInstance()->isAJAX()) { die('Priv Access denied'); } else { // 其它方式则直接提示后跳转 QP_Sys::msgbox('Priv Access denied!', url('index', 'index'), 10); } }
/** * 首页 */ public function indexAction() { $get = $this->request->getGet(); Priv::check($this->userid, $get['controller'], $get['action']); // 所有的用户组 $groupList = $this->userModel->userGroupList(array('userid' => $this->userid)); // 得到组ID $groupid = $this->request->getGet('groupid', 0); if ($groupid < 1) { $groupid = isset($groupList[0]['groupid']) ? $groupList[0]['groupid'] : 0; } // 得到群对应的所有权限 $priv = $this->privModel->get($groupid); $allPriv = QP_Sys::config('privconfig.priv'); $this->view->groups = $groupList; $this->view->privList = $allPriv; $this->view->priv = $priv; }
/** * 检测当前用户是否有对应的权限 * * @param unknown_type $controller * @param unknown_type $action */ function privCheck($controller, $action) { return Priv::check(QP_Session_Session::get('login_userid'), $controller, $action); }