/**
* 检查用户是否有对应权限
* @param type $map 方法[模块/控制器/方法],为空自动获取
* @return type
*/
public function isCompetence($map = '')
{
//超级管理员
if (\Admins\Lib\Admin::getInstance()->isAdministrator()) {
return true;
}
if (!is_array($map)) {
//子角色列表
$child = explode(',', D("Admins/Role")->getArrchildid(\Admins\Lib\Admin::getInstance()->role_id));
if (!empty($map)) {
$map = trim($map, '/');
$map = explode('/', $map);
if (empty($map)) {
return false;
}
} else {
$map = array(MODULE_NAME, CONTROLLER_NAME, ACTION_NAME);
}
if (count($map) >= 3) {
list($app, $controller, $action) = $map;
} elseif (count($map) == 1) {
$app = MODULE_NAME;
$controller = CONTROLLER_NAME;
$action = $map[0];
} elseif (count($map) == 2) {
$app = MODULE_NAME;
list($controller, $action) = $map;
}
$map = array('role_id' => array('IN', $child), 'app' => $app, 'controller' => $controller, 'action' => $action);
}
$count = $this->where($map)->count();
return $count ? true : false;
}
public function logout()
{
if (Admin::getInstance()->logout()) {
//手动登出时,清空forward
cookie("forward", NULL);
$this->success('注销成功!', U("index"));
}
}
public function index()
{
if (IS_AJAX) {
$this->ajaxReturn(array('status' => 1));
return true;
}
$this->assign("SUBMENU_CONFIG", json_encode(D("Admins/Menu")->getMenuList()));
$this->assign('userInfo', Admin::getInstance()->getInfo());
$this->assign('role_name', D('Admins/Role')->getRoleIdName(Admin::getInstance()->role_id));
$this->display();
}
public function public_verifypass()
{
$password = I("get.password");
if (empty($password)) {
$this->error("密码不能为空!");
}
//验证密码
$user = D('Admins/Admin')->getUserInfo((int) Admin::getInstance()->id, $password);
if (!empty($user)) {
$this->success("密码正确!");
} else {
$this->error("密码错误!");
}
}
/**
* 记录日志
* @param type $message 说明
*/
public function record($message, $status = 0)
{
$fangs = 'GET';
if (IS_AJAX) {
$fangs = 'Ajax';
} else {
if (IS_POST) {
$fangs = 'POST';
}
}
$data = array('uid' => \Admins\Lib\Admin::getInstance()->id ?: 0, 'status' => $status, 'info' => "提示语:{$message}<br/>模块:" . MODULE_NAME . ",控制器:" . CONTROLLER_NAME . ",方法:" . ACTION_NAME . "<br/>请求方式:{$fangs}", 'get' => $_SERVER['HTTP_REFERER']);
$this->create($data);
return $this->add() !== false ? true : false;
}
protected function _initialize()
{
//检查是否后台登录,后台登录下优先级最高,用于权限判断
if (\Admins\Lib\Admin::getInstance()->id) {
define('IN_ADMIN', true);
$this->isadmin = 1;
$this->upname = \Admins\Lib\Admin::getInstance()->username;
$this->upuserid = \Admins\Lib\Admin::getInstance()->id;
} else {
$this->upname = service('Passport')->username;
$this->upuserid = service('Passport')->userid;
$this->groupid = service('Passport')->groupid ? service('Passport')->groupid : 8;
}
parent::_initialize();
}
public function delete()
{
$id = I('get.id');
if (empty($id)) {
$this->error("没有指定删除对象!");
}
if ((int) $id == Admin::getInstance()->id) {
$this->error("你不能删除你自己!");
}
//执行删除
if (D('Admins/Admin')->deleteUser($id)) {
$this->success("删除成功!");
} else {
$this->error(D('Admins/Admin')->getError() ?: '删除失败!');
}
}
/**
* 按父ID查找菜单子项
* @param integer $parentid 父菜单ID
* @param integer $with_self 是否包括他自己
*/
public function adminMenu($parentid, $with_self = false)
{
//父节点ID
$parentid = (int) $parentid;
$result = $this->where(array('parentid' => $parentid, 'status' => 1))->order('listorder ASC,id ASC')->select();
if (empty($result)) {
$result = array();
}
if ($with_self) {
$parentInfo = $this->where(array('id' => $parentid))->find();
$result2[] = $parentInfo ? $parentInfo : array();
$result = array_merge($result2, $result);
}
//是否超级管理员
if (\Admins\Lib\Admin::getInstance()->isAdministrator()) {
//如果角色为 1 直接通过
return $result;
}
$array = array();
//子角色列表
$child = explode(',', D("Admins/Role")->getArrchildid(\Admins\Lib\Admin::getInstance()->role_id));
foreach ($result as $v) {
//方法
$action = $v['action'];
//条件
$where = array('app' => $v['app'], 'controller' => $v['controller'], 'action' => $action, 'role_id' => array('IN', $child));
//如果是菜单项
if ($v['type'] == 0) {
$where['controller'] .= $v['id'];
$where['action'] .= $v['id'];
}
//public开头的通过
if (preg_match('/^public_/', $action)) {
$array[] = $v;
} else {
if (preg_match('/^ajax_([a-z]+)_/', $action, $_match)) {
$action = $_match[1];
}
//是否有权限
if (D('Admins/Access')->isCompetence($where)) {
$array[] = $v;
}
}
}
return $array;
}
public function changyong()
{
if (IS_POST) {
//被选中的菜单项
$menuidAll = explode(',', I('post.menuid', ''));
if (is_array($menuidAll) && count($menuidAll) > 0) {
//取得菜单数据
$menu_info = cache('Menu');
$addPanel = array();
//检测数据合法性
foreach ($menuidAll as $menuid) {
if (empty($menu_info[$menuid])) {
continue;
}
$info = array('mid' => $menuid, 'userid' => Admin::getInstance()->id, 'name' => $menu_info[$menuid]['name'], 'url' => "{$menu_info[$menuid]['app']}/{$menu_info[$menuid]['controller']}/{$menu_info[$menuid]['action']}");
$addPanel[] = $info;
}
if (D('Admins/AdminPanel')->addPanel($addPanel)) {
$this->success("添加成功!", U("Public/changyong"));
} else {
$error = D('Admins/AdminPanel')->getError();
$this->error($error ? $error : '添加失败!');
}
} else {
D('Admins/AdminPanel')->where(array("userid" => \Admins\Lib\Admin::getInstance()->id))->delete();
$this->error("常用菜单清除成功!");
}
} else {
//菜单缓存
$result = cache("Menu");
$json = array();
foreach ($result as $rs) {
if ($rs['status'] == 0) {
continue;
}
$data = array('id' => $rs['id'], 'nocheck' => $rs['type'] ? 0 : 1, 'checked' => $rs['id'], 'parentid' => $rs['parentid'], 'name' => $rs['name'], 'checked' => D("Admins/AdminPanel")->isExist($rs['id']) ? true : false);
$json[] = $data;
}
$this->assign('json', json_encode($json))->display();
}
}
/**
* 验证登录
* @return boolean
*/
private function competence()
{
//检查是否登录
$uid = (int) Admin::getInstance()->isLogin();
if (empty($uid)) {
return false;
}
//获取当前登录用户信息
$userInfo = Admin::getInstance()->getInfo();
if (empty($userInfo)) {
Admin::getInstance()->logout();
return false;
}
//是否锁定
if (!$userInfo['status']) {
Admin::getInstance()->logout();
$this->error('您的帐号已经被锁定!', U('/Admins/Login'));
return false;
}
return $userInfo;
}
/**
* ueditor编辑器设置
* @param int $textareaid 字段名
* @param int $toolbar 标准型 full 简洁型 basic
* @param string $module 模块名称
* @param int $catid 栏目id
* @param boole $allowupload 是否允许上传
* @param boole $allowbrowser 是否允许浏览文件
* @param string $alowuploadexts 允许上传类型
* @param string $allowuploadnum 每次允许上传的文件数量
* @param string $height 编辑器高度
* @param string $disabled_page 是否禁用分页和子标题
* 附件上传,要引入这两个JS content_addtop.js swf2ckeditor.js
* 注意:使用这个,需另外单独增加编辑的实例化代码!
*/
public static function editor($textareaid = 'content', $toolbar = 'basic', $allowupload = 0, $allowbrowser = 1, $alowuploadexts = '', $allowuploadnum = '10', $height = 400, $disabled_page = 0)
{
$str = "";
//加载编辑器所需JS,多编辑器字段防止重复加载
if (!defined('EDITOR_INIT')) {
$str .= '
<script type="text/javascript">
//编辑器路径定义
var editorURL = GV.DIMAUB;
</script>
<script type="text/javascript" src="' . CONFIG_SITEURL_MODEL . 'static/js/ueditor/editor_config.js"></script>
<script type="text/javascript" src="' . CONFIG_SITEURL_MODEL . 'static/js/ueditor/editor_all_min.js"></script>';
define('EDITOR_INIT', 1);
}
//编辑器类型
if ($toolbar == 'basic') {
//简洁型
$toolbar = "['FullScreen', 'Source', '|', 'Undo', 'Redo', '|','FontSize','Bold', 'forecolor', 'Italic', 'Underline', 'Link', '|', 'InsertImage', \n 'ClearDoc', 'CheckImage', " . ($allowupload && $allowbrowser ? "'attachment'," : "") . ", 'WordImage','RemoveFormat', 'FormatMatch','AutoTypeSet']\n ";
$height = 200;
} elseif ($toolbar == 'full') {
//标准型
$toolbar = "[\n 'fullscreen', 'source', '|', 'undo', 'redo', '|',\n 'bold', 'italic', 'underline', 'fontborder', 'strikethrough', 'superscript', 'subscript', 'removeformat', 'formatmatch', 'autotypeset', 'blockquote', 'pasteplain', '|', 'forecolor', 'backcolor', 'insertorderedlist', 'insertunorderedlist', 'selectall', 'cleardoc', '|',\n 'rowspacingtop', 'rowspacingbottom', 'lineheight', '|',\n 'customstyle', 'paragraph', 'fontfamily', 'fontsize', '|',\n 'directionalityltr', 'directionalityrtl', 'indent', '|',\n 'justifyleft', 'justifycenter', 'justifyright', 'justifyjustify', '|', 'touppercase', 'tolowercase', '|',\n 'link', 'unlink', 'anchor', '|', 'imagenone', 'imageleft', 'imageright', 'imagecenter', '|',\n 'simpleupload', 'insertimage', 'emotion', 'scrawl', 'insertvideo', 'music', 'attachment', 'map', 'insertframe', 'pagebreak', 'template', 'background', '|',\n 'horizontal', 'date', 'time', 'spechars', 'snapscreen', 'wordimage', '|',\n 'inserttable', 'deletetable', 'insertparagraphbeforetable', 'insertrow', 'deleterow', 'insertcol', 'deletecol', 'mergecells', 'mergeright', 'mergedown', 'splittocells', 'splittorows', 'splittocols', 'charts', '|',\n 'print', 'preview', 'searchreplace', 'drafts'\n ]";
}
$sess_id = time();
$isadmin = \Admins\Lib\Admin::getInstance()->id ? 1 : 0;
if ($isadmin) {
$userid = \Admins\Lib\Admin::getInstance()->id;
} else {
$userid = service('User')->userid;
}
$authkey = md5(C("AUTHCODE") . $sess_id . $userid . $isadmin);
$str .= "\r\n<script type=\"text/javascript\">\r\n";
$str .= " var editor{$textareaid} = UE.getEditor('{$textareaid}',{ \n textarea:'" . $textareaid . "',\n toolbars:[{$toolbar}],\n });\n editor{$textareaid}.ready(function(){\n editor{$textareaid}.execCommand('serverparam', {\n '_https':'" . CONFIG_SITEURL_MODEL . "',\n 'isadmin':'{$isadmin}',\n 'uid':'{$userid}',\n 'sessid':'{$sess_id}',\n 'authkey':'{$authkey}',\n 'allowupload':'{$allowupload}',\n 'allowbrowser':'{$allowbrowser}',\n 'alowuploadexts':'{$alowuploadexts}'\n });\n editor{$textareaid}.setHeight({$height});\n });\n ";
$str .= "\r\n</script>";
return $str;
}
/**
+----------------------------------------------------------
* 取得当前认证号的所有权限列表
+----------------------------------------------------------
* @param integer $authId 用户ID
+----------------------------------------------------------
* @access public
+----------------------------------------------------------
*/
public static function getAccessList($authId)
{
//用户信息
$userInfo = Admin::getInstance()->getInfo();
if (empty($userInfo)) {
return false;
}
//角色ID
$role_id = $userInfo['role_id'];
//检查角色
$roleinfo = D('Admins/Role')->where(array('id' => $role_id))->find();
if (empty($roleinfo) || empty($roleinfo['status'])) {
return false;
}
//该角色全部权限
$access = D('Admins/Access')->getAccessList($role_id);
$accessList = array();
foreach ($access as $acc) {
$app = strtoupper($acc['app']);
$controller = strtoupper($acc['controller']);
$action = strtoupper($acc['action']);
$accessList[$app][$controller][$action] = $action;
}
return $accessList;
}
/**
* 检查该菜单是否已经添加过
* @param type $mid 菜单ID
* @return boolean
*/
public function isExist($mid)
{
return $this->where(array('mid' => $mid, "userid" => \Admins\Lib\Admin::getInstance()->id))->count();
}
public function public_album_load()
{
if (IS_POST) {
$this->redirect('public_album_load', $_POST);
}
$config = cache('Config');
$where = array();
$db = M("Attachment");
$filename = I('get.filename', '', '');
$args = I('get.args', '', '');
$args = explode(",", $args);
empty($filename) ?: ($where['filename'] = array('like', '%' . $filename . '%'));
$uploadtime = I('get.uploadtime', '', '');
if (!empty($uploadtime)) {
$start_uploadtime = strtotime($uploadtime . ' 00:00:00');
$stop_uploadtime = strtotime($uploadtime . ' 23:59:59');
if ($start_uploadtime) {
$where['uploadtime'] = array('EGT', $start_uploadtime);
}
if ($stop_uploadtime) {
$where['uploadtime'] = array(array('EGT', $start_uploadtime), array('ELT', $stop_uploadtime), 'and');
}
}
//获取总数
$where['module'] = array("eq", 'works');
$isadmin = \Admins\Lib\Admin::getInstance()->id;
if (!$isadmin) {
$where['userid'] = array("eq", service('Passport')->userid);
}
$count = $db->where($where)->count();
//启用分页
$page = $this->page($count, 12);
$data = $db->where($where)->order(array("uploadtime" => "DESC"))->limit($page->firstRow . ',' . $page->listRows)->select();
foreach ($data as $k => $v) {
$data[$k]['filepath'] = $config['sitefileurl'] . $data[$k]['filepath'];
}
$this->assign("Page", $page->show());
$this->assign("data", $data);
$this->assign("file_upload_limit", $args[0]);
$this->display();
}