Exemple #1
0
 public function init()
 {
     parent::init();
     $mMenu = new Menu();
     Yii::$app->view->params['site_type'] = $this->params['site_type'];
     Yii::$app->view->params['global_menu'] = $mMenu->get_menu_data('menu_apply');
     $this->basePath = "@service/app/apply/apply";
     $this->modules = ['apply' => ['class' => 'service\\app\\wechat\\wechat\\controllers\\Module', 'params' => []]];
 }
 /**
  * 权限判断
  *
  * @return void
  * @author
  **/
 public function beforeAction()
 {
     // 系统默认全局URI
     $allow_uri = ['signin', 'signup'];
     // 默认全局AJAX
     $allow_ajax_uri = ["member/change", "weixin/delete", "auth/invest-remark", "auth/auth-remark", "project/delete", "project/setstatus", "project/setcomment", "order/modify", "article/delete", "weixin/delete-msg", "ads/delete", "admin/change", "menu/change-status", "file/uploads", "type/change"];
     $allow_uri = array_merge($allow_uri, $allow_ajax_uri);
     $user = Yii::$app->user;
     $menu_model = new Menu();
     $uri = Yii::$app->request->pathInfo;
     $path_info = substr_count($uri, '/') == 2 ? substr($uri, 0, strrpos($uri, '/')) : $uri;
     $is_menu = $menu_model->get_menu_by_auth_rules($path_info);
     if ($path_info && !in_array($path_info, $allow_uri) && !$is_menu && !$user->can('administrator')) {
         $auth = Yii::$app->getAuthManager();
         $role = $auth->getRolesByUser(Yii::$app->user->getId());
         $roles = array_keys($role);
         if (strpos($path_info, '/')) {
             $paths = explode('/', $path_info);
             $controller = $paths[0];
             $action = $paths[1];
         } else {
             $controller = $path_info;
             $action = 'index';
         }
         if (is_array($roles)) {
             $this->rules[] = ['controllers' => [$controller], 'allow' => false, 'roles' => $roles, 'actions' => [$action]];
             $this->rules[] = ['controllers' => [$controller], 'allow' => false, 'actions' => [$action]];
         }
     }
     // common
     $this->rules[] = ['controllers' => ['admin'], 'allow' => true, 'roles' => ['@'], 'actions' => ['home']];
     $this->rules[] = ['controllers' => ['debug/default'], 'allow' => true, 'roles' => ['?']];
     $this->rules[] = ['allow' => true];
     // echo '<pre>';print_r($this->rules);exit;
     $this->denyCallback = function ($rule, $action) use($user) {
         if ($user->getIsGuest()) {
             $user->loginRequired();
         } else {
             throw new \yii\web\ForbiddenHttpException('对不起,此页面需要更高的权限账户才能访问。');
         }
     };
     Yii::$app->controller->attachBehavior('access', ['class' => $this->accessControlFilter, 'denyCallback' => $this->denyCallback, 'rules' => $this->rules]);
 }
 /**
  * 修改角色
  * @return mixed
  */
 public function actionUpdateRole($name)
 {
     $mRule = AuthRule::findOne(['name' => $name]);
     $model = AuthItem::findOne(['name' => $name]);
     //参数过滤
     if (!$model || !$mRule) {
         Yii::$app->session->setFlash('error', '参数错误!');
         return $this->redirect('index');
     }
     $model->setScenario('role');
     $mRule->setScenario('create');
     if ($model->load($params = Yii::$app->request->post()) && $model->save()) {
         $data = isset($params['data']) ? $params['data'] : [];
         $attr['AuthRule'] = ['name' => $model->name, 'data' => serialize($data)];
         $mRule->load($attr);
         $mRule->save();
         Yii::$app->session->setFlash('success', '角色修改成功');
         return $this->redirect('role');
     }
     $mMenu = new Menu();
     // echo '<pre>';print_r($mMenu->auth());exit;
     return $this->render('create-role', ['model' => $model, 'menu' => $mMenu->auth(), 'action' => 'update', 'check' => $mRule->data ? unserialize($mRule->data) : []]);
 }