/** * 检测是否是需要动态判断的权限 * @return boolean|null * 返回true则表示当前访问有权限 * 返回false则表示当前访问无权限 * 返回null,则会进入checkRule根据节点授权判断权限 * */ protected function checkDynamic() { if (IS_ROOT) { return true; //管理员允许访问任何页面 } //模型权限业务检查逻辑 // //提供的工具方法: //$AUTH_GROUP = D('AuthGroup'); // $AUTH_GROUP->checkModelId($mid); //检查模型id列表是否全部存在 // AuthGroupModel::getModelOfGroup($gid);//获取某个用户组拥有权限的模型id $model = new AuthGroupModel(); $model_ids = $model->getGroups(UID); $id = I('id'); switch (strtolower(ACTION_NAME)) { case 'edit': //编辑 //编辑 case 'update': //更新 if (in_array($id, $model_ids)) { return true; } else { return false; } case 'setstatus': //更改状态 if (is_array($id) && array_intersect($id, (array) $model_ids) == $id) { return true; } elseif (in_array($id, $model_ids)) { return true; } else { return false; } } return null; //不明,需checkRule }
/** * 显示左边菜单,进行权限控制 * @author huajie <*****@*****.**> */ protected function getMenu() { //获取站点id $site_id = I('param.site_id', 0, 'intval'); //获取动态分类 $site_auth = AuthGroupModel::getAuthSiteies(UID); //获取当前用户所有的内容权限节点 $site_auth = $site_auth == null ? array() : $site_auth; $site_list = C('SITE_LIST'); if (!IS_ROOT && !in_array($site_id, $site_auth)) { $site_id = 0; } //没有权限的站点则不显示 $nodes = array(); foreach ($site_list as $key => $val) { if (IS_ROOT || in_array($key, $site_auth)) { $nodes[$key]['title'] = $val . '线路'; $nodes[$key]['url'] = U('Order/index', array('site_id' => $key)); if ($site_id && $site_id == $key) { $nodes[$key]['current'] = 1; } else { $nodes[$key]['current'] = 0; } } } if (!IS_ROOT && empty($site_id)) { if (count($nodes)) { $i = 1; foreach ($nodes as $key => $value) { if ($i == 1) { $site_id = $key; $nodes[$key]['current'] = 1; break; } $i++; } } else { $this->redirect('Visa/index'); } } // echo '<pre>'; print_r($nodes); echo '</pre>'; // 扩展菜单 // $this->assign('_extra_menu', array('旅游线路'=>$nodes)); $this->assign('nodes', $nodes); $this->site_id = $site_id; $this->assign('site_id', $site_id); }
/** * 回收站列表 * @author huajie <*****@*****.**> */ public function recycle() { //获取左边菜单 $this->getMenu(); $map['status'] = -1; if (!IS_ROOT) { $cate_auth = AuthGroupModel::getAuthCategories(UID); if ($cate_auth) { $map['category_id'] = array('IN', $cate_auth); } else { $map['category_id'] = -1; } } $list = $this->lists(D('Document'), $map, 'update_time desc'); //处理列表数据 if (is_array($list)) { foreach ($list as $k => &$v) { $v['username'] = get_nickname($v['uid']); } } $this->assign('list', $list); $this->meta_title = '回收站'; $this->display(); }
/** * 将用户添加到用户组的编辑页面 * * @author 朱亚杰 <*****@*****.**> */ public function group() { $uid = I('uid'); $auth_groups = D('AuthGroup')->getGroups(); $user_groups = AuthGroupModel::getUserGroup($uid); $ids = array(); foreach ($user_groups as $value) { $ids[] = $value['group_id']; } $nickname = D('Common/User')->getNickName($uid); $this->assign('nickname', $nickname); $this->assign('auth_groups', $auth_groups); $this->assign('user_groups', implode(',', $ids)); $this->meta_title = '用户组授权'; $this->display(); }
/** * 显示左边菜单,进行权限控制 * @author huajie <*****@*****.**> */ protected function getMenu() { //获取动态分类 $cate_auth = AuthGroupModel::getAuthCategories(UID); //获取当前用户所有的内容权限节点 $cate_auth = $cate_auth == null ? array() : $cate_auth; $cate = M('Category')->where(array('status' => 1))->field('id,title,pid,allow_publish')->order('pid,sort')->select(); //没有权限的分类则不显示 if (!IS_ROOT) { foreach ($cate as $key => $value) { if (!in_array($value['id'], $cate_auth)) { unset($cate[$key]); } } } $cate = list_to_tree($cate); //生成分类树 //获取分类id $cate_id = I('param.cate_id'); $this->cate_id = $cate_id; //是否展开分类 $hide_cate = false; if (ACTION_NAME != 'recycle' && ACTION_NAME != 'draftbox' && ACTION_NAME != 'mydocument') { $hide_cate = true; } //生成每个分类的url foreach ($cate as $key => &$value) { $value['url'] = 'Article/index?cate_id=' . $value['id']; if ($cate_id == $value['id'] && $hide_cate) { $value['current'] = true; } else { $value['current'] = false; } if (!empty($value['_child'])) { $is_child = false; foreach ($value['_child'] as $ka => &$va) { $va['url'] = 'Article/index?cate_id=' . $va['id']; if (!empty($va['_child'])) { foreach ($va['_child'] as $k => &$v) { $v['url'] = 'Article/index?cate_id=' . $v['id']; $v['pid'] = $va['id']; $is_child = $v['id'] == $cate_id ? true : false; } } //展开子分类的父分类 if ($va['id'] == $cate_id || $is_child) { $is_child = false; if ($hide_cate) { $value['current'] = true; $va['current'] = true; } else { $value['current'] = false; $va['current'] = false; } } else { $va['current'] = false; } } } } $this->assign('nodes', $cate); $this->assign('cate_id', $this->cate_id); //获取面包屑信息 $nav = get_parent_category($cate_id); $this->assign('rightNav', $nav); //获取回收站权限 $show_recycle = $this->checkRule('Admin/article/recycle'); $this->assign('show_recycle', IS_ROOT || $show_recycle); //获取草稿箱权限 $show_draftbox = C('OPEN_DRAFTBOX'); $this->assign('show_draftbox', IS_ROOT || $show_draftbox); }
/** * 删除状态为-1的数据(包含扩展模型) * @return true 删除成功, false 删除失败 * @author huajie <*****@*****.**> */ public function remove() { //查询假删除的基础数据 if (is_administrator()) { $map = array('status' => -1); } else { $cate_ids = AuthGroupModel::getAuthCategories(UID); $map = array('status' => -1, 'category_id' => array('IN', trim(implode(',', $cate_ids), ','))); } $base_list = $this->where($map)->field('id,model_id')->select(); //删除扩展模型数据 $base_ids = array_column($base_list, 'id'); //孤儿数据 $orphan = get_stemma($base_ids, $this, 'id,model_id'); $all_list = array_merge($base_list, $orphan); foreach ($all_list as $key => $value) { $logic = $this->logic($value['model_id']); $logic->delete($value['id']); } //删除基础数据 $ids = array_merge($base_ids, (array) array_column($orphan, 'id')); if (!empty($ids)) { $res = $this->where(array('id' => array('IN', trim(implode(',', $ids), ','))))->delete(); } return $res; }
/** * 将用户添加到用户组的编辑页面 * @author kevin <*****@*****.**> */ public function group() { $uid = I('uid'); $auth_groups = D('AuthGroup')->getGroups(); $user_groups = AuthGroupModel::getUserGroup($uid); $ids = array(); foreach ($user_groups as $value) { $ids[] = $value['group_id']; } $userInfo = get_userinfo($uid); $this->assign('userinfo', $userInfo); $this->assign('auth_groups', $auth_groups); $this->assign('user_groups', implode(',', $ids)); $this->meta_title = '用户组授权'; $this->display(); }
/** * 回收站列表 * @author huajie <*****@*****.**> */ public function recycle() { //获取左边菜单 $this->getMenu(); if (IS_ROOT) { $map = array('status' => -1); } else { $cate_auth = AuthGroupModel::getAuthCategories(UID); if ($cate_auth) { $map = array('status' => -1, 'category_id' => array('IN', implode(',', $cate_auth))); } else { $map = array('status' => -1, 'category_id' => -1); } } $list = M('Document')->where($map)->field('id,title,uid,category_id,type,update_time')->order('update_time desc')->select(); //处理列表数据 foreach ($list as $k => &$v) { $v['username'] = get_nickname($v['uid']); //$v['create_time'] = time_format($v['create_time']); } $this->assign('list', $list); $this->meta_title = '回收站'; $this->display(); }
protected function checkDynamic() { $cates = AuthGroupModel::getAuthCategories(UID); switch (strtolower(ACTION_NAME)) { case 'index': //文档列表 //文档列表 case 'add': // 新增 $cate_id = I('cate_id'); break; case 'edit': //编辑 //编辑 case 'update': //更新 $doc_id = I('id'); $cate_id = M('Document')->where(array('id' => $doc_id))->getField('category_id'); break; case 'setstatus': //更改状态 //更改状态 case 'permit': //回收站 $doc_id = (array) I('ids'); $cate_id = M('Document')->where(array('id' => array('in', $doc_id)))->getField('category_id', true); $cate_id = array_unique($cate_id); break; } if (!$cate_id) { return null; //不明 } elseif (!is_array($cate_id) && in_array($cate_id, $cates)) { return true; //有权限 } elseif (is_array($cate_id) && $cate_id == array_intersect($cate_id, $cates)) { return true; //有权限 } else { return false; //无权限 } }