Esempio n. 1
0
 /**
  * Creates data provider instance with search query applied
  * @param array $params
  * @return ActiveDataProvider
  */
 public function search($params)
 {
     $query = AdminRole::find();
     $dataProvider = new ActiveDataProvider(['query' => $query]);
     $this->setAttributes($params);
     if (!$this->validate()) {
         return $dataProvider;
     }
     $query->andFilterWhere(['id' => $this->id, 'admin_id' => $this->admin_id, 'create_time' => $this->create_time, 'update_time' => $this->update_time]);
     $query->andFilterWhere(['like', 'admin_path', $this->admin_path])->andFilterWhere(['like', 'honor', $this->honor])->andFilterWhere(['like', 'acls', $this->acls]);
     return $dataProvider;
 }
Esempio n. 2
0
 function init()
 {
     parent::init();
     $session = yii::$app->session;
     if (empty($session['admin_user']['id'])) {
         echo "<script>alert('请先登录');location.href='index.php?r=public/login'</script>";
     } else {
         /**
          * 查询当前用户的所有权限
          */
         $uid = $session['admin_user']['id'];
         //查询用户所对应的角色
         $arr_role = AdminRole::find()->select(['role_id'])->where(['admin_user_id' => "{$uid}"])->asarray()->all();
         //->where(['admin._id' => $session['admin_user']['id'],'admin._id'=>"admin_role.admin_user_id"])->all();
         //$aa = yii::$app->mongodb->getcollection('admin_role')->find(array('admin_user_id'=>$session['admin']['id']));
         //print_r($arr_role);die;
         //查询角色所对应的权限id
         foreach ($arr_role as $k => $v) {
             $role_node[$k] = RoleNode::find()->select(['node_id'])->where(array('role_id' => $v['role_id']))->asarray()->all();
         }
         //print_r($role_node);die;
         foreach ($role_node as $k => $v) {
             foreach ($v as $kk => $vv) {
                 $acces[$k][$kk] = $vv['node_id'];
             }
         }
         foreach ($acces as $k => $val) {
             foreach ($acces[$k] as $key => $value) {
                 $access[] = $value;
             }
         }
         //根据node_id查询权限
         foreach ($access as $k => $val) {
             $all_node[$k] = Node::find()->where(array('_id' => "{$val}"))->asarray()->all();
         }
         //print_r($all_node);die;
         foreach ($all_node as $k => $value) {
             foreach ($value as $kk => $v) {
                 if ($v['level'] == 0) {
                     $all_c[$k][$kk]['id'] = $v['_id'];
                     $all_c[$k][$kk]['node'] = $v['node'];
                     $all_c[$k][$kk]['node_name'] = $v['node_name'];
                     $all_c[$k][$kk]['pid'] = $v['pid'];
                 } else {
                     $all_fun[$k][$kk]['id'] = $v['_id'];
                     $all_fun[$k][$kk]['node'] = $v['node'];
                     $all_fun[$k][$kk]['node_name'] = $v['node_name'];
                     $all_fun[$k][$kk]['pid'] = $v['pid'];
                 }
             }
         }
         /**
          *  $all_c获取到当前用户的所有控制器权限
          *
          *
          *  $all_fun获取到当前用户的所有方法的权限
          */
         //print_r($all_fun);die;
         foreach ($all_c as $k => $v) {
             foreach ($v as $key => $value) {
                 foreach ($all_fun as $kk => $vv) {
                     foreach ($vv as $kkk => $vvv) {
                         //判断当前用户的控制器是否含有子方法
                         if ($vvv['pid'] == $value['id']) {
                             $c_f[$k][$kk] = $value['node'] . '/' . $vvv['node'];
                         }
                     }
                 }
             }
         }
         //print_r($c_f);die;
         /**
          *  已获得  所有控制器与方法的拼接!!
          *
          *  下列转换成一维数组
          */
         foreach ($c_f as $k => $val) {
             foreach ($c_f[$k] as $key => $value) {
                 $c_fno[] = $value;
             }
         }
         //print_r($c_fno);
         /*实施重复值删除   保留*/
         $c_fyes = array_flip(array_flip($c_fno));
         //print_r($c_fyes);die;
         //获取当前管理者访问的控制器和方法
         $now_node = yii::$app->requestedRoute;
         if (!in_array($now_node, $c_fyes)) {
             echo "<script>alert('您无权限');history.back();</script>";
         }
     }
 }