public function beforeAction($action)
{
$route = Yii::$app->requestedRoute;
if ($this->identity) {
if ($this->identity->is_super) {
$allowAccess = true;
} else {
// 权限验证
$userMenuIdList = [];
$groupMenuIdList = [];
if ($this->identity->is_user_access) {
// 用户权限列表
$userMenuIdList = DpAdminUserMenuRelation::getAllMenuIdArrByUserId($this->identity->user_id);
}
if ($this->identity->is_group_access) {
// 用户组权限列表
$groupMenuIdList = DpAdminGroup::getMenuIdArrByGroupIdArr($this->identity->getGroupIdArr());
}
$this->menuIdList = array_merge($userMenuIdList, $groupMenuIdList);
$routeWhiteList = ['', 'admin/common/tree', 'admin/common/urls', 'admin/public/logout'];
$allowAccess = in_array($route, $routeWhiteList);
if (!$allowAccess) {
$queryParams = Yii::$app->request->queryParams;
$method = Yii::$app->request->method;
$urlRule = DpAdminMenuUrl::getUrlRuleByMenuIdArr($this->menuIdList);
$allowAccess = !!array_filter($urlRule, function ($item) use($route, $queryParams, $method) {
if (strpos($item['route'], '/') === 0) {
$ruleRoute = substr($item['route'], 1, strlen($item['route']));
} else {
$ruleRoute = $item['route'];
}
if ($ruleRoute == $route) {
// 请求方法验证
if (!in_array($method, StringHelper::explode($item['method'], ',', true, true))) {
return false;
}
if ($item['enable_rule']) {
// get参数规则验证
foreach ($queryParams as $qk => $qv) {
if (isset($item['rule'][$qk])) {
$pattern = '/' . $item['rule'][$qk] . '/';
if (preg_match($pattern, $qv)) {
return true;
}
}
}
return false;
} else {
return true;
}
}
return false;
});
}
}
if (!$allowAccess) {
// 权限不足
$response = Yii::$app->response;
$response->format = Response::FORMAT_JSON;
$response->data = ['success' => false, 'msg' => '权限不足', 'code' => 2];
return false;
} else {
return parent::beforeAction($action);
}
} else {
$routeWhiteList = ['', 'admin/public/login', 'admin/public/logout'];
$allowAccess = in_array($route, $routeWhiteList);
if (!$allowAccess) {
// 未登录
$response = Yii::$app->response;
$response->format = Response::FORMAT_JSON;
$response->data = ['success' => false, 'msg' => '请先登录系统', 'code' => 1];
return false;
}
}
return parent::beforeAction($action);
}
/**
* 更新状态
*
* @return array
*/
public function actionUpdateStatus()
{
$ids = \Yii::$app->request->post('ids');
$status = intval(\Yii::$app->request->post('status'));
if ($status != 0) {
$status = 1;
}
foreach (StringHelper::explode($ids, ',', true, true) as $id) {
$obj = DpAdminGroup::find()->findByGroupId($id)->one();
if ($obj) {
$obj->status = $status;
$obj->save();
}
}
return $this->renderSuccess('状态更新成功');
}
/**
* 保存数据
*
* @return array
*/
public function actionSave()
{
$user_id = \Yii::$app->request->post('user_id');
$menu_ids = \Yii::$app->request->post('menu_ids');
$username = \Yii::$app->request->post('username');
$nickname = \Yii::$app->request->post('nickname');
$source_password = \Yii::$app->request->post('source_password');
$group_ids = (array) \Yii::$app->request->post('group_ids');
$is_group_access = \Yii::$app->request->post('is_group_access');
$is_user_access = \Yii::$app->request->post('is_user_access');
$is_system = \Yii::$app->request->post('is_system');
$note = \Yii::$app->request->post('note');
$status = \Yii::$app->request->post('status');
$groupIdsStr = '';
if ($group_ids) {
$groupIdsStr = join(',', array_filter($group_ids, function ($groupId) {
return DpAdminGroup::getByGroupId($groupId);
}));
}
$saveData = ['username' => $username, 'nickname' => $nickname, 'source_password' => $source_password, 'group_ids' => $groupIdsStr, 'is_group_access' => $is_group_access, 'is_user_access' => $is_user_access, 'is_system' => $is_system, 'note' => $note, 'status' => $status];
if ($user_id) {
$obj = DpAdminUser::find()->where(['user_id' => $user_id])->one();
if (!$obj) {
return $this->renderError('保存失败,记录不存在!');
}
} else {
$obj = new DpAdminUser();
}
$obj->setAttributes($saveData);
if (!$obj->save()) {
foreach ($obj->getErrors() as $error) {
foreach ($error as $message) {
return ['success' => false, 'msg' => $message];
}
}
}
// 用户关联的菜单权限更新
DpAdminUserMenuRelation::deleteByUserId($obj->user_id);
if ($menu_ids) {
$menuIdArr = array_filter(StringHelper::explode($menu_ids, ',', true, true), function ($menuId) {
return DpAdminMenu::getByMenuId($menuId);
});
if ($menuIdArr) {
foreach ($menuIdArr as $menuId) {
$linkObj = new DpAdminUserMenuRelation();
$linkObj->setAttributes(['user_id' => $obj->user_id, 'menu_id' => $menuId]);
$linkObj->save();
}
}
}
return $this->renderSuccess('保存成功');
}
/**
* 获取用户组名称
*
* @return array
*/
public function getGroupNames()
{
$names = [];
$groupIdArr = $this->getGroupIdArr();
foreach ($groupIdArr as $groupId) {
$group = DpAdminGroup::getByGroupId($groupId);
if ($group) {
$names[] = $group['name'];
}
}
return $names;
}
/**
* 保存数据
*
* @return array
*/
public function actionSave()
{
$menu_id = Yii::$app->request->post('menu_id');
$parent_id = intval(Yii::$app->request->post('parent_id'));
$text = Yii::$app->request->post('origin_text');
$title = Yii::$app->request->post('title');
$url = Yii::$app->request->post('url');
$view_package = Yii::$app->request->post('view_package');
$expanded = intval(Yii::$app->request->post('is_expand'));
$closable = intval(Yii::$app->request->post('closable'));
$is_folder = intval(Yii::$app->request->post('is_folder'));
$is_open_url = intval(Yii::$app->request->post('is_open_url'));
$is_open_target = intval(Yii::$app->request->post('is_open_target'));
$is_every_open = intval(Yii::$app->request->post('is_every_open'));
$is_hide = intval(Yii::$app->request->post('is_hide'));
$display_order = Yii::$app->request->post('display_order');
$params = Yii::$app->request->post('params');
$note = Yii::$app->request->post('note');
$status = intval(Yii::$app->request->post('status'));
if ($parent_id) {
if ($parent_id == $menu_id) {
return $this->renderError('不能把自己当作父级');
} else {
$menu = DpAdminMenu::find()->findByMenuId($parent_id)->asArray()->one();
if (!$menu) {
return $this->renderError('父级不存在');
}
}
}
$saveData = ['parent_id' => $parent_id, 'text' => $text, 'title' => $title, 'url' => $url, 'view_package' => $view_package, 'expanded' => $expanded, 'closable' => $closable, 'is_folder' => $is_folder, 'is_open_url' => $is_open_url, 'is_open_target' => $is_open_target, 'is_every_open' => $is_every_open, 'is_hide' => $is_hide, 'display_order' => $display_order, 'params' => $params, 'note' => $note, 'status' => $status];
if ($menu_id) {
$obj = DpAdminMenu::find()->findByMenuId($menu_id)->one();
if (!$obj) {
return $this->renderError('保存失败,记录不存在!');
}
} else {
$obj = new DpAdminMenu();
}
$obj->setAttributes($saveData);
if (!$obj->save()) {
foreach ($obj->getErrors() as $error) {
foreach ($error as $message) {
return ['success' => false, 'msg' => $message];
}
}
}
// 自动给系统用户添加菜单权限
if (!$menu_id) {
$users = DpAdminUser::find()->findByIsSystem(1)->asArray()->all();
foreach ($users as $user) {
$linkObj = new DpAdminUserMenuRelation();
$linkObj->setAttributes(['user_id' => $user['user_id'], 'menu_id' => $obj->menu_id]);
$linkObj->save();
}
}
// 自动给系统用户组添加菜单权限
if (!$menu_id) {
$groups = DpAdminGroup::find()->findByIsSystem(1)->asArray()->all();
foreach ($groups as $group) {
$linkObj = new DpAdminGroupMenuRelation();
$linkObj->setAttributes(['group_id' => $group['group_id'], 'menu_id' => $obj->menu_id]);
$linkObj->save();
}
}
return $this->renderSuccess('保存成功');
}
