/**
* 获取该用户的浏览级权限
*
* @param unknown $aname 当前action名称
* @param unknown $type $type=1 读取物理文件格式
* @param unknown $tablename 内嵌表格读取数据权限 传入内嵌表格表名
*/
public function getUserMap($aname = '', $type, $tablename)
{
$authId = $_SESSION[C('USER_AUTH_KEY')];
$map = "";
if ($authId && $_SESSION[C('ADMIN_AUTH_KEY')] != 1) {
$file = DConfig_PATH . "/BrowsecList/borwse_" . $authId . ".php";
if (!file_exists($file)) {
Browse::saveBrowseList($authId);
}
// 查询当前用户当前模块的浏览权限,如果没获取到,要1、重新生成 2、如果未生成抛出异常 3、对生成文件再做检查权限工作
$borwseList = (require $file);
// 返回當前aciton的瀏覽權限
if ($tablename) {
if ($borwseList[$aname][$tablename]['formsql']) {
$map = $borwseList[$aname][$tablename]['formsql'];
}
} else {
if ($borwseList[$aname]['formsql'] || $borwseList[$aname]['extend']['formsql']) {
$map = $borwseList[$aname]['formsql'];
if ($borwseList[$aname]['extend']['formsql']) {
if ($map) {
$map .= " and " . $borwseList[$aname]['extend']['formsql'];
} else {
$map .= $borwseList[$aname]['extend']['formsql'];
}
}
}
}
}
if ($type == 1) {
//物理文件样式
return $borwseList;
} else {
//表单sql
//echo $tablename;
$map2 = Browse::changerole($aname, '', $tablename);
if ($map2) {
$map = array($map, $map2);
//$map = $map." OR (".$map2.")";
}
//print_r($map);
return $map;
}
}
/**
* @Title: signin
* @Description: todo(浏览器版登陆方法)
* @author liminggang
* @date 2014-8-28 下午4:34:10
* @throws
*/
public function signin()
{
//获取产品模块授权培
$model = D('SerialNumber');
$system = array();
$system = $model->CheckFile();
if (count($system) > 0) {
//验证序列号文件是否存在,基本校验。
redirect(U("Public/serialnumber?register=" . $_POST['account']));
}
//读取名人录数据
//$this->getsolidotinfor();
if ($_POST["login_type"] == "dialog") {
$this->loginType = "dialog";
}
if (empty($_POST['account'])) {
$this->assign("jumpUrl", __URL__ . '/login/');
} elseif (empty($_POST['password'])) {
$this->assign("jumpUrl", __URL__ . '/login/');
} elseif (C("VERIFICATION_CODE") && empty($_POST['verify'])) {
if ($this->loginType != 'helperLogin') {
$this->assign("jumpUrl", __URL__ . '/login/');
$this->error('验证码必须!');
}
} elseif (C("VERIFICATION_CODE") && $_SESSION['verify'] != md5($_POST['verify'])) {
if ($this->loginType != 'helperLogin') {
$this->assign("jumpUrl", __URL__ . '/login/');
$this->error('验证码错误!');
}
}
//获取authinfo信息
$authInfo = $this->getAuthInfo();
//使用用户名、密码和状态的方式进行认证
if (false == $authInfo) {
$this->assign("jumpUrl", __URL__ . '/login/');
if ($this->loginType != 'helperLogin') {
$this->assign("info", "帐号不存在或已禁用!");
$this->display('login');
} else {
return array('status' => 0, 'msg' => "error:帐号不存在或已禁用!");
exit;
}
} else {
//--------------此部分为验证密码-------------------//
$checkPwd = $this->checkPwd($authInfo);
if ($checkPwd) {
return $checkPwd;
}
//-----------以下部分已被分成方法-------------//
$this->setSession($authInfo);
//设置session
$this->setUserInfoCookie($authInfo);
//设置UserInfo的cookie
//$this->setBBSCookie($authInfo);//设置BBS的cookie
$time = time();
//保存登录信息
$ip = get_client_ip();
$data = array();
$data['last_login_time'] = $time;
$data['logintime'] = $time;
$data['isonline'] = 1;
$data['sessionid'] = session_id();
$data['id'] = $authInfo['id'];
$data['login_count'] = array('exp', 'login_count+1');
$data['login_error_count'] = 0;
$data['newmsg'] = 1;
$data['newmsgtype'] = 1;
$data['last_login_ip'] = $ip;
if (!$bindacount) {
$User = M('User');
$User->save($data);
$User->commit();
}
//新增online信息,类型为新增
$this->setUserOnline($authInfo, $type = "insert");
// 缓存访问权限
RBAC::saveAccessList();
//写入浏览及权限
Browse::saveBrowseList();
if (isset($_SESSION[C('ADMIN_AUTH_KEY')])) {
$re = $this->check_upgrade(false);
}
//如果是从OA客户端登录的,返回真
if ($this->loginType == 'helperLogin') {
if ($_REQUEST['fromOA'] == 2) {
//$this->success('登录成功!');
redirect(U('Index/index'), 0.01, '页面跳转中。。。');
} else {
return array('status' => 1, 'msg' => "success:登录成功!");
exit;
}
} else {
if ($this->loginType != 'checkLogin') {
redirect(U('Index/index'));
} else {
$this->success('登录成功!');
}
}
}
}
public function lookupchangec()
{
$companyid = $_POST['companyid'];
//当前登录公司id
$_SESSION['companyid'] = $companyid;
//查询该用户在此公司中主岗部门
$userMap = array();
$userMap['status'] = 1;
//查询该公司
$userMap['companyid'] = $companyid;
//查询主岗
$userMap['typeid'] = 1;
//当前用户
$userMap['userid'] = $_SESSION[C('USER_AUTH_KEY')];
$userDeptDutyModel = D("UserDeptDuty");
//查询当前登录公司主岗部门id
$userDeptDutyVo = $userDeptDutyModel->where($userMap)->find();
$_SESSION['user_dep_id'] = $userDeptDutyVo['deptid'];
//删除原有浏览权限
$obj_dir = new Dir();
$directory = DConfig_PATH . "/BrowsecList/borwse_" . $_SESSION[C('USER_AUTH_KEY')] . ".php";
$ret = file_exists($directory);
if ($ret) {
$ret = unlink($directory);
}
/*if(isset($directory)){
unlink($directory)
$obj_dir->del($directory);
}*/
//写入浏览及权限
Browse::saveBrowseList();
//修改公司后 重新读取浏览权限
echo $_SESSION['companyid'];
}
