/** * 检测用户是否对URI有访问权限的 * * @param unknown_type $userid * @return boolean */ public static function check($userid, $controller, $action) { // 非普通用户不查检权限 if (QP_Session_Session::get('login_priv') != 1) { return true; } // 得到配置 $privcfg = QP_Sys::config('privconfig'); // 如果不使用权限则永远返回 true if (!$privcfg['enable']) { return true; } // 判断是否在全局访问的资源中 $allRes = strtolower($controller . '_*'); $currentRes = strtolower($controller . '_' . $action); if (in_array($currentRes, $privcfg['allow']) || in_array($allRes, $privcfg['allow'])) { return true; } // 得到用户所在的组的所有权限 $userModel = new Model_User(); $userInfo = $userModel->userinfo($userid); $privModel = new Model_Priv(); $resourceArr = $privModel->getResource($userInfo['groupid']); // 判断是否在权限组中 return in_array($currentRes, $resourceArr) || in_array($allRes, $resourceArr); }
/** * 为用户组添加默认权限(所有的权限) * * @param unknown_type $groupid */ public function addDefaultPriv($groupid) { // 得到权限的配置 $privcfg = QP_Sys::config('privconfig'); $priv = array(); foreach ($privcfg['priv'] as $gid => $res) { foreach ($res['resgroup'] as $resid => $row) { $priv[] = $gid . '|' . $resid; } } return $this->submit($groupid, $priv); }
/** * 首页 */ public function indexAction() { $get = $this->request->getGet(); Priv::check($this->userid, $get['controller'], $get['action']); // 所有的用户组 $groupList = $this->userModel->userGroupList(array('userid' => $this->userid)); // 得到组ID $groupid = $this->request->getGet('groupid', 0); if ($groupid < 1) { $groupid = isset($groupList[0]['groupid']) ? $groupList[0]['groupid'] : 0; } // 得到群对应的所有权限 $priv = $this->privModel->get($groupid); $allPriv = QP_Sys::config('privconfig.priv'); $this->view->groups = $groupList; $this->view->privList = $allPriv; $this->view->priv = $priv; }
/** * 发送通知 * * @param unknown_type $receiver 接收者ID,多个ID用","连接,如:"yuanwei1,guoyu" * @param unknown_type $msg 消息内容 * @param unknown_type $url 点击消息所打开的URL * @param unknown_type $title 标题 * @param unknown_type $delaytime 消息提醒框的停留时间(毫秒),0表示不自动消失。 */ public static function send($receiver, $msg, $url, $title = 'QuickBug Notify', $delaytime = 0) { $rtxCfg = QP_Sys::config('sysconfig.rtx'); // RTX网关只支持 GBK 的编码 $msg = sprintf("[%s|%s]", $msg, $url); $msg = mb_convert_encoding($msg, 'gbk', 'utf-8'); $title = mb_convert_encoding($title, 'gbk', 'utf-8'); // 组合参数 $params = implode('&', array('title=' . urlencode($title), 'receiver=' . $receiver, 'msg=' . urlencode($msg), 'delaytime=' . $delaytime)); $url = sprintf("http://%s:%d/sendnotify.cgi?%s", $rtxCfg['host'], $rtxCfg['port'], $params); if (!self::$debug) { // 发送请求 if (function_exists('curl_init')) { QP_Sys::load('curl')->set(array('port' => $rtxCfg['port'], 'timeOut' => 5))->get($url); } else { @file_get_contents($url); } } else { // 写日志 QP_Sys::log($url, 'rtx'); } }
/** * 自动运行 */ public function init() { // 得到用户信息 $this->userid = intval(QP_Session_Session::get('login_userid')); $this->username = QP_Session_Session::get('login_username'); $this->priv = QP_Session_Session::get('login_priv'); // 自动得到当前的控制器和方法,适应各种URL模式 $get = $this->request->getGet(); $parsm = $this->request->getParam(); $this->controller = strtolower($get['controller'] ? $get['controller'] : $parsm['controller']); $this->action = strtolower($get['action'] ? $get['action'] : $parsm['action']); // 判断是否登录了,除了可以直接访问的行为 $allowRes = QP_Sys::config('privconfig.allow'); $res = strtolower($this->controller . '_' . $this->action); $resAll = strtolower($this->controller . '_*'); if (!in_array($res, $allowRes) && !in_array($resAll, $allowRes)) { // 没有登录后台则跳转到登录去 if (!$this->userid) { $url = $this->request->currentUrl(); $this->gotoUri('index', 'login', array('bgurl' => $url)); } } }
/** * BUG列表字段设置 */ public function buglistsetAction() { $userModel = new Model_User(); //dump($userModel->getSet('bugListFields')); // 提交数据 if ($this->request->isPost()) { $userModel->saveSet('bugListFields', isset($_POST['fields']) ? $_POST['fields'] : array()); $this->outputJson(0); } $fields = QP_Sys::config('bugconfig.listfields'); $this->view->fields = $fields; $this->view->noSet = !fieldIsSet(); }
/** * 得到当前用户所选择的语言 * * @return unknown */ function getLang() { $lang = null; // 如果当前有用户登录了 if (QP_Session_Session::get('login_userid') > 0) { $userModel = new Model_User(); $lang = $userModel->getSet('lang'); } // 如果用户没有设置则检查 session if ($lang == null) { $lang = QP_Session_Session::get('lang'); } // 如果还是没有设置则取系统配置的默认值了 if ($lang == null) { $lang = QP_Sys::config('Sysconfig.lang'); } return ucfirst($lang); }
/** * 更新BUG * * @param unknown_type $sets * @param unknown_type $id */ public function updateBug($sets, $bugid) { $info = $this->bugInfo($bugid); // 如果修改了标题或内容则要保存所修改的历史记录 if (isset($sets['subject']) || isset($sets['info'])) { if ($info) { $historySet = array('bugid' => $bugid, 'historydata' => serialize($info), 'dateline' => time()); $this->db->insert($this->bugHistoryTable, $historySet); } // 修改记录 $this->addOperate($bugid, $this->userid, L('bug.modifyed_bug_content')); } // 如果改变了状态则要记录操作记录 if (isset($sets['status']) && $sets['status'] != $info['status']) { $bugStatus = QP_Sys::config('bugconfig.status'); $this->addOperate($bugid, $this->userid, $bugStatus[$sets['status']] . L('bug.this_bug')); // 如果BUG的状态修改为了 "已接受" 则要把接受者改为当前的用户 if ($sets['status'] == 2) { $sets['touserid'] = $this->userid; } } // 记录最后更新的时间 if (!isset($sets['lastuptime'])) { $sets['lastuptime'] = time(); } return $this->db->update($this->bugTable, $sets, array('bugid' => $bugid)); }
/** * 将内容保存后下载 * * @param string $content 内容 * @param string $filename 文件基本名 */ private function _downloadContent($content, $filename) { // 保存为临时文件 $file = 'files/export/' . $filename; file_put_contents(SITEWEB_PATH . '/' . $file, $content); // 下载 $sysCfg = QP_Sys::config('sysconfig'); $url = $sysCfg['domain'] . $sysCfg['path'] . $file; header("Location: {$url}"); exit; }
/** * 群发RTX/邮件通知 * */ public function notifyAction() { // 发通知提交 if ($this->request->isPost()) { switch ($_POST['toUser']) { // 所有人 case 0: $userList = $this->userModel->userinfoList(array('createuid' => $this->userid)); // 得到 UID $userids = $spr = ''; foreach ($userList as $row) { $userids .= $spr . $row['userid']; $spr = ','; } break; // 用户组 // 用户组 case 1: $userList = $this->userModel->userinfoList(array('groupid' => $_POST['userGroup'])); // 得到 UID $userids = $spr = ''; foreach ($userList as $row) { $userids .= $spr . $row['userid']; $spr = ','; } break; // 指定用户 // 指定用户 case 2: $userids = $_POST['sendUsers']; break; } // 发通知 if (isset($_POST['notifyEmail']) && $_POST['notifyEmail']) { User::notify($userids, $_POST['notMsg'], $_POST['notUrl'], 'mail', $_POST['notTitle']); } if (isset($_POST['notifyRtx']) && $_POST['notifyRtx']) { User::notify($userids, $_POST['notMsg'], $_POST['notUrl'], 'rtx', $_POST['notTitle']); } $this->outputJson(0); } // 得到所有的用户组 $this->view->groupList = $this->userModel->userGroupList(array('userid' => $this->userid)); // 域名配置 $conf = QP_Sys::config('sysconfig'); $this->view->domain = $conf['domain'] . $conf['path']; }
/** * 构造函数 * */ public function __construct() { $this->_config = QP_Sys::config('sysconfig.mail'); }