public function ajaxAddAction()
{
$managerId = Request::getPOST('manager-id', 0);
$path = Request::getPOST('path', '');
if (empty($managerId) || empty($path)) {
$this->renderAjax(1, '参数错误!');
}
if (!RootPermissionInterface::isValidPath(array('path' => $path))) {
$this->renderAjax(1, '路径不合法!');
}
// 判断manager是否存在
$managerInfo = RootManagerInterface::getById(array('id' => $managerId));
if (empty($managerInfo)) {
$this->renderAjax(1, '管理员不存在!');
}
// 判断路径是否存在
if (!RootPermissionInterface::findPath(array('path' => $path))) {
if (rtrim($path, '/') == $path) {
$this->renderAjax(1, '权限不存在!');
} else {
$this->renderAjax(1, '权限文件夹不存在!');
}
}
// 判断是否已经被包含
$include = RootManagerInterface::checkPermission(array('id' => $managerId, 'path' => $path));
if ($include) {
$this->renderAjax(1, '权限已经拥有!');
}
// 添加
RootRelationInterface::save(array('manager_id' => $managerId, 'path' => $path));
$this->setNotice(FrameworkVars::NOTICE_SUCCESS, '添加权限成功!');
$this->renderAjax(0);
}
/**
* 权限控制
*
* @param $params array(
* 'user_id', // 用户id
* 'path', // 权限路径
* )
* @return bool
* @throws LibraryException
*/
public static function allowed($params)
{
$userId = self::get('user_id', $params, 0, TYPE_INT_GT0, true);
$path = self::get('path', $params, '', TYPE_STR_Y, true);
if (empty($path)) {
Logger::warn('interface', '权限校验时,传入了空权限,系统默认返回true!');
return true;
}
// 校验权限是否存在
$existed = RootPermissionInterface::findPath(array('path' => $path, 'from_cache' => true));
if (!$existed) {
Logger::warn('interface', "权限{$path}不存在!");
return false;
}
$managerId = RootManagerInterface::getEnabledId(array('user_id' => $userId, 'from_cache' => true));
if (empty($managerId)) {
return false;
}
$allowed = RootManagerInterface::checkPermission(array('id' => $managerId, 'path' => $path, 'from_cache' => true));
return empty($allowed) ? false : true;
}
public static function save($data, $id = 0)
{
if (0 == $id) {
$path = $data['path'];
$managerId = $data['manager_id'];
// 判断manager是否存在
$managerInfo = RootManagerInterface::getById(array('id' => $managerId));
if (empty($managerInfo)) {
throw new InterfaceException('管理员不存在!');
}
// 判断路径是否存在
if (!RootPermissionInterface::findPath(array('path' => $path))) {
throw new InterfaceException('路径不存在!');
}
// 判断是否已经添加
$check = RootManagerInterface::checkPermission(array('id' => $managerId, 'path' => $path));
if ($check) {
return 0;
}
$trans = new Trans(DbConfig::$SERVER_TRANS);
$trans->begin();
$model = new RootRelationModel($trans);
// 删除重复权限
$dir = rtrim($path, '/') . '/';
$where = array(array('manager_id', '=', $managerId), array('path', 'LIKE', "{$dir}%"));
$model->delete($where);
$insertData = $data;
$id = $model->insert($insertData);
$trans->commit();
self::syncToRedis($managerId);
return $id;
} else {
$model = new RootRelationModel();
$updateData = $data;
$affects = $model->updateById($id, $updateData);
return $affects;
}
}