public function allowList() { $user = session('admin.admin'); //$user['custom_access'] = ! empty($user['custom_access']) ? unserialize($user['custom_access']) : array(); if ($user['cp_group_id'] > 0) { //获取用户所在管理组的权限 $adminAccess = new AdminAccess(); $accessList = $adminAccess->where('cp_group_id=' . $user['cp_group_id'])->select(); //var_dump($accessList);exit; //权限菜单 $menuList = $this->_menus; foreach ($menuList as $topMenu) { foreach ($topMenu['treeViewMenu'] as $menu) { $adminAccess = new AdminAccess(); $adminAccess = $adminAccess->where('cp_group_id=' . $user['cp_group_id'] . ' AND access="' . $menu['actionName'] . '"')->find(); if ($adminAccess && $menu['auth']) { $menu['auth'] = is_array($menu['auth']) ? $menu['auth'] : (array) $menu['auth']; foreach ($menu['auth'] as $auth) { $accessList[] = array('cp_group_id' => $adminAccess['cp_group_id'], 'access' => $auth); } } } } $actionName = $this->getControllerFun(); //保存访问权限 foreach ($accessList as $access) { $this->_allowAccess[$access['access']] = true; } $this->_allowAccess['Admin/index'] = true; //var_dump($this->_allowAccess);exit; if (!array_key_exists($actionName, $this->_allowAccess)) { //echo 123;exit; return false; } // if (isset($this->_allowAccess[$actionName])) // { // return $this->_allowAccess[$actionName]; // } return true; } return true; }
public function postGroupPerm($id) { $adminAccess = new AdminAccess(); $adminAccess->where('cp_group_id=' . $id)->delete(); if (!empty($_POST['perm_allow'])) { $perm_allow = $_POST['perm_allow']; foreach ($perm_allow as $access) { $adminAccess = new AdminAccess(); $data['cp_group_id'] = $id; $data['access'] = $access; $data['created_at'] = date('Y-m-d H:i:s', time()); $data['updated_at'] = date('Y-m-d H:i:s', time()); $adminAccess->add($data); } } $this->success('保存成功'); }