public function init()
{
parent::init();
$mMenu = new Menu();
Yii::$app->view->params['site_type'] = $this->params['site_type'];
Yii::$app->view->params['global_menu'] = $mMenu->get_menu_data('menu_apply');
$this->basePath = "@service/app/apply/apply";
$this->modules = ['apply' => ['class' => 'service\\app\\wechat\\wechat\\controllers\\Module', 'params' => []]];
}
/**
* 权限判断
*
* @return void
* @author
**/
public function beforeAction()
{
// 系统默认全局URI
$allow_uri = ['signin', 'signup'];
// 默认全局AJAX
$allow_ajax_uri = ["member/change", "weixin/delete", "auth/invest-remark", "auth/auth-remark", "project/delete", "project/setstatus", "project/setcomment", "order/modify", "article/delete", "weixin/delete-msg", "ads/delete", "admin/change", "menu/change-status", "file/uploads", "type/change"];
$allow_uri = array_merge($allow_uri, $allow_ajax_uri);
$user = Yii::$app->user;
$menu_model = new Menu();
$uri = Yii::$app->request->pathInfo;
$path_info = substr_count($uri, '/') == 2 ? substr($uri, 0, strrpos($uri, '/')) : $uri;
$is_menu = $menu_model->get_menu_by_auth_rules($path_info);
if ($path_info && !in_array($path_info, $allow_uri) && !$is_menu && !$user->can('administrator')) {
$auth = Yii::$app->getAuthManager();
$role = $auth->getRolesByUser(Yii::$app->user->getId());
$roles = array_keys($role);
if (strpos($path_info, '/')) {
$paths = explode('/', $path_info);
$controller = $paths[0];
$action = $paths[1];
} else {
$controller = $path_info;
$action = 'index';
}
if (is_array($roles)) {
$this->rules[] = ['controllers' => [$controller], 'allow' => false, 'roles' => $roles, 'actions' => [$action]];
$this->rules[] = ['controllers' => [$controller], 'allow' => false, 'actions' => [$action]];
}
}
// common
$this->rules[] = ['controllers' => ['admin'], 'allow' => true, 'roles' => ['@'], 'actions' => ['home']];
$this->rules[] = ['controllers' => ['debug/default'], 'allow' => true, 'roles' => ['?']];
$this->rules[] = ['allow' => true];
// echo '<pre>';print_r($this->rules);exit;
$this->denyCallback = function ($rule, $action) use($user) {
if ($user->getIsGuest()) {
$user->loginRequired();
} else {
throw new \yii\web\ForbiddenHttpException('对不起,此页面需要更高的权限账户才能访问。');
}
};
Yii::$app->controller->attachBehavior('access', ['class' => $this->accessControlFilter, 'denyCallback' => $this->denyCallback, 'rules' => $this->rules]);
}
/**
* 修改角色
* @return mixed
*/
public function actionUpdateRole($name)
{
$mRule = AuthRule::findOne(['name' => $name]);
$model = AuthItem::findOne(['name' => $name]);
//参数过滤
if (!$model || !$mRule) {
Yii::$app->session->setFlash('error', '参数错误!');
return $this->redirect('index');
}
$model->setScenario('role');
$mRule->setScenario('create');
if ($model->load($params = Yii::$app->request->post()) && $model->save()) {
$data = isset($params['data']) ? $params['data'] : [];
$attr['AuthRule'] = ['name' => $model->name, 'data' => serialize($data)];
$mRule->load($attr);
$mRule->save();
Yii::$app->session->setFlash('success', '角色修改成功');
return $this->redirect('role');
}
$mMenu = new Menu();
// echo '<pre>';print_r($mMenu->auth());exit;
return $this->render('create-role', ['model' => $model, 'menu' => $mMenu->auth(), 'action' => 'update', 'check' => $mRule->data ? unserialize($mRule->data) : []]);
}