function hg_check_prms($user = array()) { $complex = array(); if (!$user['slave_group']) { return $complex; } $user_role_ids = explode(',', $user['slave_group']); foreach ($user_role_ids as $role_id) { if ($ret = read_role_prms_form_redis($role_id)) { $complex[$role_id] = json_decode($ret, 1); } else { $role_prms_file = get_prms_cache_dir($role_id); if (!file_exists($role_prms_file)) { break; } $complex[$role_id] = (include $role_prms_file); } } if (count($complex) == count($user_role_ids) && !DEBUG_MODE) { return $complex; } return hg_update_role_prms($user['slave_group']); }
public function update2() { //$data = json_decode(html_entity_decode($this->input['data'])); //$data = array(); // $this->verify_content_prms(array('_action' => 'auth_user')); $extend_prms = $this->input['extend']; $extend_prms['set_weight_limit'] = intval($extend_prms['set_weight_limit']); if ($extend_prms['set_weight_limit'] > 100) { $extend_prms['set_weight_limit'] = 100; } if ($extend_prms['set_weight_limit'] < 0) { $extend_prms['set_weight_limit'] = 0; } //$extend_prms['show_other_data'] = $extend_prms['show_other_data'] ? $extend_prms['show_other_data_org'] : 0; //$extend_prms['manage_other_data'] = $extend_prms['manage_other_data'] ? $extend_prms['manage_other_data_org'] : 0; //$extend_prms['create_data_limit'] = abs(intval($extend_prms['create_data_limit'])); $extend_prms['set_weight_limit'] = abs(intval($extend_prms['set_weight_limit'])); $data = array('name' => trim($this->input['name']), 'brief' => trim($this->input['brief']), 'index_page' => addslashes(trim($this->input['index_page'])), 'open_way' => intval($this->input['open_way']), 'domain' => trim($this->input['domain']), 'extend_prms' => addslashes(serialize($extend_prms)), 'publish_prms' => $this->input['column_id'], 'site_prms' => $this->input['siteid']); if ($this->user['group_type'] > MAX_ADMIN_TYPE) { $publish_prms = $data['publish_prms'] ? explode(',', $data['publish_prms']) : array(); $site_prms = $data['site_prms'] ? explode(',', $data['site_prms']) : array(); if (@array_diff($site_prms, $this->user['prms']['site_prms'])) { $this->errorOutput("非整站授权站点,授权失败"); } if (!class_exists('publishconfig')) { include_once ROOT_PATH . 'lib/class/publishconfig.class.php'; } $this->publish_column = new publishconfig(); if ($publish_prms) { //排除全站授权栏目 $column_site = $this->publish_column->get_column_site(array('column_id' => implode(',', $publish_prms))); if (is_array($column_site) && $column_site) { foreach ($column_site as $site_id => $col) { if (in_array($site_id, $this->user['prms']['site_prms'])) { //$this->errorOutput(var_export($col,1)); $publish_prms = array_diff($publish_prms, $col); } } } if (@array_diff($publish_prms, $this->user['prms']['publish_prms'])) { $this->errorOutput("非授权栏目,授权失败"); } } } $role_id = intval($this->input['id']); //if role_id -1 create data if ($role_id == -1) { $role_id = 0; } $admin_role = array(); if ($role_id) { $sql = 'SELECT id,name,user_id,extend_prms FROM ' . DB_PREFIX . 'admin_role WHERE id = "' . $role_id . '"'; $admin_role = $this->db->query_first($sql); if ($this->user['group_type'] > MAX_ADMIN_TYPE) { if ($admin_role['user_id'] != $this->user['user_id']) { $this->errorOutput("没有权限管理此角色"); } $sql = 'SELECT admin_role_id FROM ' . DB_PREFIX . 'admin WHERE id = ' . $this->user['user_id']; $user_roles = $this->db->query_first($sql); $user_roles = explode(',', $user_roles['admin_role_id']); if (in_array($role_id, $user_roles)) { $this->errorOutput('无法修改当前用户所在的角色'); } } } if ($this->user['group_type'] > MAX_ADMIN_TYPE) { //完全继承扩展权限 无论更新创建角色 $data['extend_prms'] = addslashes(serialize($this->user['prms']['default_setting'])); } if (!$admin_role) { //create $data['user_id'] = $this->user['user_id']; $data['user_name'] = $this->user['user_name']; $data['org_id'] = $this->user['org_id']; if ($this->check_name_unique($data['name'])) { $this->errorOutput(ROLE_NAME_EXISTS); } $data['create_time'] = TIMENOW; $sql = 'INSERT INTO ' . DB_PREFIX . 'admin_role SET '; foreach ($data as $filed => $value) { $sql .= ' `' . $filed . '`="' . $value . '",'; } $sql = trim($sql, ','); $op = '创建角色'; } else { //update $sql = 'UPDATE ' . DB_PREFIX . 'admin_role SET '; foreach ($data as $filed => $value) { $sql .= '`' . $filed . '`="' . $value . '",'; } $sql = trim($sql, ',') . ' WHERE id=' . $admin_role['id']; //查出原来权限 $sql1 = 'SELECT * FROM ' . DB_PREFIX . 'role_prms WHERE admin_role_id = ' . $admin_role['id'] . ' ORDER BY order_id'; $query = $this->db->query($sql1); while ($row = $this->db->fetch_array($query)) { $return['prms'][$row['app_uniqueid'] . '-' . $row['mod_uniqueid']] = $row; } $op = '修改角色'; } $this->db->query($sql); if ($admin_role) { $data['id'] = $admin_role['id']; $this->db->affected_rows() ? $this->db->query("UPDATE " . DB_PREFIX . 'admin_role SET update_user_id=' . $this->user['user_id'] . ', update_user_name="' . $this->user['user_name'] . '", update_time=' . TIMENOW . ' WHERE id = ' . $admin_role['id']) : ''; } else { $data['id'] = $this->db->insert_id(); } //if update then delete authorized data if ($admin_role) { $this->db->query('DELETE FROM ' . DB_PREFIX . 'role_prms WHERE admin_role_id = ' . intval($admin_role['id'])); } $prms = json_decode(html_entity_decode($this->input['prms']), 1); if ($prms) { $order_id = 0; $sql = 'INSERT INTO ' . DB_PREFIX . 'role_prms VALUES '; foreach ($prms as $app_mod => $v) { $app_mod = explode('-', $app_mod); if ($this->user['group_type'] > MAX_ADMIN_TYPE) { if (!$this->user['prms']['app_prms'][$app_mod[0]]['is_complete']) { $this->errorOutput('存在非多级授权应用!'); } } $sql .= '(' . $data['id'] . ',"' . $app_mod['0'] . '", "' . $app_mod['1'] . '", "' . addslashes($v['op']) . '", "' . $v['node'] . '","' . $v['setting'] . '", "' . $v['is_all'] . '",' . $order_id . '),'; $order_id++; } $sql = trim($sql, ','); $this->db->query($sql); } hg_update_role_prms($role_id); //日志 $pre_data = array_merge(unserialize($admin_role['extend_prms']), $return); $up_data = array_merge($this->input['extend'], json_decode(htmlspecialchars_decode($this->input['prms']), 1)); $this->addLogs($op, $pre_data, $up_data, $data['name']); $this->addItem($data); $this->output(); }
public function get_user_prms() { $role_id = urldecode($this->input['role_id']); if (!$role_id) { return; } $prms = hg_update_role_prms($role_id); $prms = merge_user_prms($prms); $apps = @array_keys($prms['app_prms']); if ($apps) { $apps = implode('","', $apps); $sql = 'SELECT bundle,name FROM ' . DB_PREFIX . 'apps WHERE bundle IN("' . $apps . '")'; $query = $this->db->query($sql); $apps = array(); while ($row = $this->db->fetch_array($query)) { $apps[$row['bundle']] = $row['name']; } } require_once ROOT_PATH . 'lib/class/publishconfig.class.php'; $publishconfig = new publishconfig(); $publish_sites = $publish_columns = array(); if ($prms['site_prms']) { $publish_sites = $publishconfig->get_sites(); $prms['site_prms'] = array_intersect_key($publish_sites, array_flip($prms['site_prms'])); } if ($prms['publish_prms']) { $column_ids = implode(',', $prms['publish_prms']); $publish_columns = $publishconfig->get_columnname_by_ids('*', $column_ids); $prms['publish_prms'] = $publish_columns; } if ($prms['app_prms']) { foreach ($prms['app_prms'] as $k => $v) { if ($prms['app_prms'][$k]['action']) { $prms['app_prms'][$k]['action'] = array_intersect_key($this->settings['auth_op'], array_flip($prms['app_prms'][$k]['action'])); } $prms['app_prms'][$k]['app_name'] = $apps[$k]; } } $this->addItem($prms); $this->output(); }