public function _initialize()
{
$this->admin_uid = session('admin_uid');
$this->admin_username = session('admin_username');
if (!session('admin_uid') and !session('admin_username')) {
redirect(U('Admin/Public/login'));
exit;
}
$userinfo = M('admin_user')->where(array('id' => $this->admin_uid))->find();
if (!$userinfo) {
redirect(U('Admin/Public/login'));
exit;
}
if ($userinfo['status'] == 0) {
$this->error('该帐户处于冻结状态!', U('Admin/Public/login'));
}
if (session('admin_login_key') != $userinfo['login_key']) {
$this->error('您的帐号在别的地方登录!', U('Admin/Public/logout'));
}
$this->group_name = M('admin_auth_group_access a')->join('__ADMIN_AUTH_GROUP__ g ON a.group_id=g.id')->where(array('a.uid' => session('admin_uid')))->getField('g.title');
//权限验证
$this->assign("menu", $this->show_menu());
$this->assign("sub_menu", $this->show_sub_menu());
if (in_array(session('admin_uid'), C('AUTH_CONFIG.AUTH_ADMINUID'))) {
return true;
}
$auth = new \Think\Auth();
if (!$auth->check(MODULE_NAME . '/' . CONTROLLER_NAME . '/' . ACTION_NAME, session('admin_uid'))) {
$this->error('没有权限');
}
}
public function LoginCheck()
{
$Data = M('AuthRule');
$result = $Data->find(1);
//$this->assign('result',$result);
//$this->display();
$Auth = new \Think\Auth();
//需要验证的规则列表,支持逗号分隔的权限规则或索引数组
$name = MODULE_NAME . '/' . ACTION_NAME;
//当前用户id
echo $result['name'];
$uid = $result['id'];
//'8';
//分类
$type = MODULE_NAME;
//执行check的模式
$mode = 'url';
//'or' 表示满足任一条规则即通过验证;
//'and'则表示需满足所有规则才能通过验证
$relation = 'and';
if ($Auth->check($name, $uid, $type, $mode, $relation)) {
die('AUTH:SUCCESS!');
} else {
die('AUTH:false!');
}
}
public function _initialize()
{
$auth = new \Think\Auth();
if (!$auth->check(MODULE_NAME . '/' . CONTROLLER_NAME . '/' . ACTION_NAME, session('UID'))) {
$this->error('抱歉,您没有权限访问此页面', U('Home/Index/index'));
}
}
function authcheck($name, $uid, $type = 1, $mode = 'url', $relation = 'or')
{
if (!in_array($uid, C('ADMINISTRATOR'))) {
$auth = new \Think\Auth();
return $auth->check($name, $uid, $type, $mode, $relation) ? true : false;
} else {
return true;
}
}
public function _initialize()
{
$rule = CONTROLLER_NAME . '/' . ACTION_NAME;
$auth = new \Think\Auth();
$uid = $_SESSION['id'];
if (!$auth->check($rule, $uid)) {
$this->error('你没有操作权限', U('Login/index'));
//echo "你没有权限";
//exit;
}
}
protected function _checkAuth()
{
if (in_array(session('id'), C('ADMINISTRATOR'))) {
return true;
} else {
$AUTH = new \Think\Auth();
if (!$AUTH->check(MODULE_NAME . "/" . CONTROLLER_NAME . "/" . ACTION_NAME, session('id'))) {
$this->error('你没有权限!');
}
}
}
/**
* 权限检测
* @param string $rule 检测的规则
* @param string $mode check模式
* @return boolean
* @author 朱亚杰 <*****@*****.**>
*/
protected final function checkRule($rule, $type = AuthRuleModel::RULE_URL, $mode = 'url')
{
static $Auth = null;
if (!$Auth) {
$Auth = new \Think\Auth();
}
if (!$Auth->check($rule, UID, $type, $mode)) {
return false;
}
return true;
}
public function _initialize()
{
if (empty(session('adminid'))) {
$this->error('您没有登陆!', U('login/index'));
}
$AUTH = new \Think\Auth();
if (!in_array(session('adminid'), C('administrator'))) {
if (!$AUTH->check(MODULE_NAME . "/" . CONTROLLER_NAME . "/" . ACTION_NAME, session('adminid'))) {
$this->error('你没有权限');
}
}
}
public function testAction()
{
$auth = new \Think\Auth();
var_dump($auth->check("brand", is_user_login(), 2));
die;
if (!$auth->check(MODULE_NAME, is_user_login(), 2)) {
$this->error("无此操作权限!");
} else {
echo "xx";
die;
}
}
/**
* 检查权限
* @param name string|array 需要验证的规则列表,支持逗号分隔的权限规则或索引数组
* @param uid int 认证用户的id
* @param string mode 执行check的模式
* @param relation string 如果为 'or' 表示满足任一条规则即通过验证;如果为 'and'则表示需满足所有规则才能通过验证
* @return boolean 通过验证返回true;失败返回false
*/
function authcheck($name, $uid, $type = 1, $mode = 'url', $relation = 'or')
{
$tmp = explode('/', $name);
$modular = $tmp ? $tmp[1] : '';
//当前模块
$noCheckModu = explode(',', C('NOT_AUTH_MODULE'));
//免验证模块
if (!in_array($uid, C('ADMINISTRATOR')) && !in_array($modular, $noCheckModu)) {
$auth = new \Think\Auth();
return $auth->check($name, $uid, $type, $mode, $relation) ? true : false;
} else {
return true;
}
}
public function _initialize()
{
// 验证登陆
if (!session('aid')) {
$this->error('您还没有登录,请先登录…', U('Admin/Login/index'), 3);
}
//验证权限
$AUTH = new \Think\Auth();
//类库位置应该位于ThinkPHP\Library\Think\
//MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME ==> Admin/Index/index
if (!$AUTH->check(MODULE_NAME . '/' . CONTROLLER_NAME . '/' . ACTION_NAME, session('aid'))) {
$this->error('没有权限');
}
}
/**
* 权限检测
* @param string $rule 检测的规则
* @param string $mode check模式
* @return boolean
*/
protected final function checkRule($rule, $type, $mode = 'url')
{
if (IS_ROOT) {
return true;
//管理员允许访问任何页面
}
static $Auth = null;
if (!$Auth) {
$Auth = new \Think\Auth();
}
if (!$Auth->check($rule, UID, $type, $mode)) {
return false;
}
return true;
}
/**
* 权限检测
* @param string $rule 检测的规则
* @param string $mode check模式
* @return boolean
* @author 朱亚杰 <*****@*****.**>
*/
protected final function checkRule($rule, $type = AuthRuleModel::RULE_URL, $mode = 'url')
{
if (IS_ROOT) {
return true;
//管理员允许访问任何页面
}
static $Auth = null;
if (!$Auth) {
$Auth = new \Think\Auth();
}
if (!$Auth->check($rule, UID, array('in', '1,2'), $mode)) {
return false;
}
return true;
}
public function _initialize()
{
//判断管理员是否登录
if ($_SESSION['manage']['sign'] != 1) {
$this->redirect("Login/index");
}
//判断登录的模块是否在用户组的权限之内
$auth = new \Think\Auth();
$url = CONTROLLER_NAME . '/' . ACTION_NAME;
$uid = $_SESSION['manage']['id'];
if ($auth->check($url, $uid)) {
return true;
} else {
$this->error("无权限", U("Index/index"));
}
}
public function run(&$params)
{
//Home模块、Index控制器、DEBUG模式下不执行权限验证
if (CONTROLLER_NAME != "Index" && !APP_DEBUG) {
//判断是否登陆
if (null == session("user.id")) {
E("未登录系统", 401);
} else {
//判断当前用户权限
$auth = new \Think\Auth();
if ($auth->check(strtolower(MODULE_NAME . "/" . CONTROLLER_NAME . "/" . ACTION_NAME . "/" . $_SERVER["REQUEST_METHOD"]), session("user.id"))) {
} else {
E("无权限的操作", 403);
}
}
}
}
/**
* 初始化权限系统
* @date: 2015-12-9 上午03:47:30
* @author: zhouqg
* @param: variable
* @return:
*/
public function auth()
{
$adminAuth = $_SESSION['admin_auth'];
$auth = new \Think\Auth();
//初始化权限系统
$name = MODULE_NAME . '/' . CONTROLLER_NAME . '/' . ACTION_NAME;
$uid = $_SESSION['id'];
$where['name'] = $name;
$where['status'] = '1';
$m = D('Auth_rule')->where($where)->find();
if ($m) {
//只对已经添加的规则做权限判断
if (!$auth->check($name, $uid)) {
$this->error('没有权限');
}
}
}
/**
* 权限验证
* @param rule string|array 需要验证的规则列表,支持逗号分隔的权限规则或索引数组
* @param uid int 认证用户的id
* @param string mode 执行check的模式
* @param relation string 如果为 'or' 表示满足任一条规则即通过验证;如果为 'and'则表示需满足所有规则才能通过验证
* @return boolean 通过验证返回true;失败返回false
*/
function authCheck($rule, $uid, $type = 1, $mode = 'url', $relation = 'or')
{
//超级管理员跳过验证
$auth = new \Think\Auth();
//获取当前uid所在的角色组id
$groups = $auth->getGroups($uid);
// var_dump($rule);
// echo 'uid='.$uid;
// var_dump($auth->check($rule,$uid,$type,$mode,$relation));die();
//这里偷懒了,因为我设置的是一个用户对应一个角色组,所以直接取值.如果是对应多个角色组的话,需另外处理
//if(in_array($groups[0]['id'], C('ADMINISTRATOR'))){
if (in_array($uid, C('ADMINISTRATOR'))) {
return true;
} else {
return $auth->check($rule, $uid, $type, $mode, $relation) ? true : false;
}
}
public function viewtel($id = '')
{
$m = M('auth_rule');
$field = 'id,name,title';
$where['pid'] = 0;
//顶级ID
$where['status'] = 1;
//显示状态
$data = $m->field($field)->where($where)->select();
$auth = new \Think\Auth();
//没有权限的菜单不显示
if (!$auth->check('Member/viewtel', session('aid')) && session('aid') != 1) {
echo '没有权限查看手机号';
} else {
$m = M('member');
$id = I('id');
$info = $m->field('tel,loginname,realname')->where('id=' . $id)->find();
// echo $info['tel'];
$this->assign('data', $info);
$this->display();
}
}
function _initialize()
{
// 用户权限检查
if (!empty($_SESSION[C('USER_AUTH_KEY')])) {
//权限验证 基于Auth 过滤admin 超级唯一最高权限用户
if ($_SESSION['administrator']) {
return;
} else {
//首页框架无需验证
$name = ACTION_NAME;
switch ($name) {
case 'insert':
$name = 'add';
break;
case 'update':
$name = 'edit';
default:
break;
}
$currentDetail = CONTROLLER_NAME . '_all';
$current = CONTROLLER_NAME . '_' . $name;
$noAuth = array('Index_index', 'Merchant_getcity');
if (!in_array($current, $noAuth)) {
$auth = new \Think\Auth();
$arr = $auth->check($current . ',' . $currentDetail, $_SESSION[C('USER_AUTH_KEY')]);
if (!$arr) {
$this->error('你无改权限操作该界面');
exit;
} else {
// $session_auth [] = $current;
}
}
}
} else {
// $this->error('登录过期',__ROOT__.C('USER_AUTH_GATEWAY'));
$this->redirect(__ROOT__ . C('USER_AUTH_GATEWAY'));
}
}
protected function loadMenus()
{
$menu = C("menus");
//check if i'm a teamleader
$model = D("User");
$uid = is_user_login();
// if(!$model->isMcmanager($uid) && $model->isTeamleader($uid) )
if ($model->isTeamleader($uid)) {
$menu = array_merge($menu, C("menus_team_leader"));
}
$auth = new \Think\Auth();
$Model = M("SysConfig");
$config = $Model->find();
foreach ($menu as $key => $value) {
$url = $value['url'];
$module = explode('/', $url);
if (is_user_brand()) {
// if(!in_array(strtolower($module[0]), json_decode($config['default_role'])))
// {
// if(!$auth->check($module[0],is_user_login(),2))
// {
// unset($menu[$key]);
// continue;
// }
// }
if ($module[0] != "Brand") {
unset($menu[$key]);
continue;
}
} else {
if ($module[0] != 'Teamleader' && !$auth->check($module[0], is_user_login(), 2)) {
unset($menu[$key]);
continue;
}
}
}
$brand_id = get_brand_id();
if ($brand_id == 35) {
$isReception = D("User")->isReception(UID);
if ($isReception) {
foreach ($menu as $key => $value) {
if ($value['title'] == "前台") {
$menu[$key]['child'][] = array("id" => 0, "title" => "活动", "pid" => 4, "url" => "Reception/Spider/index");
}
}
}
}
$this->assign("menus", $menu);
}
function check_auth($rule, $type = AuthRuleModel::RULE_URL)
{
if (is_administrator()) {
return true;
//管理员允许访问任何页面
}
static $Auth = null;
if (!$Auth) {
$Auth = new \Think\Auth();
}
if (!$Auth->check($rule, get_uid(), $type)) {
return false;
}
return true;
}
/**
* 权限检测
* @param $rule
* @param $type
* @param string $mode
* @return bool
*/
public final function checkRule($rule, $type = AuthRuleModel::RULE_URL, $mode = 'url')
{
$user = D('Useradmin');
if ($this->isAdmin()) {
return true;
//管理员允许访问任何页面
}
static $auth = null;
if (!$auth) {
$auth = new \Think\Auth();
}
if (!$auth->check($rule, $user->isLogin(), $type, $mode)) {
return false;
}
return true;
}
function check_auth($rule = '', $except_uid = -1, $type = AuthRuleModel::RULE_URL)
{
if (is_administrator()) {
return true;
//管理员允许访问任何页面
}
if ($except_uid != -1) {
if (!is_array($except_uid)) {
$except_uid = explode(',', $except_uid);
}
if (in_array(is_login(), $except_uid)) {
return true;
}
}
$rule = empty($rule) ? MODULE_NAME . '/' . CONTROLLER_NAME . '/' . ACTION_NAME : $rule;
// 检测是否有该权限
if (!M('auth_rule')->where(array('name' => $rule, 'status' => 1))->find()) {
return false;
}
static $Auth = null;
if (!$Auth) {
$Auth = new \Think\Auth();
}
if (!$Auth->check($rule, get_uid(), $type)) {
return false;
}
return true;
}
/**
* 权限检测
* @param string $rule 检测的规则
* @param string $mode check模式
* @return boolean
*/
private function checkRule($rule, $mode = 'url')
{
static $Auth = null;
if (!$Auth) {
$Auth = new \Think\Auth();
}
if (!$Auth->check($rule, UID, 2, $mode)) {
return false;
}
return true;
}
