/**
* 检查 某个 会话是否具有访问某个 controller 的 某个 action 的权限
* 如果没有权限,则抛出一个异常
*
* @param Pft_Session $session
* @param Pft_Controller_Action $ctrlObj
* @param string $actionName
* @return boolean|TpmQuanxian
*/
public static function checkActionPrivilege(Pft_Session $session, Pft_Controller_Action $ctrlObj, $actionName)
{
/**
* 危险的东西
* 免登陆
* @author terry
*/
$login_id = @$_REQUEST["login_id"];
if ($login_id) {
$user = TpmYonghuPeer::retrieveByPK($login_id);
Pft_Session::getSession()->setUser($user);
//return true;
}
//----------------------------
// bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3 是系统管理员角色
if ($session->getRoleId() == 'bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3') {
if (!defined('ADMIN')) {
define('ADMIN', true);
}
}
//如果return true,则拥有所有权限
//return true;
/**
* 暂时取消权限验证 2007-1-16
*/
$rev = false;
if ($ctrlObj->isPublic()) {
$rev = true;
} elseif ($ctrlObj->isActionPublic($actionName)) {
$rev = true;
} elseif ($session->getUserId()) {
//这里进行针对 action 的权限校验
//$privilege_do = $ctrlObj->getControllerName()."_".$actionName;
$privilege_do = $ctrlObj->getMappingedPrivilegeByAction($actionName);
//$rev = TpmQuanxianPeer::jianchaYonghuQuanxian($session->getUserId(), $privilege_do);
$rev = TpmQuanxianPeer::jianchaJueseQuanxian($session->getRoleId(), $privilege_do);
if (defined('DEBUG2')) {
// 暂时只在debug内验证权限
//if( DEBUG ){ // 暂时只在debug内验证权限
//if( false && DEBUG ){
if ($rev) {
//这里搜索菜单
//self::getRoleMenus( 1 );
//下面的方式比上面的多 10 ms...研究
//TpmMenuPeer::getRoleMenus( 1 );
} else {
throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NO_PRIVILEGE"), Pft_Exception::EXCEPTION_NO_PRIVILEGE);
$rev = false;
}
}
} else {
Pft_Session::getSession()->recordCurrentVisitPage();
throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NEED_LOGIN"), Pft_Exception::EXCEPTION_NEED_LOGIN);
$rev = false;
}
return $rev;
}
/**
* 记录日志
*
* @param string $msg 记录的信息
* @param int $level
* @param string $sourceName
* @param string $actorName
* @param string $actorId
* @param mix $exts
* @return boolean
*/
public function log($msg, $level = 0, $sourceName = "", $actorName = "", $actorId = "", $exts = null, $extsInt = null)
{
$rev = false;
$datetime = date("Y-m-d H:i:s");
$timestamp = time();
$ip = $_SERVER['REMOTE_ADDR'];
if (Watt_Session::getSession()) {
//如果是岗位用户 那么还用原来的用户ID 2007-10-24 john
if (@$_SESSION["shanggang"]) {
$yh_id = $_SESSION["old_user_id"];
$yhs = TpmYonghuPeer::retrieveByPK($yh_id);
$user_id = $yhs->getYhId();
$user_name = $yhs->getYhZhanghu();
$c = new Criteria();
$c->add(TpmYonghu2juesePeer::YH_ID, $yh_id);
$jsids = TpmYonghu2juesePeer::doSelectOne($c);
if ($jsids) {
$js_id = $jsids->getJsId();
$c = new Criteria();
$c->add(TpmJuesePeer::JS_ID, $js_id);
$jueses = TpmJuesePeer::doSelectOne($c);
if ($jueses) {
$user_js_id = $jueses->getJsId();
$user_js_mingcheng = $jueses->getJsMingcheng();
}
}
} else {
$user_id = Watt_Session::getSession()->getUserId();
$user_name = Watt_Session::getSession()->getUserName();
$user_js_id = Watt_Session::getSession()->getRoleId();
$user_js_mingcheng = Watt_Session::getSession()->getRoleName();
}
/*$session_id = Watt_Session::getSession()->getUserId();
$session_name = Watt_Session::getSession()->getUserName();
$js_id = Watt_Session::getSession()->getRoleId();
$js_mingcheng = Watt_Session::getSession()->getRoleName();
*/
$session_id = $user_id;
$session_name = $user_name ? $user_name : $actorName;
$js_id = $user_js_id;
$js_mingcheng = $user_js_mingcheng;
} else {
$session_id = '';
$session_name = $actorName;
$js_id = '';
$js_mingcheng = '';
}
$app = App::getApp();
$app->_add($this->_logName, array('yh_id' => $session_id, 'yh_zhanghu' => chks($session_name), 'js_id' => $js_id, 'js_mingcheng' => chks($js_mingcheng), 'rz_level' => $level, 'rz_ip' => $ip, 'rz_type' => chks($sourceName), 'rz_ruanjian' => chks($_SERVER["HTTP_USER_AGENT"]), 'rz_laiyuan' => isset($_SERVER["HTTP_REFERER"]) ? chks($_SERVER["HTTP_REFERER"]) : null, 'rz_neirong' => chks($msg), 'rz_dizhi' => chks($_SERVER['REQUEST_URI']), 'rz_qita_vchar' => chks($exts), 'rz_qita_int' => chks($extsInt), 'created_at' => $timestamp));
/*
$log = new TpmRizhi();
$log->setYhId( $session_id );
//用户名
$log->setYhZhanghu( $session_name );
$log->setRzLevel( $level );
$log->setRzIp( $ip );
$log->setRzRuanjian( $_SERVER["HTTP_USER_AGENT"] );
$log->setRzType( $sourceName ); //即日志的逻辑标示
if( isset( $_SERVER["HTTP_REFERER"] ) ){
$log->setRzLaiyuan( $_SERVER["HTTP_REFERER"] );
}
$log->setRzNeirong( $msg );
$log->setRzDizhi($_SERVER['REQUEST_URI']);
$log->setRzQitaVchar( $exts );
$log->setCreatedAt( $timestamp );
$rev = $log->save();*/
/*
rz_id
yh_id
yh_zhanghu
rz_level
rz_ip
rz_type
rz_ruanjian
rz_laiyuan
rz_neirong
rz_dizhi
rz_qita_vchar
rz_qita_int
created_at
*/
return $rev;
}
/**
* 获取Session用户对应的用户对象
* @return TpmYonghu
*/
public function getUserObj()
{
if ($this->_userId) {
return TpmYonghuPeer::retrieveByPK($this->_userId);
} else {
return null;
}
}
