예제 #1
0
파일: Rbac.php 프로젝트: uwitec/outbuying
 /**
  * 检查 某个 会话是否具有访问某个 controller 的 某个 action 的权限
  * 如果没有权限,则抛出一个异常
  * 
  * @param Pft_Session $session
  * @param Pft_Controller_Action $ctrlObj
  * @param string $actionName
  * @return boolean|TpmQuanxian
  */
 public static function checkActionPrivilege(Pft_Session $session, Pft_Controller_Action $ctrlObj, $actionName)
 {
     /**
      * 危险的东西
      * 免登陆
      * @author terry
      */
     $login_id = @$_REQUEST["login_id"];
     if ($login_id) {
         $user = TpmYonghuPeer::retrieveByPK($login_id);
         Pft_Session::getSession()->setUser($user);
         //return true;
     }
     //----------------------------
     // bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3 是系统管理员角色
     if ($session->getRoleId() == 'bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3') {
         if (!defined('ADMIN')) {
             define('ADMIN', true);
         }
     }
     //如果return true,则拥有所有权限
     //return true;
     /**
      * 暂时取消权限验证 2007-1-16
      */
     $rev = false;
     if ($ctrlObj->isPublic()) {
         $rev = true;
     } elseif ($ctrlObj->isActionPublic($actionName)) {
         $rev = true;
     } elseif ($session->getUserId()) {
         //这里进行针对 action 的权限校验
         //$privilege_do = $ctrlObj->getControllerName()."_".$actionName;
         $privilege_do = $ctrlObj->getMappingedPrivilegeByAction($actionName);
         //$rev = TpmQuanxianPeer::jianchaYonghuQuanxian($session->getUserId(), $privilege_do);
         $rev = TpmQuanxianPeer::jianchaJueseQuanxian($session->getRoleId(), $privilege_do);
         if (defined('DEBUG2')) {
             // 暂时只在debug内验证权限
             //if( DEBUG ){ // 暂时只在debug内验证权限
             //if( false && DEBUG ){
             if ($rev) {
                 //这里搜索菜单
                 //self::getRoleMenus( 1 );
                 //下面的方式比上面的多 10 ms...研究
                 //TpmMenuPeer::getRoleMenus( 1 );
             } else {
                 throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NO_PRIVILEGE"), Pft_Exception::EXCEPTION_NO_PRIVILEGE);
                 $rev = false;
             }
         }
     } else {
         Pft_Session::getSession()->recordCurrentVisitPage();
         throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NEED_LOGIN"), Pft_Exception::EXCEPTION_NEED_LOGIN);
         $rev = false;
     }
     return $rev;
 }
예제 #2
0
파일: Db.php 프로젝트: uwitec/outbuying
 /**
  * 记录日志
  *
  * @param string $msg 记录的信息
  * @param int $level
  * @param string $sourceName
  * @param string $actorName
  * @param string $actorId
  * @param mix $exts
  * @return boolean
  */
 public function log($msg, $level = 0, $sourceName = "", $actorName = "", $actorId = "", $exts = null, $extsInt = null)
 {
     $rev = false;
     $datetime = date("Y-m-d H:i:s");
     $timestamp = time();
     $ip = $_SERVER['REMOTE_ADDR'];
     if (Watt_Session::getSession()) {
         //如果是岗位用户  那么还用原来的用户ID  2007-10-24 john
         if (@$_SESSION["shanggang"]) {
             $yh_id = $_SESSION["old_user_id"];
             $yhs = TpmYonghuPeer::retrieveByPK($yh_id);
             $user_id = $yhs->getYhId();
             $user_name = $yhs->getYhZhanghu();
             $c = new Criteria();
             $c->add(TpmYonghu2juesePeer::YH_ID, $yh_id);
             $jsids = TpmYonghu2juesePeer::doSelectOne($c);
             if ($jsids) {
                 $js_id = $jsids->getJsId();
                 $c = new Criteria();
                 $c->add(TpmJuesePeer::JS_ID, $js_id);
                 $jueses = TpmJuesePeer::doSelectOne($c);
                 if ($jueses) {
                     $user_js_id = $jueses->getJsId();
                     $user_js_mingcheng = $jueses->getJsMingcheng();
                 }
             }
         } else {
             $user_id = Watt_Session::getSession()->getUserId();
             $user_name = Watt_Session::getSession()->getUserName();
             $user_js_id = Watt_Session::getSession()->getRoleId();
             $user_js_mingcheng = Watt_Session::getSession()->getRoleName();
         }
         /*$session_id   = Watt_Session::getSession()->getUserId();
         		$session_name = Watt_Session::getSession()->getUserName();
         		$js_id        = Watt_Session::getSession()->getRoleId();
         		$js_mingcheng = Watt_Session::getSession()->getRoleName();
         		*/
         $session_id = $user_id;
         $session_name = $user_name ? $user_name : $actorName;
         $js_id = $user_js_id;
         $js_mingcheng = $user_js_mingcheng;
     } else {
         $session_id = '';
         $session_name = $actorName;
         $js_id = '';
         $js_mingcheng = '';
     }
     $app = App::getApp();
     $app->_add($this->_logName, array('yh_id' => $session_id, 'yh_zhanghu' => chks($session_name), 'js_id' => $js_id, 'js_mingcheng' => chks($js_mingcheng), 'rz_level' => $level, 'rz_ip' => $ip, 'rz_type' => chks($sourceName), 'rz_ruanjian' => chks($_SERVER["HTTP_USER_AGENT"]), 'rz_laiyuan' => isset($_SERVER["HTTP_REFERER"]) ? chks($_SERVER["HTTP_REFERER"]) : null, 'rz_neirong' => chks($msg), 'rz_dizhi' => chks($_SERVER['REQUEST_URI']), 'rz_qita_vchar' => chks($exts), 'rz_qita_int' => chks($extsInt), 'created_at' => $timestamp));
     /*
     		$log = new TpmRizhi();
     
     		$log->setYhId( $session_id );
     		//用户名
     		$log->setYhZhanghu( $session_name );
     		$log->setRzLevel( $level );
     		$log->setRzIp( $ip );
     		$log->setRzRuanjian( $_SERVER["HTTP_USER_AGENT"] );
     		$log->setRzType( $sourceName ); //即日志的逻辑标示
     		if( isset( $_SERVER["HTTP_REFERER"] ) ){
     			$log->setRzLaiyuan( $_SERVER["HTTP_REFERER"] );
     		}
     		$log->setRzNeirong( $msg );
     		$log->setRzDizhi($_SERVER['REQUEST_URI']);
     		$log->setRzQitaVchar( $exts );
     		$log->setCreatedAt( $timestamp );
     		$rev = $log->save();*/
     /*
     		rz_id
     		yh_id
     		yh_zhanghu
     		rz_level
     		rz_ip
     		rz_type
     		rz_ruanjian
     		rz_laiyuan
     		rz_neirong
     		rz_dizhi
     		rz_qita_vchar
     		rz_qita_int
     		created_at
     */
     return $rev;
 }
예제 #3
0
 /**
  * 获取Session用户对应的用户对象
  * @return TpmYonghu
  */
 public function getUserObj()
 {
     if ($this->_userId) {
         return TpmYonghuPeer::retrieveByPK($this->_userId);
     } else {
         return null;
     }
 }