public function run(&$params)
{
//Behavior的行为是在加载控制器之前,也包含了登录页面的控制器和验证码,所以要先排除掉;
//>>1.定义不验证的控制器和方法
$notInclude = array('Login/checkLogin', 'Verify/index');
//定义当前访问的控制器和方法
$ongoing = CONTROLLER_NAME . '/' . ACTION_NAME;
if (in_array($ongoing, $notInclude)) {
return false;
}
//判断用户是否登录
if (!isLogin()) {
$LoginService = D('Login', 'Service');
//判断用户是否自动登录
if (!$LoginService->autoLogin()) {
redirect(U('Login/checkLogin'), 1, '请登录');
}
}
if (superUser()) {
return false;
}
//得到当前用户的权限
$userUrl = savePermissionURL();
if (!in_array($ongoing, $userUrl)) {
echo "权限不足";
exit;
}
}
public function menu()
{
if (superUser()) {
$menuModel = D('Menu');
$menus = $menuModel->changPage('id,name,url,level,parent_id');
} else {
$ids = savePermissionID();
if ($ids) {
$str = implode(',', $ids);
$sql = "select distinct m.id,m.name,m.url,m.level,m.parent_id from shop_menu as m join shop_menu_permission as mp on m.id = mp.menu_id where mp.permission_id in ({$str})";
$menus = M()->query($sql);
}
}
$this->assign('menus', $menus);
$this->display('menu');
}
