public static function is_allowed($permission = 'default', $site_id = 0, $type = NULL)
{
$verify = true;
$site_ids = role::get_site_ids($type);
//超级管理员root不需要检查权限 zhu modify
if (role::is_root()) {
$verify = true;
} else {
if ($site_id > 0 && !in_array($site_id, $site_ids)) {
$verify = false;
}
$acl = Session::instance()->get(self::$acl_tag);
if ($acl) {
$acl = unserialize($acl);
} else {
$acl = self::acl_init();
}
$manager = role::get_manager();
$verify = $acl->is_allowed($manager["username"], $permission);
}
//验证操作
if ($verify) {
return $site_ids;
} else {
if (request::is_ajax()) {
$return_struct = array('status' => 0, 'code' => 501, 'msg' => Kohana::lang('o_global.access_denied'), 'content' => array());
die(json_encode($return_struct));
} else {
$referrer = tool::referrer_url();
remind::set('权限不足', $referrer, 'error');
}
}
}
function index()
{
//判断用户是否是已经登录状态
$data = role::get_manager();
if ($data['id'] > 0) {
$data['success'] = 'true';
$data['msg'] = 1;
} else {
$data['success'] = 'false';
$data['msg'] = 1;
}
$username = $this->input->post('username');
$password = $this->input->post('password');
$secode = $this->input->post('secode');
$remember = $this->input->post('remember');
$data['success'] = 'false';
//验证登录
$manager = role::log_in($username, $password);
if (isset($manager['username'])) {
//判断普通账号的状态、权限
if (!role::is_root($manager['username'])) {
if ($manager['active'] != 1) {
ulog::login($manager['id'], 1);
$data['msg'] = Kohana::lang('o_global.account_was_locked');
}
$actions = role::manager_actions($manager['id'], TRUE);
if (count($actions) < 1) {
ulog::login($manager['id'], 2);
$data['msg'] = Kohana::lang('o_global.account_permission_enough');
}
}
//是否记录用户名
if ($remember == 1) {
cookie::set('opococ_username', $username);
} else {
cookie::delete('opococ_username');
}
//清除记录登录错误记录
//Session::instance()->delete('login_error_count');
//记入SESSION
role::set_manager_session($manager);
//记录日志
ulog::login($manager['id']);
$data['success'] = 'true';
$data['msg'] = 1;
/*if(empty($request_url))
{
remind::set(Kohana::lang('o_global.login_success'), '/index', 'success');
}
else
{
$request_url = url::base() . urldecode($request_url);
remind::set(Kohana::lang('o_global.login_success'), $request_url, 'success');
}*/
}
die(json_encode($data));
}
public function __construct()
{
parent::__construct();
//zhu modify 只允许root执行
//$this->site_ids = role::check('manage_role');
if (!role::is_root()) {
remind::set(Kohana::lang('o_manage.only_root_do'), 'manage/manager');
}
}
/**
* Template loading and setup routine.
*/
public function __construct()
{
parent::__construct();
// checke request is ajax
$this->ajax_request = request::is_ajax();
// Load the template
$this->template = new View($this->template);
if ($this->auto_render == TRUE) {
Event::add('system.post_controller', array($this, '_render'));
}
/**
* 判断用户登录情况
*/
if (isset($_REQUEST['session_id'])) {
$session = Session::instance($_REQUEST['session_id']);
$manager = role::get_manager($_REQUEST['session_id']);
} else {
$session = Session::instance();
$manager = role::get_manager();
}
/* 当前请求的URL */
$current_url = urlencode(url::current(TRUE));
//zhu
if (isset($manager['id'])) {
$active_time = $session->get('Opococ_manager_active_time');
//用户最后操作时间
$session->set('Opococ_manager_active_time', time());
//用户最后操作时间
$login_ip = $session->get('Opococ_manager_login_ip');
//用户登录的IP
//操作超时
if (time() - $active_time > Kohana::config('login.time_out')) {
$session->delete('Opococ_manager');
$session->delete('Opococ_manager_active_time');
$session->delete('Opococ_manager_login_ip');
remind::set(Kohana::lang('o_global.first_login'), 'login?request_url=' . $current_url);
}
//用户IP(登录状态更换IP需要重新登录)
$ip = tool::get_long_ip();
if ($ip != $login_ip) {
remind::set(Kohana::lang('o_global.login_again'), 'login?request_url=' . $current_url);
}
$this->manager = $manager;
$this->manager_id = $manager['id'];
$this->manager_name = $manager['name'];
$this->manager_is_admin = role::is_root($manager['name']) ? 1 : $manager['is_admin'];
$this->template->manager_data = $manager;
} else {
remind::set(Kohana::lang('o_global.first_login'), 'login?request_url=' . $current_url);
}
}
/**
* 验证是否有权限操作
* @param string $model_flag
* @return Boolean
*/
public static function verify($permission = 'default')
{
$verify = false;
//超级管理员root不需要检查权限 zhu modify
if (role::is_root()) {
$verify = true;
} else {
$acl = Session::instance()->get(self::$acl_tag);
if ($acl) {
$acl = unserialize($acl);
} else {
$acl = self::acl_init();
}
$manager = self::get_manager();
//d($manager, false);
$verify = $acl->is_allowed($manager["username"], $permission);
}
//var_dump($verify);
return $verify;
}
/**
* delete manager
*/
public function delete($id)
{
role::check('delete_manager');
//zhu add
$this->_check_manager($id);
/*if($id == $this->manager_id)
{
remind::set(Kohana::lang('o_manage.self_account_not_do'),'manage/manager');
}*/
//不能删除root
$manager = Mymanager::instance($id)->get();
if (role::is_root($manager['username'])) {
remind::set(Kohana::lang('o_global.access_root_denied'), 'manage/manager');
}
if (Mymanager::instance($id)->delete()) {
remind::set(Kohana::lang('o_global.delete_success'), 'manage/manager', 'success');
} else {
remind::set(Kohana::lang('o_global.delete_error'), 'manage/manager');
}
}
/**
* log in
*/
function index()
{
$this->logout(FALSE);
/* 原请求页面 */
$request_url = $this->input->get('request_url');
//用户名和密码输入错误三次后就需要输入验证码
$login_error_count = Session::instance()->get('login_error_count');
if (!$login_error_count) {
$login_error_count = 1;
Session::instance()->set('login_error_count', $login_error_count);
}
//判断用户是否是已经登录状态
$data = role::get_manager();
//D($data);
if ($data['id'] > 0) {
remind::set(Kohana::lang('o_global.current_status_login'), '/', 'success');
}
//验证码KEY
secoder::$seKey = 'opococ.secoder';
//错误信息
$message = remind::get_message();
if (empty($message)) {
$error_display = "none";
$error = "";
} else {
$error_display = "";
$error = $message;
}
//登录
if ($_POST) {
$username = $this->input->post('username');
$password = $this->input->post('password');
$secode = $this->input->post('secode');
$remember = $this->input->post('remember');
//验证验证码
if ($login_error_count > 3 && !secoder::check($secode)) {
remind::set(Kohana::lang('o_global.code_input_error'), 'login');
}
//验证登录
$manager = role::log_in($username, $password);
if (isset($manager['username'])) {
//判断普通账号的状态、权限
if (!role::is_root($manager['username'])) {
if ($manager['active'] != 1) {
ulog::login($manager['id'], 1);
remind::set(Kohana::lang('o_global.account_was_locked'), 'login');
}
$actions = role::manager_actions($manager['id'], TRUE);
if (count($actions) < 1) {
ulog::login($manager['id'], 2);
remind::set(Kohana::lang('o_global.account_permission_enough'), 'login');
}
}
/* 是否记录用户名 */
if ($remember == 1) {
cookie::set('opococ_username', $username);
} else {
cookie::delete('opococ_username');
}
//清除记录登录错误记录
Session::instance()->delete('login_error_count');
//记入SESSION
role::set_manager_session($manager);
//记录日志
ulog::login($manager['id']);
if (empty($request_url)) {
remind::set(Kohana::lang('o_global.login_success'), '/index', 'success');
} else {
$request_url = url::base() . urldecode($request_url);
remind::set(Kohana::lang('o_global.login_success'), $request_url, 'success');
}
} else {
ulog::login();
$login_error_count++;
Session::instance()->set('login_error_count', $login_error_count);
remind::set(Kohana::lang('o_global.user_and_password_error'), 'login');
}
}
/* 浏览器记录的用户名 */
$username = cookie::get('opococ_username');
$this->template = new View('login');
$this->template->login_error_count = $login_error_count;
$this->template->error = $error;
$this->template->error_display = $error_display;
$this->template->username = $username;
$this->template->render(TRUE);
}
