Exemplo n.º 1
0
 public static function is_allowed($permission = 'default', $site_id = 0, $type = NULL)
 {
     $verify = true;
     $site_ids = role::get_site_ids($type);
     //超级管理员root不需要检查权限 zhu modify
     if (role::is_root()) {
         $verify = true;
     } else {
         if ($site_id > 0 && !in_array($site_id, $site_ids)) {
             $verify = false;
         }
         $acl = Session::instance()->get(self::$acl_tag);
         if ($acl) {
             $acl = unserialize($acl);
         } else {
             $acl = self::acl_init();
         }
         $manager = role::get_manager();
         $verify = $acl->is_allowed($manager["username"], $permission);
     }
     //验证操作
     if ($verify) {
         return $site_ids;
     } else {
         if (request::is_ajax()) {
             $return_struct = array('status' => 0, 'code' => 501, 'msg' => Kohana::lang('o_global.access_denied'), 'content' => array());
             die(json_encode($return_struct));
         } else {
             $referrer = tool::referrer_url();
             remind::set('权限不足', $referrer, 'error');
         }
     }
 }
Exemplo n.º 2
0
 function index()
 {
     //判断用户是否是已经登录状态
     $data = role::get_manager();
     if ($data['id'] > 0) {
         $data['success'] = 'true';
         $data['msg'] = 1;
     } else {
         $data['success'] = 'false';
         $data['msg'] = 1;
     }
     $username = $this->input->post('username');
     $password = $this->input->post('password');
     $secode = $this->input->post('secode');
     $remember = $this->input->post('remember');
     $data['success'] = 'false';
     //验证登录
     $manager = role::log_in($username, $password);
     if (isset($manager['username'])) {
         //判断普通账号的状态、权限
         if (!role::is_root($manager['username'])) {
             if ($manager['active'] != 1) {
                 ulog::login($manager['id'], 1);
                 $data['msg'] = Kohana::lang('o_global.account_was_locked');
             }
             $actions = role::manager_actions($manager['id'], TRUE);
             if (count($actions) < 1) {
                 ulog::login($manager['id'], 2);
                 $data['msg'] = Kohana::lang('o_global.account_permission_enough');
             }
         }
         //是否记录用户名
         if ($remember == 1) {
             cookie::set('opococ_username', $username);
         } else {
             cookie::delete('opococ_username');
         }
         //清除记录登录错误记录
         //Session::instance()->delete('login_error_count');
         //记入SESSION
         role::set_manager_session($manager);
         //记录日志
         ulog::login($manager['id']);
         $data['success'] = 'true';
         $data['msg'] = 1;
         /*if(empty($request_url))
         		{
         			remind::set(Kohana::lang('o_global.login_success'), '/index', 'success');
         		}
                    else
                    {
         			$request_url = url::base() . urldecode($request_url);
         			remind::set(Kohana::lang('o_global.login_success'), $request_url, 'success');
         		}*/
     }
     die(json_encode($data));
 }
Exemplo n.º 3
0
 public function __construct()
 {
     parent::__construct();
     //zhu modify 只允许root执行
     //$this->site_ids = role::check('manage_role');
     if (!role::is_root()) {
         remind::set(Kohana::lang('o_manage.only_root_do'), 'manage/manager');
     }
 }
Exemplo n.º 4
0
 /**
  * Template loading and setup routine.
  */
 public function __construct()
 {
     parent::__construct();
     // checke request is ajax
     $this->ajax_request = request::is_ajax();
     // Load the template
     $this->template = new View($this->template);
     if ($this->auto_render == TRUE) {
         Event::add('system.post_controller', array($this, '_render'));
     }
     /**
      * 判断用户登录情况
      */
     if (isset($_REQUEST['session_id'])) {
         $session = Session::instance($_REQUEST['session_id']);
         $manager = role::get_manager($_REQUEST['session_id']);
     } else {
         $session = Session::instance();
         $manager = role::get_manager();
     }
     /* 当前请求的URL */
     $current_url = urlencode(url::current(TRUE));
     //zhu
     if (isset($manager['id'])) {
         $active_time = $session->get('Opococ_manager_active_time');
         //用户最后操作时间
         $session->set('Opococ_manager_active_time', time());
         //用户最后操作时间
         $login_ip = $session->get('Opococ_manager_login_ip');
         //用户登录的IP
         //操作超时
         if (time() - $active_time > Kohana::config('login.time_out')) {
             $session->delete('Opococ_manager');
             $session->delete('Opococ_manager_active_time');
             $session->delete('Opococ_manager_login_ip');
             remind::set(Kohana::lang('o_global.first_login'), 'login?request_url=' . $current_url);
         }
         //用户IP(登录状态更换IP需要重新登录)
         $ip = tool::get_long_ip();
         if ($ip != $login_ip) {
             remind::set(Kohana::lang('o_global.login_again'), 'login?request_url=' . $current_url);
         }
         $this->manager = $manager;
         $this->manager_id = $manager['id'];
         $this->manager_name = $manager['name'];
         $this->manager_is_admin = role::is_root($manager['name']) ? 1 : $manager['is_admin'];
         $this->template->manager_data = $manager;
     } else {
         remind::set(Kohana::lang('o_global.first_login'), 'login?request_url=' . $current_url);
     }
 }
Exemplo n.º 5
0
 /**
  * 验证是否有权限操作
  * @param string $model_flag
  * @return Boolean
  */
 public static function verify($permission = 'default')
 {
     $verify = false;
     //超级管理员root不需要检查权限 zhu modify
     if (role::is_root()) {
         $verify = true;
     } else {
         $acl = Session::instance()->get(self::$acl_tag);
         if ($acl) {
             $acl = unserialize($acl);
         } else {
             $acl = self::acl_init();
         }
         $manager = self::get_manager();
         //d($manager, false);
         $verify = $acl->is_allowed($manager["username"], $permission);
     }
     //var_dump($verify);
     return $verify;
 }
Exemplo n.º 6
0
 /**
  * delete manager
  */
 public function delete($id)
 {
     role::check('delete_manager');
     //zhu add
     $this->_check_manager($id);
     /*if($id == $this->manager_id)
     		{
     			remind::set(Kohana::lang('o_manage.self_account_not_do'),'manage/manager');
     		}*/
     //不能删除root
     $manager = Mymanager::instance($id)->get();
     if (role::is_root($manager['username'])) {
         remind::set(Kohana::lang('o_global.access_root_denied'), 'manage/manager');
     }
     if (Mymanager::instance($id)->delete()) {
         remind::set(Kohana::lang('o_global.delete_success'), 'manage/manager', 'success');
     } else {
         remind::set(Kohana::lang('o_global.delete_error'), 'manage/manager');
     }
 }
Exemplo n.º 7
0
 /**
  * log in
  */
 function index()
 {
     $this->logout(FALSE);
     /* 原请求页面 */
     $request_url = $this->input->get('request_url');
     //用户名和密码输入错误三次后就需要输入验证码
     $login_error_count = Session::instance()->get('login_error_count');
     if (!$login_error_count) {
         $login_error_count = 1;
         Session::instance()->set('login_error_count', $login_error_count);
     }
     //判断用户是否是已经登录状态
     $data = role::get_manager();
     //D($data);
     if ($data['id'] > 0) {
         remind::set(Kohana::lang('o_global.current_status_login'), '/', 'success');
     }
     //验证码KEY
     secoder::$seKey = 'opococ.secoder';
     //错误信息
     $message = remind::get_message();
     if (empty($message)) {
         $error_display = "none";
         $error = "";
     } else {
         $error_display = "";
         $error = $message;
     }
     //登录
     if ($_POST) {
         $username = $this->input->post('username');
         $password = $this->input->post('password');
         $secode = $this->input->post('secode');
         $remember = $this->input->post('remember');
         //验证验证码
         if ($login_error_count > 3 && !secoder::check($secode)) {
             remind::set(Kohana::lang('o_global.code_input_error'), 'login');
         }
         //验证登录
         $manager = role::log_in($username, $password);
         if (isset($manager['username'])) {
             //判断普通账号的状态、权限
             if (!role::is_root($manager['username'])) {
                 if ($manager['active'] != 1) {
                     ulog::login($manager['id'], 1);
                     remind::set(Kohana::lang('o_global.account_was_locked'), 'login');
                 }
                 $actions = role::manager_actions($manager['id'], TRUE);
                 if (count($actions) < 1) {
                     ulog::login($manager['id'], 2);
                     remind::set(Kohana::lang('o_global.account_permission_enough'), 'login');
                 }
             }
             /* 是否记录用户名 */
             if ($remember == 1) {
                 cookie::set('opococ_username', $username);
             } else {
                 cookie::delete('opococ_username');
             }
             //清除记录登录错误记录
             Session::instance()->delete('login_error_count');
             //记入SESSION
             role::set_manager_session($manager);
             //记录日志
             ulog::login($manager['id']);
             if (empty($request_url)) {
                 remind::set(Kohana::lang('o_global.login_success'), '/index', 'success');
             } else {
                 $request_url = url::base() . urldecode($request_url);
                 remind::set(Kohana::lang('o_global.login_success'), $request_url, 'success');
             }
         } else {
             ulog::login();
             $login_error_count++;
             Session::instance()->set('login_error_count', $login_error_count);
             remind::set(Kohana::lang('o_global.user_and_password_error'), 'login');
         }
     }
     /* 浏览器记录的用户名 */
     $username = cookie::get('opococ_username');
     $this->template = new View('login');
     $this->template->login_error_count = $login_error_count;
     $this->template->error = $error;
     $this->template->error_display = $error_display;
     $this->template->username = $username;
     $this->template->render(TRUE);
 }