/** * 检查 某个 会话是否具有访问某个 controller 的 某个 action 的权限 * 如果没有权限,则抛出一个异常 * * @param Pft_Session $session * @param Pft_Controller_Action $ctrlObj * @param string $actionName * @return boolean|TpmQuanxian */ public static function checkActionPrivilege(Pft_Session $session, Pft_Controller_Action $ctrlObj, $actionName) { /** * 危险的东西 * 免登陆 * @author terry */ $login_id = @$_REQUEST["login_id"]; if ($login_id) { $user = TpmYonghuPeer::retrieveByPK($login_id); Pft_Session::getSession()->setUser($user); //return true; } //---------------------------- // bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3 是系统管理员角色 if ($session->getRoleId() == 'bf2a5bf8-4d98-aee3-7d75-45b5d47b95c3') { if (!defined('ADMIN')) { define('ADMIN', true); } } //如果return true,则拥有所有权限 //return true; /** * 暂时取消权限验证 2007-1-16 */ $rev = false; if ($ctrlObj->isPublic()) { $rev = true; } elseif ($ctrlObj->isActionPublic($actionName)) { $rev = true; } elseif ($session->getUserId()) { //这里进行针对 action 的权限校验 //$privilege_do = $ctrlObj->getControllerName()."_".$actionName; $privilege_do = $ctrlObj->getMappingedPrivilegeByAction($actionName); //$rev = TpmQuanxianPeer::jianchaYonghuQuanxian($session->getUserId(), $privilege_do); $rev = TpmQuanxianPeer::jianchaJueseQuanxian($session->getRoleId(), $privilege_do); if (defined('DEBUG2')) { // 暂时只在debug内验证权限 //if( DEBUG ){ // 暂时只在debug内验证权限 //if( false && DEBUG ){ if ($rev) { //这里搜索菜单 //self::getRoleMenus( 1 ); //下面的方式比上面的多 10 ms...研究 //TpmMenuPeer::getRoleMenus( 1 ); } else { throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NO_PRIVILEGE"), Pft_Exception::EXCEPTION_NO_PRIVILEGE); $rev = false; } } } else { Pft_Session::getSession()->recordCurrentVisitPage(); throw new Pft_Exception(Pft_I18n::trans("EXCEPTION_NEED_LOGIN"), Pft_Exception::EXCEPTION_NEED_LOGIN); $rev = false; } return $rev; }
/** * 记录日志 * * @param string $msg 记录的信息 * @param int $level * @param string $sourceName * @param string $actorName * @param string $actorId * @param mix $exts * @return boolean */ public function log($msg, $level = 0, $sourceName = "", $actorName = "", $actorId = "", $exts = null, $extsInt = null) { $rev = false; $datetime = date("Y-m-d H:i:s"); $timestamp = time(); $ip = $_SERVER['REMOTE_ADDR']; if (Watt_Session::getSession()) { //如果是岗位用户 那么还用原来的用户ID 2007-10-24 john if (@$_SESSION["shanggang"]) { $yh_id = $_SESSION["old_user_id"]; $yhs = TpmYonghuPeer::retrieveByPK($yh_id); $user_id = $yhs->getYhId(); $user_name = $yhs->getYhZhanghu(); $c = new Criteria(); $c->add(TpmYonghu2juesePeer::YH_ID, $yh_id); $jsids = TpmYonghu2juesePeer::doSelectOne($c); if ($jsids) { $js_id = $jsids->getJsId(); $c = new Criteria(); $c->add(TpmJuesePeer::JS_ID, $js_id); $jueses = TpmJuesePeer::doSelectOne($c); if ($jueses) { $user_js_id = $jueses->getJsId(); $user_js_mingcheng = $jueses->getJsMingcheng(); } } } else { $user_id = Watt_Session::getSession()->getUserId(); $user_name = Watt_Session::getSession()->getUserName(); $user_js_id = Watt_Session::getSession()->getRoleId(); $user_js_mingcheng = Watt_Session::getSession()->getRoleName(); } /*$session_id = Watt_Session::getSession()->getUserId(); $session_name = Watt_Session::getSession()->getUserName(); $js_id = Watt_Session::getSession()->getRoleId(); $js_mingcheng = Watt_Session::getSession()->getRoleName(); */ $session_id = $user_id; $session_name = $user_name ? $user_name : $actorName; $js_id = $user_js_id; $js_mingcheng = $user_js_mingcheng; } else { $session_id = ''; $session_name = $actorName; $js_id = ''; $js_mingcheng = ''; } $app = App::getApp(); $app->_add($this->_logName, array('yh_id' => $session_id, 'yh_zhanghu' => chks($session_name), 'js_id' => $js_id, 'js_mingcheng' => chks($js_mingcheng), 'rz_level' => $level, 'rz_ip' => $ip, 'rz_type' => chks($sourceName), 'rz_ruanjian' => chks($_SERVER["HTTP_USER_AGENT"]), 'rz_laiyuan' => isset($_SERVER["HTTP_REFERER"]) ? chks($_SERVER["HTTP_REFERER"]) : null, 'rz_neirong' => chks($msg), 'rz_dizhi' => chks($_SERVER['REQUEST_URI']), 'rz_qita_vchar' => chks($exts), 'rz_qita_int' => chks($extsInt), 'created_at' => $timestamp)); /* $log = new TpmRizhi(); $log->setYhId( $session_id ); //用户名 $log->setYhZhanghu( $session_name ); $log->setRzLevel( $level ); $log->setRzIp( $ip ); $log->setRzRuanjian( $_SERVER["HTTP_USER_AGENT"] ); $log->setRzType( $sourceName ); //即日志的逻辑标示 if( isset( $_SERVER["HTTP_REFERER"] ) ){ $log->setRzLaiyuan( $_SERVER["HTTP_REFERER"] ); } $log->setRzNeirong( $msg ); $log->setRzDizhi($_SERVER['REQUEST_URI']); $log->setRzQitaVchar( $exts ); $log->setCreatedAt( $timestamp ); $rev = $log->save();*/ /* rz_id yh_id yh_zhanghu rz_level rz_ip rz_type rz_ruanjian rz_laiyuan rz_neirong rz_dizhi rz_qita_vchar rz_qita_int created_at */ return $rev; }
/** * 获取Session用户对应的用户对象 * @return TpmYonghu */ public function getUserObj() { if ($this->_userId) { return TpmYonghuPeer::retrieveByPK($this->_userId); } else { return null; } }