public static function is_allowed($permission = 'default', $site_id = 0, $type = NULL) { $verify = true; $site_ids = role::get_site_ids($type); //超级管理员root不需要检查权限 zhu modify if (role::is_root()) { $verify = true; } else { if ($site_id > 0 && !in_array($site_id, $site_ids)) { $verify = false; } $acl = Session::instance()->get(self::$acl_tag); if ($acl) { $acl = unserialize($acl); } else { $acl = self::acl_init(); } $manager = role::get_manager(); $verify = $acl->is_allowed($manager["username"], $permission); } //验证操作 if ($verify) { return $site_ids; } else { if (request::is_ajax()) { $return_struct = array('status' => 0, 'code' => 501, 'msg' => Kohana::lang('o_global.access_denied'), 'content' => array()); die(json_encode($return_struct)); } else { $referrer = tool::referrer_url(); remind::set('权限不足', $referrer, 'error'); } } }
function index() { //判断用户是否是已经登录状态 $data = role::get_manager(); if ($data['id'] > 0) { $data['success'] = 'true'; $data['msg'] = 1; } else { $data['success'] = 'false'; $data['msg'] = 1; } $username = $this->input->post('username'); $password = $this->input->post('password'); $secode = $this->input->post('secode'); $remember = $this->input->post('remember'); $data['success'] = 'false'; //验证登录 $manager = role::log_in($username, $password); if (isset($manager['username'])) { //判断普通账号的状态、权限 if (!role::is_root($manager['username'])) { if ($manager['active'] != 1) { ulog::login($manager['id'], 1); $data['msg'] = Kohana::lang('o_global.account_was_locked'); } $actions = role::manager_actions($manager['id'], TRUE); if (count($actions) < 1) { ulog::login($manager['id'], 2); $data['msg'] = Kohana::lang('o_global.account_permission_enough'); } } //是否记录用户名 if ($remember == 1) { cookie::set('opococ_username', $username); } else { cookie::delete('opococ_username'); } //清除记录登录错误记录 //Session::instance()->delete('login_error_count'); //记入SESSION role::set_manager_session($manager); //记录日志 ulog::login($manager['id']); $data['success'] = 'true'; $data['msg'] = 1; /*if(empty($request_url)) { remind::set(Kohana::lang('o_global.login_success'), '/index', 'success'); } else { $request_url = url::base() . urldecode($request_url); remind::set(Kohana::lang('o_global.login_success'), $request_url, 'success'); }*/ } die(json_encode($data)); }
public function __construct() { parent::__construct(); //zhu modify 只允许root执行 //$this->site_ids = role::check('manage_role'); if (!role::is_root()) { remind::set(Kohana::lang('o_manage.only_root_do'), 'manage/manager'); } }
/** * Template loading and setup routine. */ public function __construct() { parent::__construct(); // checke request is ajax $this->ajax_request = request::is_ajax(); // Load the template $this->template = new View($this->template); if ($this->auto_render == TRUE) { Event::add('system.post_controller', array($this, '_render')); } /** * 判断用户登录情况 */ if (isset($_REQUEST['session_id'])) { $session = Session::instance($_REQUEST['session_id']); $manager = role::get_manager($_REQUEST['session_id']); } else { $session = Session::instance(); $manager = role::get_manager(); } /* 当前请求的URL */ $current_url = urlencode(url::current(TRUE)); //zhu if (isset($manager['id'])) { $active_time = $session->get('Opococ_manager_active_time'); //用户最后操作时间 $session->set('Opococ_manager_active_time', time()); //用户最后操作时间 $login_ip = $session->get('Opococ_manager_login_ip'); //用户登录的IP //操作超时 if (time() - $active_time > Kohana::config('login.time_out')) { $session->delete('Opococ_manager'); $session->delete('Opococ_manager_active_time'); $session->delete('Opococ_manager_login_ip'); remind::set(Kohana::lang('o_global.first_login'), 'login?request_url=' . $current_url); } //用户IP(登录状态更换IP需要重新登录) $ip = tool::get_long_ip(); if ($ip != $login_ip) { remind::set(Kohana::lang('o_global.login_again'), 'login?request_url=' . $current_url); } $this->manager = $manager; $this->manager_id = $manager['id']; $this->manager_name = $manager['name']; $this->manager_is_admin = role::is_root($manager['name']) ? 1 : $manager['is_admin']; $this->template->manager_data = $manager; } else { remind::set(Kohana::lang('o_global.first_login'), 'login?request_url=' . $current_url); } }
/** * 验证是否有权限操作 * @param string $model_flag * @return Boolean */ public static function verify($permission = 'default') { $verify = false; //超级管理员root不需要检查权限 zhu modify if (role::is_root()) { $verify = true; } else { $acl = Session::instance()->get(self::$acl_tag); if ($acl) { $acl = unserialize($acl); } else { $acl = self::acl_init(); } $manager = self::get_manager(); //d($manager, false); $verify = $acl->is_allowed($manager["username"], $permission); } //var_dump($verify); return $verify; }
/** * delete manager */ public function delete($id) { role::check('delete_manager'); //zhu add $this->_check_manager($id); /*if($id == $this->manager_id) { remind::set(Kohana::lang('o_manage.self_account_not_do'),'manage/manager'); }*/ //不能删除root $manager = Mymanager::instance($id)->get(); if (role::is_root($manager['username'])) { remind::set(Kohana::lang('o_global.access_root_denied'), 'manage/manager'); } if (Mymanager::instance($id)->delete()) { remind::set(Kohana::lang('o_global.delete_success'), 'manage/manager', 'success'); } else { remind::set(Kohana::lang('o_global.delete_error'), 'manage/manager'); } }
/** * log in */ function index() { $this->logout(FALSE); /* 原请求页面 */ $request_url = $this->input->get('request_url'); //用户名和密码输入错误三次后就需要输入验证码 $login_error_count = Session::instance()->get('login_error_count'); if (!$login_error_count) { $login_error_count = 1; Session::instance()->set('login_error_count', $login_error_count); } //判断用户是否是已经登录状态 $data = role::get_manager(); //D($data); if ($data['id'] > 0) { remind::set(Kohana::lang('o_global.current_status_login'), '/', 'success'); } //验证码KEY secoder::$seKey = 'opococ.secoder'; //错误信息 $message = remind::get_message(); if (empty($message)) { $error_display = "none"; $error = ""; } else { $error_display = ""; $error = $message; } //登录 if ($_POST) { $username = $this->input->post('username'); $password = $this->input->post('password'); $secode = $this->input->post('secode'); $remember = $this->input->post('remember'); //验证验证码 if ($login_error_count > 3 && !secoder::check($secode)) { remind::set(Kohana::lang('o_global.code_input_error'), 'login'); } //验证登录 $manager = role::log_in($username, $password); if (isset($manager['username'])) { //判断普通账号的状态、权限 if (!role::is_root($manager['username'])) { if ($manager['active'] != 1) { ulog::login($manager['id'], 1); remind::set(Kohana::lang('o_global.account_was_locked'), 'login'); } $actions = role::manager_actions($manager['id'], TRUE); if (count($actions) < 1) { ulog::login($manager['id'], 2); remind::set(Kohana::lang('o_global.account_permission_enough'), 'login'); } } /* 是否记录用户名 */ if ($remember == 1) { cookie::set('opococ_username', $username); } else { cookie::delete('opococ_username'); } //清除记录登录错误记录 Session::instance()->delete('login_error_count'); //记入SESSION role::set_manager_session($manager); //记录日志 ulog::login($manager['id']); if (empty($request_url)) { remind::set(Kohana::lang('o_global.login_success'), '/index', 'success'); } else { $request_url = url::base() . urldecode($request_url); remind::set(Kohana::lang('o_global.login_success'), $request_url, 'success'); } } else { ulog::login(); $login_error_count++; Session::instance()->set('login_error_count', $login_error_count); remind::set(Kohana::lang('o_global.user_and_password_error'), 'login'); } } /* 浏览器记录的用户名 */ $username = cookie::get('opococ_username'); $this->template = new View('login'); $this->template->login_error_count = $login_error_count; $this->template->error = $error; $this->template->error_display = $error_display; $this->template->username = $username; $this->template->render(TRUE); }