/**
* 通过主键,编辑“权限设置”
* <pre>
* $params = array (
* 'app_name' => array (
* 'mod_name' => array (
* 'ctrl_name' => array (
* 'Power-SELECT', 'Power-INSERT', 'Power-UPDATE', 'Power-DELETE'
* )
* )
* )
* );
* 示例:
* $params = array (
* 'administrator' => array (
* 'system' => array (
* 'site' => array ( '1', '2', '4', '8' ),
* ),
* 'posts' => array (
* 'categories' => array ( '1', '2', '4', '8' ),
* 'modules' => array ( '1', '2', '4', '8' ),
* 'posts' => array ( '1', '2', '4', '8' ),
* ),
* ),
* 'passport' => array (
* 'system' => array (
* 'options' => array ( '1', '2', '4', '8' ),
* 'pictures' => array ( '1', '2', '4', '8' ),
* 'site' => array ( '1', '2', '4', '8' ),
* ),
* 'users' => array (
* 'account' => array ( '1', '2', '4', '8' ),
* 'amcas' => array ( '1', '2', '4', '8' ),
* 'groups' => array ( '1', '2', '4', '8' ),
* 'users' => array ( '1', '2', '4', '8' ),
* ),
* ),
* 'programmer' => array (
* 'builder' => array (
* 'builders' => array ( '1', '2', '4', '8' ),
* 'fields' => array ( '1', '2', '4', '8' ),
* 'groups' => array ( '1', '2', '4', '8' ),
* 'tblnames' => array ( '1', '2', '4', '8' ),
* 'types' => array ( '1', '2', '4', '8' ),
* 'validators' => array ( '1', '2', '4', '8' ),
* ),
* 'system' => array (
* 'site' => array ( '1', '2', '4', '8' ),
* ),
* ),
* );
* </pre>
* @param integer $groupId
* @param array $params
* @return array
*/
public function modifyPermissionByPk($groupId, array $params)
{
if (($groupId = (int) $groupId) <= 0) {
Log::warning(sprintf('Groups group_id "%d" must be greater than 0', $groupId), 0, __METHOD__);
return false;
}
$amcas = Service::getInstance('Amcas', $this->_srvName)->findAllByRecur();
$powerEnum = DataGroups::getPowerEnum();
$data = array();
foreach ($params as $appName => $mods) {
if (!isset($amcas[$appName])) {
Log::warning(sprintf('Groups is unable to find the app name "%s".', $appName), 0, __METHOD__);
return false;
}
if (!is_array($mods)) {
continue;
}
foreach ($mods as $modName => $ctrls) {
if (!isset($amcas[$appName]['rows'][$modName])) {
Log::warning(sprintf('Groups is unable to find the mod name "%s-%s".', $appName, $modName), 0, __METHOD__);
return false;
}
if (!is_array($ctrls)) {
continue;
}
foreach ($ctrls as $ctrlName => $powers) {
if (!isset($amcas[$appName]['rows'][$modName]['rows'][$ctrlName])) {
Log::warning(sprintf('Groups is unable to find the ctrl name "%s-%s-%s".', $appName, $modName, $ctrlName), 0, __METHOD__);
return false;
}
if (!is_array($powers)) {
continue;
}
foreach ($powers as $power) {
$power = (int) $power;
if (!isset($powerEnum[$power])) {
Log::warning(sprintf('Groups is unable to find the power "%s-%s-%s-%d".', $appName, $modName, $ctrlName, $power), 0, __METHOD__);
return false;
}
$data[$appName][$modName][$ctrlName][] = $power;
}
}
}
}
$data = base64_encode(serialize($data));
$rowCount = $this->getDb()->modifyPermissionByPk($groupId, $data);
if ($rowCount > 0) {
$authoriz = new Authoriz();
if (!$authoriz->flush()) {
Log::warning('Groups Authoriz flush roles cache Failed.', 0, __METHOD__);
}
}
return $rowCount;
}
/**
* 获取所有的事件,并选中有权限的事件
* @param integer $groupId
* @return array
*/
public function getAmcas($groupId)
{
$ret = Model::getInstance('Amcas')->findAllByRecur();
if ($ret['err_no'] !== ErrorNo::SUCCESS_NUM) {
return $ret;
}
// 获取当前组所有的权限(当前权限、父级权限、父父级权限等),并将权限去重
$permissions = $this->getService()->getPermissionByGroupId($groupId);
// 获取父组所有的权限(当前权限、父级权限、父父级权限等),并将权限去重
$parentPermissions = $this->getService()->getPermissions($this->getGroupPidByGroupId($groupId));
$powers = DataGroups::getPowerEnum();
foreach ($ret['data'] as $appName => $apps) {
foreach ($apps['rows'] as $modName => $mods) {
foreach ($mods['rows'] as $ctrlName => $ctrls) {
$ret['data'][$appName]['rows'][$modName]['rows'][$ctrlName]['powers'] = $powers;
if (isset($permissions[$appName][$modName][$ctrlName])) {
$ret['data'][$appName]['rows'][$modName]['rows'][$ctrlName]['checked'] = $permissions[$appName][$modName][$ctrlName];
}
if (isset($parentPermissions[$appName][$modName][$ctrlName])) {
$ret['data'][$appName]['rows'][$modName]['rows'][$ctrlName]['pchecked'] = $parentPermissions[$appName][$modName][$ctrlName];
}
}
}
}
return $ret;
}