/** * 权限选择 */ public function actionUpdate() { $user_id = $_GET['user_id']; $user_row = AdminUsers::model()->find("user_id = {$user_id}"); if ($_POST) { $UserAttr = $_POST['User']; if (AdminUsers::model()->updateByPk($user_id, array('name' => $UserAttr['name'], 'role' => $UserAttr['role']))) { $this->redirect('?r=desktop/user/update&user_id=' . $user_id . '&save=update&result=success'); } else { $this->redirect('?r=desktop/user/update&user_id=' . $user_id . '&save=update&result=fail'); } } $role_list = AdminGroup::model()->findAll(); $param['save'] = $param['result'] = ''; if (isset($_GET['save'])) { $param['save'] = $_GET['save']; } if (isset($_GET['result'])) { $param['result'] = $_GET['result']; } $model['user_row'] = $user_row; $model['role_list'] = $role_list; $model['param'] = $param; $this->render('update', array('model' => $model)); }
/** * 菜单过滤显示 */ public static function display($append = '') { $groupId = 1; if ($groupId != 1) { $aclModel = AdminGroup::model()->findByPk($groupId); $acl = $aclModel->acl . $append; $aclArr = explode(',', $acl); foreach (self::$aclList as $k => $r) { if (!in_array($r['acl'], $aclArr)) { unset(self::$aclList[$k]); } else { self::$aclList[$k]['url'] = self::_parentRouter($k, $aclArr); foreach ($r['action'] as $kk => $rr) { if (!in_array($rr['acl'], explode(',', $acl))) { unset(self::$aclList[$k]['action'][$kk]); } } } } } return self::$aclList; }
/** * 角色编辑 */ public function actionUpdate() { $role_id = $_GET['role_id']; $role_row = AdminGroup::model()->find('role_id = :role_id', array(':role_id' => $role_id)); $role_list = XAdminiAcl::RoleMenu(); if ($_POST) { $RoleAttr = $_POST['Role']; if (AdminGroup::model()->updateByPk($role_id, array('group_name' => $RoleAttr['group_name'], 'acl' => implode(',', $RoleAttr['acl'])))) { $this->redirect('?r=desktop/role/update&role_id=' . $role_id . '&save=update&result=success'); } else { $this->redirect('?r=desktop/role/update&role_id=' . $role_id . '&save=update&result=fail'); } } $role_row['acl'] = explode(',', $role_row['acl']); $param['save'] = $param['result'] = ''; if (isset($_GET['save'])) { $param['save'] = $_GET['save']; } if (isset($_GET['result'])) { $param['result'] = $_GET['result']; } $this->render('update', array('role_row' => $role_row, 'role_list' => $role_list, 'param' => $param)); }
/** * 后台菜单过滤 * */ public static function filterMenu($append = ',home,home_index') { $session = new XSession(); $admini = $session->get('_admini'); $groupId = $admini['groupId']; if ($groupId != 1) { $aclModel = AdminGroup::model()->findByPk($groupId); $acl = $aclModel->acl . $append; $aclArr = explode(',', $acl); foreach (self::$aclList as $k => $r) { if (!in_array($r['acl'], $aclArr)) { unset(self::$aclList[$k]); } else { self::$aclList[$k]['url'] = self::_parentRouter($k, $aclArr); foreach ($r['action'] as $kk => $rr) { if (!in_array($rr['acl'], explode(',', $acl))) { unset(self::$aclList[$k]['action'][$kk]); } } } } } return self::$aclList; }
public function loadAdminModel($login) { $model = AdminGroup::model()->findByAttributes(array('name' => $login)); if ($model === null) { throw new CHttpException(404, 'The requested page does not exist.'); } return $model; }
/** * 管理员组删除 * * @param $id */ public function actionGroupDelete($id) { parent::_acl(); // ppr($_REQUEST,1); if (!empty($id)) { $id = intval($id); $model = Admin::model()->deleteAll('group_id=:gid', array(':gid' => $id)); //group_id $groupInfo = AdminGroup::model()->findByPk($id); $name = $groupInfo->group_name; $model = AdminGroup::model()->deleteByPk($id); // ppr($groupInfo,1); parent::_backendLogger(array('catalog' => 'delete', 'intro' => '删除用户组 ' . $name . '(' . $id . ') 及该用户组所有用户')); $result = XXcache::get('_adminGroup'); XUtils::message('success', '已删除分类 ' . $name . ' 及该分类所有链接'); } $this->redirect(Yii::app()->request->urlReferrer); }
/** * 权限检测 * 超级用户组跳过检测 * 附加 index_index 后台首页,防止重复验证权限 * @param $action */ protected function _acl($action = false, $params = array('response' => false, 'append' => ',default_index,default_home')) { $actionFormat = empty($action) ? strtolower($this->id . '_' . $this->action->id) : strtolower($action); if (empty($this->_admini['super'])) { $aclDb = AdminGroup::model()->findByPk($this->_admini['groupId']); try { if (!in_array($actionFormat, explode(',', strtolower($aclDb->acl) . $params['append']))) { throw new Exception('当前角色组无权限进行此操作,请联系管理员授权'); } } catch (Exception $e) { if ($params['response'] == 'text') { exit($e->getMessage()); } elseif ($params['response'] == 'json') { $var['state'] = 'error'; $var['message'] = $e->getMessage(); exit(CJSON::encode($var)); } else { $referrer = Yii::app()->request->urlReferrer ? Yii::app()->request->urlReferrer : $this->createUrl('default/home'); if (preg_match("/default\\/index/i", $referrer)) { $referrer = $this->createUrl('default/home'); } $tplVar = array('code' => '访问受限', 'message' => $e->getMessage(), 'redirect' => $params['redirect'] ? $params['redirect'] : $referrer); exit($this->render('/_include/_error', $tplVar)); } } } }
/** * 取用户组列表 * @param $type */ protected function _groupList($type = 'admin') { if ($type == 'admin') { return AdminGroup::model()->findAll(); } else { return FALSE; } }
/** * 会员角色、权限 * * @param $role_id * @return mixed */ private function _UserPermission($role_id) { $role_row = AdminGroup::model()->find('role_id = :role_id', array(':role_id' => $role_id), array('select' => 'group_name,acl')); return $role_row; }