示例#1
0
 public function actionUpdate($uid)
 {
     $user = User::findOne($uid);
     if (empty($user)) {
         throw new HttpException(404, '用户不存在!');
     }
     if ($this->user->rid > 1 && $user->rid == 2) {
         throw new MethodNotAllowedHttpException('权限不够!');
     }
     UserPermission::deleteAll(['uid' => $uid]);
     if (isset($_POST['pmenus'])) {
         $pmenus = $_POST['pmenus'];
         foreach ($pmenus as $pmenu) {
             $userPermission = new UserPermission();
             $userPermission->uid = $uid;
             $userPermission->mid = $pmenu;
             $userPermission->save();
         }
     }
     $this->redirect('/user/index');
 }
示例#2
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!\Auth::check()) {
         return redirect('/login');
     } else {
         $namespace = $request->segment(2);
         $hasPermissions = UserPermission::join('packages', 'user_permissions.package_id', '=', 'packages.id')->where('user_id', \Auth::id())->where('namespace', $namespace)->get();
         if ($hasPermissions->isEmpty()) {
             return response('Access Denied.', 401);
         }
     }
     return $next($request);
 }
示例#3
0
 /**
  * Run the database seeds.
  *
  * @return void
  */
 public function run()
 {
     \App\Models\UserPermission::create(['group_id' => 1, 'permission' => '*']);
     \App\Models\UserPermission::create(['group_id' => 2, 'permission' => '*']);
     \App\Models\UserPermission::create(['group_id' => 3, 'permission' => 'view_appointments']);
     \App\Models\UserPermission::create(['group_id' => 3, 'permission' => 'update_appointments']);
     \App\Models\UserPermission::create(['group_id' => 3, 'permission' => 'create_appointments']);
     \App\Models\UserPermission::create(['group_id' => 3, 'permission' => 'view_doctors']);
     \App\Models\UserPermission::create(['group_id' => 3, 'permission' => 'create_doctors']);
     \App\Models\UserPermission::create(['group_id' => 3, 'permission' => 'create_doctors']);
     \App\Models\UserPermission::create(['group_id' => 5, 'permission' => 'create_appointments']);
     \App\Models\UserPermission::create(['group_id' => 5, 'permission' => 'view_appointments']);
     \App\Models\UserPermission::create(['group_id' => 5, 'permission' => 'cancel_appointments']);
     \App\Models\UserPermission::create(['group_id' => 5, 'permission' => 'reschedule_appointments']);
 }
示例#4
0
 /**
  * Initializes the controller
  */
 public function init()
 {
     $this->user = Yii::$app->session->get('user');
     if ($this->user == null && !Yii::$app->user->isGuest) {
         Yii::$app->user->logout();
         $this->redirect('/');
     }
     if (Yii::$app->user->isGuest) {
         $order = ['label' => '提交订单', 'url' => ['/order/guest-create']];
         array_push($this->menu, $order);
         $login = ['label' => '登录', 'url' => ['/site/login']];
         array_push($this->menu, $login);
         return;
     }
     //init user permissions
     $userPermissions = UserPermission::find()->where('uid = :uid', [':uid' => $this->user->id])->all();
     foreach ($userPermissions as $userPermission) {
         $this->permissions[$userPermission->mid] = $userPermission->mid;
     }
     //init menu
     $index = ['label' => '首页', 'url' => ['/site/index']];
     array_push($this->menu, $index);
     $menus = Menu::find()->orderBy('sortNum desc')->all();
     if ($menus) {
         foreach ($menus as $menu) {
             if (!$this->checkMenuPermission($menu->id)) {
                 continue;
             }
             if ($menu->pid != 0) {
                 continue;
             }
             $item_menus = array();
             foreach ($menus as $row) {
                 if (!$this->checkMenuPermission($row->id)) {
                     continue;
                 }
                 if ($menu->id == $row->pid) {
                     $item = array('label' => $row->name, 'url' => array($row->url));
                     if (empty($row->url)) {
                         $item = array('label' => $row->name);
                     }
                     array_push($item_menus, $item);
                 }
             }
             $parent_menu = array();
             if (count($item_menus) > 0) {
                 $parent_menu = array('label' => $menu->name, 'items' => $item_menus);
             } else {
                 $parent_menu = array('label' => $menu->name, 'url' => array($menu->url));
                 if (empty($menu->url)) {
                     $parent_menu = array('label' => $menu->name);
                 }
             }
             array_push($this->menu, $parent_menu);
         }
     }
     if (!Yii::$app->user->isGuest) {
         $updatepwd = ['label' => '修改密码', 'url' => ['/user/updatepwd'], 'linkOptions' => ['data-method' => 'post']];
         array_push($this->menu, $updatepwd);
         $logout = ['label' => '退出 (' . Yii::$app->user->identity->username . ')', 'url' => ['/site/logout'], 'linkOptions' => ['data-method' => 'post']];
         array_push($this->menu, $logout);
     }
 }
示例#5
0
 /**
  * Remove the specified resource from storage.
  *
  * @param  int  $id
  * @return \Illuminate\Http\Response
  */
 public function destroy($id)
 {
     $permission = UserPermission::find($id);
     $permission->delete();
     return redirect('/permissions/permissions')->withMessage('<i class="glyphicon glyphicon-ok"></i> This user permission has been deleted');
 }