/**
* 通过主键,编辑“权限设置”
* <pre>
* $params = array (
* 'app_name' => array (
* 'mod_name' => array (
* 'ctrl_name' => array (
* 'Power-SELECT', 'Power-INSERT', 'Power-UPDATE', 'Power-DELETE'
* )
* )
* )
* );
* 示例:
* $params = array (
* 'administrator' => array (
* 'system' => array (
* 'site' => array ( '1', '2', '4', '8' ),
* ),
* 'posts' => array (
* 'categories' => array ( '1', '2', '4', '8' ),
* 'modules' => array ( '1', '2', '4', '8' ),
* 'posts' => array ( '1', '2', '4', '8' ),
* ),
* ),
* 'passport' => array (
* 'system' => array (
* 'options' => array ( '1', '2', '4', '8' ),
* 'pictures' => array ( '1', '2', '4', '8' ),
* 'site' => array ( '1', '2', '4', '8' ),
* ),
* 'users' => array (
* 'account' => array ( '1', '2', '4', '8' ),
* 'amcas' => array ( '1', '2', '4', '8' ),
* 'groups' => array ( '1', '2', '4', '8' ),
* 'users' => array ( '1', '2', '4', '8' ),
* ),
* ),
* 'programmer' => array (
* 'builder' => array (
* 'builders' => array ( '1', '2', '4', '8' ),
* 'fields' => array ( '1', '2', '4', '8' ),
* 'groups' => array ( '1', '2', '4', '8' ),
* 'tblnames' => array ( '1', '2', '4', '8' ),
* 'types' => array ( '1', '2', '4', '8' ),
* 'validators' => array ( '1', '2', '4', '8' ),
* ),
* 'system' => array (
* 'site' => array ( '1', '2', '4', '8' ),
* ),
* ),
* );
* </pre>
* @param integer $groupId
* @param array $params
* @return array
*/
public function modifyPermissionByPk($groupId, array $params)
{
if (($groupId = (int) $groupId) <= 0) {
Log::warning(sprintf('Groups group_id "%d" must be greater than 0', $groupId), 0, __METHOD__);
return false;
}
$amcas = Service::getInstance('Amcas', $this->_srvName)->findAllByRecur();
$powerEnum = DataGroups::getPowerEnum();
$data = array();
foreach ($params as $appName => $mods) {
if (!isset($amcas[$appName])) {
Log::warning(sprintf('Groups is unable to find the app name "%s".', $appName), 0, __METHOD__);
return false;
}
if (!is_array($mods)) {
continue;
}
foreach ($mods as $modName => $ctrls) {
if (!isset($amcas[$appName]['rows'][$modName])) {
Log::warning(sprintf('Groups is unable to find the mod name "%s-%s".', $appName, $modName), 0, __METHOD__);
return false;
}
if (!is_array($ctrls)) {
continue;
}
foreach ($ctrls as $ctrlName => $powers) {
if (!isset($amcas[$appName]['rows'][$modName]['rows'][$ctrlName])) {
Log::warning(sprintf('Groups is unable to find the ctrl name "%s-%s-%s".', $appName, $modName, $ctrlName), 0, __METHOD__);
return false;
}
if (!is_array($powers)) {
continue;
}
foreach ($powers as $power) {
$power = (int) $power;
if (!isset($powerEnum[$power])) {
Log::warning(sprintf('Groups is unable to find the power "%s-%s-%s-%d".', $appName, $modName, $ctrlName, $power), 0, __METHOD__);
return false;
}
$data[$appName][$modName][$ctrlName][] = $power;
}
}
}
}
$data = base64_encode(serialize($data));
$rowCount = $this->getDb()->modifyPermissionByPk($groupId, $data);
if ($rowCount > 0) {
$authoriz = new Authoriz();
if (!$authoriz->flush()) {
Log::warning('Groups Authoriz flush roles cache Failed.', 0, __METHOD__);
}
}
return $rowCount;
}
/**
* 获取用户身份授权类
* @param array $groupIds
* @return tfc\auth\Authoriz
*/
public function getAuthoriz($groupIds)
{
$groupIds = (array) $groupIds;
$temp = array();
foreach ($groupIds as $groupId) {
if (($groupId = (int) $groupId) > 0) {
$temp[] = $groupId;
}
}
$groupIds = array_unique($temp);
$authoriz = new Authoriz();
foreach ($groupIds as $groupId) {
$role = new Role($groupId);
if (!$role->fileExists()) {
$permission = $this->_groups->getPermissions($groupId);
if (is_array($permission)) {
foreach ($permission as $appName => $mods) {
if (is_array($mods)) {
foreach ($mods as $modName => $ctrls) {
if (is_array($ctrls)) {
foreach ($ctrls as $ctrlName => $powers) {
if (is_array($powers)) {
foreach ($powers as $powerName) {
$role->allow($appName, $modName, $ctrlName, $powerName);
}
}
}
}
}
}
}
}
$role->writeResources()->loadResources();
}
$authoriz->addRole($role);
}
return $authoriz;
}
