public function beforeAction($action) { $route = Yii::$app->requestedRoute; if ($this->identity) { if ($this->identity->is_super) { $allowAccess = true; } else { // 权限验证 $userMenuIdList = []; $groupMenuIdList = []; if ($this->identity->is_user_access) { // 用户权限列表 $userMenuIdList = DpAdminUserMenuRelation::getAllMenuIdArrByUserId($this->identity->user_id); } if ($this->identity->is_group_access) { // 用户组权限列表 $groupMenuIdList = DpAdminGroup::getMenuIdArrByGroupIdArr($this->identity->getGroupIdArr()); } $this->menuIdList = array_merge($userMenuIdList, $groupMenuIdList); $routeWhiteList = ['', 'admin/common/tree', 'admin/common/urls', 'admin/public/logout']; $allowAccess = in_array($route, $routeWhiteList); if (!$allowAccess) { $queryParams = Yii::$app->request->queryParams; $method = Yii::$app->request->method; $urlRule = DpAdminMenuUrl::getUrlRuleByMenuIdArr($this->menuIdList); $allowAccess = !!array_filter($urlRule, function ($item) use($route, $queryParams, $method) { if (strpos($item['route'], '/') === 0) { $ruleRoute = substr($item['route'], 1, strlen($item['route'])); } else { $ruleRoute = $item['route']; } if ($ruleRoute == $route) { // 请求方法验证 if (!in_array($method, StringHelper::explode($item['method'], ',', true, true))) { return false; } if ($item['enable_rule']) { // get参数规则验证 foreach ($queryParams as $qk => $qv) { if (isset($item['rule'][$qk])) { $pattern = '/' . $item['rule'][$qk] . '/'; if (preg_match($pattern, $qv)) { return true; } } } return false; } else { return true; } } return false; }); } } if (!$allowAccess) { // 权限不足 $response = Yii::$app->response; $response->format = Response::FORMAT_JSON; $response->data = ['success' => false, 'msg' => '权限不足', 'code' => 2]; return false; } else { return parent::beforeAction($action); } } else { $routeWhiteList = ['', 'admin/public/login', 'admin/public/logout']; $allowAccess = in_array($route, $routeWhiteList); if (!$allowAccess) { // 未登录 $response = Yii::$app->response; $response->format = Response::FORMAT_JSON; $response->data = ['success' => false, 'msg' => '请先登录系统', 'code' => 1]; return false; } } return parent::beforeAction($action); }
/** * 更新状态 * * @return array */ public function actionUpdateStatus() { $ids = \Yii::$app->request->post('ids'); $status = intval(\Yii::$app->request->post('status')); if ($status != 0) { $status = 1; } foreach (StringHelper::explode($ids, ',', true, true) as $id) { $obj = DpAdminGroup::find()->findByGroupId($id)->one(); if ($obj) { $obj->status = $status; $obj->save(); } } return $this->renderSuccess('状态更新成功'); }
/** * 保存数据 * * @return array */ public function actionSave() { $user_id = \Yii::$app->request->post('user_id'); $menu_ids = \Yii::$app->request->post('menu_ids'); $username = \Yii::$app->request->post('username'); $nickname = \Yii::$app->request->post('nickname'); $source_password = \Yii::$app->request->post('source_password'); $group_ids = (array) \Yii::$app->request->post('group_ids'); $is_group_access = \Yii::$app->request->post('is_group_access'); $is_user_access = \Yii::$app->request->post('is_user_access'); $is_system = \Yii::$app->request->post('is_system'); $note = \Yii::$app->request->post('note'); $status = \Yii::$app->request->post('status'); $groupIdsStr = ''; if ($group_ids) { $groupIdsStr = join(',', array_filter($group_ids, function ($groupId) { return DpAdminGroup::getByGroupId($groupId); })); } $saveData = ['username' => $username, 'nickname' => $nickname, 'source_password' => $source_password, 'group_ids' => $groupIdsStr, 'is_group_access' => $is_group_access, 'is_user_access' => $is_user_access, 'is_system' => $is_system, 'note' => $note, 'status' => $status]; if ($user_id) { $obj = DpAdminUser::find()->where(['user_id' => $user_id])->one(); if (!$obj) { return $this->renderError('保存失败,记录不存在!'); } } else { $obj = new DpAdminUser(); } $obj->setAttributes($saveData); if (!$obj->save()) { foreach ($obj->getErrors() as $error) { foreach ($error as $message) { return ['success' => false, 'msg' => $message]; } } } // 用户关联的菜单权限更新 DpAdminUserMenuRelation::deleteByUserId($obj->user_id); if ($menu_ids) { $menuIdArr = array_filter(StringHelper::explode($menu_ids, ',', true, true), function ($menuId) { return DpAdminMenu::getByMenuId($menuId); }); if ($menuIdArr) { foreach ($menuIdArr as $menuId) { $linkObj = new DpAdminUserMenuRelation(); $linkObj->setAttributes(['user_id' => $obj->user_id, 'menu_id' => $menuId]); $linkObj->save(); } } } return $this->renderSuccess('保存成功'); }
/** * 获取用户组名称 * * @return array */ public function getGroupNames() { $names = []; $groupIdArr = $this->getGroupIdArr(); foreach ($groupIdArr as $groupId) { $group = DpAdminGroup::getByGroupId($groupId); if ($group) { $names[] = $group['name']; } } return $names; }
/** * 保存数据 * * @return array */ public function actionSave() { $menu_id = Yii::$app->request->post('menu_id'); $parent_id = intval(Yii::$app->request->post('parent_id')); $text = Yii::$app->request->post('origin_text'); $title = Yii::$app->request->post('title'); $url = Yii::$app->request->post('url'); $view_package = Yii::$app->request->post('view_package'); $expanded = intval(Yii::$app->request->post('is_expand')); $closable = intval(Yii::$app->request->post('closable')); $is_folder = intval(Yii::$app->request->post('is_folder')); $is_open_url = intval(Yii::$app->request->post('is_open_url')); $is_open_target = intval(Yii::$app->request->post('is_open_target')); $is_every_open = intval(Yii::$app->request->post('is_every_open')); $is_hide = intval(Yii::$app->request->post('is_hide')); $display_order = Yii::$app->request->post('display_order'); $params = Yii::$app->request->post('params'); $note = Yii::$app->request->post('note'); $status = intval(Yii::$app->request->post('status')); if ($parent_id) { if ($parent_id == $menu_id) { return $this->renderError('不能把自己当作父级'); } else { $menu = DpAdminMenu::find()->findByMenuId($parent_id)->asArray()->one(); if (!$menu) { return $this->renderError('父级不存在'); } } } $saveData = ['parent_id' => $parent_id, 'text' => $text, 'title' => $title, 'url' => $url, 'view_package' => $view_package, 'expanded' => $expanded, 'closable' => $closable, 'is_folder' => $is_folder, 'is_open_url' => $is_open_url, 'is_open_target' => $is_open_target, 'is_every_open' => $is_every_open, 'is_hide' => $is_hide, 'display_order' => $display_order, 'params' => $params, 'note' => $note, 'status' => $status]; if ($menu_id) { $obj = DpAdminMenu::find()->findByMenuId($menu_id)->one(); if (!$obj) { return $this->renderError('保存失败,记录不存在!'); } } else { $obj = new DpAdminMenu(); } $obj->setAttributes($saveData); if (!$obj->save()) { foreach ($obj->getErrors() as $error) { foreach ($error as $message) { return ['success' => false, 'msg' => $message]; } } } // 自动给系统用户添加菜单权限 if (!$menu_id) { $users = DpAdminUser::find()->findByIsSystem(1)->asArray()->all(); foreach ($users as $user) { $linkObj = new DpAdminUserMenuRelation(); $linkObj->setAttributes(['user_id' => $user['user_id'], 'menu_id' => $obj->menu_id]); $linkObj->save(); } } // 自动给系统用户组添加菜单权限 if (!$menu_id) { $groups = DpAdminGroup::find()->findByIsSystem(1)->asArray()->all(); foreach ($groups as $group) { $linkObj = new DpAdminGroupMenuRelation(); $linkObj->setAttributes(['group_id' => $group['group_id'], 'menu_id' => $obj->menu_id]); $linkObj->save(); } } return $this->renderSuccess('保存成功'); }