权限修改

8d25bc94 · hujun · c9ab99bc · 8d25bc94 · 8d25bc94
Commit 8d25bc94 authored Mar 13, 2018 by hujun
Hide whitespace changes
Inline Side-by-side

Showing with 50 additions and 29 deletions

Basic.php application/index/extend/Basic.php +22 -21

AAgents.php application/model/AAgents.php +28 -8

No files found.
--- a/application/index/extend/Basic.php
+++ b/application/index/extend/Basic.php
@@ -37,13 +37,20 @@ class Basic extends Controller
    public $lastLoginTime;

    protected $filterVerify = array(
-        "index/login",
-        "index/loginVerify",
+        'index/login',
+        'index/loginVerify',
+        'index/logout',
+        '/'
    );

    /**
     * 基础接口SDK
+     *
+     * Basic constructor.
     * @param Request|null $request
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
     */
    public function __construct(Request $request = null)
    {
@@ -78,24 +85,27 @@ class Basic extends Controller
    public function  userAuth($requestPath){
        $session_menu = Session::get("user_info.menu");
        $session_auth = Session::get("user_info.auth");
-        $rule = 0;
        $auth_id = 0;
+
        //判断当前控制器用户是否拥有进入权限
        foreach ($session_menu as $v){
            //不区分大小写
            if(strcasecmp(trim($v['name_all']),$requestPath)==0){
               $auth_id = $v['id'];
            }
-            foreach ($v['_child'] as $value) {
-               //不区分大小写
-               if(strcasecmp($value['name_all'],$requestPath) == 0){
-                   $auth_id = $value['id'];
-               }
+
+            if (!empty($v['_child'])) {
+                foreach ($v['_child'] as $value) {
+                    //不区分大小写
+                    if(strcasecmp($value['name_all'],$requestPath) == 0){
+                        $auth_id = $value['id'];
+                    }
+                }
            }
        }

        foreach ($session_auth as $v) {
-            if(strcasecmp(trim($v['name']),$requestPath)==0){
+            if(strcasecmp($v['name'],$requestPath) == 0){
                $auth_id = $v['id'];
            }
        }
@@ -104,7 +114,8 @@ class Basic extends Controller
            $is_auth = 0;
        } else {
            $agents = new AAgents();
-            $is_auth = $agents->agentsAuth($auth_id);
+            $is_auth = $agents->agentsAuth($auth_id, Session::get('userId'));
+            $is_auth = empty($is_auth['id']) ? 0:1;
        }

        if (empty($is_auth)) {
@@ -132,6 +143,7 @@ class Basic extends Controller
        if ((time() - $this->lastLoginTime) > 7200) {
            $this->redirect('/index/login');
        }
+        return ;
    }

    /**
@@ -149,17 +161,6 @@ class Basic extends Controller
        return Response::create($result, $type);
    }

-//    /**
-//     * @return Response
-//     * @throws \think\db\exception\DataNotFoundException
-//     * @throws \think\db\exception\ModelNotFoundException
-//     * @throws \think\exception\DbException
-//     */
-//    public function navigation(){
-//        $table=New AuthGroup;
-//        $data=$table->where("pid=1")->select();
-//        return $this->response(200, '', $data);
-//    }

    /**
     * Cors Options 授权处理

--- a/application/model/AAgents.php
+++ b/application/model/AAgents.php
@@ -192,16 +192,13 @@ class AAgents extends BaseModel
     * @throws \think\db\exception\ModelNotFoundException
     * @throws \think\exception\DbException
     */
-    public function verifyUser($field, $join, $params)
+    public function verifyUser($field,$join,$params)
    {
-
-        $r = $this->field($field)
+        return $this->field($field)
            ->alias('a')
-            ->join($join)
+             ->join($join)
            ->where($params)
            ->find();
-        //echo $this->getLastSql();
-        return $r;
    }

    /**
@@ -329,11 +326,14 @@ class AAgents extends BaseModel
        return $data;
    }

-
    /**
     * 批量获取经纪人
+     *
     * @param $params
     * @return false|\PDOStatement|string|\think\Collection
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
     */
    public function getAgentsByStoreId($params)
    {
@@ -345,6 +345,7 @@ class AAgents extends BaseModel
        return $result;
    }

+
    public function getAgentsInfoByAgentId($field, $params)
    {
        $where_ = [];
@@ -361,7 +362,26 @@ class AAgents extends BaseModel
            ->where($where_)
            ->select();
        return $result;
-
+	}
+	
+    /**
+     * 检查是否有权限
+     *
+     * @param $id
+     * @param $agents_id
+     * @return array|false|\PDOStatement|string|\think\Model
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
+     */
+    public function agentsAuth($id, $agents_id) {
+        return $this->alias('a')
+            ->field('b.id')
+            ->join('auth_group b','a.auth_group_id=b.id','left')
+            ->where("FIND_IN_SET({$id},b.rules)")
+            ->where('a.id',$agents_id)
+            ->where('b.status',0)
+            ->find();
    }

    public function searchAgentsByKeyword($field, $params)