权限验证

920f26da · hujun · hujun · 43610d17 · 920f26da · 920f26da
Commit 920f26da authored Mar 12, 2018 by hujun Committed by hujun Mar 13, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 79 additions and 124 deletions

Login.php application/index/controller/Login.php +2 -0

Basic.php application/index/extend/Basic.php +55 -123

AAgents.php application/model/AAgents.php +22 -1

No files found.
--- a/application/index/controller/Login.php
+++ b/application/index/controller/Login.php
@@ -81,6 +81,7 @@ class Login extends Basic
            foreach ($nav as $k=>$v) {
                if ($v['is_menu'] == 1) {
                    $menu_data[$k]['id']    = $v['id'];
+                    $menu_data[$k]['name_all'] = $v['name'];
                    $v['name'] = explode('/',$v['name']);
                    $menu_data[$k]['name']  = $v['name'][1];
                    $menu_data[$k]['title'] = $v['title'];
@@ -101,6 +102,7 @@ class Login extends Basic
        Session::set("userName",$list["name"]);
        Session::set("userId",$list["id"]);
        Session::set("lastLoginTime",time());
+        Session::set("user_info",$list);
        $this->operating_records($list["id"],1,'后台登陆'); //记录操作日志
        if($this->request->isAjax()) {
            return $this->response('200', '登录成功', $list);

--- a/application/index/extend/Basic.php
+++ b/application/index/extend/Basic.php
@@ -9,9 +9,11 @@ namespace app\index\extend;
 * Time: 9:35
 * 基类
 */
+use app\model\AAgents;
 use app\model\AuthGroup;
 use app\model\GOperatingRecords;
 use think\Controller;
+use think\Db;
 use think\Request;
 use think\Response;
 use think\Session;
@@ -58,40 +60,62 @@ class Basic extends Controller

        $requestPath = $this->request->routeInfo()["rule"][0] . "/" . $this->request->routeInfo()["rule"][1];

-        if (!in_array(trim($requestPath), $this->filterVerify)) {
+        if (!in_array($requestPath, $this->filterVerify)) {
            $this->userVerify();
+            $this->userAuth($requestPath);
        }
-
-        $this->userAuth($requestPath);
    }

    /**
     * 权限判定
     *
     * @param $requestPath
-     * @return Response
+     * @return bool
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
     */
    public function  userAuth($requestPath){
-        $session = Session::get("user_info.nav");
-        $rule    = 0;
+        $session_menu = Session::get("user_info.menu");
+        $session_auth = Session::get("user_info.auth");
+        $rule = 0;
+        $auth_id = 0;
        //判断当前控制器用户是否拥有进入权限
-        foreach ($session as $v){
-           //不区分大小写
-           if(strcasecmp(trim($v['name']),$requestPath)==0){
-               $rule = $v;
-           }
+        foreach ($session_menu as $v){
+            //不区分大小写
+            if(strcasecmp(trim($v['name_all']),$requestPath)==0){
+               $auth_id = $v['id'];
+            }
+            foreach ($v['_child'] as $value) {
+               //不区分大小写
+               if(strcasecmp($value['name_all'],$requestPath) == 0){
+                   $auth_id = $value['id'];
+               }
+            }
        }
-        if($rule == '0'){
-           if($this->request->isAjax()){
-                return  $this->response('300','没有权限');
-           }else{
-              // $this->error('没有当前页面权限');
-           }
-        }else{
-           Session::set("userRule", $rule);
+
+        foreach ($session_auth as $v) {
+            if(strcasecmp(trim($v['name']),$requestPath)==0){
+                $auth_id = $v['id'];
+            }
        }

-        return ;
+        if($auth_id == '0'){
+            $is_auth = 0;
+        } else {
+            $agents = new AAgents();
+            $is_auth = $agents->agentsAuth($auth_id);
+        }
+
+        if (empty($is_auth)) {
+            if($this->request->isAjax()){
+                echo json_encode(array( "code" => "300", "msg" => "没有权限！", "data" => [], "type" => "json" ));exit;
+            } else {
+                $this->error('没有当前页面权限');exit;
+            }
+        }
+
+        return true;
    }

    /**
@@ -125,17 +149,17 @@ class Basic extends Controller
        return Response::create($result, $type);
    }

-    /**
-     * @return Response
-     * @throws \think\db\exception\DataNotFoundException
-     * @throws \think\db\exception\ModelNotFoundException
-     * @throws \think\exception\DbException
-     */
-    public function navigation(){
-        $table=New AuthGroup;
-        $data=$table->where("pid=1")->select();
-        return $this->response(200, '', $data);
-    }
+//    /**
+//     * @return Response
+//     * @throws \think\db\exception\DataNotFoundException
+//     * @throws \think\db\exception\ModelNotFoundException
+//     * @throws \think\exception\DbException
+//     */
+//    public function navigation(){
+//        $table=New AuthGroup;
+//        $data=$table->where("pid=1")->select();
+//        return $this->response(200, '', $data);
+//    }

    /**
     * Cors Options 授权处理
@@ -171,98 +195,6 @@ class Basic extends Controller
        ];
    }

-    /**
-     * 设置一条或者多条数据的状态
-     *
-     * 严格模式要求处理的纪录的uid等于当前登陆用户UID
-     * @param $model
-     * @param bool $script
-     */
-    public function setStatus($model = CONTROLLER_NAME, $script = false) {
-        $ids = $this->request->param('ids/a');
-        $status = $this->request->param('status');
-        if (empty($ids)) {
-            $this->error('请选择要操作的数据');
-        }
-        $model_primary_key = model($model)->getPk();
-        $map[$model_primary_key] = ['in',$ids];
-        if ($script) {
-            $map['uid'] = ['eq', is_login()];
-        }
-        switch ($status) {
-            case 'forbid' :  // 禁用条目
-                $data = ['status' => 0];
-                $this->editRow(
-                    $model,
-                    $data,
-                    $map,
-                    ['success'=>'禁用成功','error'=>'禁用失败']
-                );
-                break;
-            case 'resume' :  // 启用条目
-                $data = ['status' => 1];
-                $map  = array_merge(['status' => 0], $map);
-                $this->editRow(
-                    $model,
-                    $data,
-                    $map,
-                    array('success'=>'启用成功','error'=>'启用失败')
-                );
-                break;
-            case 'hide' :  // 隐藏条目
-                $data = array('status' => 1);
-                $map  = array_merge(array('status' => 2), $map);
-                $this->editRow(
-                    $model,
-                    $data,
-                    $map,
-                    array('success'=>'隐藏成功','error'=>'隐藏失败')
-                );
-                break;
-            case 'show' :  // 显示条目
-                $data = array('status' => 2);
-                $map  = array_merge(array('status' => 1), $map);
-                $this->editRow(
-                   $model,
-                   $data,
-                   $map,
-                   array('success'=>'显示成功','error'=>'显示失败')
-                );
-                break;
-            case 'recycle' :  // 移动至回收站
-                $data['status'] = -1;
-                $this->editRow(
-                    $model,
-                    $data,
-                    $map,
-                    array('success'=>'成功移至回收站','error'=>'删除失败')
-                );
-                break;
-            case 'restore' :  // 从回收站还原
-                $data = array('status' => 1);
-                $map  = array_merge(array('status' => -1), $map);
-                $this->editRow(
-                    $model,
-                    $data,
-                    $map,
-                    array('success'=>'恢复成功','error'=>'恢复失败')
-                );
-                break;
-            case 'delete'  :  // 删除条目
-                action_log(0, is_login(), ['param'=>$this->param],'删除操作');
-                $result = model($model)->where($map)->delete();
-                if ($result) {
-                    $this->success('删除成功，不可恢复！');
-                } else {
-                    $this->error('删除失败');
-                }
-                break;
-            default :
-                $this->error('参数错误');
-                break;
-        }
-    }
-
    /**
     * 记录操作
     *

--- a/application/model/AAgents.php
+++ b/application/model/AAgents.php
@@ -325,11 +325,14 @@ class AAgents extends BaseModel
        return $data;
    }

-
    /**
     * 批量获取经纪人
+     *
     * @param $params
     * @return false|\PDOStatement|string|\think\Collection
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
     */
    public function getAgentsByStoreId($params){
        $result =  Db::table($this->table)
@@ -339,4 +342,21 @@ class AAgents extends BaseModel
        echo Db::table($this->table)->getLastSql();
        return $result;
    }
+
+    /**
+     * 检查是否有权限
+     *
+     * @param $id
+     * @return array|false|\PDOStatement|string|\think\Model
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws \think\exception\DbException
+     */
+    public function agentsAuth($id) {
+        return $this->alias('a')
+            ->field('b.id')
+            ->join('auth_group b','a.auth_group_id=b.id','left')
+            ->where("FIND_IN_SET({$id},b.rules)")
+            ->find();
+    }
 }
\ No newline at end of file