app = $app; $this->request = $this->app->request; $this->module = strtolower(app('http')->getName()); $this->controller = strtolower($this->request->controller()); $this->action = strtolower($this->request->action()); $this->uid = 0; $this->did = 0; $this->name = ''; // 控制器初始化 $this->initialize(); } // 初始化 protected function initialize() { // 检测权限 $this->checkLogin(); $this->param = $this->request->param(); } /** *验证用户登录 */ protected function checkLogin() { // 定义一个不需要登录验证的接口白名单 $whitelist = [ // 'business/supplier/sendintention', // 其他不需要登录验证的接口可以继续添加到此数组 ]; // 当前请求的路径 $currentPath = $this->module . '/' . $this->controller . '/' . $this->action; // 检查当前路径是否在白名单中 if (in_array($currentPath, $whitelist)) { return true; } if ($this->controller !== 'login' && $this->controller !== 'captcha') { $session_admin = get_config('app.session_admin'); if (!Session::has($session_admin)) { if ($this->request->isAjax()) { return to_assign(404, '请先登录'); } else { redirect('/home/login/index.html')->send(); exit; } } else { $loginInfo = Session::get($session_admin); $this->uid = $loginInfo['id']; $this->did = $loginInfo['did']; $params = [ 'uid' => $this->uid, 'name' => $loginInfo['name'], 'thumb' => $loginInfo['thumb'], 'module' => $this->module, 'controller' => $this->controller, 'action' => $this->action, 'url' => $this->module . '/' . $this->controller . '/' . $this->action, 'version' => get_system_config('web', 'version') ]; View::assign('params', $params); // 验证用户访问权限 if (($this->module == 'api') || ($this->module == 'home')) { return true; } else { $reg_pwd = Db::name('Admin')->where(['id' => $this->uid])->value('reg_pwd'); if ($reg_pwd !== '') { redirect('/home/user/edit_password.html')->send(); exit; } if (!$this->checkAuth()) { if ($this->request->isAjax()) { return to_assign(202, '你没有权限,请联系管理员或者人事部'); } else { echo '

你没有权限,请联系管理员或者人事部

'; exit; } } } } } } /** * 验证用户访问权限 * @DateTime 2020-12-21 * @param string $controller 当前访问控制器 * @param string $action 当前访问方法 * @return [type] */ protected function checkAuth() { //Cache::delete('RulesSrc' . $uid); $uid = $this->uid; if (!Cache::get('RulesSrc' . $uid) || !Cache::get('RulesSrc0')) { //用户所在权限组及所拥有的权限 // 执行查询 $groups = []; $position_id = Db::name('Admin')->where('id', $uid)->value('position_id'); $groups = Db::name('PositionGroup') ->alias('a') ->join("AdminGroup g", "a.group_id=g.id", 'LEFT') ->where([['a.pid', '=', $position_id], ['g.status', '=', 1]]) ->select() ->toArray(); //保存用户所属用户组设置的所有权限规则id $ids = []; foreach ($groups as $g) { $ids = array_merge($ids, explode(',', trim($g['rules'], ','))); } $ids = array_unique($ids); //读取所有权限规则 $rules_all = Db::name('AdminRule')->field('src')->select()->toArray(); //读取用户组所有权限规则 $rules = Db::name('AdminRule')->where('id', 'in', $ids)->field('src')->select()->toArray(); //循环规则，判断结果。 $auth_list_all = []; $auth_list = []; foreach ($rules_all as $rule_all) { $auth_list_all[] = strtolower($rule_all['src']); } foreach ($rules as $rule) { $auth_list[] = strtolower($rule['src']); } //规则列表结果保存到Cache Cache::tag('adminRules')->set('RulesSrc0', $auth_list_all, 36000); Cache::tag('adminRules')->set('RulesSrc' . $uid, $auth_list, 36000); } else { $auth_list_all = Cache::get('RulesSrc0'); $auth_list = Cache::get('RulesSrc' . $uid); } $pathUrl = $this->module . '/' . $this->controller . '/' . $this->action; // print_r // print_r($auth_list); if (!in_array($pathUrl, $auth_list)) { return false; } else { return true; } } // // 以下为新增，为了使用旧版TP的 success error redirect 跳转 start // /** * 操作成功跳转的快捷方法 * @access protected * @param mixed $msg 提示信息 * @param string $url 跳转的URL地址 * @param mixed $data 返回的数据 * @param integer $wait 跳转等待时间 * @param array $header 发送的Header信息 * @return void */ protected function success($msg = '', string $url = null, $data = '', int $wait = 3, array $header = []) { if (is_null($url) && isset($_SERVER["HTTP_REFERER"])) { $url = $_SERVER["HTTP_REFERER"]; } elseif ($url) { $url = (strpos($url, '://') || 0 === strpos($url, '/')) ? $url : app('route')->buildUrl($url); } $result = [ 'code' => 0, 'msg' => $msg, 'data' => $data, 'url' => $url, 'wait' => $wait, ]; $type = $this->getResponseType(); if ($type == 'html') { $response = view($this->app->config->get('app.dispatch_success_tmpl'), $result); } else if ($type == 'json') { $response = json($result); } throw new HttpResponseException($response); } /** * 操作错误跳转的快捷方法 * @access protected * @param mixed $msg 提示信息 * @param string $url 跳转的URL地址 * @param mixed $data 返回的数据 * @param integer $wait 跳转等待时间 * @param array $header 发送的Header信息 * @return void */ protected function error($msg = '', string $url = null, $data = '', int $wait = 3, array $header = []) { if (is_null($url)) { $url = $this->request->isAjax() ? '' : 'javascript:history.back(-1);'; } elseif ($url) { $url = (strpos($url, '://') || 0 === strpos($url, '/')) ? $url : $this->app->route->buildUrl($url); } $result = [ 'code' => 1, 'msg' => $msg, 'data' => $data, 'url' => $url, 'wait' => $wait, ]; $type = $this->getResponseType(); if ($type == 'html') { $response = view($this->app->config->get('app.dispatch_error_tmpl'), $result); } else if ($type == 'json') { $response = json($result); } throw new HttpResponseException($response); } /** * 获取当前的response 输出类型 * @access protected * @return string */ protected function getResponseType() { return $this->request->isJson() || $this->request->isAjax() ? 'json' : 'html'; } // // 以上为新增，为了使用旧版的 success error redirect 跳转 end // }