Merge remote-tracking branch 'origin/release-1.0.0' into release-1.0.0

5 years ago · 2b4c9b6f44
parent dfa5316ef1 624e321b70
commit 2b4c9b6f44
1 changed files with 48 additions and 2 deletions
--- a/Application/Admin/Controller/AdminController.class.php
+++ b/Application/Admin/Controller/AdminController.class.php
@ -51,9 +51,13 @@ class AdminController extends Controller {
                if(CONTROLLER_NAME !== "Ajax"){//ajax放行
                    //检测访问权限
                    $rule  = strtolower(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME);
-                    if ( !$this->checkRule($rule,array('in','1,2')) ){
+                    if($rule == "admin/statistics/overview"){//第一级菜单单独判断
+                        
+                        $this->strictCheckRule($rule);

-                    if ($rule == "admin/index/index"){
+                    }elseif ( !$this->checkRule($rule,array('in','1,2')) ){
+
+                        if ($rule == "admin/index/index"){
                            //如果首页没有访问权限 自动检测有访问权限的页面然后跳转过去
                            $qx = M("Auth_group")->table("__AUTH_GROUP__ as ag")
                                ->join("__AUTH_GROUP_ACCESS__ as aga on(ag.id=aga.group_id and aga.uid=".UID.")",'right')
@ -92,7 +96,49 @@ class AdminController extends Controller {

        $this->assign('__MENU__', $this->getMenus());
    }
+    /**
+     * 大菜单存在两个及以上的同方法菜单,需要进行多级菜单确认
+     */
+    protected function strictCheckRule($rule)
+    {
+        $flag =false;
+        $id= 0;
+        $ruleres =  M("auth_rule")->field("id,type")->where("name LIKE '%{$rule}%'")->select();
+        foreach ($ruleres as $k => $v) {
+            $checkRule = $this->checkRule($rule,array('eq',$v['type']));
+            if(!$checkRule){
+                $flag = true;
+            }else{
+                $id = $v['id'];
+            }
+        }
+        
+        if($flag){ //不通过
+            //获取菜单下的
+            $rulearr = explode("/",$rule);
+            $where          =   array();
+            $where['pid']   =   0;
+            $where['hide']  =   0;
+            $where['url'] = array("like",$rulearr[1]."/".$rulearr[2]);
+            $second_id = M('Menu')->where($where)->field('id')->find()['id'];
+            $where2['pid'] = $second_id;
+            $where2['hide'] = 0;
+            $menu = M('Menu')->where($where2)->field('id,url')->order('sort asc')->select();
+            foreach ($menu as $k=>$v) {
+                $to_check_url  = $v['url'];
+                if( stripos($to_check_url,MODULE_NAME)!==0 ){
+                    $trule = MODULE_NAME.'/'.$to_check_url;
+                }else{
+                    $trule = $to_check_url;
+                }
+                if($this->checkRule($trule, AuthRuleModel::RULE_URL,null)){
+                    redirect(U("$trule"));
+                }
+            }
+        }

+        # code...
+    }
    /**
     * 权限检测
     * @param string  $rule    检测的规则