From 96e52b267a27b568f2dd7110397df1d242931350 Mon Sep 17 00:00:00 2001
From: chenzhi <chenzhi063@qq.com>
Date: Sat, 21 Dec 2019 15:59:34 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=B2=A1=E6=80=BB=E8=A7=88?=
 =?UTF-8?q?=E4=BE=9D=E6=97=A7=E6=98=BE=E7=A4=BA=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controller/AdminController.class.php      | 50 ++++++++++++++++++-
 1 file changed, 48 insertions(+), 2 deletions(-)

diff --git a/Application/Admin/Controller/AdminController.class.php b/Application/Admin/Controller/AdminController.class.php
index 15a92dfd5..d62e3d01a 100644
--- a/Application/Admin/Controller/AdminController.class.php
+++ b/Application/Admin/Controller/AdminController.class.php
@@ -51,9 +51,13 @@ class AdminController extends Controller {
                 if(CONTROLLER_NAME !== "Ajax"){//ajax放行
                     //检测访问权限
                     $rule  = strtolower(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME);
-                    if ( !$this->checkRule($rule,array('in','1,2')) ){
+                    if($rule == "admin/statistics/overview"){//第一级菜单单独判断
+                        
+                        $this->strictCheckRule($rule);
 
-                    if ($rule == "admin/index/index"){
+                    }elseif ( !$this->checkRule($rule,array('in','1,2')) ){
+
+                        if ($rule == "admin/index/index"){
                             //如果首页没有访问权限 自动检测有访问权限的页面然后跳转过去
                             $qx = M("Auth_group")->table("__AUTH_GROUP__ as ag")
                                 ->join("__AUTH_GROUP_ACCESS__ as aga on(ag.id=aga.group_id and aga.uid=".UID.")",'right')
@@ -92,7 +96,49 @@ class AdminController extends Controller {
 
         $this->assign('__MENU__', $this->getMenus());
     }
+    /**
+     * 大菜单存在两个及以上的同方法菜单,需要进行多级菜单确认
+     */
+    protected function strictCheckRule($rule)
+    {
+        $flag =false;
+        $id= 0;
+        $ruleres =  M("auth_rule")->field("id,type")->where("name LIKE '%{$rule}%'")->select();
+        foreach ($ruleres as $k => $v) {
+            $checkRule = $this->checkRule($rule,array('eq',$v['type']));
+            if(!$checkRule){
+                $flag = true;
+            }else{
+                $id = $v['id'];
+            }
+        }
+        
+        if($flag){ //不通过
+            //获取菜单下的
+            $rulearr = explode("/",$rule);
+            $where          =   array();
+            $where['pid']   =   0;
+            $where['hide']  =   0;
+            $where['url'] = array("like",$rulearr[1]."/".$rulearr[2]);
+            $second_id = M('Menu')->where($where)->field('id')->find()['id'];
+            $where2['pid'] = $second_id;
+            $where2['hide'] = 0;
+            $menu = M('Menu')->where($where2)->field('id,url')->order('sort asc')->select();
+            foreach ($menu as $k=>$v) {
+                $to_check_url  = $v['url'];
+                if( stripos($to_check_url,MODULE_NAME)!==0 ){
+                    $trule = MODULE_NAME.'/'.$to_check_url;
+                }else{
+                    $trule = $to_check_url;
+                }
+                if($this->checkRule($trule, AuthRuleModel::RULE_URL,null)){
+                    redirect(U("$trule"));
+                }
+            }
+        }
 
+        # code...
+    }
     /**
      * 权限检测
      * @param string  $rule    检测的规则