|
|
@ -51,9 +51,13 @@ class AdminController extends Controller {
|
|
|
|
if(CONTROLLER_NAME !== "Ajax"){//ajax放行
|
|
|
|
if(CONTROLLER_NAME !== "Ajax"){//ajax放行
|
|
|
|
//检测访问权限
|
|
|
|
//检测访问权限
|
|
|
|
$rule = strtolower(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME);
|
|
|
|
$rule = strtolower(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME);
|
|
|
|
if ( !$this->checkRule($rule,array('in','1,2')) ){
|
|
|
|
if($rule == "admin/statistics/overview"){//第一级菜单单独判断
|
|
|
|
|
|
|
|
|
|
|
|
if ($rule == "admin/index/index"){
|
|
|
|
$this->strictCheckRule($rule);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}elseif ( !$this->checkRule($rule,array('in','1,2')) ){
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($rule == "admin/index/index"){
|
|
|
|
//如果首页没有访问权限 自动检测有访问权限的页面然后跳转过去
|
|
|
|
//如果首页没有访问权限 自动检测有访问权限的页面然后跳转过去
|
|
|
|
$qx = M("Auth_group")->table("__AUTH_GROUP__ as ag")
|
|
|
|
$qx = M("Auth_group")->table("__AUTH_GROUP__ as ag")
|
|
|
|
->join("__AUTH_GROUP_ACCESS__ as aga on(ag.id=aga.group_id and aga.uid=".UID.")",'right')
|
|
|
|
->join("__AUTH_GROUP_ACCESS__ as aga on(ag.id=aga.group_id and aga.uid=".UID.")",'right')
|
|
|
@ -92,7 +96,49 @@ class AdminController extends Controller {
|
|
|
|
|
|
|
|
|
|
|
|
$this->assign('__MENU__', $this->getMenus());
|
|
|
|
$this->assign('__MENU__', $this->getMenus());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
|
|
* 大菜单存在两个及以上的同方法菜单,需要进行多级菜单确认
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
protected function strictCheckRule($rule)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
$flag =false;
|
|
|
|
|
|
|
|
$id= 0;
|
|
|
|
|
|
|
|
$ruleres = M("auth_rule")->field("id,type")->where("name LIKE '%{$rule}%'")->select();
|
|
|
|
|
|
|
|
foreach ($ruleres as $k => $v) {
|
|
|
|
|
|
|
|
$checkRule = $this->checkRule($rule,array('eq',$v['type']));
|
|
|
|
|
|
|
|
if(!$checkRule){
|
|
|
|
|
|
|
|
$flag = true;
|
|
|
|
|
|
|
|
}else{
|
|
|
|
|
|
|
|
$id = $v['id'];
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if($flag){ //不通过
|
|
|
|
|
|
|
|
//获取菜单下的
|
|
|
|
|
|
|
|
$rulearr = explode("/",$rule);
|
|
|
|
|
|
|
|
$where = array();
|
|
|
|
|
|
|
|
$where['pid'] = 0;
|
|
|
|
|
|
|
|
$where['hide'] = 0;
|
|
|
|
|
|
|
|
$where['url'] = array("like",$rulearr[1]."/".$rulearr[2]);
|
|
|
|
|
|
|
|
$second_id = M('Menu')->where($where)->field('id')->find()['id'];
|
|
|
|
|
|
|
|
$where2['pid'] = $second_id;
|
|
|
|
|
|
|
|
$where2['hide'] = 0;
|
|
|
|
|
|
|
|
$menu = M('Menu')->where($where2)->field('id,url')->order('sort asc')->select();
|
|
|
|
|
|
|
|
foreach ($menu as $k=>$v) {
|
|
|
|
|
|
|
|
$to_check_url = $v['url'];
|
|
|
|
|
|
|
|
if( stripos($to_check_url,MODULE_NAME)!==0 ){
|
|
|
|
|
|
|
|
$trule = MODULE_NAME.'/'.$to_check_url;
|
|
|
|
|
|
|
|
}else{
|
|
|
|
|
|
|
|
$trule = $to_check_url;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if($this->checkRule($trule, AuthRuleModel::RULE_URL,null)){
|
|
|
|
|
|
|
|
redirect(U("$trule"));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# code...
|
|
|
|
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* 权限检测
|
|
|
|
* 权限检测
|
|
|
|
* @param string $rule 检测的规则
|
|
|
|
* @param string $rule 检测的规则
|
|
|
|