diff --git a/app/Http/Admin/Controllers/Controller.php b/app/Http/Admin/Controllers/Controller.php index 2c3bb1f1..b38fabe5 100644 --- a/app/Http/Admin/Controllers/Controller.php +++ b/app/Http/Admin/Controllers/Controller.php @@ -14,24 +14,13 @@ class Controller extends \Phalcon\Mvc\Controller /** * @var array */ - protected $authUser; + protected $authInfo; use ResponseTrait; use SecurityTrait; public function beforeExecuteRoute(Dispatcher $dispatcher) { - /** - * demo分支拒绝数据提交 - */ - if ($this->isNotSafeRequest()) { - $dispatcher->forward([ - 'controller' => 'public', - 'action' => 'forbidden', - ]); - return false; - } - if ($this->isNotSafeRequest()) { $this->checkHttpReferer(); $this->checkCsrfToken(); @@ -39,9 +28,9 @@ class Controller extends \Phalcon\Mvc\Controller $this->checkRateLimit(); - $this->authUser = $this->getAuthUser(); + $this->authInfo = $this->getAuthInfo(); - if (!$this->authUser) { + if (!$this->authInfo) { $dispatcher->forward([ 'controller' => 'public', 'action' => 'auth', @@ -49,14 +38,10 @@ class Controller extends \Phalcon\Mvc\Controller return false; } - $controller = $dispatcher->getControllerName(); - - $route = $this->router->getMatchedRoute(); - /** * 管理员忽略权限检查 */ - if ($this->authUser['root'] == 1) { + if ($this->authInfo['root'] == 1) { return true; } @@ -68,6 +53,8 @@ class Controller extends \Phalcon\Mvc\Controller 'routes' => ['admin.package.guiding'], ]; + $controller = $dispatcher->getControllerName(); + /** * 特定控制器忽略权限检查 */ @@ -75,6 +62,8 @@ class Controller extends \Phalcon\Mvc\Controller return true; } + $route = $this->router->getMatchedRoute(); + /** * 特定路由忽略权限检查 */ @@ -85,7 +74,7 @@ class Controller extends \Phalcon\Mvc\Controller /** * 执行路由权限检查 */ - if (!in_array($route->getName(), $this->authUser['routes'])) { + if (!in_array($route->getName(), $this->authInfo['routes'])) { $dispatcher->forward([ 'controller' => 'public', 'action' => 'forbidden', @@ -98,7 +87,7 @@ class Controller extends \Phalcon\Mvc\Controller public function initialize() { - $this->view->setVar('auth_user', $this->authUser); + $this->view->setVar('auth_info', $this->authInfo); } public function afterExecuteRoute(Dispatcher $dispatcher) @@ -107,8 +96,8 @@ class Controller extends \Phalcon\Mvc\Controller $audit = new AuditModel(); - $audit->user_id = $this->authUser['id']; - $audit->user_name = $this->authUser['name']; + $audit->user_id = $this->authInfo['id']; + $audit->user_name = $this->authInfo['name']; $audit->user_ip = $this->request->getClientAddress(); $audit->req_route = $this->router->getMatchedRoute()->getName(); $audit->req_path = $this->request->getServer('REQUEST_URI'); @@ -118,7 +107,7 @@ class Controller extends \Phalcon\Mvc\Controller } } - protected function getAuthUser() + protected function getAuthInfo() { /** * @var AdminAuth $auth diff --git a/app/Http/Admin/Services/AuthMenu.php b/app/Http/Admin/Services/AuthMenu.php index fdee1e61..8abcfdc1 100644 --- a/app/Http/Admin/Services/AuthMenu.php +++ b/app/Http/Admin/Services/AuthMenu.php @@ -8,7 +8,7 @@ use Phalcon\Mvc\User\Component; class AuthMenu extends Component { - protected $authUser; + protected $authInfo; protected $authNodes = []; protected $ownedRoutes = []; protected $owned1stLevelIds = []; @@ -17,10 +17,8 @@ class AuthMenu extends Component public function __construct() { - $this->authUser = $this->getAuthInfo(); - + $this->authInfo = $this->getAuthInfo(); $this->authNodes = $this->getAuthNodes(); - $this->setOwnedLevelIds(); } @@ -29,7 +27,7 @@ class AuthMenu extends Component $menus = []; foreach ($this->authNodes as $node) { - if (($this->authUser['root'] == 1) || in_array($node['id'], $this->owned1stLevelIds)) { + if (($this->authInfo['root'] == 1) || in_array($node['id'], $this->owned1stLevelIds)) { $menus[] = [ 'id' => $node['id'], 'title' => $node['title'], @@ -47,7 +45,7 @@ class AuthMenu extends Component foreach ($this->authNodes as $key => $level) { foreach ($level['children'] as $key2 => $level2) { foreach ($level2['children'] as $key3 => $level3) { - $allowed = ($this->authUser['root'] == 1) || in_array($level3['id'], $this->owned3rdLevelIds); + $allowed = ($this->authInfo['root'] == 1) || in_array($level3['id'], $this->owned3rdLevelIds); $params = $level3['params'] ?? []; if ($level3['type'] == 'menu' && $allowed) { $menus[$key]['id'] = $level['id']; @@ -79,7 +77,7 @@ class AuthMenu extends Component foreach ($routeIdMapping as $key => $value) { $ids = explode('-', $value); - if (in_array($key, $this->authUser['routes'])) { + if (in_array($key, $this->authInfo['routes'])) { $owned1stLevelIds[] = $ids[0]; $owned2ndLevelIds[] = $ids[0] . '-' . $ids[1]; $owned3rdLevelIds[] = $value; diff --git a/app/Http/Admin/Services/Setting.php b/app/Http/Admin/Services/Setting.php index 2a19326b..d8c97936 100644 --- a/app/Http/Admin/Services/Setting.php +++ b/app/Http/Admin/Services/Setting.php @@ -57,16 +57,8 @@ class Setting extends Service $result = []; - /** - * demo分支过滤敏感数据 - */ if ($items->count() > 0) { foreach ($items as $item) { - $case1 = preg_match('/(id|auth|key|secret|password|pwd)$/', $item->item_key); - $case2 = $this->dispatcher->getControllerName() == 'setting'; - if ($case1 && $case2) { - $item->item_value = '***'; - } $result[$item->item_key] = $item->item_value; } } diff --git a/app/Http/Admin/Views/index/index.volt b/app/Http/Admin/Views/index/index.volt index e0973609..0db1db09 100644 --- a/app/Http/Admin/Views/index/index.volt +++ b/app/Http/Admin/Views/index/index.volt @@ -26,7 +26,7 @@