mirror of
https://gitee.com/koogua/course-tencent-cloud.git
synced 2025-06-28 05:11:39 +08:00
后台auth_user->auth_info
This commit is contained in:
xiaochong0302
parent
8f6c3eb3e5
commit
b199368c73
@ -14,24 +14,13 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
protected $authUser;
|
||||
protected $authInfo;
|
||||
|
||||
use ResponseTrait;
|
||||
use SecurityTrait;
|
||||
|
||||
public function beforeExecuteRoute(Dispatcher $dispatcher)
|
||||
{
|
||||
/**
|
||||
* demo分支拒绝数据提交
|
||||
*/
|
||||
if ($this->isNotSafeRequest()) {
|
||||
$dispatcher->forward([
|
||||
'controller' => 'public',
|
||||
'action' => 'forbidden',
|
||||
]);
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($this->isNotSafeRequest()) {
|
||||
$this->checkHttpReferer();
|
||||
$this->checkCsrfToken();
|
||||
@ -39,9 +28,9 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
|
||||
$this->checkRateLimit();
|
||||
|
||||
$this->authUser = $this->getAuthUser();
|
||||
$this->authInfo = $this->getAuthInfo();
|
||||
|
||||
if (!$this->authUser) {
|
||||
if (!$this->authInfo) {
|
||||
$dispatcher->forward([
|
||||
'controller' => 'public',
|
||||
'action' => 'auth',
|
||||
@ -49,14 +38,10 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
return false;
|
||||
}
|
||||
|
||||
$controller = $dispatcher->getControllerName();
|
||||
|
||||
$route = $this->router->getMatchedRoute();
|
||||
|
||||
/**
|
||||
* 管理员忽略权限检查
|
||||
*/
|
||||
if ($this->authUser['root'] == 1) {
|
||||
if ($this->authInfo['root'] == 1) {
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -68,6 +53,8 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
'routes' => ['admin.package.guiding'],
|
||||
];
|
||||
|
||||
$controller = $dispatcher->getControllerName();
|
||||
|
||||
/**
|
||||
* 特定控制器忽略权限检查
|
||||
*/
|
||||
@ -75,6 +62,8 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
return true;
|
||||
}
|
||||
|
||||
$route = $this->router->getMatchedRoute();
|
||||
|
||||
/**
|
||||
* 特定路由忽略权限检查
|
||||
*/
|
||||
@ -85,7 +74,7 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
/**
|
||||
* 执行路由权限检查
|
||||
*/
|
||||
if (!in_array($route->getName(), $this->authUser['routes'])) {
|
||||
if (!in_array($route->getName(), $this->authInfo['routes'])) {
|
||||
$dispatcher->forward([
|
||||
'controller' => 'public',
|
||||
'action' => 'forbidden',
|
||||
@ -98,7 +87,7 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
|
||||
public function initialize()
|
||||
{
|
||||
$this->view->setVar('auth_user', $this->authUser);
|
||||
$this->view->setVar('auth_info', $this->authInfo);
|
||||
}
|
||||
|
||||
public function afterExecuteRoute(Dispatcher $dispatcher)
|
||||
@ -107,8 +96,8 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
|
||||
$audit = new AuditModel();
|
||||
|
||||
$audit->user_id = $this->authUser['id'];
|
||||
$audit->user_name = $this->authUser['name'];
|
||||
$audit->user_id = $this->authInfo['id'];
|
||||
$audit->user_name = $this->authInfo['name'];
|
||||
$audit->user_ip = $this->request->getClientAddress();
|
||||
$audit->req_route = $this->router->getMatchedRoute()->getName();
|
||||
$audit->req_path = $this->request->getServer('REQUEST_URI');
|
||||
@ -118,7 +107,7 @@ class Controller extends \Phalcon\Mvc\Controller
|
||||
}
|
||||
}
|
||||
|
||||
protected function getAuthUser()
|
||||
protected function getAuthInfo()
|
||||
{
|
||||
/**
|
||||
* @var AdminAuth $auth
|
||||
|
||||
@ -8,7 +8,7 @@ use Phalcon\Mvc\User\Component;
|
||||
class AuthMenu extends Component
|
||||
{
|
||||
|
||||
protected $authUser;
|
||||
protected $authInfo;
|
||||
protected $authNodes = [];
|
||||
protected $ownedRoutes = [];
|
||||
protected $owned1stLevelIds = [];
|
||||
@ -17,10 +17,8 @@ class AuthMenu extends Component
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->authUser = $this->getAuthInfo();
|
||||
|
||||
$this->authInfo = $this->getAuthInfo();
|
||||
$this->authNodes = $this->getAuthNodes();
|
||||
|
||||
$this->setOwnedLevelIds();
|
||||
}
|
||||
|
||||
@ -29,7 +27,7 @@ class AuthMenu extends Component
|
||||
$menus = [];
|
||||
|
||||
foreach ($this->authNodes as $node) {
|
||||
if (($this->authUser['root'] == 1) || in_array($node['id'], $this->owned1stLevelIds)) {
|
||||
if (($this->authInfo['root'] == 1) || in_array($node['id'], $this->owned1stLevelIds)) {
|
||||
$menus[] = [
|
||||
'id' => $node['id'],
|
||||
'title' => $node['title'],
|
||||
@ -47,7 +45,7 @@ class AuthMenu extends Component
|
||||
foreach ($this->authNodes as $key => $level) {
|
||||
foreach ($level['children'] as $key2 => $level2) {
|
||||
foreach ($level2['children'] as $key3 => $level3) {
|
||||
$allowed = ($this->authUser['root'] == 1) || in_array($level3['id'], $this->owned3rdLevelIds);
|
||||
$allowed = ($this->authInfo['root'] == 1) || in_array($level3['id'], $this->owned3rdLevelIds);
|
||||
$params = $level3['params'] ?? [];
|
||||
if ($level3['type'] == 'menu' && $allowed) {
|
||||
$menus[$key]['id'] = $level['id'];
|
||||
@ -79,7 +77,7 @@ class AuthMenu extends Component
|
||||
|
||||
foreach ($routeIdMapping as $key => $value) {
|
||||
$ids = explode('-', $value);
|
||||
if (in_array($key, $this->authUser['routes'])) {
|
||||
if (in_array($key, $this->authInfo['routes'])) {
|
||||
$owned1stLevelIds[] = $ids[0];
|
||||
$owned2ndLevelIds[] = $ids[0] . '-' . $ids[1];
|
||||
$owned3rdLevelIds[] = $value;
|
||||
|
||||
@ -57,16 +57,8 @@ class Setting extends Service
|
||||
|
||||
$result = [];
|
||||
|
||||
/**
|
||||
* demo分支过滤敏感数据
|
||||
*/
|
||||
if ($items->count() > 0) {
|
||||
foreach ($items as $item) {
|
||||
$case1 = preg_match('/(id|auth|key|secret|password|pwd)$/', $item->item_key);
|
||||
$case2 = $this->dispatcher->getControllerName() == 'setting';
|
||||
if ($case1 && $case2) {
|
||||
$item->item_value = '***';
|
||||
}
|
||||
$result[$item->item_key] = $item->item_value;
|
||||
}
|
||||
}
|
||||
|
||||
@ -26,7 +26,7 @@
|
||||
</ul>
|
||||
<ul class="layui-nav layui-layout-right">
|
||||
<li class="layui-nav-item">
|
||||
<a href="javascript:">{{ auth_user.name }}</a>
|
||||
<a href="javascript:">{{ auth_info.name }}</a>
|
||||
<dl class="layui-nav-child">
|
||||
<dd><a href="{{ url({'for':'home.uc.profile'}) }}" target="_blank">基本资料</a></dd>
|
||||
<dd><a href="{{ url({'for':'home.uc.account'}) }}" target="_blank">安全设置</a></dd>
|
||||
|
||||
@ -25,7 +25,7 @@
|
||||
<input type="radio" name="edu_role" value="2" title="讲师">
|
||||
</div>
|
||||
</div>
|
||||
{% if auth_user.root == 1 %}
|
||||
{% if auth_info.root == 1 %}
|
||||
<div class="layui-form-item">
|
||||
<label class="layui-form-label">后台角色</label>
|
||||
<div class="layui-input-block">
|
||||
|
||||
@ -33,7 +33,7 @@
|
||||
<input type="radio" name="edu_role" value="2" title="讲师" {% if user.edu_role == 2 %}checked="checked"{% endif %}>
|
||||
</div>
|
||||
</div>
|
||||
{% if auth_user.root == 1 %}
|
||||
{% if auth_info.root == 1 %}
|
||||
<div class="layui-form-item">
|
||||
<label class="layui-form-label">后台角色</label>
|
||||
<div class="layui-input-block">
|
||||
@ -75,7 +75,7 @@
|
||||
</div>
|
||||
</form>
|
||||
|
||||
{% if auth_user.root == 1 %}
|
||||
{% if auth_info.root == 1 %}
|
||||
<form class="layui-form kg-form" method="POST" action="{{ url({'for':'admin.user.update','id':user.id}) }}">
|
||||
<fieldset class="layui-elem-field layui-field-title">
|
||||
<legend>编辑帐号</legend>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user