mirror of
https://gitee.com/koogua/course-tencent-cloud.git
synced 2025-06-21 03:17:05 +08:00
124 lines
2.9 KiB
PHP
124 lines
2.9 KiB
PHP
<?php
|
|
/**
|
|
* @copyright Copyright (c) 2021 深圳市酷瓜软件有限公司
|
|
* @license https://opensource.org/licenses/GPL-2.0
|
|
* @link https://www.koogua.com
|
|
*/
|
|
|
|
namespace App\Http\Admin\Controllers;
|
|
|
|
use App\Models\Audit as AuditModel;
|
|
use App\Services\Auth\Admin as AdminAuth;
|
|
use App\Traits\Response as ResponseTrait;
|
|
use App\Traits\Security as SecurityTrait;
|
|
use Phalcon\Mvc\Dispatcher;
|
|
|
|
class Controller extends \Phalcon\Mvc\Controller
|
|
{
|
|
|
|
/**
|
|
* @var array
|
|
*/
|
|
protected $authInfo;
|
|
|
|
use ResponseTrait;
|
|
use SecurityTrait;
|
|
|
|
public function beforeExecuteRoute(Dispatcher $dispatcher)
|
|
{
|
|
if ($this->isNotSafeRequest()) {
|
|
$this->checkHttpReferer();
|
|
$this->checkCsrfToken();
|
|
}
|
|
|
|
$this->authInfo = $this->getAuthInfo();
|
|
|
|
if (!$this->authInfo) {
|
|
$dispatcher->forward([
|
|
'controller' => 'public',
|
|
'action' => 'auth',
|
|
]);
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* 管理员忽略权限检查
|
|
*/
|
|
if ($this->authInfo['root'] == 1) {
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* 特例白名单
|
|
*/
|
|
$whitelist = [
|
|
'controllers' => ['public', 'index', 'upload', 'test'],
|
|
'routes' => [],
|
|
];
|
|
|
|
$controller = $dispatcher->getControllerName();
|
|
|
|
/**
|
|
* 特定控制器忽略权限检查
|
|
*/
|
|
if (in_array($controller, $whitelist['controllers'])) {
|
|
return true;
|
|
}
|
|
|
|
$route = $this->router->getMatchedRoute();
|
|
|
|
/**
|
|
* 特定路由忽略权限检查
|
|
*/
|
|
if (in_array($route->getName(), $whitelist['routes'])) {
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* 执行路由权限检查
|
|
*/
|
|
if (!in_array($route->getName(), $this->authInfo['routes'])) {
|
|
$dispatcher->forward([
|
|
'controller' => 'public',
|
|
'action' => 'forbidden',
|
|
]);
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
public function initialize()
|
|
{
|
|
$this->view->setVar('auth_info', $this->authInfo);
|
|
}
|
|
|
|
public function afterExecuteRoute(Dispatcher $dispatcher)
|
|
{
|
|
if ($this->request->isPost()) {
|
|
|
|
$audit = new AuditModel();
|
|
|
|
$audit->user_id = $this->authInfo['id'];
|
|
$audit->user_name = $this->authInfo['name'];
|
|
$audit->user_ip = $this->request->getClientAddress();
|
|
$audit->req_route = $this->router->getMatchedRoute()->getName();
|
|
$audit->req_path = $this->request->getServer('REQUEST_URI');
|
|
$audit->req_data = $this->request->getPost();
|
|
|
|
$audit->create();
|
|
}
|
|
}
|
|
|
|
protected function getAuthInfo()
|
|
{
|
|
/**
|
|
* @var AdminAuth $auth
|
|
*/
|
|
$auth = $this->getDI()->get('auth');
|
|
|
|
return $auth->getAuthInfo();
|
|
}
|
|
|
|
}
|