|
<?php
namespace app\admin\controller;
use think\Controller;
use think\Request;
use app\admin\model\SysMenu as SysMenuModel;
use app\admin\model\SysRole as SysRoleModel;
class Base extends Controller
{
protected $uid;
protected $username;
protected $role_id;
private $sysMenuModel;
public function __construct(Request $request = null)
{
parent::__construct($request);
//判断是否登陆
if (!session('uid') && !session('username') ) {
$this->error('您还没有登录, 请登录', '/admin/login');
}
$this->sysMenuModel = new SysMenuModel();
// 登录用户信息
$this->uid = session('uid');
$this->username = session('username');
$this->role_id = session('role_id');
// //权限检查
if (!$this->checkAuthor($this->role_id)) {
$this->error('你无权限操作');
}
//记录日志
$this->addLog();
//菜单数据
$data_menu = obj_tree($this->getMenu($this->role_id));
//当前活动菜单父id
$controller = $request->controller();
$menu_url = strtolower('admin/'.preg_replace('/(?<=[a-z])([A-Z])/', '_$1', $controller)).'/index';
$active_pid = $this->sysMenuModel->where('url', $menu_url)->value('pid');
// var_dump($active_pid);
// exit;
//当前控制器及方法(转小写)
$controller = strtolower($controller);
$action = strtolower($request->action());
// 模板输出
$this->assign('data_menu', $data_menu);
$this->assign('active_pid', $active_pid);
$this->assign('controller', $controller);
$this->assign('action', $action);
}
/**
* 目录获取
*/
private function getMenu($rid)
{
if ($rid === 1) {
$data = $this->sysMenuModel
->where('type!=2')
->field('id, pid, name, url, type, icon')
->select();
} else {
$sysRoleModel = new SysRoleModel();
$permission_ids = $sysRoleModel->where('id', $rid)->value('permissions');
$data = $this->sysMenuModel
->where('type!=2')
->where('id', 'IN', $permission_ids)
->field('id, pid, name, url, icon')
->select();
}
return $data;
}
/**
* 权限检查
*/
private function checkAuthor($rid)
{
if (!$rid) {
return false;
}
if ($rid==1) {
return true;
}
$c = strtolower(request()->controller());
$a = strtolower(request()->action());
if (preg_match('/^public_/', $a)) {
return true;
}
if ($c == 'index' && $a == 'index') {
return true;
}
$permission_ids = $this->getMenu($rid);
$permissions = $this->sysMenuModel->where('id', 'IN', $permission_ids)->field('id, pid, name, url')->select();
// dump($permissions);
foreach ($permissions as $v) {
if($v->url=='admin/'.$c.'/'.$a) {
return true;
}
}
return false;
}
/**
* 记录日志
*/
private function addLog()
{
$data = array();
$data['querystring'] = request()->query()?'?'.request()->query():'';
$data['m'] = request()->module();
$data['c'] = request()->controller();
$data['a'] = request()->action();
$data['method'] = request()->method();
$data['userid'] = $this->uid;
$data['username'] = $this->username;
$data['ip'] = request()->ip();
$data['time'] = time();
$arr = [];
// $logLevel = 0;
$logLevel = 1;
// $logLevel = 2;
switch ($logLevel) {
case 2:
$arr = array_merge($arr, ['SysUser/index','SysRole/index', 'SysMenu/index']);
case 1:
$arr = array_merge($arr, ['Category/index','Article/index', 'FileManager/index']);
default:
$arr = array_merge($arr, ['Index/index','SysLog/index','SysSet/index']);
break;
}
// dump($arr);
// dump(!in_array($data['c'].'/'.$data['a'], $arr));
// exit;
if (!in_array($data['c'].'/'.$data['a'], $arr)) {
db('sys_log')->insert($data);
}
}
}
|
