Начало Каталог Помощ
Регистрация Вход
xiaoyu
/
hmsb
1
0
Разклонения 0
Файлове
Клон: master
Клонове Маркери
hmsb
/
application
/
http
/
middleware
/
Auth.php

Auth.php 5.3 KB
Постоянна връзка История Директен файл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149 
  1. <?php
    2. 

  2. 

  3. namespace app\http\middleware;
    4. 

  4. 

  5. use think\Container;
    6. 

  6. use think\facade\Log;
    7. 

  7. use think\Request;
    8. 

  8. use traits\controller\Jump;
    9. 

  9. 

  10. class Auth
    11. 

  11. {
    12. 

  12.     use Jump;
    13. 

  13. 

  14.     private $url_path;
    15. 

  15. 

  16.     public function handle(Request $request, \Closure $next)
    17. 

  17.     {
    18. 

  18.         if(!is_login()){
    19. 

  19.             return redirect(url('admin/index/login'));
    20. 

  20.         }
    21. 

  21.         $this->url_path = strtolower($request->module() . '/' . $request->controller() . '/' . $request->action());
    22. 

  22.         if (!in_array(strtolower($request->url()), array('admin/index/login', 'admin/index/logout', 'admin/index/verify'))) {
    23. 

  23.             // 是否是超级管理员
    24. 

  24.             define('IS_ROOT', is_administrator());
    25. 

  25.             // 检测系统权限
    26. 

  26.             $authstatus = true;
    27. 

  27.             if (!IS_ROOT) {
    28. 

  28.                 $access = $this->accessControl($request);
    29. 

  29.                 if (false === $access) {
    30. 

  30.                     $authstatus = false;
    31. 

  31.                 } elseif (null === $access) {
    32. 

  32.                     $dynamic = $this->checkDynamic(); //检测分类栏目有关的各项动态权限
    33. 

  33.                     if ($dynamic === null) {
    34. 

  34.                         //检测访问权限
    35. 

  35.                         if (!$this->checkRule($this->url_path, '1,2')) {
    36. 

  36.                             $authstatus = false;
    37. 

  37.                         } else {
    38. 

  38.                             // 检测分类及内容有关的各项动态权限
    39. 

  39.                             $dynamic = $this->checkDynamic();
    40. 

  40.                             if (false === $dynamic) {
    41. 

  41.                                 $authstatus = false;
    42. 

  42.                             }
    43. 

  43.                         }
    44. 

  44.                     } elseif ($dynamic === false) {
    45. 

  45.                         $authstatus = false;
    46. 

  46.                     }
    47. 

  47.                 }
    48. 

  48.             }
    49. 

  49.             if(!$authstatus && $request->header('referer') ){
    50. 

  50.                 $this->error('未授权访问!',$request->header('referer'));
    51. 

  51.             }else if(!$authstatus){
    52. 

  52.                 $this->error('未授权访问!','admin/index/login');
    53. 

  53.             }
    54. 

  54.             $this->setMenu($request);
    55. 

  55.         }
    56. 

  56.         return $next($request);
    57. 

  57.     }
    58. 

  58. 

  59.     protected function checkDynamic() {
    60. 

  60.         if (IS_ROOT) {
    61. 

  61.             return true; //管理员允许访问任何页面
    62. 

  62.         }
    63. 

  63.         return null; //不明,需checkRule
    64. 

  64.     }
    65. 

  65. 

  66.     final protected function accessControl(Request $request) {
    67. 

  67.         $allow = config('siteinfo.allow_visit');
    68. 

  68.         $deny = config('siteinfo.deny_visit');
    69. 

  69.         $check = strtolower($request->controller() . '/' . $request->action());
    70. 

  70.         if (!empty($deny) && in_array_case($check, $deny)) {
    71. 

  71.             return false; //非超管禁止访问deny中的方法
    72. 

  72.         }
    73. 

  73.         if (!empty($allow) && in_array_case($check, $allow)) {
    74. 

  74.             return true;
    75. 

  75.         }
    76. 

  76.         return null; //需要检测节点权限
    77. 

  77.     }
    78. 

  78. 

  79.     protected function setMenu(Request $request)
    80. 

  80.     {
    81. 

  81.         $hover_url  = $request->module() . '/' . $request->controller();
    82. 

  82.         $controller = $this->url_path;
    83. 

  83.         $menu       = array(
    84. 

  84.             'main'  => array(),
    85. 

  85.             'child' => array(),
    86. 

  86.         );
    87. 

  87.         $map['pid']  = 0;
    88. 

  88.         $map['hide'] = 0;
    89. 

  89.         $map['type'] = 'admin';
    90. 

  90.         if (!config('siteinfo.develop_mode')) {
    91. 

  91.             // 是否开发者模式
    92. 

  92.             $map['is_dev'] = 0;
    93. 

  93.         }
    94. 

  94.         $row = db('menu')->field('nid,title,url,icon,"" as style')->where($map)->order('sort asc')->select();
    95. 

  95.         foreach ($row as $key => $value) {
    96. 

  96.             //此处用来做权限判断
    97. 

  97.             if (IS_ROOT || $this->checkRule($value['url'], 2, null)) {
    98. 

  98.                 if ($controller == $value['url']) {
    99. 

  99.                     $value['style'] = "active";
    100. 

  100.                 }
    101. 

  101.                 $menu['main'][$value['nid']] = $value;
    102. 

  102.             }
    103. 

  103.         }
    104. 

  104. 

  105.         if(count($menu['main'])<=0){
    106. 

  106.             Container::get('app')['view']->assign('__menu__', $menu);
    107. 

  107.             return false;
    108. 

  108.         }
    109. 

  109. 

  110.             // 查找当前子菜单
    111. 

  111.         $pid = db('menu')->where("pid !=0 AND url like '%{$hover_url}%'")->value('pid');
    112. 

  112.         $id  = db('menu')->where("pid = 0 AND url like '%{$hover_url}%'")->value('nid');
    113. 

  113.         $pid = $pid ? $pid : $id;
    114. 

  114.         if ($pid) {
    115. 

  115.             $map['pid']  = $pid;
    116. 

  116.             $map['hide'] = 0;
    117. 

  117.             $map['type'] = 'admin';
    118. 

  118.             $row = db('menu')->field("nid,title,url,icon,`group`,pid,'' as style")->where($map)->order('sort asc')->select();
    119. 

  119.             foreach ($row as $key => $value) {
    120. 

  120.                 if (IS_ROOT || $this->checkRule($value['url'], 2, null) || 'test') {
    121. 

  121.                     if ($controller == $value['url']) {
    122. 

  122.                         $menu['main'][$value['pid']]['style'] = "active";
    123. 

  123.                         $value['style']                       = "active";
    124. 

  124.                     }
    125. 

  125.                     $menu['child'][] = $value;
    126. 

  126.                 }
    127. 

  127.             }
    128. 

  128.         }
    129. 

  129.         Container::get('app')['view']->assign('__menu__', $menu);
    130. 

  130.     }
    131. 

  131. 

  132.     /**
    133. 

  133.      * 权限检测
    134. 

  134.      * @param string  $rule    检测的规则
    135. 

  135.      * @param string  $mode    check模式
    136. 

  136.      * @return boolean
    137. 

  137.      * @author 朱亚杰  <xcoolcc@gmail.com>
    138. 

  138.      */
    139. 

  139.     final protected function checkRule($rule, $type = 1, $mode = 'url') {
    140. 

  140.         static $Auth = null;
    141. 

  141.         if (!$Auth) {
    142. 

  142.             $Auth = new \author\Auth();
    143. 

  143.         }
    144. 

  144.         if (!$Auth->check($rule, session('user_auth.sid'), $type, $mode)) {
    145. 

  145.             return false;
    146. 

  146.         }
    147. 

  147.         return true;
    148. 

  148.     }
    149. 

  149. }
    150.