123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227 |
- <?php
- namespace KIF\Core;
- use KIF\Verify;
- class PermissionController extends \KIF\Core\BKController {
-
-
- static private $useCompetence = KIF_CREATE;
-
-
- public function requireCompetence($isHalt = true) {
- if (!self::$useCompetence) {
- return true;
- }
-
- if (is_null($isHalt)) {
- $isHalt = true;
- }
-
-
- parent::requireLogin();
-
- if (!self::isCompetence()) {
- if ($isHalt) {
-
- self::no_permission_exit();
- }
-
- return false;
- }
-
- return true;
- }
-
-
- private function isCompetence() {
- if (!self::isLogin()) {
- return false;
- }
-
-
- if (self::isSuperadmin()) {
- return true;
- }
-
-
- $c = Request::getInstance()->param('c');
- $arr_class_path = array_map(function ($tmpV) {
- return lcfirst($tmpV);
- }, explode('_', $c));
-
- $c = implode('_', $arr_class_path);
- $a = Request::getInstance()->param('a');
-
- $requestParams = array(
- 'app_name' => lcfirst(Config::getInstance()->get('Namespace')),
- 'control_name' => $c,
- 'action_name' => $a ? lcfirst($a) : 'default',
- );
-
- $is_cpt = true;
-
-
- $notCompetences = array(
- array('control_name' => 'admin_platform_index'),
- array('control_name' => 'admin_backUser', 'action_name' => 'userList'),
- array('control_name' => 'admin_backUser', 'action_name' => 'CreateUser'),
- array('control_name' => 'admin_backUser', 'action_name' => 'setPermission'),
- array('control_name' => 'admin_backUser', 'action_name' => 'MP'),
- array('control_name' => 'admin_platform_bulletin', 'action_name' => 'ReqCreate'),
- array('control_name' => 'admin_platform_bulletin', 'action_name' => 'PageUp'),
- );
-
- foreach ($notCompetences as $tmpCompetence) {
- if (lcfirst($tmpCompetence['control_name']) != $requestParams['control_name']) {
- continue;
- }
-
- if (!$tmpCompetence['action_name']) {
- $is_cpt = false;
- break;
- }
-
- if (lcfirst($tmpCompetence['action_name']) == $requestParams['action_name']) {
- $is_cpt = false;
- break;
- }
- }
-
- return $is_cpt;
- }
-
-
- public function getsGroupidsByUid($uid) {
- if (!Verify::unsignedInt($uid)) {
- return array();
- }
-
- $groupids = array();
-
- $objDKifUsergroupRelation = new \Cas\Dao\KifUsergroupRelation();
- $groupids = $objDKifUsergroupRelation->getsGroupids($uid);
-
- return $groupids;
- }
-
-
- public function getsCompetencesByGroupids($groupids) {
- if (!$groupids) {
- return array();
- }
-
- $competences = array();
-
- $objDKifUsergroupPermission = new \Cas\Dao\KifUsergroupPermission();
- $competences = $objDKifUsergroupPermission->getsCompetencesByGroupids($groupids);
-
- return $competences;
- }
-
-
- static public function isSuperadmin() {
- if (!self::$useCompetence) {
- return true;
- }
-
- $result = \Cas\Module\Permission::isSuperadmin();
-
- return $result;
- }
-
-
- public function fail_exit_cpt($msg = null) {
- $permission_template_dir = Config::getInstance()->get('App_Path') . DS . 'template_dir';
- $this->tpl = $permission_template_dir . '/admin/permission/prompt_message';
- $this->setOutputs(array(
- 'type' => 'fail',
- 'msg' => $msg,
- 'referer' => Request::referer(),
- 'header_tpl'=> $permission_template_dir . '/header.html',
- 'bottom_tpl'=> $permission_template_dir . '/bottom.html',
- ));
- $this->render();
- exit;
- }
-
-
- public function success_exit_cpt($msg = null) {
- $permission_template_dir = Config::getInstance()->get('App_Path') . DS . 'template_dir';
- $this->tpl = $permission_template_dir . '/admin/permission/prompt_message';
- $this->setOutputs(array(
- 'type' => 'success',
- 'msg' => $msg,
- 'referer' => Request::referer(),
- 'header_tpl'=> $permission_template_dir . '/header.html',
- 'bottom_tpl'=> $permission_template_dir . '/bottom.html',
- ));
- $this->render();
- exit;
- }
-
- public function no_permission_exit() {
- $permission_template_dir = Config::getInstance()->get('App_Path') . DS . 'template_dir';
- $this->tpl = $permission_template_dir . '/admin/permission/prompt_message';
- $this->setOutputs(array(
- 'type' => 'no_permission',
- ));
- $this->render();
- exit;
- }
-
- public function run() {
- if (isset(self::$useCompetence) && self::$useCompetence) {
- $this->requireCompetence();
- }
-
-
- $this->setOutput('backuser', $this->getUser());
-
-
- $IS_ADMIN = false;
- if (self::isSuperadmin()) {
- $IS_ADMIN = true;
- }
- $this->setOutput('IS_ADMIN', $IS_ADMIN);
-
- $action = $this->action;
- $this->$action();
- }
-
- }
|