TP后台权限管理

  • 10,627
//管理员表
CREATE TABLE `qz_admin` (
  `admin_id` smallint(5) unsigned NOT NULL AUTO_INCREMENT COMMENT '用户id',
  `admin_name` varchar(60) NOT NULL DEFAULT '' COMMENT '用户名',
  `email` varchar(60) NOT NULL DEFAULT '' COMMENT 'email',
  `password` varchar(32) NOT NULL DEFAULT '' COMMENT '密码',
  `add_time` int(11) NOT NULL DEFAULT '0' COMMENT '添加时间',
  `last_login` int(11) NOT NULL DEFAULT '0' COMMENT '最后登录时间',
  `last_ip` varchar(15) NOT NULL DEFAULT '' COMMENT '最后登录ip',
  `nav_list` text NOT NULL COMMENT '权限',
  `role_id` smallint(5) DEFAULT NULL COMMENT '角色id',
  PRIMARY KEY (`admin_id`),
  KEY `user_name` (`user_name`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
//角色表
CREATE TABLE `qz_admin_role` (
  `role_id` smallint(6) unsigned NOT NULL AUTO_INCREMENT COMMENT '角色ID',
  `role_name` varchar(30) DEFAULT NULL COMMENT '角色名称',
  `act_list` text COMMENT '权限列表',
  `role_desc` varchar(255) DEFAULT NULL COMMENT '角色描述',
  PRIMARY KEY (`role_id`)
) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;
//功能菜单表
CREATE TABLE `qz_system_menu` (
  `id` smallint(6) unsigned NOT NULL AUTO_INCREMENT,
  `name` varchar(50) DEFAULT NULL COMMENT '权限名字',
  `group` varchar(20) DEFAULT NULL COMMENT '所属分组',
  `right` text COMMENT '权限码(控制器+动作)',
  `is_del` tinyint(1) DEFAULT '0' COMMENT '删除状态 1删除,0正常',
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=18 DEFAULT CHARSET=utf8;
function getMenuList($act_list){
    //根据角色权限过滤菜单
    $menu_list = getAllMenu();
    if($act_list != 'all'){
        $right = M('system_menu')->where("id in ($act_list)")->cache(false)->getField('right',true);
        $role_right = "";
        foreach ($right as $val){
            $role_right .= $val.',';
        }
        $role_right = explode(',', $role_right);
        foreach($menu_list as $k=>$mrr){
            foreach ($mrr['sub_menu'] as $j=>$v){
                if(!in_array($v['control'].'Controller@'.$v['act'], $role_right)){
                    unset($menu_list[$k]['sub_menu'][$j]);//过滤菜单
                }
            }
        }
    }
    return $menu_list;
}
function getAllMenu(){
    return    array(
            'system' => array('name'=>'系统设置','icon'=>'fa-cog','sub_menu'=>array(
                    array('name'=>'网站设置','act'=>'index','control'=>'System'),
                    array('name'=>'友情链接','act'=>'linkList','control'=>'Article'),
                    array('name'=>'自定义导航','act'=>'navigationList','control'=>'System'),
                    array('name'=>'区域管理','act'=>'region','control'=>'Tools'),
                    array('name'=>'权限资源列表','act'=>'right_list','control'=>'System'),
            )),
            'access' => array('name' => '权限管理', 'icon'=>'fa-gears', 'sub_menu' => array(
                    array('name' => '管理员列表', 'act'=>'index', 'control'=>'Admin'),
                    array('name' => '角色管理', 'act'=>'role', 'control'=>'Admin'),
                    array('name' => '供应商管理', 'act'=>'supplier', 'control'=>'Admin'),
                    array('name' => '管理员日志', 'act'=>'log', 'control'=>'Admin'),
            )),
            'member' => array('name'=>'会员管理','icon'=>'fa-user','sub_menu'=>array(
                    array('name'=>'会员列表','act'=>'index','control'=>'User'),
                    array('name'=>'会员等级','act'=>'levelList','control'=>'User'),
            )),
            'article' => array('name' => '文章管理', 'icon'=>'fa-comments', 'sub_menu' => array(
                    array('name' => '文章列表', 'act'=>'articleList', 'control'=>'Article'),
                    array('name' => '文章分类', 'act'=>'categoryList', 'control'=>'Article'),
                    array('name' => '专题列表', 'act'=>'topicList', 'control'=>'Topic'),
            ))
    );
}
//权限验证函数(TP), 入口初始化执行
public function check_priv()
{
    $ctl = CONTROLLER_NAME;
    $act = ACTION_NAME;
    $act_list = session('act_list');
    //无需验证的操作
    $uneed_check = array('login','logout','vertifyHandle','vertify','imageUp','upload','login_task');
    if($ctl == 'Index' || $act_list == 'all'){
        //后台首页控制器无需验证,超级管理员无需验证
        return true;
    }elseif(strpos('ajax',$act) || in_array($act,$uneed_check)){
        //所有ajax请求不需要验证权限
        return true;
    }else{
        $role_right = "";
        $right = M('system_menu')->where("id in ($act_list)")->cache(true)->getField('right',true);
        foreach ($right as $val){
            $role_right .= $val.',';
        }
        $role_right = explode(',', $role_right);
        //检查是否拥有此操作权限
        if(!in_array($ctl.'Controller@'.$act, $role_right)){
            $this->error('您没有操作权限,请联系超级管理员分配权限',U('Admin/Index/index'));
        }
    }
}
//权限分配,给角色添加、修改权限
public function role_info(){
    $role_id = I('get.role_id');
    $tree = $detail = array();
    if($role_id){
        $detail = M('admin_role')->where("role_id=$role_id")->find();
        $detail['act_list'] = explode(',', $detail['act_list']);
        $this->assign('detail',$detail);
    }
    $right = M('system_menu')->order('id')->select();
    foreach ($right as $val){
        if(!empty($detail)){
            $val['enable'] = in_array($val['id'], $detail['act_list']);
        }
        $modules[$val['group']][] = $val;
    }
    //权限组(对应数据表里面的group字段)
    $group = array('system'=>'系统管理','access'=>'权限管理',article'=>'文章管理','member'=>'会员管理');
    $this->assign('group',$group);
    $this->assign('modules',$modules);
    $this->display();
}
//权限分配保存
public function roleSave(){
    $data = I('post.');
    $res = $data['data'];
    $res['act_list'] = is_array($data['right']) ? implode(',', $data['right']) : '';
    if(empty($data['role_id'])){
        $r = D('admin_role')->add($res);
    }else{
        $r = D('admin_role')->where('role_id='.$data['role_id'])->save($res);
    }
    if($r){
        adminLog('管理角色',__ACTION__);
        $this->success("操作成功!",U('Admin/Admin/role_info',array('role_id'=>$data['role_id'])));
    }else{
        $this->success("操作失败!",U('Admin/Admin/role'));
    }
}

 

weinxin
我的微信
这是我的微信扫一扫
开拓者博主
  • 本文由 发表于 2017年11月30日10:54:38
  • 转载请务必保留本文链接:https://www.150643.com/467.html
匿名

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: