longfei
/
72crm-11.0-PHP
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
58 Commity
1 Gałąź
Drzewo: 2003b88949
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '2003b88949'
${ noResults }
72crm-11.0-PHP/extend/com/HonrayAuth.php

HonrayAuth.php 6.2KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177 
  1. <?php

  2. // +----------------------------------------------------------------------

  3. // | Author: linchuangbin

  4. // +----------------------------------------------------------------------

  5. namespace com;

  6. 

  7. use think\Db;

  8. 

  9. class HonrayAuth{

  10. 

  11.     //默认配置

  12.     public $_config = array(

  13.         'AUTH_ON'           => true,                        // 认证开关

  14.         'AUTH_TYPE'         => 1,                           // 认证方式,1为实时认证;2为登录认证。

  15.         'AUTH_GROUP'        => 'admin_group',                     // 用户组数据表名

  16.         'AUTH_GROUP_ACCESS' => 'admin_access',                // 用户-用户组关系表

  17.         'AUTH_RULE'         => 'admin_rule',                      // 权限规则表

  18.         'AUTH_USER'         => 'admin_user'                       // 用户信息表

  19.     );

  20. 

  21.     private $auth_key; 

  22. 

  23.     public function __construct($auth_key) {

  24.         $this->auth_key = $auth_key;

  25.         $this->_config['AUTH_GROUP']        = $this->_config['AUTH_GROUP'];

  26.         $this->_config['AUTH_RULE']         = $this->_config['AUTH_RULE'];

  27.         $this->_config['AUTH_USER']         = $this->_config['AUTH_USER'];

  28.         $this->_config['AUTH_GROUP_ACCESS'] = $this->_config['AUTH_GROUP_ACCESS'];

  29.         if (config('AUTH_CONFIG')) {

  30.             //可设置配置项 AUTH_CONFIG, 此配置项为数组。

  31.             $this->_config = array_merge($this->_config, config('AUTH_CONFIG'));

  32.         }

  33.     }

  34. 

  35.     /**

  36.       * 检查权限

  37.       * @param name string|array  需要验证的规则列表,支持逗号分隔的权限规则或索引数组

  38.       * @param uid  int           认证用户的id

  39.       * @return boolean           通过验证返回true;失败返回false

  40.      */

  41.     public function check($name, $uid, $relation = 'or') {

  42.         if (!$this->_config['AUTH_ON'])

  43.             return true;

  44.         $authList = $this->getAuthList($uid); //获取用户需要验证的所有有效规则列表

  45.         if (is_string($name)) {

  46.             $name = strtolower($name);

  47.             if (strpos($name, ',') !== false) {

  48.                 $name = explode(',', $name);

  49.             } else {

  50.                 $name = array($name);

  51.             }

  52.         }

  53. 

  54.         if (is_array($name)) {

  55.            foreach ($name as $k => $v) {

  56.                $name[$k] = strtolower($v);

  57.            }

  58.         }

  59.         $list = array(); //保存验证通过的规则名

  60.         foreach ( $authList as $auth ) {

  61.             if (in_array($auth , $name)){

  62.                 $list[] = $auth ;

  63.             }

  64.         }

  65.         if ($relation == 'or' and !empty($list)) {

  66.             return true;

  67.         }

  68. 

  69.         $diff = array_diff($name, $list);

  70.         if ($relation == 'and' and empty($diff)) {

  71.             return true;

  72.         }

  73.         return false;

  74.     }

  75. 

  76.     /**

  77.      * 根据用户id获取用户组,返回值为数组

  78.      * @param  uid int     用户id

  79.      * @return array       用户所属的用户组 array(

  80.      *     array('uid'=>'用户id','group_id'=>'用户组id','title'=>'用户组名称','rules'=>'用户组拥有的规则id,多个,号隔开'),

  81.      *     ...)   

  82.      */

  83.     public function getGroups($uid) { 

  84.         static $groups = array();

  85.         if (isset($groups[$uid])) return $groups[$uid];

  86.         $userModel = new \app\admin\model\User();

  87.         $user_groups = collection($userModel->get($uid)->groups)->toArray();

  88.         $groups[$uid] = $user_groups ? : array();

  89.         return $groups[$uid];

  90.     }

  91. 

  92.     /**

  93.      * 获得权限列表

  94.      * @param integer $uid  用户id

  95.      */

  96.     protected function getAuthList($uid) {

  97.         $temp = cache('Auth_'.$this->auth_key);

  98.         $authList = $temp['_AUTH_LIST_'];

  99.         if( $this->_config['AUTH_TYPE'] == 2 && isset($authList)){

  100.             return $authList;

  101.         }

  102.         //读取用户所属用户组

  103.         $groups = $this->getGroups($uid);

  104.         $ids = [];//保存用户所属用户组设置的所有权限规则id

  105.         foreach ($groups as $g) {

  106.             $ids = array_merge($ids, explode(',', trim($g['rules'], ',')));

  107.         }

  108. 

  109.         $ids = array_unique($ids);

  110.         if (empty($ids)) {

  111.             return [];

  112.         }

  113. 

  114.         $map = [

  115.             'id' => array('in', $ids),

  116.             'status' => 1,

  117.         ];

  118. 

  119.         //读取用户组所有权限规则

  120.         $rules = Db::name($this->_config['AUTH_RULE'])->where($map)->select();

  121.         foreach ($rules as $k => $v) {

  122.             $rules[$k]['name'] = strtolower($v['name']);

  123.         }

  124.         $tree = new \com\Tree();

  125.         $authList = $tree->list_to_tree($rules, 'id', 'pid', 'child', 0, true, array('pid'));

  126.         $authList = rulesDeal($authList);

  127.         //登录有效时间

  128.         $cacheConfig = config('cache');

  129.         $loginExpire = $cacheConfig['expire'] ? : '3600';         

  130. 

  131.         if ($this->_config['AUTH_TYPE'] == 2) {

  132.             //规则列表结果保存到缓存

  133.             $cache_info = cache('Auth_'.$this->auth_key);

  134.             $cache_info['_AUTH_LIST_'] = $authList;

  135.             cache('Auth_'.$this->auth_key, $cache_info, $loginExpire);

  136.         }

  137.         return $authList; 

  138.     }

  139. 

  140.     /**

  141.      * 更新缓存中auth_list

  142.      * @param  string $type rule的类型

  143.      * @return array        权限菜单

  144.      */

  145.     public function updateCacheAuth(){

  146.         $cache = cache('Auth_'.$this->auth_key);

  147.         $uid = $cache['userInfo']['u_id'];

  148.         $groups = $this->getGroups($uid);

  149.         $ids = array();

  150.         foreach ($groups as $g) {

  151.             $ids = array_merge($ids, explode(',', trim($g['rules'], ',')));

  152.         }

  153.         $ids = array_unique($ids);

  154.         if (empty($ids)) {

  155.             return [];

  156.         }

  157.         $map = [

  158.             'id' => array('in',$ids),

  159.             'status' => 1,

  160.         ];

  161.         //读取用户组所有权限规则

  162.         $rules = Db::name($this->_config['AUTH_RULE'])->where($map)->select();

  163. 

  164.         foreach ($rules as $k => $v) {

  165.             $rules[$k]['name'] = strtolower($v['name']);

  166.         }

  167.         $tree = new \com\Tree();

  168.         $authList = $tree->list_to_tree($rules, 'id', 'pid', 'child', 0, true, array('pid'));

  169.         $authList = rulesDeal($authList);

  170. 

  171.         //规则列表结果保存到缓存

  172.         $cache['_AUTH_LIST_'] = $authList;

  173.         cache('Auth_'.$this->auth_key, $cache, config('LOGIN_SESSION_VALID'));

  174.         return $cache['_AUTH_LIST_'];

  175.     }

  176. }