-
设置权限管理
添加权限分类,添加分类时,在没添加一个类别,自动保存权限值,类如图:
2. 设置模块管理
添加好模块后,对每个模块进行权限设置,选择每个模块对应的权限,进行保存,此时用到逻辑与,“与”运算,对应上图计算出改模块的权限值为31,在修改查看选中时,用每个权限的level值与保存好的权限值进行与运算,例:8&31 = 8,来判断显示与否。
<input type="checkbox" name="select" value="{$r.level}" title="{$r.name}" <if condition="(int)($list['permission'])&(int)($r['level'])">checked </if> >
3. 设置用户权限
首先将模块所具有的权限展示出,在将用户所具有的权限显示选中状态。
<foreach name="res" item="r"> <if condition="(int)($v['permission'])&(int)($r['level'])"> <input type="checkbox" value="{$r.level}" title="{$r.name}" <if condition="(int)($v['check'])&(int)($r['level'])">checked</if> > </if> </foreach>
//mid用户id,模块id,用户所具有的权限。
选中保存时,提交代码:
layui.use('form',function(){ var form = layui.form; form.verify({ required: function(value, item){ //value:表单的值、item:表单的DOM对象 if(value == ''){ return '表单不能为空'; } } ,english:[ /^[a-zA-Z]+$/ ,'必须输入英文' ] }); //监听提交 form.on('submit(save)', function(data){ postData = data.field; $('#box .filter').each(function(){ var key = $(this).find('label').attr("data-index"); $(this).find('input:checked').each(function(){ val = $(this).val(); postData[key] |= val; }); }); $.ajax({ url:"/admin.php/Setting/user_auth_save", data:postData, type:"post", success:function(data){ if(data.code){ layer.msg(data.message); window.setTimeout(function(){ window.location.href="/admin.php/Setting/user"; },1000); }else{ layer.msg(data.message); } } }); return false; }); });
,最后所有的逻辑写好后,就是权限判断:
/** * 权限权利 */ public function getUserModel(){ $cache = S(array('type' => 'file', 'prefix' => 'think', 'expire' => 6000)); $mid = $cache->mid; //echo($mid); if(empty($mid)){ return false; } unset($_SESSION['permission']); $up = M('UserPermission'); $model = M('MenuModel'); $auth = M('Auth'); $arr = $up->where("mid = $mid") ->join('wx_menu_model ON wx_menu_model.id = wx_user_permission.modelid' ) ->select(); foreach ($arr as $k=>$v){ $fid = $v['fid']; $userpermission = $v['userpermission']; $data = $model->where("id = $fid")->find(); $arr[$k]['fname'] = $data['title']; $res = $auth->select(); foreach($res as $key => $value){ if($userpermission&(int)($value['level'])){ $arr[$k]['ename'][$key]['operate'] = $value['english']; } } } $arrnew = array(); foreach ($arr as $row) { $key = str_replace('/admin.php/', '', $row['url']); $key = str_replace('/', '-', $key); $key = str_replace('?', '-', $key); $key = str_replace('=', '-', $key); $key = str_replace('-index', '', $key); foreach ($row['ename'] as $k=>$v){ $_SESSION['permission'][strtolower($key)][$k] = $v['operate']; } } } /** * @desc 权限检测 * @param string $permission 当前权限 * @param string $key 权限键值 * @param string $ajax */ public function checkPermission($permission, $key, $ajax = false) { // $this->checkPermission('view', 'company'); //权限检测 $msg = '你没有权限操作,想要更高权限请联系高级管理员'; if (!in_array($permission, $_SESSION['permission'][$key])) { if ($ajax) { $this->ajaxReturn(array('res'=>0, 'msg'=>$msg,'key'=>$key,'per'=>$permission)); } else { $this->error($msg, $_SERVER['HTTP_REFERER']); } } }
在每个模块中调用
$this->checkPermission('view', 'distribute'); //权限检测