摘要:在Base.php控制器中进行权限访问控制<?php
namespace app\admins\controller;
use think\Controller;
use Util\SysDb;
class Base extends Controller
{
public function __constr
在Base.php控制器中进行权限访问控制<?php
namespace app\admins\controller;
use think\Controller;
use Util\SysDb;
class Base extends Controller
{
public function __construct()
{
parent::__construct();
$this->_admin = session('admin');
if(!$this->_admin){
header('Location:/index.php/admins/account/login');
exit;
}
$this->assign('admin',$this->_admin);
$this->db = new SysDb;
//判断用户是否有权限
$group = $this->db->table('admin_groups')->where(['gid'=>$this->_admin['gid']])->item();
if(!$group){
$this->request_error('对不起,您没有权限');
}
$rights = json_decode($group['rights']);
//当前访问的菜单
$controller = request()->controller();
$method = request()->action();
$res = $this->db->table('admin_menu')->where(['controller'=>$controller,'method'=>$method])->item();
if(!$res){
$this->request_error('对不起,您访问的功能不存在');
}
if($res['status'] == 1){
$this->request_error('对不起,该功能已禁止使用');
}
if(!in_array($res['mid'], $rights)){
$this->request_error('对不起,您没有权限');
}
}
private function request_error($msg)
{
if(request()->isAjax()){
exit(json_encode(['code'=>1,'msg'=>$msg]));
}
exit($msg);
}
}
批改老师:西门大官人批改时间:2019-03-23 11:29:04
老师总结:代码最好自己写一遍,而不是复制粘贴过来。只有自己写了,才能知道自己在哪地方掌握的不够好