实现手动设计的权限管理

This commit is contained in:
augushong
2020-05-14 21:36:07 +08:00
parent ddb72ba623
commit 217120d274
16 changed files with 71 additions and 327 deletions

View File

@@ -31,7 +31,7 @@ class AdminGroup extends Common
public function create()
{
//
$premission_list = AdminPermission::order('app,controller,action')->select();
$premission_list = AdminPermission::order('key')->select();
View::assign('permission_list',$premission_list);
return View::fetch();
@@ -87,7 +87,8 @@ class AdminGroup extends Common
$model_admin_group = AppAdminGroup::find($id);
$premission_list = AdminPermission::order('app,controller,action')->select();
$premission_list = AdminPermission::order('key')->select();
View::assign('permission_list',$premission_list);
View::assign('admin_group',$model_admin_group);

View File

@@ -18,7 +18,7 @@ class AdminPermission extends Common
{
//
$list = AppAdminPermission::order('app,controller,action')->paginate();
$list = AppAdminPermission::order('key')->paginate();
View::assign('list',$list);
@@ -40,14 +40,6 @@ class AdminPermission extends Common
$model_permission = AppAdminPermission::find($id);
if(isset($post_data['url'])){
$url_info = \explode('/',$post_data['url']);
$post_data['app'] = $url_info[0];
$post_data['controller'] = $url_info[1];
$post_data['action'] = $url_info[2];
}
$model_permission->data($post_data);
$model_permission->save();

View File

@@ -31,26 +31,6 @@ class Common extends BaseController{
throw new HttpResponseException(redirect('admin/Login/index'));
}
}
if(!empty($this->adminInfo['group'])){
$current_access_info = [
'app'=>app('http')->getName(),
'controller'=>request()->controller(),
'action'=>request()->action()
];
$model_permission = AdminPermission::where($current_access_info)->find();
if(!empty($model_permission)){
if(!in_array($model_permission->id,$this->adminInfo->group->permissions)){
return $this->error('您没有访问权限');
}
}
}
}
View::assign('admin',$this->adminInfo);

View File

@@ -10,12 +10,16 @@
// +----------------------------------------------------------------------
// 应用公共文件
use app\model\Admin;
use app\model\AdminPermission;
use app\model\SystemConfig;
use think\facade\Cache;
use League\Flysystem\Util\MimeType;
use think\File;
use think\facade\Filesystem;
use app\model\UploadFiles;
use think\facade\Session;
function json_message($data = [], $code = 0, $msg = '')
{
@@ -193,3 +197,46 @@ function array2level($array, $pid = 0, $level = 1)
return $list;
}
function check_permission($key,$admin_id = null)
{
if(is_null($admin_id)){
$admin_id = Session::get('admin_id');
}
if(empty($admin_id)){
return true;
}
if($admin_id == 1){
return true;
}
$model_admin = Admin::cache(60)->find($admin_id);
if(empty($model_admin->getData('group_id'))){
return true;
}
$cache_key = 'permission_'.$key;
$model_permission = Cache::get($cache_key);
if (empty($model_permission)) {
$model_permission = AdminPermission::where('key',$key)->find();
}
if (empty($model_permission)) {
$model_permission = AdminPermission::create([
'key'=>$key
]);
Cache::set($cache_key,$model_permission,60);
}
if(in_array($model_permission->id,$model_admin->group->permissions)){
return true;
}
return false;
}

View File

@@ -35,13 +35,13 @@ class BaseController extends AppBaseController
$this->indexTplMethodCurrentAction = $this->indexTplMethod.Str::studly($this->request->action());
}
public function assign($template, $value)
{
return View::assign($template, $value);
}
}
public function fetch($template = '', $vars = [])
{

View File

@@ -7,25 +7,9 @@ use app\Request;
class PermissionRecord
{
public function handle(Request $request, \Closure $next)
{
public function handle(Request $request, \Closure $next)
{
$current_access_info = [
'app'=>app('http')->getName(),
'controller'=>$request->controller(),
'action'=>$request->action()
];
if(in_array('',$current_access_info)){
return $next($request);
}
$model_permission = AdminPermission::where($current_access_info)->find();
if(empty($model_permission)){
AdminPermission::create($current_access_info);
}
return $next($request);
}
return $next($request);
}
}

View File

@@ -27,7 +27,7 @@ class Admin extends Model
return [];
}
return AdminGroup::where('id',$this->getData('group_id'))->cache(1)->find();
return AdminGroup::where('id',$this->getData('group_id'))->cache(60)->find();
}
}

View File

@@ -19,22 +19,5 @@ class AdminLog extends Model
return $this->belongsTo('Admin','admin_id');
}
public function getUrlAttr()
{
return AdminPermission::where([
'app'=>$this->getData('app'),
'controller'=>$this->getData('controller'),
'action'=>$this->getData('action'),
])->find();
}
public function setParamAttr($value)
{
return json_encode($value,JSON_UNESCAPED_UNICODE);
}
public function getParamAttr($value)
{
return \mb_substr($value,0,30);
}
}

View File

@@ -22,14 +22,5 @@ class AdminPermission extends Model
return $status[intval($value)];
}
public function getNameAttr($value)
{
if(empty($value)){
$value = $this->getData('app').'/'.$this->getData('controller').'/'.$this->getData('action');
}
return $value;
}
}

View File

@@ -34,13 +34,9 @@ class CreateTableAdminPermission extends Migrator
]);
$table->addColumn('name','string',['limit'=>20,'default'=>'0','comment'=>'权限名称']);
$table->addColumn('app','string',['limit'=>50,'comment'=>'应用名']);
$table->addColumn('controller','string',['limit'=>50,'comment'=>'控制器名']);
$table->addColumn('action','string',['limit'=>50,'comment'=>'方法名']);
$table->addColumn('key','string',['limit'=>100,'comment'=>'权限标识']);
$table->addColumn('is_log','integer',['limit'=>1,'default'=>0,'comment'=>'是否把这个访问记录下来']);
$table->addIndex('app');
$table->addIndex('controller');
$table->addIndex('action');
$table->addIndex('key');
$table->addIndex('is_log');
$table->create();
}

View File

@@ -15,234 +15,7 @@ class InitAdminPermission extends Seeder
*/
public function run()
{
$permission_content = '
[
{
"id" : 3,
"name" : "系统设置",
"app" : "admin",
"controller" : "System",
"action" : "index",
"is_log" : 1
},
{
"id" : 9,
"name" : "系统第三方设置",
"app" : "admin",
"controller" : "System",
"action" : "others",
"is_log" : 1
},
{
"id" : 12,
"name" : "登录页面",
"app" : "admin",
"controller" : "Login",
"action" : "index",
"is_log" : 1
},
{
"id" : 13,
"name" : "登录验证",
"app" : "admin",
"controller" : "Login",
"action" : "auth",
"is_log" : 1
},
{
"id" : 18,
"name" : "退出",
"app" : "admin",
"controller" : "Login",
"action" : "logout",
"is_log" : 1
},
{
"id" : 21,
"name" : "系统设置更新",
"app" : "admin",
"controller" : "System",
"action" : "update",
"is_log" : 1
},
{
"id" : 24,
"name" : "管理员权限-删除",
"app" : "admin",
"controller" : "AdminPermission",
"action" : "delete",
"is_log" : 0
},
{
"id" : 25,
"name" : "管理员权限-列表",
"app" : "admin",
"controller" : "AdminPermission",
"action" : "index",
"is_log" : 0
},
{
"id" : 26,
"name" : "后台首页",
"app" : "admin",
"controller" : "Index",
"action" : "index",
"is_log" : 0
},
{
"id" : 27,
"name" : "管理员分组-列表",
"app" : "admin",
"controller" : "AdminGroup",
"action" : "index",
"is_log" : 0
},
{
"id" : 29,
"name" : "文件-列表",
"app" : "admin",
"controller" : "File",
"action" : "index",
"is_log" : 0
},
{
"id" : 30,
"name" : "管理员帐号-列表",
"app" : "admin",
"controller" : "Admin",
"action" : "index",
"is_log" : 1
},
{
"id" : 31,
"name" : "管理员权限-保存编辑",
"app" : "admin",
"controller" : "AdminPermission",
"action" : "update",
"is_log" : 0
},
{
"id" : 32,
"name" : "管理员-编辑(登陆的人自己改自己)",
"app" : "admin",
"controller" : "Admin",
"action" : "edit",
"is_log" : 0
},
{
"id" : 33,
"name" : "管理员日志-列表",
"app" : "admin",
"controller" : "Admin",
"action" : "adminLog",
"is_log" : 0
},
{
"id" : 34,
"name" : "管理员-改密码(自己改自己)",
"app" : "admin",
"controller" : "Admin",
"action" : "password",
"is_log" : 0
},
{
"id" : 35,
"name" : "管理员分组-添加",
"app" : "admin",
"controller" : "AdminGroup",
"action" : "create",
"is_log" : 0
},
{
"id" : 36,
"name" : "管理员分组-保存添加",
"app" : "admin",
"controller" : "AdminGroup",
"action" : "save",
"is_log" : 0
},
{
"id" : 37,
"name" : "管理员分组-删除",
"app" : "admin",
"controller" : "AdminGroup",
"action" : "delete",
"is_log" : 0
},
{
"id" : 38,
"name" : "管理员分组-编辑",
"app" : "admin",
"controller" : "AdminGroup",
"action" : "edit",
"is_log" : 0
},
{
"id" : 39,
"name" : "管理员分组-保存编辑",
"app" : "admin",
"controller" : "AdminGroup",
"action" : "update",
"is_log" : 0
},
{
"id" : 40,
"name" : "管理员-保存更新",
"app" : "admin",
"controller" : "Admin",
"action" : "update",
"is_log" : 0
},
{
"id" : 41,
"name" : "文件-磁盘清空",
"app" : "admin",
"controller" : "File",
"action" : "clear",
"is_log" : 0
},
{
"id" : 42,
"name" : "管理员帐号-添加",
"app" : "admin",
"controller" : "Admin",
"action" : "create",
"is_log" : 0
},
{
"id" : 43,
"name" : "管理员帐号-保存添加",
"app" : "admin",
"controller" : "Admin",
"action" : "save",
"is_log" : 0
},
{
"id" : 45,
"name" : "管理员帐号-编辑",
"app" : "admin",
"controller" : "Admin",
"action" : "editAccount",
"is_log" : 0
},
{
"id" : 46,
"name" : "管理员帐号-删除",
"app" : "admin",
"controller" : "Admin",
"action" : "delete",
"is_log" : 0
},
{
"id" : 47,
"name" : "管理员帐号-保存编辑",
"app" : "admin",
"controller" : "Admin",
"action" : "updateAccount",
"is_log" : 0
}
]
';
$permission_content = '';
$permissions = json_decode($permission_content,true);

View File

@@ -46,7 +46,6 @@
<th>ID</th>
<th>访问地址</th>
<th>访问信息</th>
<th>携带参数</th>
<th>操作管理员</th>
<!-- <th>操作</th> -->
</tr>
@@ -58,17 +57,13 @@
<td>{$vo.id}</td>
<td>
<p>{$vo.url.name}</p>
<p>{$vo.app}/{$vo.controller}/{$vo.action}</p>
<p>{$vo.key}</p>
</td>
<td>
<p>访问时间:{$vo.create_time}</p>
<p>访问IP:{$vo.ip}</p>
</td>
<td>
<div class="layui-btn layui-btn-sm" onclick="layer.open({type:1,area:['400px','600px'],content:JSON.stringify($(this).parents('tr').data('param'))})">查看详情</div>
<br>
{$vo.param}
</td>
<td>
<img src="{$vo.admin.avatar}" alt="" style="width: 50px;">
{$vo.admin_id}/{$vo.admin.nickname}

View File

@@ -45,7 +45,7 @@
<div class="layui-form-label">分组权限</div>
<div class="layui-input-block">
{volist name='permission_list' id='vo'}
<input type="checkbox" name="permissions[]" title="{$vo.name}" value="{$vo.id}" lay-skin="primary" checked>
<input type="checkbox" name="permissions[]" title="{$vo.name}({$vo->getData('key')})" value="{$vo.id}" lay-skin="primary" checked>
{/volist}
</div>
</div>

View File

@@ -50,13 +50,13 @@
<input type="checkbox" name="permissions[]" title="{$vo.name}" value="{$vo.id}" lay-skin="primary" {if condition="in_array($vo.id,$admin_group.permissions)"}checked{/if}>
{else /}
<input type="checkbox" name="permissions[]" title="{$vo.name}({$vo->getData('app')}/{$vo->getData('controller')}/{$vo->getData('action')})" value="{$vo.id}" lay-skin="primary" {if condition="in_array($vo.id,$admin_group.permissions)"}checked{/if}>
<input type="checkbox" name="permissions[]" title="{$vo.name}({$vo->getData('key')})" value="{$vo.id}" lay-skin="primary" {if condition="in_array($vo.id,$admin_group.permissions)"}checked{/if}>
{/if}
{/volist}
</div>
</div>
<div class="layui-form-item">
<button class="layui-btn layui-btn-fluid" type="submit">创建分组</button>
<button class="layui-btn layui-btn-fluid" type="submit">保存分组</button>
</div>
</form>
</div>

View File

@@ -39,7 +39,7 @@
<tr>
<th>ID</th>
<th>权限名称</th>
<th>权限URL</th>
<th>权限标识</th>
<th>操作</th>
</tr>
</thead>
@@ -53,9 +53,9 @@
<div class="layui-btn layui-btn-sm set-name" data-name="{$vo.name}">设置</div>
</td>
<td>
<span>{$vo.app}/{$vo.controller}/{$vo.action}</span>
<span>{$vo.key}</span>
<div class="layui-btn layui-btn-sm set-url"
data-url="{$vo.app}/{$vo.controller}/{$vo.action}">设置</div>
data-url="{$vo.key}">设置</div>
</td>
<td>
<div class="layui-btn-container">

View File

@@ -4,7 +4,9 @@
<ul class="layui-nav layui-layout-left layui-hide-xs pc-nav-container">
<li class="layui-nav-item header-nav-item" data-name="Index" ><a href="{:url('admin/Index/index')}">首页</a></li>
<li class="layui-nav-item header-nav-item" data-name="User" ><a href="{:url('admin/User/index')}">用户管理</a></li>
{if check_permission('file_list') }
<li class="layui-nav-item header-nav-item" data-name="File" ><a href="{:url('admin/File/index')}">文件管理</a></li>
{/if}
<li class="layui-nav-item header-nav-item" data-name="Post-1" ><a href="{:url('admin/Post/index')}">内容管理</a></li>
{if get_system_config('index_tpl_name') == 'easy_blue_' }
<li class="layui-nav-item header-nav-item" data-name="Post-2" ><a href="{:url('admin/Post/index',['type'=>2])}">官网文章管理</a></li>