实现权限访问控制功能

abstract：//base.php<?php namespace app\admin\controller; use think\facade\Session; use app\admin\model\RoleModel; use app\admin\model\MenuModel; use think\Controller; class Base extends Controller{ public

//base.php

<?php namespace app\admin\controller;
use think\facade\Session;
use app\admin\model\RoleModel;
use app\admin\model\MenuModel;
use think\Controller;
class Base extends Controller{
public function __construct(){ parent::__construct(); if(!Session::has('user')){ $this->error('您还未登录,请登录...','Account/login'); } $this->user = Session::get('user'); //dump($this->user); $group = RoleModel::where('gid',$this->user['gid'])->find(); if(!$group){ $this->request_error('对不起,您没有访问权限!'); }
$rights = json_decode($group['rights'],true);
$controller = request()->controller();
$action = request()->action();
$res = MenuModel::where(['controller'=>$controller,'method'=>$action])->find();
if(!$res){ $this->request_error('对不起,您没有此功能权限!'); } if($res['status']!=0){ $this->request_error('对不起,此功能被禁用!'); } if(!in_array($res['mid'],$rights)){ $this->request_error('对不起,您没有此权限'); } }
private function request_error($msg){ if(request()->isAjax()){ exit(json_encode(['code'=>1,'msg'=>$msg])); } exit($msg); } }

//index.php

<?php namespace app\admin\controller;

use think\facade\Session;
use app\admin\model\RoleModel;
use app\admin\model\MenuModel;
class Index extends Base{
public function index(){ //获取登录用户Session信息 $user= Session::get('user'); //获取登录用户角色权限 $pow = RoleModel::where('gid',$this->user['gid'])->find(); //json转换为数组 $rights = json_decode($pow['rights'],true); //构造当前用户菜单权限where条件 $where = 'mid in('.implode(',',$rights).') and status=0 and ishidden=0'; //获取当前用户权根的所有菜单 $res = MenuModel::where($where)->select(); //声明mid索引空数组 $index = []; //获取以mid索引数组 foreach ($res as $val) { $index[$val['mid']] = json_decode($val,true); } //获取以mid索引数组菜单层级关系 $menu = $this->gettreeitems($index);
//dump($menu); //渲染菜单 $this->view->menu = $menu; //渲染用户的title字段 $user['iden'] = $pow['title'];
$this->view->user = $user;
return $this->view->fetch();
}
public function welcome(){
return $this->view->fetch(); } //菜单层级关系函数 private function gettreeitems($items){ //声明返回的数组 $tree = []; //遍历索引数组 foreach ($items as $val) { //如果父PID没有值就把$tree数组定位到$item指针上,有值就增加关联sub字菜单并定位到当前数组指针上 if(isset($items[$val['pid']])){ $items[$val['pid']]['sub'][] = &$items[$val['mid']]; }else{ $tree[] = &$items[$val['mid']]; } } //获得层级新数组 return $tree; } }

//渲染的index.php

<!DOCTYPE html>

<html>

<head>

<title>后台管理系统</title>

body{margin:0;padding:0;}

.header{width:100%;height:50px;background:#0094ff;color:#ffffff;line-height: 50px;}

.title{margin-left:20px;font-size:20px;}

.userinfo{float:right;margin-right:20px;}

.userinfo a{text-decoration:none;color:#ffffff;}
.menu{position:absolute;width:200px;background:#23262E; }

.layui-nav{border-radius:0px!important;}

.layui-nav-tree{border:none;} .layui-nav-item{border:none;}
.main{position:absolute;left:200px;top:50px;right:0px;}

</style>

</head>

<body>

<span class="title">后台管理系统</span>

{$user.username}【{$user.iden}】<a href="javascript:;" onclick="logout()">退出</a>

</span>

</div>

{volist name="$menu" id="vo"}

<li class="layui-nav-item"> <a href="javascript:;">{$vo.title}</a>

<?php if(isset($vo['sub']) && $vo['sub']) :?>

{volist name='$vo.sub' id='cvo'}

<dd><a href="javascript:;" onclick="srcpage(this)" src="{:url($cvo.controller.'/'.$cvo.method)}">{$cvo.title}</a>

</dd>

</dl>

{/volist}

<?php endif?>

</li>

{/volist}

</ul>

</div>
<div class="main">

iframe src="{:url('welcome')}" style="width:100%;height:100%" frameborder="0" scrolling="0"></iframe>

</div>

</body>

</html>

Correcting teacher：查无此人Correction time：2020-02-27 15:32:23
Teacher's summary：完成的不错，后台cms管理系统，最重要的就是权限。继续加油。

实现权限访问控制功能

Popular Entries