Home Explore Help
Register Sign In
Pp_study
/
pp_cms
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 951d7f54c0
Branches Tags
pp_cms
/
webApp
/
backend
/
components
/
AccessControl.php

AccessControl.php 4.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Author: lf
    4. 

  4.  * Blog: https://blog.feehi.com
    5. 

  5.  * Email: job@feehi.com
    6. 

  6.  * Created at: 2017-09-10 16:42
    7. 

  7.  */
    8. 

  8. 

  9. namespace backend\components;
    10. 

  10. 

  11. use Yii;
    12. 

  12. use yii\web\ForbiddenHttpException;
    13. 

  13. use yii\base\Module;
    14. 

  14. use yii\web\User;
    15. 

  15. use yii\di\Instance;
    16. 

  16. 

  17. class AccessControl extends \yii\base\ActionFilter
    18. 

  18. {
    19. 

  19.     /* @var User */
    20. 

  20.     private $_user = 'user';
    21. 

  21. 

  22.     public $allowActions = [];
    23. 

  23. 

  24.     public $superAdminUserIds = [];
    25. 

  25. 

  26.     /**
    27. 

  27.      * Get user
    28. 

  28.      * @return User
    29. 

  29.      * @throws \yii\base\InvalidConfigException
    30. 

  30.      */
    31. 

  31.     public function getUser()
    32. 

  32.     {
    33. 

  33.         if (!$this->_user instanceof User) {
    34. 

  34.             $this->_user = Instance::ensure($this->_user, User::className());
    35. 

  35.         }
    36. 

  36.         return $this->_user;
    37. 

  37.     }
    38. 

  38. 

  39.     /**
    40. 

  40.      * Set user
    41. 

  41.      * @param User|string $user
    42. 

  42.      */
    43. 

  43.     public function setUser($user)
    44. 

  44.     {
    45. 

  45.         $this->_user = $user;
    46. 

  46.     }
    47. 

  47. 

  48.     /**
    49. 

  49.      * @inheritdoc
    50. 

  50.      */
    51. 

  51.     public function beforeAction($action)
    52. 

  52.     {
    53. 

  53.         $actionId = $action->getUniqueId();
    54. 

  54.         $user = $this->getUser();
    55. 

  55.         if( in_array($user->getId(), $this->superAdminUserIds) ){
    56. 

  56.             return true;
    57. 

  57.         }
    58. 

  58.         if (self::checkRoute('/' . $actionId, Yii::$app->getRequest()->get(), $user)) {
    59. 

  59.             return true;
    60. 

  60.         }
    61. 

  61.         $this->denyAccess($user);
    62. 

  62.     }
    63. 

  63. 

  64.     /**
    65. 

  65.      * Denies the access of the user.
    66. 

  66.      * The default implementation will redirect the user to the login page if he is a guest;
    67. 

  67.      * if the user is already logged, a 403 HTTP exception will be thrown.
    68. 

  68.      * @param  User $user the current user
    69. 

  69.      * @throws ForbiddenHttpException if the user is already logged in.
    70. 

  70.      */
    71. 

  71.     protected function denyAccess($user)
    72. 

  72.     {
    73. 

  73.         if ($user->getIsGuest()) {
    74. 

  74.             $user->loginRequired();
    75. 

  75.         } else {
    76. 

  76.             throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
    77. 

  77.         }
    78. 

  78.     }
    79. 

  79. 

  80.     /**
    81. 

  81.      * @inheritdoc
    82. 

  82.      */
    83. 

  83.     protected function isActive($action)
    84. 

  84.     {
    85. 

  85.         $uniqueId = $action->getUniqueId();
    86. 

  86.         if ($uniqueId === Yii::$app->getErrorHandler()->errorAction) {
    87. 

  87.             return false;
    88. 

  88.         }
    89. 

  89. 

  90.         $user = $this->getUser();
    91. 

  91.         if($user->getIsGuest())
    92. 

  92.         {
    93. 

  93.             $loginUrl = null;
    94. 

  94.             if(is_array($user->loginUrl) && isset($user->loginUrl[0])){
    95. 

  95.                 $loginUrl = $user->loginUrl[0];
    96. 

  96.             }else if(is_string($user->loginUrl)){
    97. 

  97.                 $loginUrl = $user->loginUrl;
    98. 

  98.             }
    99. 

  99.             if(!is_null($loginUrl) && trim($loginUrl,'/') === $uniqueId)
    100. 

  100.             {
    101. 

  101.                 return false;
    102. 

  102.             }
    103. 

  103.         }
    104. 

  104. 

  105.         if ($this->owner instanceof Module) {
    106. 

  106.             // convert action uniqueId into an ID relative to the module
    107. 

  107.             $mid = $this->owner->getUniqueId();
    108. 

  108.             $id = $uniqueId;
    109. 

  109.             if ($mid !== '' && strpos($id, $mid . '/') === 0) {
    110. 

  110.                 $id = substr($id, strlen($mid) + 1);
    111. 

  111.             }
    112. 

  112.         } else {
    113. 

  113.             $id = $action->id;
    114. 

  114.         }
    115. 

  115. 

  116.         foreach ($this->allowActions as $route) {
    117. 

  117.             if (substr($route, -1) === '*') {
    118. 

  118.                 $route = rtrim($route, "*");
    119. 

  119.                 if ($route === '' || strpos($id, $route) === 0) {
    120. 

  120.                     return false;
    121. 

  121.                 }
    122. 

  122.             } else {
    123. 

  123.                 if ($id === $route) {
    124. 

  124.                     return false;
    125. 

  125.                 }
    126. 

  126.             }
    127. 

  127.         }
    128. 

  128. 

  129.         if ($action->controller->hasMethod('allowAction') && in_array($action->id, $action->controller->allowAction())) {
    130. 

  130.             return false;
    131. 

  131.         }
    132. 

  132. 

  133.         return true;
    134. 

  134.     }
    135. 

  135. 

  136.     /**
    137. 

  137.      * Check access route for user.
    138. 

  138.      * @param string|array $route
    139. 

  139.      * @param integer|User $user
    140. 

  140.      * @return boolean
    141. 

  141.      */
    142. 

  142.     public static function checkRoute($route, $params = [], $user = null)
    143. 

  143.     {
    144. 

  144.         $r = static::normalizeRoute($route);
    145. 

  145. 

  146.         if ($user === null) {
    147. 

  147.             $user = Yii::$app->getUser();
    148. 

  148.         }
    149. 

  149.         $userId = $user instanceof User ? $user->getId() : $user;
    150. 

  150. 

  151. 

  152.         if ($user->can($r, $params)) {
    153. 

  153.             return true;
    154. 

  154.         }
    155. 

  155.         while (($pos = strrpos($r, '/')) > 0) {
    156. 

  156.             $r = substr($r, 0, $pos);
    157. 

  157.             if ($user->can($r . '/*', $params)) {
    158. 

  158.                 return true;
    159. 

  159.             }
    160. 

  160.         }
    161. 

  161.         return $user->can('/*', $params);
    162. 

  162. 

  163.     }
    164. 

  164. 

  165.     protected static function normalizeRoute($route)
    166. 

  166.     {
    167. 

  167.         if ($route === '') {
    168. 

  168.             return '/' . Yii::$app->controller->getRoute() . ':' . yii::$app->getRequest()->getMethod();
    169. 

  169.         } elseif (strncmp($route, '/', 1) === 0) {
    170. 

  170.             return $route . ':' . yii::$app->getRequest()->getMethod();
    171. 

  171.         } elseif (strpos($route, '/') === false) {
    172. 

  172.             return '/' . Yii::$app->controller->getUniqueId() . '/' . $route . ':' . yii::$app->getRequest()->getMethod();
    173. 

  173.         } elseif (($mid = Yii::$app->controller->module->getUniqueId()) !== '') {
    174. 

  174.             return '/' . $mid . '/' . $route . ':' . yii::$app->getRequest()->getMethod();
    175. 

  175.         }
    176. 

  176.         return '/' . $route . ':' . yii::$app->getRequest()->getMethod();
    177. 

  177.     }
    178. 

  178. }
    179. 

  179.