titan
/
CRM


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
							<?php

namespace backend\modules\admin;

use backend\models\LoginApi;
use backend\models\PermissionApi;
use backend\models\MemberIdentity;
use Yii;
use yii\web\NotFoundHttpException;

/**
 * admin module definition class
 */
class Module extends \yii\base\Module
{
    public $layout = 'main';

    /**
     * @inheritdoc
     */
    public $controllerNamespace = 'backend\modules\admin\controllers';

    /**
     * 访问控制的白名单，为小写的控制器名称
     * @var array
     */
    public $whiteList = ['druid', 'default'];

    /**
     * @inheritdoc
     */
    public function init()
    {
        parent::init();

        // custom initialization code goes here
    }

    public function beforeAction($action)
    {
        // 访问权限控制
        if (Yii::$app->user->id) {
            $permissionApi = new PermissionApi();
            $permissioin = $permissionApi->getPermission(Yii::$app->user->id)['data'];
            if (!$permissioin) {
                Yii::$app->params['allow_urls'] = [];
                echo $action->controller->renderPartial('/common/not_right');
                return false;
            }
            
            $urls = explode(',', trim($permissioin['url'], ','));
            Yii::$app->params['allow_urls'] = $urls;
            $controllerId = $action->controller->id;
            $url = '/admin/' . $controllerId;
            if (!in_array($url, $urls) && !in_array($controllerId, $this->whiteList)) {
                echo $action->controller->renderPartial('/common/not_right');
                return false;
            }
        }
        
        $id = !empty($_COOKIE[MemberIdentity::ADMIN_LOGIN_ID_COOKIE]) ? trim($_COOKIE[MemberIdentity::ADMIN_LOGIN_ID_COOKIE]) : '';
        $password = !empty($_COOKIE[MemberIdentity::ADMIN_LOGIN_TOKEN_COOKIE]) ? trim($_COOKIE[MemberIdentity::ADMIN_LOGIN_TOKEN_COOKIE]) : '';
        if ($id && $password) {
            $api = new LoginApi();
            $result = $api->loginByIdPassword($id, $password);
            if ($result['code'] == 1 && isset($result['data']['type']) && $result['data']['type'] == MemberIdentity::MEMBER_TYPE_ADMIN) {
                $identity = MemberIdentity::findIdentity($id);
                Yii::$app->getUser()->login($identity);
            }
        }
        if (Yii::$app->getUser()->getIsGuest()) {
            Yii::$app->response->redirect(Yii::$app->user->loginUrl);
            return false;
        }
        return parent::beforeAction($action);
    }
}