colleague / study-project · Files

<?php
/**
 * Created by PhpStorm.
 * User: liyifei
 * Date: 16/9/13
 * Time: 下午14:10
 */

namespace Api\Controller;

use Common\Common\User;
use Common\Controller\Api;
use Common\Common\Config;
use Common\Common\Constant;
use Common\Common\Department;
use Common\Common\Tag;

abstract class AbstractController extends Api\AbstractController
{

    /**
     * 权限验证
     */
    public function before_action($action = '')
    {

        parent::before_action($action);

        if ($this->_require_login) {

            if (empty($this->uid) || !$this->_checkUserRight()) {

                E('_ERR_PERMISSION_DENIED');
            }
        }

        return true;
    }

    /**
     * 获取当前用户权限数据
     *
     * @author zhonglei
     * @return array
     */
    private function _getUserRight()
    {

        $user = $this->_login->user;
        $data = [];

        // 标签
        $userServ = &User::instance();
        $tags = $userServ->getUserTags($user['memUid']);

        if (!empty($tags)) {
            // 获取标签ID
            $data[Constant::RIGHT_TYPE_TAG] = array_column($tags, 'tagId');

            // 获取标签成员
            $tagServ = &Tag::instance();
            $members = $tagServ->listAllMember(['tagIds' => $data[Constant::RIGHT_TYPE_TAG]]);

            // 获取标签成员中的部门ID
            $dp_ids = array_column($members, 'dpId');

            if (!empty($dp_ids)) {
                $data[Constant::RIGHT_TYPE_DEPARTMENT] = array_filter(array_unique($dp_ids));
            }
        }

        // 部门
        if (isset($user['dpName']) && !empty($user['dpName'])) {

            $dp_ids = array_column($user['dpName'], 'dpId');

            // 合并标签成员中的部门ID
            if (isset($data[Constant::RIGHT_TYPE_DEPARTMENT])) {

                $dp_ids = array_unique(array_merge($data[Constant::RIGHT_TYPE_DEPARTMENT], $dp_ids));
            }

            $dpServ = &Department::instance();
            $parent_ids = [];

            // 取父级部门ID
            foreach ($dp_ids as $dp_id) {

                $dpServ->list_parent_cdids($dp_id, $parent_ids);
            }

            // FIXME zhonglei 2017年09月07日17:57:07 经产品确认去掉取子级部门，暂时先注释掉代码
            /*
            // 取子级部门ID
            $child_ids = $dpServ->list_childrens_by_cdid($dp_ids);
            // 合并部门ID
            $dp_ids = array_merge($dp_ids, array_values($parent_ids), array_values($child_ids));
            */
            $dp_ids = array_merge($dp_ids, array_values($parent_ids));

            $data[Constant::RIGHT_TYPE_DEPARTMENT] = array_unique($dp_ids);
        }

        // 全公司
        $data[Constant::RIGHT_TYPE_ALL] = Constant::RIGHT_IS_ALL_TRUE;
        // 用户
        $data[Constant::RIGHT_TYPE_USER] = [$user['memUid']];

        // 职位
        if (isset($user['job']['jobId'])) {

            $data[Constant::RIGHT_TYPE_JOB] = [$user['job']['jobId']];
        }

        // 角色
        if (isset($user['role']['roleId'])) {

            $data[Constant::RIGHT_TYPE_ROLE] = [$user['role']['roleId']];
        }

        return $data;
    }

    /**
     * 验证当前用户访问权限
     *
     * @author zhonglei
     * @return bool
     */
    private function _checkUserRight()
    {

        $config = &Config::instance()->getCacheData();

        // 全公司
        if (isset($config['rights'][Constant::RIGHT_TYPE_ALL])
            && Constant::RIGHT_IS_ALL_TRUE == $config['rights'][Constant::RIGHT_TYPE_ALL][0]) {

            return true;
        }

        $user_rights = $this->_getUserRight();

        foreach ($config['rights'] as $type => $v) {

            if (is_array($v) && isset($user_rights[$type]) && array_intersect($v, $user_rights[$type])) {

                return true;
            }
        }

        return false;
    }
}