configure(); $this->role = new \stdClass(); $this->role->guest = 'guest'; $user = view::User(); if(!$user) { $this->role->current = 'guest'; }else{ $this->role->current = $user->usertype; } } public function run($e) { $module = $e->getRouteMatch()->getParam('module'); $namespace = $e->getRouteMatch()->getParam('__NAMESPACE__'); $controller = $e->getRouteMatch()->getParam('controller'); $action = $e->getRouteMatch()->getParam('action'); //view::Dump($e->getRouteMatch()->getMatchedRouteName() . ":" . $controller."-".$action,false); $this->preCookieCheck(); try{ if(!$this->acl->hasResource($controller)) { $this->badRequest($e); return; } if($this->acl->isAllowed($this->role->current,$controller) === true) { return true; }else{ if($this->acl->isAllowed($this->role->current,$controller,$action) === true) { return true; }else{ $this->response($e); } } }catch (Exception $e) { //echo 'Caught exception: ', $e->getMessage(), "\n"; $this->badRequest($e); return; } } public function preCookieCheck() { if(!view::User()) { $mb = new Cookie; //view::Dump($mb->checkcookie()); if($mb->checkcookie()) { $account = new Account(); $account->cookieLogin(array($mb->FieldUsername=>$mb->user,$mb->FieldPasword=>$mb->srpwd)); } } } public function response($e) { //用户已经登录的情况 if(view::User() !== false) { $this->badRequest($e,403); return; } //没有登录的情况 if(view::isXmlHttpRequest()) { }else{ $response = $e->getResponse(); $response->setStatusCode(404); $response->sendHeaders(); $layout = $e->getViewModel(); $viewHelperManager = $e->getApplication()->getServiceManager()->get('viewHelperManager'); $partial = $viewHelperManager->get('partial'); $page_content = $partial( 'layout/layout/message', array( 'message' => '请先登陆', 'url'=> $e->getRouter()->assemble(array(), array('name' => $this->loginRouterName))."?href=".$_SERVER['REQUEST_URI'], ) ); $layout->setVariable('content',$page_content); $layout->setTemplate('layout/layout'); $e->stopPropagation(); return $response; } } public function badRequest($e,$type = 404) { $response = $e->getResponse(); $response->setStatusCode(404); $response->sendHeaders(); $layout = $e->getViewModel(); $viewHelperManager = $e->getApplication()->getServiceManager()->get('viewHelperManager'); $partial = $viewHelperManager->get('partial'); if($type == 404) { $page_content = $partial( 'error/404', array( 'message' => 'This page has been eaten by dinosaurs', 'controller'=>$controller = $e->getRouteMatch()->getParam('controller'), 'display_exceptions' => true, 'reason' => 'error-controller-invalid', ) ); }else{ $page_content = $partial( 'error/404', array( 'message' => '您没有权限访问此页面', 'controller'=>$controller = $e->getRouteMatch()->getParam('controller'), 'reason' => 'error-controller-invalid', 'display_exceptions' => true ) ); } $layout->setVariable('content',$page_content); $layout->setTemplate('layout/layout'); $e->stopPropagation(); return $response; } //加载配置 public function configure() { //初始化ACL $this->acl = new Acl(); $this->acl->deny(); //加载资源 new AclResource($this->acl); //加载权限 new AclAuthorize($this->acl); } }