public static function checkAcl($controller)
{
$authInfo = self::getLoginInfo();
if (!$authInfo) {
return false;
}
//登录超时
//当前登录用户是否为超级管理员
if (self::isSuperUser()) {
return true;
}
$checkUrl = Cml::getContainer()->make('cml_route')->getFullPathNotContainSubDir();
$checkAction = Cml::getContainer()->make('cml_route')->getActionName();
if (is_string($controller)) {
$checkUrl = trim($controller, '/\\');
$controller = str_replace('/', '\\', $checkUrl);
$actionPosition = strrpos($controller, '\\');
$checkAction = substr($controller, $actionPosition + 1);
$appPosition = strpos($controller, '\\');
$subString = substr($controller, 0, $appPosition) . '\\Controller' . substr($controller, $appPosition, $actionPosition - $appPosition);
$controller = "\\{$subString}Controller";
if (class_exists($controller)) {
$controller = new $controller();
} else {
return false;
}
}
$checkUrl = ltrim(str_replace('\\', '/', $checkUrl), '/');
if (is_object($controller)) {
//判断是否有标识 @noacl 不检查权限
$reflection = new \ReflectionClass($controller);
$methods = $reflection->getMethods(\ReflectionMethod::IS_PUBLIC);
foreach ($methods as $method) {
if ($method->name == $checkAction) {
$annotation = $method->getDocComment();
if (strpos($annotation, '@noacl') !== false) {
return true;
}
$checkUrlArray = [];
if (preg_match('/@acljump([^\\n]+)/i', $annotation, $aclJump)) {
if (isset($aclJump[1]) && $aclJump[1]) {
$aclJump[1] = explode('|', $aclJump[1]);
foreach ($aclJump[1] as $val) {
trim($val) && ($checkUrlArray[] = ltrim(str_replace('\\', '/', trim($val)), '/'));
}
}
empty($checkUrlArray) || ($checkUrl = $checkUrlArray);
}
}
}
}
$acl = Model::getInstance()->db()->columns('m.id')->table(['access' => 'a'])->join(['menus' => 'm'], 'a.menuid=m.id')->lBrackets()->whereIn('a.groupid', $authInfo['groupid'])->_or()->where('a.userid', $authInfo['id'])->rBrackets();
$acl = is_array($checkUrl) ? $acl->whereIn('m.url', $checkUrl) : $acl->where('m.url', $checkUrl);
$acl = $acl->select();
return count($acl) > 0;
}