102 lines
3.2 KiB
PHP
102 lines
3.2 KiB
PHP
<?php
|
|
/**
|
|
* Zeed Platform Project
|
|
* Based on Zeed Framework & Zend Framework.
|
|
*
|
|
* BTS - Billing Transaction Service
|
|
* CAS - Central Authentication Service
|
|
*
|
|
* LICENSE
|
|
* http://www.zeed.com.cn/license/
|
|
*
|
|
* @category Zeed
|
|
* @package Zeed_ChangeMe
|
|
* @subpackage ChangeMe
|
|
* @copyright Copyright (c) 2010 Zeed Technologies PRC Inc. (http://www.zeed.com.cn)
|
|
* @author Zeed Team (http://blog.zeed.com.cn)
|
|
* @since Sep 16, 2010
|
|
* @version SVN: $Id: Exception.php 7427 2010-09-27 07:33:47Z xsharp $
|
|
*/
|
|
|
|
class Com_Admin_Permission_Node extends Com_Admin_Permission
|
|
{
|
|
protected $_userPermissions;
|
|
protected $_appPermission;
|
|
/**
|
|
* 检查当前用户是否有相应权限
|
|
* @param integer $permissionid
|
|
* @return boolean
|
|
*/
|
|
public function hasPermission($permissionid)
|
|
{
|
|
if (is_null($this->_userPermissions)) {
|
|
$rs = $this->_oauthRequest('user');
|
|
if (!$rs) {
|
|
return false;
|
|
}
|
|
$this->_userPermissions = $rs['data'];
|
|
}
|
|
return in_array($permissionid, $this->_userPermissions);
|
|
}
|
|
|
|
/**
|
|
* 获取当前用户的权限
|
|
*/
|
|
public function getUserPermission()
|
|
{
|
|
if (is_null($this->_userPermissions)) {
|
|
$rs = $this->_oauthRequest('user');
|
|
if (!$rs) {
|
|
return array();
|
|
}
|
|
$this->_userPermissions = $rs['data'];
|
|
}
|
|
return $this->_userPermissions;
|
|
}
|
|
|
|
/**
|
|
* 获取访问ACTINO需要的权限
|
|
*/
|
|
public function getAppPermission()
|
|
{
|
|
$parameters = array('x_action'=>$this->_action, 'x_controller'=>$this->_controller, 'x_module'=>$this->_module);
|
|
$rs = $this->_oauthRequest('index', $parameters);
|
|
if (!$rs) {
|
|
return null;
|
|
}
|
|
$this->_userPermissions = $rs['data']['user_permissions'];
|
|
return $this->_appPermissions = $rs['data']['app_permission'];
|
|
}
|
|
|
|
protected $_oauthConsumer;
|
|
protected $_oauthApiSignMethod;
|
|
protected $_aclUrl;
|
|
protected function _oauthRequest($action, $parameters = null)
|
|
{
|
|
$accessToken = Zeed_OAuth_Util::parseParameters($_SESSION['admin.access_token']);
|
|
$accessToken = new Zeed_OAuth_Token( $accessToken['oauth_token'], $accessToken['oauth_token_secret']);
|
|
if (is_null($this->_oauthConsumer)) {
|
|
$config = Zeed_Config::loadGroup('access');
|
|
$this->_oauthConsumer = new Zeed_OAuth_Consumer($config['appkey'], $config['appsecret']);
|
|
$this->_oauthApiSignMethod = new Zeed_OAuth_Signature_HMACSHA1();
|
|
$this->_aclUrl = $config['acl_url'];
|
|
}
|
|
|
|
$request = Zeed_OAuth_Request::fromConsumerAndToken($this->_oauthConsumer, $accessToken, "GET", $this->_aclUrl.$action, $parameters);
|
|
$request->signRequest($this->_oauthApiSignMethod, $this->_oauthConsumer, $accessToken);
|
|
|
|
$response = $request->request();
|
|
if ($response === false || $response['code'] != 200) {
|
|
return false;
|
|
}
|
|
$result = $response['body'];
|
|
$result = json_decode($result, true);
|
|
|
|
if (!is_array($result)) {
|
|
return false;
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
}
|