PC端权限

application/common/library/Authcompany.php

@@ -3,8 +3,8 @@
 namespace app\common\library;
 
 use app\common\model\PcAdmin as User;
-use fast\Random;
 use fast\Tree;
+use fast\Random;
 use think\Config;
 use think\Db;
 use think\Exception;
@@ -12,7 +12,7 @@ use think\Hook;
 use think\Request;
 use think\Validate;
 
-class Authcompany
+class Authcompany extends \fast\Authpc
 {
     protected static $instance = null;
     protected $_error = '';
@@ -26,21 +26,22 @@ class Authcompany
     //默认配置
     protected $config = [];
     protected $options = [];
-    protected $allowFields = [
-        'id',
-        'username',
-        'nickname',
-        'avatar',
-        'company_id',
-    ];
+    protected $allowFields = ['id','username','nickname','avatar','company_id' ];
+
+    protected $breadcrumb = [];
 
 
-    public function __construct($options = [])
+    /*public function __construct($options = [])
     {
         if ($config = Config::get('company')) {
             $this->config = array_merge($this->config, $config);
         }
         $this->options = array_merge($this->config, $options);
+    }*/
+
+    public function __construct()
+    {
+        parent::__construct();
     }
 
     /**
@@ -270,7 +271,7 @@ class Authcompany
      * @param string $module 模块 默认为当前模块
      * @return boolean
      */
-    public function check($path = null, $module = null)
+    /*public function check($path = null, $module = null)
     {
         if (!$this->_logined) {
             return false;
@@ -284,6 +285,36 @@ class Authcompany
         $url = ($module ? $module : request()->module()) . '/' . (is_null($path) ? $this->getRequestUri() : $path);
         $url = strtolower(str_replace('.', '/', $url));
         return in_array($url, $rules) ? true : false;
+    }*/
+
+    public function check($name, $uid = '', $relation = 'or', $mode = 'url')
+    {
+        $uid = $uid ? $uid : $this->id;
+        return parent::check($name, $uid, $relation, $mode);
+    }
+
+    /**
+     * 检测当前控制器和方法是否匹配传递的数组
+     *
+     * @param array $arr 需要验证权限的数组
+     * @return bool
+     */
+    public function match($arr = [])
+    {
+        $request = Request::instance();
+        $arr = is_array($arr) ? $arr : explode(',', $arr);
+        if (!$arr) {
+            return false;
+        }
+
+        $arr = array_map('strtolower', $arr);
+        // 是否存在
+        if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr)) {
+            return true;
+        }
+
+        // 没找到匹配
+        return false;
     }
 
     /**
@@ -310,7 +341,7 @@ class Authcompany
     /**
      * 获取会员基本信息
      */
-    public function getUserinfo_simple()
+    public function getUserInfo_simple()
     {
         $data = $this->_user->toArray();
         $allowFields = $this->getAllowFields();
@@ -325,7 +356,7 @@ class Authcompany
     /**
      * 获取会员基本信息
      */
-    public function getUserinfo()
+    public function getUserInfo()
     {
         $data = $this->_user->toArray();
         $allowFields = $this->getAllowFields();
@@ -361,6 +392,286 @@ class Authcompany
         $this->requestUri = $uri;
     }
 
+    public function getGroups($uid = null)
+    {
+        $uid = is_null($uid) ? $this->id : $uid;
+        return parent::getGroups($uid);
+    }
+
+    public function getRuleList($uid = null)
+    {
+        $uid = is_null($uid) ? $this->id : $uid;
+        return parent::getRuleList($uid);
+    }
+
+    public function getRuleIds($uid = null)
+    {
+        $uid = is_null($uid) ? $this->id : $uid;
+        return parent::getRuleIds($uid);
+    }
+
+    public function isSuperAdmin()
+    {
+        return in_array('*', $this->getRuleIds()) ? true : false;
+    }
+
+    /**
+     * 获取管理员所属于的分组ID
+     * @param int $uid
+     * @return array
+     */
+    public function getGroupIds($uid = null)
+    {
+        $groups = $this->getGroups($uid);
+        $groupIds = [];
+        foreach ($groups as $K => $v) {
+            $groupIds[] = (int)$v['group_id'];
+        }
+        return $groupIds;
+    }
+
+    /**
+     * 取出当前管理员所拥有权限的分组
+     * @param boolean $withself 是否包含当前所在的分组
+     * @return array
+     */
+    public function getChildrenGroupIds($withself = false)
+    {
+        //取出当前管理员所有的分组
+        $groups = $this->getGroups();
+        $groupIds = [];
+        foreach ($groups as $k => $v) {
+            $groupIds[] = $v['id'];
+        }
+        $originGroupIds = $groupIds;
+        foreach ($groups as $k => $v) {
+            if (in_array($v['pid'], $originGroupIds)) {
+                $groupIds = array_diff($groupIds, [$v['id']]);
+                unset($groups[$k]);
+            }
+        }
+        // 取出所有分组
+        $groupList = \app\admin\model\AuthGroup::where($this->isSuperAdmin() ? '1=1' : ['status' => 'normal'])->select();
+        $objList = [];
+        foreach ($groups as $k => $v) {
+            if ($v['rules'] === '*') {
+                $objList = $groupList;
+                break;
+            }
+            // 取出包含自己的所有子节点
+            $childrenList = Tree::instance()->init($groupList, 'pid')->getChildren($v['id'], true);
+            $obj = Tree::instance()->init($childrenList, 'pid')->getTreeArray($v['pid']);
+            $objList = array_merge($objList, Tree::instance()->getTreeList($obj));
+        }
+        $childrenGroupIds = [];
+        foreach ($objList as $k => $v) {
+            $childrenGroupIds[] = $v['id'];
+        }
+        if (!$withself) {
+            $childrenGroupIds = array_diff($childrenGroupIds, $groupIds);
+        }
+        return $childrenGroupIds;
+    }
+
+    /**
+     * 取出当前管理员所拥有权限的管理员
+     * @param boolean $withself 是否包含自身
+     * @return array
+     */
+    public function getChildrenAdminIds($withself = false)
+    {
+        $childrenAdminIds = [];
+        if (!$this->isSuperAdmin()) {
+            $groupIds = $this->getChildrenGroupIds(false);
+            $authGroupList = \app\admin\model\AuthGroupAccess::field('uid,group_id')
+                ->where('group_id', 'in', $groupIds)
+                ->select();
+            foreach ($authGroupList as $k => $v) {
+                $childrenAdminIds[] = $v['uid'];
+            }
+        } else {
+            //超级管理员拥有所有人的权限
+            $childrenAdminIds = Admin::column('id');
+        }
+        if ($withself) {
+            if (!in_array($this->id, $childrenAdminIds)) {
+                $childrenAdminIds[] = $this->id;
+            }
+        } else {
+            $childrenAdminIds = array_diff($childrenAdminIds, [$this->id]);
+        }
+        return $childrenAdminIds;
+    }
+
+    /**
+     * 获得面包屑导航
+     * @param string $path
+     * @return array
+     */
+    public function getBreadCrumb($path = '')
+    {
+        if ($this->breadcrumb || !$path) {
+            return $this->breadcrumb;
+        }
+        $titleArr = [];
+        $menuArr = [];
+        $urlArr = explode('/', $path);
+        foreach ($urlArr as $index => $item) {
+            $pathArr[implode('/', array_slice($urlArr, 0, $index + 1))] = $index;
+        }
+        if (!$this->rules && $this->id) {
+            $this->getRuleList();
+        }
+        foreach ($this->rules as $rule) {
+            if (isset($pathArr[$rule['name']])) {
+                $rule['title'] = __($rule['title']);
+                $rule['url'] = url($rule['name']);
+                $titleArr[$pathArr[$rule['name']]] = $rule['title'];
+                $menuArr[$pathArr[$rule['name']]] = $rule;
+            }
+        }
+        ksort($menuArr);
+        $this->breadcrumb = $menuArr;
+        return $this->breadcrumb;
+    }
+
+    /**
+     * 获取左侧和顶部菜单栏
+     *
+     * @param array  $params    URL对应的badge数据
+     * @param string $fixedPage 默认页
+     * @return array
+     */
+    public function getSidebar($params = [], $fixedPage = 'dashboard')
+    {
+        // 边栏开始
+        Hook::listen("admin_sidebar_begin", $params);
+        $colorArr = ['red', 'green', 'yellow', 'blue', 'teal', 'orange', 'purple'];
+        $colorNums = count($colorArr);
+        $badgeList = [];
+        $module = request()->module();
+        // 生成菜单的badge
+        foreach ($params as $k => $v) {
+            $url = $k;
+            if (is_array($v)) {
+                $nums = $v[0] ?? 0;
+                $color = $v[1] ?? $colorArr[(is_numeric($nums) ? $nums : strlen($nums)) % $colorNums];
+                $class = $v[2] ?? 'label';
+            } else {
+                $nums = $v;
+                $color = $colorArr[(is_numeric($nums) ? $nums : strlen($nums)) % $colorNums];
+                $class = 'label';
+            }
+            //必须nums大于0才显示
+            if ($nums) {
+                $badgeList[$url] = '<small class="' . $class . ' pull-right bg-' . $color . '">' . $nums . '</small>';
+            }
+        }
+
+        // 读取管理员当前拥有的权限节点
+        $userRule = $this->getRuleList();
+        $selected = $referer = [];
+        $refererUrl = Session::get('referer');
+        // 必须将结果集转换为数组
+        $ruleList = collection(\app\admin\model\AuthRule::where('status', 'normal')
+            ->where('ismenu', 1)
+            ->order('weigh', 'desc')
+            ->cache("__menu__")
+            ->select())->toArray();
+        $indexRuleList = \app\admin\model\AuthRule::where('status', 'normal')
+            ->where('ismenu', 0)
+            ->where('name', 'like', '%/index')
+            ->column('name,pid');
+        $pidArr = array_unique(array_filter(array_column($ruleList, 'pid')));
+        foreach ($ruleList as $k => &$v) {
+            if (!in_array($v['name'], $userRule)) {
+                unset($ruleList[$k]);
+                continue;
+            }
+            $indexRuleName = $v['name'] . '/index';
+            if (isset($indexRuleList[$indexRuleName]) && !in_array($indexRuleName, $userRule)) {
+                unset($ruleList[$k]);
+                continue;
+            }
+            $v['icon'] = $v['icon'] . ' fa-fw';
+            $v['url'] = isset($v['url']) && $v['url'] ? $v['url'] : '/' . $module . '/' . $v['name'];
+            $v['badge'] = $badgeList[$v['name']] ?? '';
+            $v['title'] = __($v['title']);
+            $v['url'] = preg_match("/^((?:[a-z]+:)?\/\/|data:image\/)(.*)/i", $v['url']) ? $v['url'] : url($v['url']);
+            $v['menuclass'] = in_array($v['menutype'], ['dialog', 'ajax']) ? 'btn-' . $v['menutype'] : '';
+            $v['menutabs'] = !$v['menutype'] || in_array($v['menutype'], ['default', 'addtabs']) ? 'addtabs="' . $v['id'] . '"' : '';
+            $selected = $v['name'] == $fixedPage ? $v : $selected;
+            $referer = $v['url'] == $refererUrl ? $v : $referer;
+        }
+        $lastArr = array_unique(array_filter(array_column($ruleList, 'pid')));
+        $pidDiffArr = array_diff($pidArr, $lastArr);
+        foreach ($ruleList as $index => $item) {
+            if (in_array($item['id'], $pidDiffArr)) {
+                unset($ruleList[$index]);
+            }
+        }
+        if ($selected == $referer) {
+            $referer = [];
+        }
+
+        $select_id = $referer ? $referer['id'] : ($selected ? $selected['id'] : 0);
+        $menu = $nav = '';
+        $showSubmenu = config('fastadmin.show_submenu');
+        if (Config::get('fastadmin.multiplenav')) {
+            $topList = [];
+            foreach ($ruleList as $index => $item) {
+                if (!$item['pid']) {
+                    $topList[] = $item;
+                }
+            }
+            $selectParentIds = [];
+            $tree = Tree::instance();
+            $tree->init($ruleList);
+            if ($select_id) {
+                $selectParentIds = $tree->getParentsIds($select_id, true);
+            }
+            foreach ($topList as $index => $item) {
+                $childList = Tree::instance()->getTreeMenu(
+                    $item['id'],
+                    '<li class="@class" pid="@pid"><a @extend href="@url@addtabs" addtabs="@id" class="@menuclass" url="@url" py="@py" pinyin="@pinyin"><i class="@icon"></i> <span>@title</span> <span class="pull-right-container">@caret @badge</span></a> @childlist</li>',
+                    $select_id,
+                    '',
+                    'ul',
+                    'class="treeview-menu' . ($showSubmenu ? ' menu-open' : '') . '"'
+                );
+                $current = in_array($item['id'], $selectParentIds);
+                $url = $childList ? 'javascript:;' : $item['url'];
+                $addtabs = $childList || !$url ? "" : (stripos($url, "?") !== false ? "&" : "?") . "ref=" . ($item['menutype'] ? $item['menutype'] : 'addtabs');
+                $childList = str_replace(
+                    '" pid="' . $item['id'] . '"',
+                    ' ' . ($current ? '' : 'hidden') . '" pid="' . $item['id'] . '"',
+                    $childList
+                );
+                $nav .= '<li class="' . ($current ? 'active' : '') . '"><a ' . $item['extend'] . ' href="' . $url . $addtabs . '" ' . $item['menutabs'] . ' class="' . $item['menuclass'] . '" url="' . $url . '" title="' . $item['title'] . '"><i class="' . $item['icon'] . '"></i> <span>' . $item['title'] . '</span> <span class="pull-right-container"> </span></a> </li>';
+                $menu .= $childList;
+            }
+        } else {
+            // 构造菜单数据
+            Tree::instance()->init($ruleList);
+            $menu = Tree::instance()->getTreeMenu(
+                0,
+                '<li class="@class"><a @extend href="@url@addtabs" @menutabs class="@menuclass" url="@url" py="@py" pinyin="@pinyin"><i class="@icon"></i> <span>@title</span> <span class="pull-right-container">@caret @badge</span></a> @childlist</li>',
+                $select_id,
+                '',
+                'ul',
+                'class="treeview-menu' . ($showSubmenu ? ' menu-open' : '') . '"'
+            );
+            if ($selected) {
+                $nav .= '<li role="presentation" id="tab_' . $selected['id'] . '" class="' . ($referer ? '' : 'active') . '"><a href="#con_' . $selected['id'] . '" node-id="' . $selected['id'] . '" aria-controls="' . $selected['id'] . '" role="tab" data-toggle="tab"><i class="' . $selected['icon'] . ' fa-fw"></i> <span>' . $selected['title'] . '</span> </a></li>';
+            }
+            if ($referer) {
+                $nav .= '<li role="presentation" id="tab_' . $referer['id'] . '" class="active"><a href="#con_' . $referer['id'] . '" node-id="' . $referer['id'] . '" aria-controls="' . $referer['id'] . '" role="tab" data-toggle="tab"><i class="' . $referer['icon'] . ' fa-fw"></i> <span>' . $referer['title'] . '</span> </a> <i class="close-tab fa fa-remove"></i></li>';
+            }
+        }
+
+        return [$menu, $nav, $selected, $referer];
+    }
+
     /**
      * 获取允许输出的字段
      * @return array
@@ -419,29 +730,6 @@ class Authcompany
     }
 
     /**
-     * 检测当前控制器和方法是否匹配传递的数组
-     *
-     * @param array $arr 需要验证权限的数组
-     * @return boolean
-     */
-    public function match($arr = [])
-    {
-        $request = Request::instance();
-        $arr = is_array($arr) ? $arr : explode(',', $arr);
-        if (!$arr) {
-            return false;
-        }
-        $arr = array_map('strtolower', $arr);
-        // 是否存在
-        if (in_array(strtolower($request->action()), $arr) || in_array('*', $arr)) {
-            return true;
-        }
-
-        // 没找到匹配
-        return false;
-    }
-
-    /**
      * 设置会话有效时间
      * @param int $keeptime 默认为永久
      */
@@ -474,4 +762,5 @@ class Authcompany
     }
 
 
+
 }

application/company/controller/Baseconfig.php

@@ -16,7 +16,7 @@ class Baseconfig extends Apic
     public function index(){
 
         $config = [
-
+            'nowtime' => date('Y-m-d H:i:s'),
         ];
 
         $this->success('success',$config);

application/company/controller/Index.php

@@ -38,7 +38,7 @@ class Index extends Apic
         //找员工
         $ret = $this->auth->login($username, $password);
         if ($ret) {
-            $data = $this->auth->getUserinfo_simple();
+            $data = $this->auth->getUserInfo_simple();
             $this->success('登录成功', $data);
         } else {
             $msg = $this->auth->getError();
@@ -65,7 +65,7 @@ class Index extends Apic
 
     //用户详细资料
     public function getUserinfo(){
-        $info = $this->auth->getUserinfo();
+        $info = $this->auth->getUserInfo();
 
         $this->success(__('success'),$info);
     }

extend/fast/Authpc.php

@@ -0,0 +1,265 @@
+<?php
+
+// +----------------------------------------------------------------------
+// | ThinkPHP [ WE CAN DO IT JUST THINK IT ]
+// +----------------------------------------------------------------------
+// | Copyright (c) 2011 http://thinkphp.cn All rights reserved.
+// +----------------------------------------------------------------------
+// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
+// +----------------------------------------------------------------------
+// | Author: luofei614 <weibo.com/luofei614>
+// +----------------------------------------------------------------------
+// | 修改者: anuo (本权限类在原3.2.3的基础上修改过来的)
+// +----------------------------------------------------------------------
+
+namespace fast;
+
+use think\Db;
+use think\Config;
+use think\Session;
+use think\Request;
+
+/**
+ * 权限认证类
+ * 功能特性：
+ * 1，是对规则进行认证，不是对节点进行认证。用户可以把节点当作规则名称实现对节点进行认证。
+ *      $auth=new Auth();  $auth->check('规则名称','用户id')
+ * 2，可以同时对多条规则进行认证，并设置多条规则的关系（or或者and）
+ *      $auth=new Auth();  $auth->check('规则1,规则2','用户id','and')
+ *      第三个参数为and时表示，用户需要同时具有规则1和规则2的权限。 当第三个参数为or时，表示用户值需要具备其中一个条件即可。默认为or
+ * 3，一个用户可以属于多个用户组(think_auth_group_access表 定义了用户所属用户组)。我们需要设置每个用户组拥有哪些规则(think_auth_group 定义了用户组权限)
+ * 4，支持规则表达式。
+ *      在think_auth_rule 表中定义一条规则，condition字段就可以定义规则表达式。 如定义{score}>5  and {score}<100
+ * 表示用户的分数在5-100之间时这条规则才会通过。
+ */
+class Authpc
+{
+
+    /**
+     * @var object 对象实例
+     */
+    protected static $instance;
+    protected $rules = [];
+
+    /**
+     * 当前请求实例
+     * @var Request
+     */
+    protected $request;
+    //默认配置
+    protected $config = [
+        'auth_on'           => 1, // 权限开关
+        'auth_type'         => 1, // 认证方式，1为实时认证；2为登录认证。
+        'auth_group'        => 'pc_auth_group', // 用户组数据表名
+        'auth_group_access' => 'pc_auth_group_access', // 用户-用户组关系表
+        'auth_rule'         => 'pc_auth_rule', // 权限规则表
+        'auth_user'         => 'user', // 用户信息表
+    ];
+
+    public function __construct()
+    {
+        if ($auth = Config::get('auth')) {
+            $this->config = array_merge($this->config, $auth);
+        }
+        // 初始化request
+        $this->request = Request::instance();
+    }
+
+    /**
+     * 初始化
+     * @access public
+     * @param array $options 参数
+     * @return Auth
+     */
+    public static function instance($options = [])
+    {
+        if (is_null(self::$instance)) {
+            self::$instance = new static($options);
+        }
+
+        return self::$instance;
+    }
+
+    /**
+     * 检查权限
+     * @param string|array $name     需要验证的规则列表,支持逗号分隔的权限规则或索引数组
+     * @param int          $uid      认证用户的id
+     * @param string       $relation 如果为 'or' 表示满足任一条规则即通过验证;如果为 'and'则表示需满足所有规则才能通过验证
+     * @param string       $mode     执行验证的模式,可分为url,normal
+     * @return bool 通过验证返回true;失败返回false
+     */
+    public function check($name, $uid, $relation = 'or', $mode = 'url')
+    {
+        if (!$this->config['auth_on']) {
+            return true;
+        }
+        // 获取用户需要验证的所有有效规则列表
+        $rulelist = $this->getRuleList($uid);
+        if (in_array('*', $rulelist)) {
+            return true;
+        }
+
+        if (is_string($name)) {
+            $name = strtolower($name);
+            if (strpos($name, ',') !== false) {
+                $name = explode(',', $name);
+            } else {
+                $name = [$name];
+            }
+        }
+        $list = []; //保存验证通过的规则名
+        if ('url' == $mode) {
+            $REQUEST = unserialize(strtolower(serialize($this->request->param())));
+        }
+        foreach ($rulelist as $rule) {
+            $query = preg_replace('/^.+\?/U', '', $rule);
+            if ('url' == $mode && $query != $rule) {
+                parse_str($query, $param); //解析规则中的param
+                $intersect = array_intersect_assoc($REQUEST, $param);
+                $rule = preg_replace('/\?.*$/U', '', $rule);
+                if (in_array($rule, $name) && $intersect == $param) {
+                    //如果节点相符且url参数满足
+                    $list[] = $rule;
+                }
+            } else {
+                if (in_array($rule, $name)) {
+                    $list[] = $rule;
+                }
+            }
+        }
+        if ('or' == $relation && !empty($list)) {
+            return true;
+        }
+        $diff = array_diff($name, $list);
+        if ('and' == $relation && empty($diff)) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * 根据用户id获取用户组,返回值为数组
+     * @param int $uid  用户id
+     * @return array       用户所属的用户组 array(
+     *                  array('uid'=>'用户id','group_id'=>'用户组id','name'=>'用户组名称','rules'=>'用户组拥有的规则id,多个,号隔开'),
+     *                  ...)
+     */
+    public function getGroups($uid)
+    {
+        static $groups = [];
+        if (isset($groups[$uid])) {
+            return $groups[$uid];
+        }
+
+        // 执行查询
+        $user_groups = Db::name($this->config['auth_group_access'])
+            ->alias('aga')
+            ->join('__' . strtoupper($this->config['auth_group']) . '__ ag', 'aga.group_id = ag.id', 'LEFT')
+            ->field('aga.uid,aga.group_id,ag.id,ag.pid,ag.name,ag.rules')
+            ->where("aga.uid='{$uid}' and ag.status='normal'")
+            ->select();
+        $groups[$uid] = $user_groups ?: [];
+        return $groups[$uid];
+    }
+
+    /**
+     * 获得权限规则列表
+     * @param int $uid 用户id
+     * @return array
+     */
+    public function getRuleList($uid)
+    {
+        static $_rulelist = []; //保存用户验证通过的权限列表
+        if (isset($_rulelist[$uid])) {
+            return $_rulelist[$uid];
+        }
+        if (2 == $this->config['auth_type'] && Session::has('_rule_list_' . $uid)) {
+            return Session::get('_rule_list_' . $uid);
+        }
+
+        // 读取用户规则节点
+        $ids = $this->getRuleIds($uid);
+        if (empty($ids)) {
+            $_rulelist[$uid] = [];
+            return [];
+        }
+
+        // 筛选条件
+        $where = [
+            'status' => 'normal'
+        ];
+        if (!in_array('*', $ids)) {
+            $where['id'] = ['in', $ids];
+        }
+        //读取用户组所有权限规则
+        $this->rules = Db::name($this->config['auth_rule'])->where($where)->field('id,pid,condition,icon,name,title,ismenu')->select();
+
+        //循环规则，判断结果。
+        $rulelist = []; //
+        if (in_array('*', $ids)) {
+            $rulelist[] = "*";
+        }
+        foreach ($this->rules as $rule) {
+            //超级管理员无需验证condition
+            if (!empty($rule['condition']) && !in_array('*', $ids)) {
+                //根据condition进行验证
+                $user = $this->getUserInfo($uid); //获取用户信息,一维数组
+                $nums = 0;
+                $condition = str_replace(['&&', '||'], "\r\n", $rule['condition']);
+                $condition = preg_replace('/\{(\w*?)\}/', '\\1', $condition);
+                $conditionArr = explode("\r\n", $condition);
+                foreach ($conditionArr as $index => $item) {
+                    preg_match("/^(\w+)\s?([\>\<\=]+)\s?(.*)$/", trim($item), $matches);
+                    if ($matches && isset($user[$matches[1]]) && version_compare($user[$matches[1]], $matches[3], $matches[2])) {
+                        $nums++;
+                    }
+                }
+                if ($conditionArr && ((stripos($rule['condition'], "||") !== false && $nums > 0) || count($conditionArr) == $nums)) {
+                    $rulelist[$rule['id']] = strtolower($rule['name']);
+                }
+            } else {
+                //只要存在就记录
+                $rulelist[$rule['id']] = strtolower($rule['name']);
+            }
+        }
+        $_rulelist[$uid] = $rulelist;
+        //登录验证则需要保存规则列表
+        if (2 == $this->config['auth_type']) {
+            //规则列表结果保存到session
+            Session::set('_rule_list_' . $uid, $rulelist);
+        }
+        return array_unique($rulelist);
+    }
+
+    public function getRuleIds($uid)
+    {
+        //读取用户所属用户组
+        $groups = $this->getGroups($uid);
+        $ids = []; //保存用户所属用户组设置的所有权限规则id
+        foreach ($groups as $g) {
+            $ids = array_merge($ids, explode(',', trim($g['rules'], ',')));
+        }
+        $ids = array_unique($ids);
+        return $ids;
+    }
+
+    /**
+     * 获得用户资料
+     * @param int $uid 用户id
+     * @return mixed
+     */
+    protected function getUserInfo($uid)
+    {
+        static $user_info = [];
+
+        $user = Db::name($this->config['auth_user']);
+        // 获取用户表主键
+        $_pk = is_string($user->getPk()) ? $user->getPk() : 'uid';
+        if (!isset($user_info[$uid])) {
+            $user_info[$uid] = $user->where($_pk, $uid)->find();
+        }
+
+        return $user_info[$uid];
+    }
+}