0b2/catchAdmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
catchAdmin/catch/permissions/middleware/PermissionsMiddleware.php

132 lines
3.4 KiB
PHP
Raw Normal View History

recover
2020-04-29 17:37:45 +08:00
<?php
调整架构,新增权限模块服务
2020-06-24 09:09:37 +08:00
namespace catchAdmin\permissions\middleware;
recover
2020-04-29 17:37:45 +08:00
use app\Request;
use catchAdmin\permissions\model\Permissions;
use catcher\CatchCacheKeys;
use catcher\Code;
use catcher\exceptions\PermissionForbiddenException;
fixed:issue#34
2021-09-14 14:45:51 +08:00
use Closure;
use think\db\exception\DataNotFoundException;
use think\db\exception\DbException;
use think\db\exception\ModelNotFoundException;
recover
2020-04-29 17:37:45 +08:00
use think\facade\Cache;
分离日志操作权限
2020-05-06 17:40:51 +08:00
use catcher\Utils;
recover
2020-04-29 17:37:45 +08:00
class PermissionsMiddleware
{
/**
*
* @time 2019年12月12日
* @param Request $request
fixed:issue#34
2021-09-14 14:45:51 +08:00
* @param Closure $next
recover
2020-04-29 17:37:45 +08:00
* @return mixed
fixed:issue#34
2021-09-14 14:45:51 +08:00
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
* @throws PermissionForbiddenException|\ReflectionException
recover
2020-04-29 17:37:45 +08:00
*/
fixed:issue#34
2021-09-14 14:45:51 +08:00
public function handle(Request $request, Closure $next)
recover
2020-04-29 17:37:45 +08:00
{
$rule = $request->rule()->getName();
if (!$rule) {
return $next($request);
}
分离日志操作权限
2020-05-06 17:40:51 +08:00
recover
2020-04-29 17:37:45 +08:00
// 模块忽略
分离日志操作权限
2020-05-06 17:40:51 +08:00
[$module, $controller, $action] = Utils::parseRule($rule);
add:新增GET方法单独的认证标识
2020-10-12 12:22:05 +08:00
recover
2020-04-29 17:37:45 +08:00
// toad
if (in_array($module, $this->ignoreModule())) {
return $next($request);
}
// 用户未登录
$user = $request->user();
if (!$user) {
throw new PermissionForbiddenException('Login is invalid', Code::LOST_LOGIN);
}
// 超级管理员
add:新增GET方法单独的认证标识
2020-10-12 12:22:05 +08:00
if (Utils::isSuperAdmin()) {
recover
2020-04-29 17:37:45 +08:00
return $next($request);
}
// Get 请求
add:新增GET方法单独的认证标识
2020-10-12 12:22:05 +08:00
if ($this->allowGet($request)) {
recover
2020-04-29 17:37:45 +08:00
return $next($request);
}
分离日志操作权限
2020-05-06 17:40:51 +08:00
// 判断权限
$permission = property_exists($request, 'permission') ? $request->permission :
$this->getPermission($module, $controller, $action);
recover
2020-04-29 17:37:45 +08:00
fixed:issue#34
2021-09-14 14:45:51 +08:00
$permissionIds = Cache::get(CatchCacheKeys::USER_PERMISSIONS . $user->id);
if (!$permission || ! in_array($permission->id, (array)$permissionIds)) {
recover
2020-04-29 17:37:45 +08:00
throw new PermissionForbiddenException();
}
return $next($request);
}
/**
*
* @time 2019年12月14日
* @param $module
* @param $controllerName
* @param $action
fixed:issue#34
2021-09-14 14:45:51 +08:00
* @return array|\think\Model|null
* @throws DbException
* @throws ModelNotFoundException
* @throws DataNotFoundException
recover
2020-04-29 17:37:45 +08:00
*/
protected function getPermission($module, $controllerName, $action)
{
$permissionMark = sprintf('%s@%s', $controllerName, $action);
return Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();
}
/**
* 忽略模块
*
* @time 2020年04月16日
* @return array
*/
protected function ignoreModule()
{
return ['login'];
}
/**
* 操作日志
*
* @time 2020年04月16日
* @param $creatorId
* @param $permission
* @return void
*/
protected function operateEvent($creatorId, $permission)
{
// 操作日志
$permission && event('operateLog', [
'creator_id' => $creatorId,
'permission' => $permission,
]);
}
add:新增GET方法单独的认证标识
2020-10-12 12:22:05 +08:00
/**
* get allow
*
* @time 2020年10月12日
* @param $request
* @return bool
* @throws \ReflectionException
*/
protected function allowGet($request)
{
if (Utils::isMethodNeedAuth($request->rule()->getName())) {
return false;
}
return $request->isGet() && config('catch.permissions.is_allow_get');
}
recover
2020-04-29 17:37:45 +08:00
}
Reference in New Issue Copy Permalink