权限管理
This commit is contained in:
wuyanwen
parent
6c423e5fc5
commit
5c7c976869
@ -1,14 +1,74 @@
|
||||
<?php
|
||||
namespace catchAdmin\permissions;
|
||||
|
||||
use think\Middleware;
|
||||
use app\Request;
|
||||
use catchAdmin\permissions\model\Permissions;
|
||||
use catcher\exceptions\PermissionForbiddenException;
|
||||
use think\helper\Str;
|
||||
|
||||
class PermissionsMiddleware
|
||||
{
|
||||
public function handle($request, \Closure $next)
|
||||
/**
|
||||
*
|
||||
* @time 2019年12月12日
|
||||
* @param Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
* @throws \think\db\exception\DataNotFoundException
|
||||
* @throws \think\db\exception\DbException
|
||||
* @throws \think\db\exception\ModelNotFoundException
|
||||
* @throws PermissionForbiddenException
|
||||
*/
|
||||
public function handle(Request $request, \Closure $next)
|
||||
{
|
||||
if (!$request->user()) {
|
||||
throw new PermissionForbiddenException('Login is invalid', 10006);
|
||||
}
|
||||
// toad
|
||||
if (($permission = $this->getPermission($request->rule()->getName())) && in_array($permission->id, $request->user()->getPermissionsBy())) {
|
||||
throw new PermissionForbiddenException();
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @time 2019年12月12日
|
||||
* @param $rule
|
||||
* @throws \think\db\exception\DataNotFoundException
|
||||
* @throws \think\db\exception\DbException
|
||||
* @throws \think\db\exception\ModelNotFoundException
|
||||
* @return array|bool|\think\Model|null
|
||||
*/
|
||||
protected function getPermission($rule)
|
||||
{
|
||||
if (!$rule) {
|
||||
return false;
|
||||
}
|
||||
|
||||
[$controller, $action] = explode(Str::contains($rule, '@') ? '@' : '/', $rule);
|
||||
|
||||
$controller = explode('\\', $controller);
|
||||
|
||||
$controllerName = strtolower(array_pop($controller));
|
||||
|
||||
array_pop($controller);
|
||||
|
||||
$module = array_pop($controller);
|
||||
|
||||
$ignore = config('catch.ignore');
|
||||
|
||||
if (in_array($module, $ignore['module'])) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$permissionMark = sprintf('%s:%s:%s', $module, $controllerName, $action);
|
||||
|
||||
if (in_array($permissionMark, $ignore['route'])) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return Permissions::where('permission_mark', $permissionMark)->find();
|
||||
}
|
||||
}
|
||||
@ -9,13 +9,13 @@ use catcher\CatchForm;
|
||||
use catcher\CatchResponse;
|
||||
use catcher\exceptions\FailedException;
|
||||
use catcher\Tree;
|
||||
use catchAdmin\permissions\model\Permissions as Permission;
|
||||
use catchAdmin\permissions\model\Permissions as Permissions;
|
||||
|
||||
class Permission extends CatchController
|
||||
{
|
||||
protected $permissions;
|
||||
|
||||
public function __construct(Permission $permissions)
|
||||
public function __construct(Permissions $permissions)
|
||||
{
|
||||
$this->permissions = $permissions;
|
||||
}
|
||||
@ -57,15 +57,15 @@ class Permission extends CatchController
|
||||
$form->select('module', '模块', true)->verify('required')->options(CatchAdmin::getModulesInfo());
|
||||
$form->text('route', '路由')->placeholder('请输入路由');
|
||||
$form->radio('method', '请求方法', true)->default(Permission::GET)->options([
|
||||
['value' => Permission::GET, 'title' => 'get'],
|
||||
['value' => Permission::POST, 'title' => 'post'],
|
||||
['value' => Permission::PUT, 'title' => 'put'],
|
||||
['value' => Permission::DELETE, 'title' => 'delete'],
|
||||
['value' => Permissions::GET, 'title' => 'get'],
|
||||
['value' => Permissions::POST, 'title' => 'post'],
|
||||
['value' => Permissions::PUT, 'title' => 'put'],
|
||||
['value' => Permissions::DELETE, 'title' => 'delete'],
|
||||
]);
|
||||
$form->text('permission_mark', '权限标识', true)->verify('required')->placeholder('请输入权限标识controller:action');
|
||||
$form->radio('type', '类型', true)->default(Permission::BTN_TYPE)->options([
|
||||
['value' => Permission::MENU_TYPE, 'title' => '菜单'],
|
||||
['value' => Permission::BTN_TYPE, 'title' => '按钮'],
|
||||
['value' => Permissions::MENU_TYPE, 'title' => '菜单'],
|
||||
['value' => Permissions::BTN_TYPE, 'title' => '按钮'],
|
||||
]);
|
||||
$form->text('sort', '排序')->verify('numberX')->default(1)->placeholder('倒叙排序');
|
||||
$form->formBtn('submitPermission');
|
||||
@ -108,17 +108,17 @@ class Permission extends CatchController
|
||||
$form->select('module', '模块', true)->default($permission->module)->options(CatchAdmin::getModulesInfo());
|
||||
$form->text('route', '路由')->default($permission->route)->placeholder('请输入路由');
|
||||
$form->radio('method', '请求方法', true)->verify('required')->default($permission->method)->options([
|
||||
['value' => Permission::GET, 'title' => 'get'],
|
||||
['value' => Permission::POST, 'title' => 'post'],
|
||||
['value' => Permission::PUT, 'title' => 'put'],
|
||||
['value' => Permission::DELETE, 'title' => 'delete'],
|
||||
['value' => Permissions::GET, 'title' => 'get'],
|
||||
['value' => Permissions::POST, 'title' => 'post'],
|
||||
['value' => Permissions::PUT, 'title' => 'put'],
|
||||
['value' => Permissions::DELETE, 'title' => 'delete'],
|
||||
]);
|
||||
$form->text('permission_mark', '权限标识', true)
|
||||
->default($permission->permission_mark)
|
||||
->verify('required')->placeholder('请输入权限标识controller:action');
|
||||
$form->radio('type', '类型', true)->default($permission->type)->options([
|
||||
['value' => Permission::MENU_TYPE, 'title' => '菜单'],
|
||||
['value' => Permission::BTN_TYPE, 'title' => '按钮'],
|
||||
['value' => Permissions::MENU_TYPE, 'title' => '菜单'],
|
||||
['value' => Permissions::BTN_TYPE, 'title' => '按钮'],
|
||||
]);
|
||||
$form->text('sort', '排序')->verify('numberX')->default($permission->sort)->placeholder('倒叙排序');
|
||||
$form->formBtn('submitPermission');
|
||||
|
||||
@ -9,7 +9,7 @@ use catcher\exceptions\FailedException;
|
||||
use catcher\Tree;
|
||||
use think\response\Json;
|
||||
|
||||
class Roles extends CatchController
|
||||
class Role extends CatchController
|
||||
{
|
||||
protected $role;
|
||||
|
||||
|
||||
@ -32,6 +32,7 @@ class Permissions extends Migrator
|
||||
$table->addColumn('permission_name', 'string',['limit' => 15,'default'=>'','comment'=>'菜单名称'])
|
||||
->addColumn('parent_id', 'integer',['default'=>0,'comment'=>'父级ID', 'signed' => false])
|
||||
->addColumn('route', 'string', ['default' => '', 'comment' => '路由', 'limit' => 50])
|
||||
->addColumn('module', 'string', ['default' => '', 'comment' => '模块', 'limit' => 20])
|
||||
->addColumn('method', 'string', ['default' => 'get', 'comment' => '路由请求方法', 'limit' => 15])
|
||||
->addColumn('permission_mark', 'string', ['null' => false, 'comment' => '权限标识', 'limit' => 50])
|
||||
->addColumn('type', 'integer',['limit' => \Phinx\Db\Adapter\MysqlAdapter::INT_TINY,'default'=> 1,'comment'=>'1 菜单 2 按钮'])
|
||||
|
||||
@ -35,6 +35,8 @@ trait HasRolesTrait
|
||||
return true;
|
||||
}
|
||||
|
||||
sort($roles);
|
||||
|
||||
return $this->roles()->attach($roles);
|
||||
}
|
||||
|
||||
|
||||
@ -11,6 +11,7 @@ class Permissions extends CatchModel
|
||||
'id', //
|
||||
'permission_name', // 菜单名称
|
||||
'parent_id', // 父级ID
|
||||
'module', // 模块
|
||||
'route', // 路由
|
||||
'method', // 请求方法
|
||||
'permission_mark', // 权限标识
|
||||
@ -39,6 +40,9 @@ class Permissions extends CatchModel
|
||||
$query->where('parent_id', $search['id'])
|
||||
->whereOr('id', $search['id']);
|
||||
})
|
||||
->when($search['permission_ids'] ?? false, function ($query) use ($search){
|
||||
$query->whereIn('id', $search['permission_ids']);
|
||||
})
|
||||
->order('sort', 'desc')
|
||||
->order('id', 'desc')
|
||||
->select()
|
||||
|
||||
@ -66,17 +66,19 @@ class Roles extends CatchModel
|
||||
/**
|
||||
*
|
||||
* @time 2019年12月08日
|
||||
* @param array $roles
|
||||
* @param array $permissions
|
||||
* @return mixed
|
||||
* @throws \think\db\exception\DbException
|
||||
*/
|
||||
public function attach(array $roles)
|
||||
public function attach(array $permissions)
|
||||
{
|
||||
if (empty($roles)) {
|
||||
if (empty($permissions)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $this->permissions()->attach($roles);
|
||||
sort($permissions);
|
||||
|
||||
return $this->permissions()->attach($permissions);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
<?php
|
||||
// 角色
|
||||
$router->resource('role', '\catchAdmin\permissions\controller\Roles');
|
||||
$router->resource('role', '\catchAdmin\permissions\controller\Role');
|
||||
// 角色列表
|
||||
$router->get('roles', '\catchAdmin\permissions\controller\Roles/list');
|
||||
$router->get('/role/get/permissions', '\catchAdmin\permissions\controller\Roles/getPermissions');
|
||||
$router->get('roles', '\catchAdmin\permissions\controller\Role@list');
|
||||
$router->get('/role/get/permissions', '\catchAdmin\permissions\controller\Role@getPermissions');
|
||||
|
||||
// 权限
|
||||
$router->resource('permission', '\catchAdmin\permissions\controller\Permissions');
|
||||
$router->resource('permission', '\catchAdmin\permissions\controller\Permission');
|
||||
// 权限列表
|
||||
$router->get('permissions', '\catchAdmin\permissions\controller\Permissions/list');
|
||||
$router->get('permissions', '\catchAdmin\permissions\controller\Permission@list');
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user