分离日志操作权限

2020-05-06 17:40:51 +08:00 · 2020-05-06 17:40:51 +08:00 · 98c99e05f3
commit 98c99e05f3
parent 339f441d4f
2 changed files with 82 additions and 29 deletions
--- a/catch/permissions/PermissionsMiddleware.php
+++ b/catch/permissions/PermissionsMiddleware.php
@ -7,7 +7,7 @@ use catcher\CatchCacheKeys;
 use catcher\Code;
 use catcher\exceptions\PermissionForbiddenException;
 use think\facade\Cache;
-use think\helper\Str;
+use catcher\Utils;

 class PermissionsMiddleware
 {
@ -29,8 +29,9 @@ class PermissionsMiddleware
        if (!$rule) {
            return $next($request);
        }
+
        // 模块忽略
-        [$module, $controller, $action] = $this->parseRule($rule);
+        [$module, $controller, $action] = Utils::parseRule($rule);
        // toad
        if (in_array($module, $this->ignoreModule())) {
            return $next($request);
@ -40,10 +41,6 @@ class PermissionsMiddleware
        if (!$user) {
            throw new PermissionForbiddenException('Login is invalid', Code::LOST_LOGIN);
        }
-        //dd($this->parseRule($rule));
-        $permission = $this->getPermission($module, $controller, $action);
-        // 记录操作
-        $this->operateEvent($request->user()->id, $permission);
        // 超级管理员
        if ($request->user()->id === config('catch.permissions.super_admin_id')) {
            return $next($request);
@ -52,6 +49,9 @@ class PermissionsMiddleware
        if ($request->isGet() && config('catch.permissions.is_allow_get')) {
            return $next($request);
        }
+        // 判断权限
+        $permission = property_exists($request, 'permission') ? $request->permission :
+                        $this->getPermission($module, $controller, $action);

        if (!$permission || !in_array($permission->id, Cache::get(CatchCacheKeys::USER_PERMISSIONS . $user->id))) {
          throw new PermissionForbiddenException();
@ -60,29 +60,6 @@ class PermissionsMiddleware
        return $next($request);
    }

-    /**
-     * 解析规则
-     *
-     * @time 2020年04月16日
-     * @param $rule
-     * @return array
-     */
-    protected function parseRule($rule)
-    {
-        [$controller, $action] = explode(Str::contains($rule, '@') ? '@' : '/', $rule);
-
-        $controller = explode('\\', $controller);
-
-        $controllerName = strtolower(array_pop($controller));
-
-        array_pop($controller);
-
-        $module = array_pop($controller);
-
-        return [$module, $controllerName, $action];
-    }
-
-
    /**
     *
     * @time 2019年12月14日
--- a/catch/permissions/RecordOperateMiddleware.php
+++ b/catch/permissions/RecordOperateMiddleware.php
@ -0,0 +1,76 @@
+<?php
+namespace catchAdmin\permissions;
+
+use app\Request;
+use catchAdmin\permissions\model\Permissions;
+use catcher\CatchCacheKeys;
+use catcher\Code;
+use catcher\exceptions\PermissionForbiddenException;
+use think\facade\Cache;
+use catcher\Utils;
+
+class RecordOperateMiddleware
+{
+    /**
+     *
+     * @time 2019年12月12日
+     * @param Request $request
+     * @param \Closure $next
+     * @return mixed
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @throws PermissionForbiddenException
+     */
+    public function handle(Request $request, \Closure $next)
+    {
+        $rule = $request->rule()->getName();
+
+        // 模块忽略
+        [$module, $controller, $action] = Utils::parseRule($rule);
+
+        $permission = $this->getPermission($module, $controller, $action);
+
+        $this->operateEvent($request->user()->id, $permission);
+
+        // 将权限带入
+        $request->permission  = $permission;
+        return $next($request);
+    }
+
+    /**
+     *
+     * @time 2019年12月14日
+     * @param $module
+     * @param $controllerName
+     * @param $action
+     * @param $request
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @return array|bool|\think\Model|null
+     */
+    protected function getPermission($module, $controllerName, $action)
+    {
+        $permissionMark = sprintf('%s@%s', $controllerName, $action);
+
+        return Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();
+    }
+
+    /**
+     * 操作日志
+     *
+     * @time 2020年04月16日
+     * @param $creatorId
+     * @param $permission
+     * @return void
+     */
+    protected function operateEvent($creatorId, $permission)
+    {
+        // 操作日志
+        $permission && event('operateLog', [
+            'creator_id' => $creatorId,
+            'permission' => $permission,
+        ]);
+    }
+}