0b2/catchAdmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

分离日志操作权限

Browse Source
This commit is contained in:
JaguarJack 2020-05-06 17:40:51 +08:00
parent 339f441d4f
commit 98c99e05f3
2 changed files with 82 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
catch/permissions/PermissionsMiddleware.php
View File

@ -7,7 +7,7 @@ use catcher\CatchCacheKeys;
use catcher\Code; use catcher\Code;
use catcher\exceptions\PermissionForbiddenException; use catcher\exceptions\PermissionForbiddenException;
use think\facade\Cache; use think\facade\Cache;
use think\helper\Str; use catcher\Utils;
class PermissionsMiddleware class PermissionsMiddleware
{ {
@ -29,8 +29,9 @@ class PermissionsMiddleware
if (!$rule) { if (!$rule) {
return $next($request); return $next($request);
} }
// 模块忽略 // 模块忽略
[$module, $controller, $action] = $this->parseRule($rule); [$module, $controller, $action] = Utils::parseRule($rule);
// toad // toad
if (in_array($module, $this->ignoreModule())) { if (in_array($module, $this->ignoreModule())) {
return $next($request); return $next($request);
@ -40,10 +41,6 @@ class PermissionsMiddleware
if (!$user) { if (!$user) {
throw new PermissionForbiddenException('Login is invalid', Code::LOST_LOGIN); throw new PermissionForbiddenException('Login is invalid', Code::LOST_LOGIN);
} }
//dd($this->parseRule($rule));
$permission = $this->getPermission($module, $controller, $action);
// 记录操作
$this->operateEvent($request->user()->id, $permission);
// 超级管理员 // 超级管理员
if ($request->user()->id === config('catch.permissions.super_admin_id')) { if ($request->user()->id === config('catch.permissions.super_admin_id')) {
return $next($request); return $next($request);
@ -52,6 +49,9 @@ class PermissionsMiddleware
if ($request->isGet() && config('catch.permissions.is_allow_get')) { if ($request->isGet() && config('catch.permissions.is_allow_get')) {
return $next($request); return $next($request);
} }
// 判断权限
$permission = property_exists($request, 'permission') ? $request->permission :
$this->getPermission($module, $controller, $action);
if (!$permission || !in_array($permission->id, Cache::get(CatchCacheKeys::USER_PERMISSIONS . $user->id))) { if (!$permission || !in_array($permission->id, Cache::get(CatchCacheKeys::USER_PERMISSIONS . $user->id))) {
throw new PermissionForbiddenException(); throw new PermissionForbiddenException();
@ -60,29 +60,6 @@ class PermissionsMiddleware
return $next($request); return $next($request);
} }
/**
* 解析规则
*
* @time 2020年04月16日
* @param $rule
* @return array
*/
protected function parseRule($rule)
{
[$controller, $action] = explode(Str::contains($rule, '@') ? '@' : '/', $rule);
$controller = explode('\\', $controller);
$controllerName = strtolower(array_pop($controller));
array_pop($controller);
$module = array_pop($controller);
return [$module, $controllerName, $action];
}
/** /**
* *
* @time 2019年12月14日 * @time 2019年12月14日

76
catch/permissions/RecordOperateMiddleware.php Normal file
View File

@ -0,0 +1,76 @@
<?php
namespace catchAdmin\permissions;
use app\Request;
use catchAdmin\permissions\model\Permissions;
use catcher\CatchCacheKeys;
use catcher\Code;
use catcher\exceptions\PermissionForbiddenException;
use think\facade\Cache;
use catcher\Utils;
class RecordOperateMiddleware
{
/**
*
* @time 2019年12月12日
* @param Request $request
* @param \Closure $next
* @return mixed
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\DbException
* @throws \think\db\exception\ModelNotFoundException
* @throws PermissionForbiddenException
*/
public function handle(Request $request, \Closure $next)
{
$rule = $request->rule()->getName();
// 模块忽略
[$module, $controller, $action] = Utils::parseRule($rule);
$permission = $this->getPermission($module, $controller, $action);
$this->operateEvent($request->user()->id, $permission);
// 将权限带入
$request->permission = $permission;
return $next($request);
}
/**
*
* @time 2019年12月14日
* @param $module
* @param $controllerName
* @param $action
* @param $request
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\DbException
* @throws \think\db\exception\ModelNotFoundException
* @return array|bool|\think\Model|null
*/
protected function getPermission($module, $controllerName, $action)
{
$permissionMark = sprintf('%s@%s', $controllerName, $action);
return Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();
}
/**
* 操作日志
*
* @time 2020年04月16日
* @param $creatorId
* @param $permission
* @return void
*/
protected function operateEvent($creatorId, $permission)
{
// 操作日志
$permission && event('operateLog', [
'creator_id' => $creatorId,
'permission' => $permission,
]);
}
}