修改权限路由
This commit is contained in:
wuyanwen
parent
2d6d074d94
commit
e3ececc277
@ -21,12 +21,24 @@ class PermissionsMiddleware
|
|||||||
*/
|
*/
|
||||||
public function handle(Request $request, \Closure $next)
|
public function handle(Request $request, \Closure $next)
|
||||||
{
|
{
|
||||||
|
$rule = $rule = $request->rule()->getName();
|
||||||
|
|
||||||
|
if (!$rule) {
|
||||||
|
return $next($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
[$module, $controller, $action] = $this->parseRule($rule);
|
||||||
|
|
||||||
|
if (in_array($module, $this->ignoreModule())) {
|
||||||
|
return $next($request);
|
||||||
|
}
|
||||||
|
|
||||||
if (!$request->user()) {
|
if (!$request->user()) {
|
||||||
throw new PermissionForbiddenException('Login is invalid', 10006);
|
throw new PermissionForbiddenException('Login is invalid', 10006);
|
||||||
}
|
}
|
||||||
|
|
||||||
// toad
|
// toad
|
||||||
if (($permission = $this->getPermission($request))
|
if (($permission = $this->getPermission($module, $controller, $action, $request))
|
||||||
&& !in_array($permission->id, $request->user()->getPermissionsBy())) {
|
&& !in_array($permission->id, $request->user()->getPermissionsBy())) {
|
||||||
throw new PermissionForbiddenException();
|
throw new PermissionForbiddenException();
|
||||||
}
|
}
|
||||||
@ -34,24 +46,8 @@ class PermissionsMiddleware
|
|||||||
return $next($request);
|
return $next($request);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
protected function parseRule($rule)
|
||||||
*
|
|
||||||
* @time 2019年12月12日
|
|
||||||
* @param $request
|
|
||||||
* @return array|bool|\think\Model|null
|
|
||||||
* @throws \think\db\exception\DbException
|
|
||||||
* @throws \think\db\exception\ModelNotFoundException
|
|
||||||
* @throws PermissionForbiddenException
|
|
||||||
* @throws \think\db\exception\DataNotFoundException
|
|
||||||
*/
|
|
||||||
protected function getPermission(Request $request)
|
|
||||||
{
|
{
|
||||||
$rule = $request->rule()->getName();
|
|
||||||
// 不再权限范围内的 直接返回
|
|
||||||
if (!$rule) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
[$controller, $action] = explode(Str::contains($rule, '@') ? '@' : '/', $rule);
|
[$controller, $action] = explode(Str::contains($rule, '@') ? '@' : '/', $rule);
|
||||||
|
|
||||||
$controller = explode('\\', $controller);
|
$controller = explode('\\', $controller);
|
||||||
@ -61,6 +57,25 @@ class PermissionsMiddleware
|
|||||||
array_pop($controller);
|
array_pop($controller);
|
||||||
|
|
||||||
$module = array_pop($controller);
|
$module = array_pop($controller);
|
||||||
|
|
||||||
|
return [$module, $controllerName, $action];
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @time 2019年12月14日
|
||||||
|
* @param $module
|
||||||
|
* @param $controllerName
|
||||||
|
* @param $action
|
||||||
|
* @param $request
|
||||||
|
* @throws \think\db\exception\DataNotFoundException
|
||||||
|
* @throws \think\db\exception\DbException
|
||||||
|
* @throws \think\db\exception\ModelNotFoundException
|
||||||
|
* @return array|bool|\think\Model|null
|
||||||
|
*/
|
||||||
|
protected function getPermission($module, $controllerName, $action, $request)
|
||||||
|
{
|
||||||
$permissionMark = sprintf('%s:%s', $controllerName, $action);
|
$permissionMark = sprintf('%s:%s', $controllerName, $action);
|
||||||
$permission = Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();
|
$permission = Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();
|
||||||
|
|
||||||
@ -73,6 +88,11 @@ class PermissionsMiddleware
|
|||||||
'permission' => $permission,
|
'permission' => $permission,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
return $permission;
|
return $permission;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function ignoreModule()
|
||||||
|
{
|
||||||
|
return ['login'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Loading…
x
Reference in New Issue
Block a user