修改权限路由

2019-12-14 22:54:41 +08:00 · 2019-12-14 22:54:41 +08:00 · e3ececc277
commit e3ececc277
parent 2d6d074d94
1 changed files with 39 additions and 19 deletions
--- a/catchAdmin/permissions/PermissionsMiddleware.php
+++ b/catchAdmin/permissions/PermissionsMiddleware.php
@ -21,12 +21,24 @@ class PermissionsMiddleware
     */
    public function handle(Request $request, \Closure $next)
    {
+        $rule = $rule = $request->rule()->getName();
+
+        if (!$rule) {
+            return $next($request);
+        }
+
+        [$module, $controller, $action] = $this->parseRule($rule);
+
+        if (in_array($module, $this->ignoreModule())) {
+            return $next($request);
+        }
+
        if (!$request->user()) {
            throw new PermissionForbiddenException('Login is invalid', 10006);
        }

       // toad
-        if (($permission = $this->getPermission($request))
+        if (($permission = $this->getPermission($module, $controller, $action, $request))
            && !in_array($permission->id, $request->user()->getPermissionsBy())) {
              throw new PermissionForbiddenException();
        }
@ -34,24 +46,8 @@ class PermissionsMiddleware
        return $next($request);
    }

-    /**
-     *
-     * @time 2019年12月12日
-     * @param $request
-     * @return array|bool|\think\Model|null
-     * @throws \think\db\exception\DbException
-     * @throws \think\db\exception\ModelNotFoundException
-     * @throws PermissionForbiddenException
-     * @throws \think\db\exception\DataNotFoundException
-     */
-    protected function getPermission(Request $request)
+    protected function parseRule($rule)
    {
-        $rule = $request->rule()->getName();
-        // 不再权限范围内的 直接返回
-        if (!$rule) {
-            return false;
-        }
-
        [$controller, $action] = explode(Str::contains($rule, '@') ? '@' : '/', $rule);

        $controller = explode('\\', $controller);
@ -61,6 +57,25 @@ class PermissionsMiddleware
        array_pop($controller);

        $module = array_pop($controller);
+
+        return [$module, $controllerName, $action];
+    }
+
+
+    /**
+     *
+     * @time 2019年12月14日
+     * @param $module
+     * @param $controllerName
+     * @param $action
+     * @param $request
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @return array|bool|\think\Model|null
+     */
+    protected function getPermission($module, $controllerName, $action, $request)
+    {
        $permissionMark = sprintf('%s:%s', $controllerName, $action);
        $permission = Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();

@ -75,4 +90,9 @@ class PermissionsMiddleware

        return $permission;
    }
+
+    protected function ignoreModule()
+    {
+        return ['login'];
+    }
 }