0b2/catchAdmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改权限

Browse Source
This commit is contained in:
wuyanwen 2020-01-17 11:29:33 +08:00
parent 04d942c7db
commit f427efd2c8
2 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
catch/permissions/PermissionsMiddleware.php
View File

@ -3,8 +3,10 @@ namespace catchAdmin\permissions;
use app\Request; use app\Request;
use catchAdmin\permissions\model\Permissions; use catchAdmin\permissions\model\Permissions;
use catcher\CatchCacheKeys;
use catcher\Code; use catcher\Code;
use catcher\exceptions\PermissionForbiddenException; use catcher\exceptions\PermissionForbiddenException;
use think\facade\Cache;
use think\helper\Str; use think\helper\Str;
class PermissionsMiddleware class PermissionsMiddleware
@ -22,7 +24,7 @@ class PermissionsMiddleware
*/ */
public function handle(Request $request, \Closure $next) public function handle(Request $request, \Closure $next)
{ {
$rule = $rule = $request->rule()->getName(); $rule = $request->rule()->getName();
if (!$rule) { if (!$rule) {
return $next($request); return $next($request);
@ -34,16 +36,23 @@ class PermissionsMiddleware
return $next($request); return $next($request);
} }
if (!$request->user()) { $user = $request->user();
if (!$user) {
throw new PermissionForbiddenException('Login is invalid', Code::LOST_LOGIN); throw new PermissionForbiddenException('Login is invalid', Code::LOST_LOGIN);
} }
// toad // toad
if (($permission = $this->getPermission($module, $controller, $action, $request)) $permission = $this->getPermission($module, $controller, $action);
&& !in_array($permission->id, $request->user()->getPermissionsBy())) { if (!$permission || !in_array($permission->id, Cache::get(CatchCacheKeys::USER_PERMISSIONS . $user->id))) {
throw new PermissionForbiddenException(); throw new PermissionForbiddenException();
} }
// 操作日志
event('operateLog', [
'request' => $request,
'permission' => $permission,
]);
return $next($request); return $next($request);
} }
@ -75,20 +84,12 @@ class PermissionsMiddleware
* @throws \think\db\exception\ModelNotFoundException * @throws \think\db\exception\ModelNotFoundException
* @return array|bool|\think\Model|null * @return array|bool|\think\Model|null
*/ */
protected function getPermission($module, $controllerName, $action, $request) protected function getPermission($module, $controllerName, $action)
{ {
$permissionMark = sprintf('%s:%s', $controllerName, $action); $permissionMark = sprintf('%s:%s', $controllerName, $action);
$permission = Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find(); $permission = Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();
if (!$permission) {
return false;
}
event('operateLog', [
'request' => $request,
'permission' => $permission,
]);
return $permission; return $permission;
} }

9
catch/permissions/model/Permissions.php
View File

@ -54,14 +54,15 @@ class Permissions extends CatchModel
* 获取当前用户权限 * 获取当前用户权限
* *
* @time 2020年01月14日 * @time 2020年01月14日
* @throws \think\db\exception\DataNotFoundException * @param array $permissionIds
* @return \think\Collection
* @throws \think\db\exception\DbException * @throws \think\db\exception\DbException
* @throws \think\db\exception\ModelNotFoundException * @throws \think\db\exception\ModelNotFoundException
* @return \think\Collection * @throws \think\db\exception\DataNotFoundException
*/ */
public static function getCurrentUserPermissions(): \think\Collection public static function getCurrentUserPermissions(array $permissionIds): \think\Collection
{ {
return parent::whereIn('id', request()->user()->getPermissionsBy()) return parent::whereIn('id', $permissionIds)
->field(['permission_name as title', 'route', 'icon']) ->field(['permission_name as title', 'route', 'icon'])
->select(); ->select();
} }