修改权限
This commit is contained in:
wuyanwen
parent
04d942c7db
commit
f427efd2c8
@ -3,8 +3,10 @@ namespace catchAdmin\permissions;
|
||||
|
||||
use app\Request;
|
||||
use catchAdmin\permissions\model\Permissions;
|
||||
use catcher\CatchCacheKeys;
|
||||
use catcher\Code;
|
||||
use catcher\exceptions\PermissionForbiddenException;
|
||||
use think\facade\Cache;
|
||||
use think\helper\Str;
|
||||
|
||||
class PermissionsMiddleware
|
||||
@ -22,7 +24,7 @@ class PermissionsMiddleware
|
||||
*/
|
||||
public function handle(Request $request, \Closure $next)
|
||||
{
|
||||
$rule = $rule = $request->rule()->getName();
|
||||
$rule = $request->rule()->getName();
|
||||
|
||||
if (!$rule) {
|
||||
return $next($request);
|
||||
@ -34,16 +36,23 @@ class PermissionsMiddleware
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
if (!$request->user()) {
|
||||
$user = $request->user();
|
||||
if (!$user) {
|
||||
throw new PermissionForbiddenException('Login is invalid', Code::LOST_LOGIN);
|
||||
}
|
||||
|
||||
// toad
|
||||
if (($permission = $this->getPermission($module, $controller, $action, $request))
|
||||
&& !in_array($permission->id, $request->user()->getPermissionsBy())) {
|
||||
$permission = $this->getPermission($module, $controller, $action);
|
||||
if (!$permission || !in_array($permission->id, Cache::get(CatchCacheKeys::USER_PERMISSIONS . $user->id))) {
|
||||
throw new PermissionForbiddenException();
|
||||
}
|
||||
|
||||
// 操作日志
|
||||
event('operateLog', [
|
||||
'request' => $request,
|
||||
'permission' => $permission,
|
||||
]);
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
@ -75,20 +84,12 @@ class PermissionsMiddleware
|
||||
* @throws \think\db\exception\ModelNotFoundException
|
||||
* @return array|bool|\think\Model|null
|
||||
*/
|
||||
protected function getPermission($module, $controllerName, $action, $request)
|
||||
protected function getPermission($module, $controllerName, $action)
|
||||
{
|
||||
$permissionMark = sprintf('%s:%s', $controllerName, $action);
|
||||
|
||||
$permission = Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();
|
||||
|
||||
if (!$permission) {
|
||||
return false;
|
||||
}
|
||||
|
||||
event('operateLog', [
|
||||
'request' => $request,
|
||||
'permission' => $permission,
|
||||
]);
|
||||
|
||||
return $permission;
|
||||
}
|
||||
|
||||
|
||||
@ -54,14 +54,15 @@ class Permissions extends CatchModel
|
||||
* 获取当前用户权限
|
||||
*
|
||||
* @time 2020年01月14日
|
||||
* @throws \think\db\exception\DataNotFoundException
|
||||
* @param array $permissionIds
|
||||
* @return \think\Collection
|
||||
* @throws \think\db\exception\DbException
|
||||
* @throws \think\db\exception\ModelNotFoundException
|
||||
* @return \think\Collection
|
||||
* @throws \think\db\exception\DataNotFoundException
|
||||
*/
|
||||
public static function getCurrentUserPermissions(): \think\Collection
|
||||
public static function getCurrentUserPermissions(array $permissionIds): \think\Collection
|
||||
{
|
||||
return parent::whereIn('id', request()->user()->getPermissionsBy())
|
||||
return parent::whereIn('id', $permissionIds)
|
||||
->field(['permission_name as title', 'route', 'icon'])
|
||||
->select();
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user