Startseite Erkunden Hilfe
Registrieren Anmelden
zmcoding
/
station-test-api
Beobachten 1
Favorit hinzufügen 0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: 81b0885f09
Branches Tags
station-test...
/
catch
/
permissions
/
middleware
/
PermissionsMiddleware.php

PermissionsMiddleware.php 3.3 KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 
  1. <?php
    2. 

  2. namespace catchAdmin\permissions\middleware;
    3. 

  3. 

  4. use app\Request;
    5. 

  5. use catchAdmin\permissions\model\Permissions;
    6. 

  6. use catcher\CatchCacheKeys;
    7. 

  7. use catcher\Code;
    8. 

  8. use catcher\exceptions\PermissionForbiddenException;
    9. 

  9. use think\facade\Cache;
    10. 

  10. use catcher\Utils;
    11. 

  11. 

  12. class PermissionsMiddleware
    13. 

  13. {
    14. 

  14.     /**
    15. 

  15.      *
    16. 

  16.      * @time 2019年12月12日
    17. 

  17.      * @param Request $request
    18. 

  18.      * @param \Closure $next
    19. 

  19.      * @return mixed
    20. 

  20.      * @throws \think\db\exception\DataNotFoundException
    21. 

  21.      * @throws \think\db\exception\DbException
    22. 

  22.      * @throws \think\db\exception\ModelNotFoundException
    23. 

  23.      * @throws PermissionForbiddenException
    24. 

  24.      */
    25. 

  25.     public function handle(Request $request, \Closure $next)
    26. 

  26.     {
    27. 

  27.         $rule = $request->rule()->getName();
    28. 

  28. 

  29.         if (!$rule) {
    30. 

  30.             return $next($request);
    31. 

  31.         }
    32. 

  32. 

  33.         // 模块忽略
    34. 

  34.         [$module, $controller, $action] = Utils::parseRule($rule);
    35. 

  35. 

  36.         // toad
    37. 

  37.         if (in_array($module, $this->ignoreModule())) {
    38. 

  38.             return $next($request);
    39. 

  39.         }
    40. 

  40.         // 用户未登录
    41. 

  41.         $user = $request->user();
    42. 

  42.         if (!$user) {
    43. 

  43.             throw new PermissionForbiddenException('Login is invalid', Code::LOST_LOGIN);
    44. 

  44.         }
    45. 

  45.         // 超级管理员
    46. 

  46.         if (Utils::isSuperAdmin()) {
    47. 

  47.             return $next($request);
    48. 

  48.         }
    49. 

  49.         // Get 请求
    50. 

  50.         if ($this->allowGet($request)) {
    51. 

  51.             return $next($request);
    52. 

  52.         }
    53. 

  53.         // 判断权限
    54. 

  54.         $permission = property_exists($request, 'permission') ? $request->permission :
    55. 

  55.                         $this->getPermission($module, $controller, $action);
    56. 

  56. 

  57.         if (!$permission || !in_array($permission->id, Cache::get(CatchCacheKeys::USER_PERMISSIONS . $user->id))) {
    58. 

  58.           throw new PermissionForbiddenException();
    59. 

  59.         }
    60. 

  60. 

  61.         return $next($request);
    62. 

  62.     }
    63. 

  63. 

  64.     /**
    65. 

  65.      *
    66. 

  66.      * @time 2019年12月14日
    67. 

  67.      * @param $module
    68. 

  68.      * @param $controllerName
    69. 

  69.      * @param $action
    70. 

  70.      * @param $request
    71. 

  71.      * @throws \think\db\exception\DataNotFoundException
    72. 

  72.      * @throws \think\db\exception\DbException
    73. 

  73.      * @throws \think\db\exception\ModelNotFoundException
    74. 

  74.      * @return array|bool|\think\Model|null
    75. 

  75.      */
    76. 

  76.     protected function getPermission($module, $controllerName, $action)
    77. 

  77.     {
    78. 

  78.         $permissionMark = sprintf('%s@%s', $controllerName, $action);
    79. 

  79. 

  80.         return Permissions::where('module', $module)->where('permission_mark', $permissionMark)->find();
    81. 

  81.     }
    82. 

  82. 

  83.     /**
    84. 

  84.      * 忽略模块
    85. 

  85.      *
    86. 

  86.      * @time 2020年04月16日
    87. 

  87.      * @return array
    88. 

  88.      */
    89. 

  89.     protected function ignoreModule()
    90. 

  90.     {
    91. 

  91.         return ['login'];
    92. 

  92.     }
    93. 

  93. 

  94.     /**
    95. 

  95.      * 操作日志
    96. 

  96.      *
    97. 

  97.      * @time 2020年04月16日
    98. 

  98.      * @param $creatorId
    99. 

  99.      * @param $permission
    100. 

  100.      * @return void
    101. 

  101.      */
    102. 

  102.     protected function operateEvent($creatorId, $permission)
    103. 

  103.     {
    104. 

  104.         // 操作日志
    105. 

  105.         $permission && event('operateLog', [
    106. 

  106.             'creator_id' => $creatorId,
    107. 

  107.             'permission' => $permission,
    108. 

  108.         ]);
    109. 

  109.     }
    110. 

  110. 

  111.     /**
    112. 

  112.      * get allow
    113. 

  113.      *
    114. 

  114.      * @time 2020年10月12日
    115. 

  115.      * @param $request
    116. 

  116.      * @return bool
    117. 

  117.      * @throws \ReflectionException
    118. 

  118.      */
    119. 

  119.     protected function allowGet($request)
    120. 

  120.     {
    121. 

  121.         if (Utils::isMethodNeedAuth($request->rule()->getName())) {
    122. 

  122.             return false;
    123. 

  123.         }
    124. 

  124. 

  125.         return $request->isGet() && config('catch.permissions.is_allow_get');
    126. 

  126.     }
    127. 

  127. }
    128. 

  128.