50 lines
1.7 KiB
PHP
50 lines
1.7 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
namespace app\middleware;
|
||
|
|
|
||
|
|
use Closure;
|
||
|
|
use app\model\AuthRule;
|
||
|
|
use tauthz\facade\Enforcer;
|
||
|
|
use think\facade\Cache;
|
||
|
|
|
||
|
|
class Auth
|
||
|
|
{
|
||
|
|
public function handle($request, Closure $next)
|
||
|
|
{
|
||
|
|
$auth = session('auth');
|
||
|
|
if (!$auth) {
|
||
|
|
return redirect(url('manager.login/index'));
|
||
|
|
}
|
||
|
|
|
||
|
|
$module = 'manager';
|
||
|
|
$controller = unCamelize(request()->controller());
|
||
|
|
$controller = str_replace($module.'.', '', $controller);
|
||
|
|
$controller = str_replace('.', '/', $controller);//兼容多层级目录 如 /manager/test/article/index
|
||
|
|
$action = unCamelize(request()->action());
|
||
|
|
$roles = Enforcer::getRolesForUser($auth['user_id']);
|
||
|
|
// $per = Enforcer::getPermissionsForUser($roles[0]);
|
||
|
|
// var_dump($controller);
|
||
|
|
// var_dump($action);
|
||
|
|
// var_dump($roles);
|
||
|
|
// var_dump($per);
|
||
|
|
// exit;
|
||
|
|
// return $next($request);//暂时停用权限校验
|
||
|
|
// var_dump($controller);
|
||
|
|
// var_dump($action);
|
||
|
|
// var_dump(Enforcer::hasPermissionForUser(1, $controller, 'group-make'));exit;
|
||
|
|
|
||
|
|
foreach ($roles as $role) {
|
||
|
|
// TODO 关注批量权限检测是否可用
|
||
|
|
//只需要有一个角色具有权限就放通 此处第一个参数不是用户 而是 角色 此方法是检测用户|角色是否具有某个权限的公用方法
|
||
|
|
if (Enforcer::hasPermissionForUser($role, $controller, $action)) {
|
||
|
|
return $next($request);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
if (request()->isAjax()) {
|
||
|
|
return json(['code' => 4001, 'msg' => '没有权限']);
|
||
|
|
} else {
|
||
|
|
return view('/manager/error/jump')->assign('msg', '很抱歉,您还没有权限,请联系管理员开通!');
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|