<?php

namespace app\middleware;

use Closure;
use app\model\AuthRule;
use tauthz\facade\Enforcer;
use think\facade\Cache;

class Auth
{
    public function handle($request, Closure $next)
    {
        $auth = session('auth');
        if (!$auth) {
            return redirect(url('manager.login/index'));
        }

        $module = 'manager';
        $controller = unCamelize(request()->controller());
        $controller = str_replace($module.'.', '', $controller);
        $controller = str_replace('.', '/', $controller);//兼容多层级目录  如 /manager/test/article/index
        $action     = unCamelize(request()->action());
        $roles = Enforcer::getRolesForUser($auth['user_id']);
//        $per = Enforcer::getPermissionsForUser($roles[0]);
//        var_dump($controller);
//        var_dump($action);
//        var_dump($roles);
//        var_dump($per);
//        exit;
//        return $next($request);//暂时停用权限校验
//        var_dump($controller);
//        var_dump($action);
//        var_dump(Enforcer::hasPermissionForUser(1, $controller, 'group-make'));exit;

        foreach ($roles as $role) {
            // TODO 关注批量权限检测是否可用
            //只需要有一个角色具有权限就放通 此处第一个参数不是用户 而是 角色 此方法是检测用户|角色是否具有某个权限的公用方法
            if (Enforcer::hasPermissionForUser($role, $controller, $action)) {
                return $next($request);
            }
        }

        if (request()->isAjax()) {
            return json(['code' => 4001, 'msg' => '没有权限']);
        } else {
            return view('/manager/error/jump')->assign('msg', '很抱歉,您还没有权限,请联系管理员开通!');
        }
    }
}