2022-08-19 19:48:37 +08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace app\admin\middleware\system;
|
|
|
|
|
|
2023-07-03 10:08:34 +08:00
|
|
|
use app\admin\enums\AdminEnum;
|
|
|
|
|
use app\admin\service\AuthService;
|
2022-11-28 19:11:12 +08:00
|
|
|
use support\View;
|
2022-08-19 19:48:37 +08:00
|
|
|
use app\common\model\system\SystemLog;
|
|
|
|
|
use Psr\SimpleCache\InvalidArgumentException;
|
|
|
|
|
use think\db\exception\DataNotFoundException;
|
|
|
|
|
use think\db\exception\DbException;
|
|
|
|
|
use think\db\exception\ModelNotFoundException;
|
|
|
|
|
use Webman\MiddlewareInterface;
|
|
|
|
|
use Webman\Http\Response;
|
|
|
|
|
use Webman\Http\Request;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 管理员权限
|
|
|
|
|
* @package app\admin\middleware\system
|
|
|
|
|
* @author meystack <
|
|
|
|
|
*/
|
|
|
|
|
class AdminPermissions implements MiddlewareInterface
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 不需要鉴权的方法
|
|
|
|
|
* @var array
|
|
|
|
|
*/
|
2023-06-19 14:32:30 +08:00
|
|
|
protected array $noNeedLogin = [
|
2022-08-19 19:48:37 +08:00
|
|
|
'/Index/index',
|
|
|
|
|
'/Login/index',
|
|
|
|
|
'/Login/logout',
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 校验权限
|
|
|
|
|
* @param Request $request
|
|
|
|
|
* @param callable $handler
|
|
|
|
|
* @return Response
|
|
|
|
|
* @throws DataNotFoundException
|
|
|
|
|
* @throws DbException
|
|
|
|
|
* @throws InvalidArgumentException
|
2022-12-02 11:16:57 +08:00
|
|
|
* @throws ModelNotFoundException|\ReflectionException
|
2022-08-19 19:48:37 +08:00
|
|
|
*/
|
|
|
|
|
public function process(Request $request, callable $handler): Response
|
|
|
|
|
{
|
2023-07-03 10:08:34 +08:00
|
|
|
// 控制器鉴权
|
2022-12-02 11:16:57 +08:00
|
|
|
$app = request()->getApp();
|
2022-08-19 19:48:37 +08:00
|
|
|
$controller = request()->getController();
|
2022-12-02 11:16:57 +08:00
|
|
|
$action = request()->getAction();
|
2023-07-03 10:08:34 +08:00
|
|
|
$method = '/' . $controller . '/' . $action;
|
|
|
|
|
|
|
|
|
|
$AdminLogin = request()->session()->get(AdminEnum::ADMIN_SESSION);
|
2022-08-19 19:48:37 +08:00
|
|
|
if (!isset($AdminLogin['id']) && strtolower($controller) !== 'login') {
|
|
|
|
|
return redirect(url('/login/index'));
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-03 10:08:34 +08:00
|
|
|
// 获取管理员信息
|
|
|
|
|
$request->adminInfo = $AdminLogin;
|
|
|
|
|
$request->adminId = $AdminLogin['id'] ?? 0;
|
|
|
|
|
|
2022-12-02 11:16:57 +08:00
|
|
|
// 获取权限列表
|
|
|
|
|
$class = new \ReflectionClass($request->controller);
|
|
|
|
|
$properties = $class->getDefaultProperties();
|
2023-06-19 14:32:30 +08:00
|
|
|
$this->noNeedLogin = $properties['noNeedLogin'] ?? $this->noNeedLogin;
|
2023-07-03 10:08:34 +08:00
|
|
|
// 开始校验菜单权限
|
|
|
|
|
$authService = AuthService::instance();
|
2023-06-19 14:32:30 +08:00
|
|
|
if (!in_array('*', $this->noNeedLogin)
|
|
|
|
|
&& !in_array(strtolower($method), array_map('strtolower', $this->noNeedLogin))) {
|
2023-07-03 10:08:34 +08:00
|
|
|
$superAdmin = $authService->superAdmin();
|
|
|
|
|
if (!$superAdmin && !$authService->permissions($method, $AdminLogin['id'])) {
|
|
|
|
|
return request()->isAjax() ? json(['code' => 101, 'msg' => '没有权限']) : $this->abortPage('没有权限!', 401);
|
2022-08-19 19:48:37 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-02 11:16:57 +08:00
|
|
|
// 分配当前管理员信息
|
2022-08-19 19:48:37 +08:00
|
|
|
View::assign('app', $app);
|
|
|
|
|
View::assign('controller', $controller);
|
|
|
|
|
View::assign('action', $action);
|
2023-07-03 10:08:34 +08:00
|
|
|
View::assign(AdminEnum::ADMIN_SESSION, $AdminLogin);
|
2022-12-02 11:16:57 +08:00
|
|
|
self::writeAdminRequestLogs();
|
2022-08-19 19:48:37 +08:00
|
|
|
return $handler($request);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 写入后台操作日志
|
|
|
|
|
* @throws InvalidArgumentException
|
|
|
|
|
*/
|
2022-12-02 11:16:57 +08:00
|
|
|
public static function writeAdminRequestLogs()
|
2022-08-19 19:48:37 +08:00
|
|
|
{
|
|
|
|
|
if (saenv('system_logs')) {
|
|
|
|
|
|
|
|
|
|
$actionLogs = [
|
|
|
|
|
'module' => request()->app,
|
|
|
|
|
'controller' => request()->controller,
|
|
|
|
|
'action' => request()->action,
|
|
|
|
|
'params' => serialize(request()->all()),
|
|
|
|
|
'method' => request()->method(),
|
|
|
|
|
'code' => 200,
|
|
|
|
|
'url' => request()->url(),
|
2022-08-23 11:11:42 +08:00
|
|
|
'ip' => request()->getRealIp(),
|
2022-08-19 19:48:37 +08:00
|
|
|
'name' => session('AdminLogin.name'),
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
if (empty($actionLogs['name'])) {
|
|
|
|
|
$actionLogs['name'] = 'system';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$actionLogs['type'] = 2;
|
|
|
|
|
SystemLog::write($actionLogs);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 错误页面
|
|
|
|
|
* @param int $code
|
|
|
|
|
* @param string $msg
|
|
|
|
|
* @return \support\Response
|
|
|
|
|
*/
|
|
|
|
|
public function abortPage(string $msg = '', int $code = 404): Response
|
|
|
|
|
{
|
|
|
|
|
$exception = config('app.exception_template');
|
|
|
|
|
if (isset($exception[$code])) {
|
|
|
|
|
$template = @file_get_contents($exception[$code]);
|
|
|
|
|
} else {
|
|
|
|
|
$template = $msg;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return \response($template, $code);
|
|
|
|
|
}
|
|
|
|
|
}
|
