panxiang/swiftadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 重构权限服务类

Browse Source
This commit is contained in:
Ying
2023-07-03 10:08:34 +08:00
parent 8becf0ef36
commit 4e377def8d
42 changed files with 1679 additions and 1524 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
app/admin/service/AdminGroupService.php Normal file
View File

@@ -0,0 +1,169 @@
<?php
declare (strict_types=1);
// +----------------------------------------------------------------------
// | swiftAdmin 极速开发框架 [基于WebMan开发]
// +----------------------------------------------------------------------
// | Copyright (c) 2020-2030 http://www.swiftadmin.net
// +----------------------------------------------------------------------
// | swiftAdmin.net High Speed Development Framework
// +----------------------------------------------------------------------
// | Author: meystack <coolsec@foxmail.com> Apache 2.0 License
// +----------------------------------------------------------------------
namespace app\admin\service;
use app\admin\enums\AdminEnum;
use app\common\exception\OperateException;
use app\common\model\system\AdminGroup as AdminGroupModel;
use think\db\exception\DataNotFoundException;
use think\db\exception\DbException;
use think\db\exception\ModelNotFoundException;
use think\facade\Db;
/**
* 管理员角色服务
* Class AdminGroupService
*/
class AdminGroupService
{
/**
* 获取管理员列表
* @param array $params
* @return array
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public static function dataList(array $params = []): array
{
$page = $params['page'] ?? 1;
$limit = $params['limit'] ?? 10;
$where = [];
if (!empty($param['title'])) {
$where[] = ['title', 'like', '%' . $param['title'] . '%'];
}
if (!empty($param['alias'])) {
$where[] = ['alias', 'like', '%' . $param['alias'] . '%'];
}
if (!empty($param['content'])) {
$where[] = ['content', 'like', '%' . $param['content'] . '%'];
}
$model = new AdminGroupModel();
// 查询数据
$count = $model->where($where)->count();
$page = ($count <= $limit) ? 1 : $page;
$list = $model->where($where)->order("id asc")->limit($limit)->page($page)->select()->toArray();
return [$count, $list];
}
/**
* @param array $params
* @return bool
* @throws OperateException
*/
public static function add(array $params = []): bool
{
$model = new AdminGroupModel();
$where[] = ['title', '=', $params['title']];
$where[] = ['alias', '=', $params['alias']];
$result = $model->whereOr($where)->findOrEmpty()->toArray();
if (!empty($result)) {
throw new OperateException('该角色名称或角色别名已被注册');
}
Db::startTrans();
try {
$model->create($params);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
throw new OperateException($e->getMessage());
}
return true;
}
/**
* 编辑管理员
* @param array $params
* @return bool
* @throws OperateException
*/
public static function edit(array $params): bool
{
$model = new AdminGroupModel();
$where[] = ['title', '=', $params['title']];
$where[] = ['alias', '=', $params['alias']];
$result = $model->whereOr($where)->findOrEmpty()->toArray();
if (!empty($result) && $result['id'] != $params['id']) {
throw new OperateException('该角色名称或角色别名已被注册');
}
Db::startTrans();
try {
$model->update($params);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
throw new OperateException($e->getMessage());
}
return true;
}
/**
* 编辑角色权限
* @param int $id
* @param array $rules
* @return bool
* @throws OperateException
*/
public static function editRules(int $id, array $rules = []): bool
{
$authService = AuthService::instance();
if (!$authService->checkRuleOrCateNodes($rules, AdminEnum::ADMIN_AUTH_RULES)) {
throw new OperateException('没有权限!');
}
Db::startTrans();
try {
$rules = implode(',', $rules);
AdminGroupModel::update(['rules' => $rules], ['id' => $id]);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
throw new OperateException($e->getMessage());
}
return true;
}
/**
* 编辑角色权限
* @param int $id
* @param array $cates
* @return bool
* @throws OperateException
*/
public static function editCates(int $id, array $cates = []): bool
{
$authService = AuthService::instance();
if (!$authService->checkRuleOrCateNodes($cates, AdminEnum::ADMIN_AUTH_CATES)) {
throw new OperateException('没有权限!');
}
Db::startTrans();
try {
$cates = implode(',', $cates);
AdminGroupModel::update(['cates' => $cates], ['id' => $id]);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
throw new OperateException($e->getMessage());
}
return true;
}
}

176
app/admin/service/AdminNoticeService.php Normal file
View File

@@ -0,0 +1,176 @@
<?php
declare (strict_types=1);
// +----------------------------------------------------------------------
// | swiftAdmin 极速开发框架 [基于WebMan开发]
// +----------------------------------------------------------------------
// | Copyright (c) 2020-2030 http://www.swiftadmin.net
// +----------------------------------------------------------------------
// | swiftAdmin.net High Speed Development Framework
// +----------------------------------------------------------------------
// | Author: meystack <coolsec@foxmail.com> Apache 2.0 License
// +----------------------------------------------------------------------
namespace app\admin\service;
use app\admin\enums\AdminNoticeEnum;
use app\common\exception\OperateException;
use app\common\model\system\AdminNotice;
use think\db\exception\DataNotFoundException;
use think\db\exception\DbException;
use think\db\exception\ModelNotFoundException;
use Webman\Event\Event;
class AdminNoticeService
{
/**
* 获取消息列表
* @param int $adminId
* @return array
* @throws DbException
*/
public static function dataList(int $adminId): array
{
$type = input('type', AdminNoticeEnum::TODO);
$page = input('page', 1);
$limit = input('limit', 10);
$title = input('title', '');
if ($type == 'send') {
$where[] = ['type', '=', AdminNoticeEnum::MESSAGE];
$where[] = ['send_id', '=', $adminId];
} else {
$where[] = ['type', '=', $type];
$where[] = ['admin_id', '=', $adminId];
}
$status = input('status', 'all');
if ($status !== 'all') {
$where[] = ['status', '=', $status];
}
if (!empty($title)) {
$where[] = ['title', 'like', '%' . $title . '%'];
}
$count = AdminNotice::where($where)->count();
$list = AdminNotice::with(['admin'])->where($where)
->order('id', 'desc')
->limit((int)$limit)
->page((int)$page)
->select()->toArray();
return [$count, $list];
}
/**
* 获取管理员通知列表
* @param int $adminId
* @return array
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public static function bells(int $adminId): array
{
$collection = AdminNoticeEnum::COLLECTION;
foreach ($collection as $item) {
$where = [
['type', '=', $item],
['admin_id', '=', $adminId],
];
$count[$item] = AdminNotice::where($where)->where('status', 0)->count();
$list[$item] = AdminNotice::with(['admin'])->withoutField('content')->where($where)->limit(3)->order('id desc')->select()->toArray();
}
return [$count ?? [], $list ?? []];
}
/**
* 获取管理员通知列表
* @param int $adminId
* @return array
* @throws DbException
*/
public static function getBells(int $adminId): array
{
$type = input('type', AdminNoticeEnum::NOTICE);
$page = input('page', 1);
$limit = input('limit', 3);
$where[] = ['type', '=', $type];
$where[] = ['admin_id', '=', $adminId];
return AdminNotice::with(['admin'])->where($where)
->order('id', 'desc')
->paginate(['list_rows' => $limit, 'page' => $page])
->toArray();
}
/**
* 添加消息
* @param array $data
* @param string $type
* @return bool
* @throws OperateException
*/
public static function add(array $data = [], string $type = ''): bool
{
if (!$data) {
return false;
}
try {
$model = new AdminNotice();
$type == 'array' ? $model->saveAll($data) : $model->create($data);
} catch (\Exception $e) {
throw new OperateException($e->getMessage());
}
// 钩子消息推送
Event::emit('sendAdminNotice', $data);
return true;
}
/**
* 获取管理员通知详情
* @param $id
* @param $adminId
* @return array
* @throws OperateException
*/
public static function getDetail($id, $adminId): array
{
$detail = AdminNotice::with(['admin'])->where(['id' => $id])->findOrEmpty()->toArray();
if (empty($detail)) {
throw new OperateException('数据不存在');
}
if (!in_array($adminId,[$detail['admin_id'],$detail['send_id']])){
throw new OperateException('非法访问');
}
if ($detail['type'] !== AdminNoticeEnum::TODO && $detail['admin_id'] == $adminId) {
AdminNotice::update(['status' => 1], ['id' => $id]);
}
return $detail;
}
/**
* 删除消息
* @param int $id
* @param int $adminId
* @return bool
* @throws OperateException
*/
public static function delete(int $id = 0, int $adminId = 0): bool
{
$detail = AdminNotice::where('id', $id)->findOrEmpty()->toArray();
if (empty($detail)) {
throw new OperateException('数据不存在');
}
$receive = $detail['send_id'] == $adminId && $detail['status'] == 1;
if ($detail['admin_id'] != $adminId || $receive) {
throw new OperateException('无权删除');
}
AdminNotice::destroy($id);
return true;
}
}

47
app/admin/service/AdminRuleService.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
declare (strict_types=1);
// +----------------------------------------------------------------------
// | swiftAdmin 极速开发框架 [基于WebMan开发]
// +----------------------------------------------------------------------
// | Copyright (c) 2020-2030 http://www.swiftadmin.net
// +----------------------------------------------------------------------
// | swiftAdmin.net High Speed Development Framework
// +----------------------------------------------------------------------
// | Author: meystack <coolsec@foxmail.com> Apache 2.0 License
// +----------------------------------------------------------------------
namespace app\admin\service;
use app\common\model\system\AdminRules;
use think\db\exception\DataNotFoundException;
use think\db\exception\DbException;
use think\db\exception\ModelNotFoundException;
class AdminRuleService
{
/**
* 获取资源列表
* @param array $params
* @return array
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public static function dataList(array $params): array
{
$where = array();
if (!empty($params['title'])) {
$where[] = ['title','like','%'.$params['title'].'%'];
}
if (!empty($params['router'])) {
$where[] = ['router','like','%'.$params['router'].'%'];
}
$model = new AdminRules();
$count = $model->where($where)->count();
$list = $model->where($where)->order('sort asc')->select()->toArray();
foreach ($list as $key => $value) {
$list[$key]['title'] = __($value['title']);
}
return [$count, $list];
}
}

195
app/admin/service/AdminService.php Normal file
View File

@@ -0,0 +1,195 @@
<?php
declare (strict_types=1);
// +----------------------------------------------------------------------
// | swiftAdmin 极速开发框架 [基于WebMan开发]
// +----------------------------------------------------------------------
// | Copyright (c) 2020-2030 http://www.swiftadmin.net
// +----------------------------------------------------------------------
// | swiftAdmin.net High Speed Development Framework
// +----------------------------------------------------------------------
// | Author: meystack <coolsec@foxmail.com> Apache 2.0 License
// +----------------------------------------------------------------------
namespace app\admin\service;
use app\admin\enums\AdminEnum;
use app\common\exception\OperateException;
use app\common\model\system\Admin;
use app\common\model\system\AdminAccess;
use app\common\model\system\AdminAccess as AdminAccessModel;
use app\common\model\system\AdminGroup as AdminGroupModel;
use think\db\exception\DataNotFoundException;
use think\db\exception\DbException;
use think\db\exception\ModelNotFoundException;
use think\facade\Db;
/**
* 管理员服务
* Class AdminService
*/
class AdminService
{
/**
* 获取管理员列表
* @param array $params
* @return array
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public static function dataList(array $params = []): array
{
$page = $params['page'] ?? 1;
$limit = $params['limit'] ?? 10;
$status = !empty($params['status']) ? $params['status'] - 1 : 1;
$where[] = ['status', '=', $status];
if (!empty($params['name'])) {
$where[] = ['name', 'like', '%' . $params['name'] . '%'];
}
if (!empty($params['dep'])) {
$where[] = ['branch_id', 'find in set', $params['dep']];
}
if (!empty($params['group_id'])) {
$where[] = ['group_id', 'find in set', $params['group_id']];
}
$model = new Admin();
$count = $model->where($where)->count();
$page = ($count <= $limit) ? 1 : $page;
$adminList = $model->where($where)->order("id asc")->withoutField('pwd')->limit($limit)->page($page)->select()->toArray();
$authService = AuthService::instance();
foreach ($adminList as $key => $value) {
$groupId = trim($value['group_id']);
$itemGroup = (new AdminGroupModel)->where('id', 'in', $groupId)->select()->toArray();
$adminList[$key]['group'] = $itemGroup;
// 排序
if (!empty($adminList[$key]['group'])) {
$adminList[$key]['group'] = list_sort_by($adminList[$key]['group'], 'id');
}
$authNodes = $authService->getRulesNode($value['id']);
$adminList[$key][AdminEnum::ADMIN_AUTH_RULES] = $authNodes[$authService->authPrivate];
$authNodes = $authService->getRulesNode($value['id'], AdminEnum::ADMIN_AUTH_RULES);
$adminList[$key][AdminEnum::ADMIN_AUTH_CATES] = $authNodes[$authService->authPrivate];
}
return [
'count' => $count,
'list' => $adminList
];
}
/**
* @param array $params
* @return bool
* @throws OperateException
*/
public static function add(array $params = []): bool
{
$model = new Admin();
$where[] = ['name', '=', $params['name']];
$where[] = ['email', '=', $params['email']];
$result = $model->whereOr($where)->findOrEmpty()->toArray();
if (!empty($result)) {
throw new OperateException('该用户名或邮箱已被注册!');
}
// 管理员加密
$params['pwd'] = encryptPwd($params['pwd']);
$params['create_ip'] = request()->getRealIp();
Db::startTrans();
try {
$data = $model->create($params);
$access['admin_id'] = $data['id'];
$access['group_id'] = $data['group_id'];
AdminAccessModel::insert($access);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
throw new OperateException($e->getMessage());
}
return true;
}
/**
* 编辑管理员
* @param array $params
* @return bool
* @throws OperateException
*/
public static function edit(array $params): bool
{
if (!empty($params['pwd'])) {
$params['pwd'] = encryptPwd($params['pwd']);
}
foreach ($params as $key => $value) {
if (empty($value)) {
unset($params[$key]);
}
}
Db::startTrans();
try {
$model = new Admin();
$model->update($params);
$access['group_id'] = $params['group_id'];
AdminAccessModel::update($access, ['admin_id' => $params['id']]);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
throw new OperateException($e->getMessage());
}
return true;
}
/**
* 更新权限节点
* @param $adminId
* @param string $ruleType
* @return bool
* @throws OperateException
*/
public static function updateRulesNodes($adminId, string $ruleType): bool
{
if (!$adminId) {
throw new OperateException('参数错误!');
}
$authService = AuthService::instance();
$params = request()->post($ruleType, []);
$access = $authService->getRulesNode($adminId, $ruleType);
$rules = array_diff($params, $access[$authService->authGroup]);
if (!$authService->checkRuleOrCateNodes($rules, $ruleType, $authService->authPrivate)) {
throw new OperateException('没有权限!');
}
$differ = array_diff($access[$authService->authPrivate], $access[$authService->authGroup]);
$curNodes = [];
if (!$authService->superAdmin()) {
$curNodes = $authService->getRulesNode();
$curNodes = array_diff($differ, $curNodes[$authService->authPrivate]);
}
Db::startTrans();
try {
$value = array_unique(array_merge($rules, $curNodes));
$data[$ruleType] = implode(',', $value);
AdminAccessModel::update($data, ['admin_id' => $adminId]);
Db::commit();
} catch (\Exception $e) {
Db::rollback();
throw new OperateException($e->getMessage());
}
return true;
}
}

54
app/admin/service/AttachmentService.php Normal file
View File

@@ -0,0 +1,54 @@
<?php
declare (strict_types=1);
// +----------------------------------------------------------------------
// | swiftAdmin 极速开发框架 [基于WebMan开发]
// +----------------------------------------------------------------------
// | Copyright (c) 2020-2030 http://www.swiftadmin.net
// +----------------------------------------------------------------------
// | swiftAdmin.net High Speed Development Framework
// +----------------------------------------------------------------------
// | Author: meystack <coolsec@foxmail.com> Apache 2.0 License
// +----------------------------------------------------------------------
namespace app\admin\service;
use app\common\model\system\Attachment;
class AttachmentService
{
/**
* 获取资源列表
* @param array $params
* @return array
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\DbException
* @throws \think\db\exception\ModelNotFoundException
*/
public static function dataList(array $params = []): array
{
$page = (int)$params['page'] ?: 1;
$limit = (int)$params['limit'] ?: 10;
$type = $params['type'] ?? '';
$where = [];
if (!empty($type)) {
$where[] = ['type', '=', $type];
}
if (!empty($params['filename'])) {
$where[] = ['filename', 'like', '%' . $params['filename'] . '%'];
}
$model = new Attachment();
$count = $model->where($where)->count();
$page = ($count <= $limit) ? 1 : $page;
$list = $model->where($where)->order("id desc")->limit((int)$limit)->page((int)$page)->select()->toArray();
$prefix = cdn_Prefix();
foreach ($list as $index => $item) {
if (!empty($prefix)) {
$list[$index]['url'] = $prefix . $item['url'];
}
}
return [$count, $list];
}
}

421
app/admin/service/AuthService.php Normal file
View File

@@ -0,0 +1,421 @@
<?php
declare (strict_types=1);
// +----------------------------------------------------------------------
// | swiftAdmin 极速开发框架 [基于WebMan开发]
// +----------------------------------------------------------------------
// | Copyright (c) 2020-2030 http://www.swiftadmin.net
// +----------------------------------------------------------------------
// | swiftAdmin.net High Speed Development Framework
// +----------------------------------------------------------------------
// | Author: meystack <coolsec@foxmail.com> Apache 2.0 License
// +----------------------------------------------------------------------
namespace app\admin\service;
use app\admin\enums\AdminEnum;
use app\common\model\system\Admin;
use app\common\model\system\AdminAccess;
use app\common\model\system\AdminGroup as AdminGroupModel;
use app\common\model\system\AdminRules as AdminRulesModel;
use think\db\exception\DataNotFoundException;
use think\db\exception\DbException;
use think\db\exception\ModelNotFoundException;
use Webman\Event\Event;
/**
* 后台权限验证
* @package app\admin\service
* Class AuthService
*/
class AuthService
{
/**
* 数据库实例
* @var object
*/
protected object $model;
/**
* 分组标记
* @var string
*/
public string $authGroup = 'authGroup';
/**
* 用户私有标记
* @var string
*/
public string $authPrivate = 'authPrivate';
/**
* 默认权限字段
*
* @var string
*/
public string $authFields = 'id,cid,pid,title,auth';
/**
* 错误信息
* @var string
*/
protected string $_error = '';
/**
* @var ?object 对象实例
*/
protected static ?object $instance = null;
/**
* 类构造函数
* class constructor.
*/
public function __construct()
{
$this->model = new Admin();
}
/**
* 初始化
* @access public
* @param array $options 参数
* @return object|null
*/
public static function instance(array $options = []): ?object
{
if (is_null(self::$instance)) {
self::$instance = new static($options);
}
// 返回实例
return self::$instance;
}
/**
* 检查权限
* @param mixed $name 需要验证的规则列表,支持逗号分隔的权限规则或索引数组
* @param int $adminId 认证用户的id
* @param int $type 认证类型
* @param string $mode 执行check的模式
* @param string $relation 如果为 'or' 表示满足任一条规则即通过验证;如果为 and则表示需满足所有规则才能通过验证
* @return bool 通过验证返回true;失败返回false
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public function permissions(mixed $name, int $adminId = 0, int $type = 1, string $mode = 'url', string $relation = 'or'): bool
{
// 转换格式
if (is_string($name)) {
$name = strtolower($name);
if (str_contains($name, ',')) {
$name = explode(',', $name);
} else {
$name = [$name];
}
}
$authList = [];
if ('url' == $mode) { // 解析URL参数
$REQUEST = unserialize(strtolower(serialize(request()->all())));
}
foreach ($this->getAuthList($adminId) as $auth) {
// 非鉴权接口
$router = strtolower($auth['router']);
if (in_array($router, $name) && $auth['auth'] == 0) {
$authList[] = $router;
continue;
}
// 校验正则模式
if (!empty($auth['condition'])) {
$rule = $condition = '';
$user = $this->getUserInfo();
$command = preg_replace('/\{(\w*?)\}/', '$user[\'\\1\']', $rule);
@(eval('$condition=(' . $command . ');'));
if ($condition) {
$authList[] = $router;
}
}
// URL参数模式
$query = preg_replace('/^.+\?/U', '', $router);
if ('url' == $mode && $query != $router) {
parse_str($query, $param);
$intersect = array_intersect_assoc($REQUEST, $param);
$router = preg_replace('/\?.*$/U', '', $router);
if (in_array($router, $name) && $intersect == $param) {
$authList[] = $router;
}
} else {
if (in_array($router, $name)) {
$authList[] = $router;
}
}
}
$authList = array_unique($authList);
if ('or' == $relation && !empty($authList)) {
return true;
}
$authDiff = array_diff($name, $authList);
if ('and' == $relation && empty($authDiff)) {
return true;
}
return false;
}
/**
* 查询权限列表
* @param mixed $adminId 用户id
* @param array $nodes 已获取节点
* @return array
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public function getAuthList(mixed $adminId = 0, array $nodes = []): array
{
// 查找节点
$where[] = ['status', '=', 1];
if (!$this->superAdmin()) {
$authNodes = !empty($nodes) ? $nodes : $this->getRulesNode($adminId);
return AdminRulesModel::where(function ($query) use ($where, $authNodes) {
if (empty($authNodes[$this->authPrivate])) {
$where[] = ['auth', '=', '0'];
$query->where($where);
} else {
$where[] = ['id', 'in', $authNodes[$this->authPrivate]];
$query->where($where)->whereOr('auth', '0');
}
})->order('sort asc')->select()->toArray();
}
return AdminRulesModel::where($where)->order('sort asc')->select()->toArray();
}
/**
* 获取权限菜单
* @return string
* @throws DataNotFoundException
* @throws DbException
*/
public function getPermissionsMenu(): string
{
$authNodes = $this->getRulesNode();
$nodeLists = $this->getAuthList(get_admin_id(), $authNodes);
foreach ($nodeLists as $key => $value) {
$nodeLists[$key]['title'] = __($value['title']);
if ($value['router'] != '#') {
$nodeLists[$key]['router'] = (string)url($value['router']);
}
}
$this->superAdmin() && $authNodes['supersAdmin'] = true;
$authNodes['authorities'] = list_to_tree($nodeLists);
return json_encode($authNodes, JSON_UNESCAPED_UNICODE);
}
/**
* 管理组分级鉴权
* @param array $operationIds
* @return bool
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public function checkRulesForGroup(array $operationIds = []): bool
{
if ($this->superAdmin()) {
return true;
}
$group_id = $this->getUserInfo()['group_id'];
$adminGroupIds = explode(',', $group_id);
$adminGroupList = AdminGroupModel::where('id', 'in', $adminGroupIds)->select()->toArray();
// 查询操作组
$operationList = AdminGroupModel::where('id', 'in', $operationIds)->select()->toArray();
foreach ($operationList as $item) {
foreach ($adminGroupList as $child) {
if ($item['pid'] < $child['id']
|| $item['pid'] == $child['pid']) {
return false;
}
}
}
return true;
}
/**
* 查询权限节点
* @access public
* @param $type
* @param $class
* @param bool $tree
* @return array|false|string
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public function getRuleCatesTree($type, $class, bool $tree = true)
{
if (is_array($type) && $type) {
$type = $type['type'] ?? AdminEnum::ADMIN_AUTH_RULES;
$class = $type['class'] ?? $this->authGroup;
}
$class = $class != $this->authGroup ? $this->authPrivate : $class;
$authNodes = $this->getRulesNode(get_admin_id(), $type);
$where[] = ['status', '=', 1];
if ($type && $type == AdminEnum::ADMIN_AUTH_RULES) {
if (!$this->superAdmin()) {
$menuList = AdminRulesModel::where(function ($query) use ($where, $authNodes, $class) {
if (empty($authNodes[$class])) {
$where[] = ['auth', '=', '0'];
$query->where($where);
} else {
$where[] = ['id', 'in', $authNodes[$class]];
$query->where($where)->whereOr('auth', '0');
}
})->order('sort asc')->select()->toArray();
} else {
$menuList = AdminRulesModel::where($where)->order('sort asc')->select()->toArray();
}
} else {
/**
* 栏目二次开发接口
* @param $menuList
*/
if (!$this->superAdmin() && !empty($authNodes[$class])) {
$menuList = Event::emit('cmsCategoryPermissions', [
'field' => $this->authFields,
'nodes' => $authNodes[$class]
], true);
} else {
$menuList = Event::emit('cmsCategoryPermissions', [
'field' => $this->authFields
], true);
}
}
return $tree ? ($menuList ? json_encode(list_to_tree($menuList)) : json_encode([])) : $menuList;
}
/**
* 校验节点避免越权
* @access public
* @param $rules
* @param string $type
* @param string $class
* @return bool
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public function checkRuleOrCateNodes($rules, string $type, string $class = 'pri'): bool
{
if ($this->superAdmin()) {
return true;
}
$type = !empty($type) ? $type : AdminEnum::ADMIN_AUTH_RULES;
$class = !empty($class) ? $class : $this->authGroup;
$class = $class != $this->authGroup ? $this->authPrivate : $class;
$authNodes = $this->getRulesNode(get_admin_id(), $type);
$differ = array_unique(array_merge($rules, $authNodes[$class]));
if (count($differ) > count($authNodes[$class])) {
return false;
}
return true;
}
/**
* 获取权限节点
* @param mixed $adminId 管理员id
* @param string $type 节点类型
* @return array
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public function getRulesNode(mixed $adminId = 0, string $type = AdminEnum::ADMIN_AUTH_RULES): array
{
$authGroup = $authPrivate = [];
$adminId = $adminId > 0 ? $adminId : get_admin_id();
$authNodes = AdminAccess::where('admin_id', $adminId)->findOrEmpty()->toArray();
// 私有节点
if (!empty($authNodes[$type])) {
$authPrivate = explode(',', $authNodes[$type]);
}
// 用户组节点
if (!empty($authNodes['group_id'])) {
$groupNodes = (new AdminGroupModel)->whereIn('id', $authNodes['group_id'])->select()->toArray();
foreach ($groupNodes as $value) {
$nodes = !empty($value[$type]) ? explode(',', $value[$type]) : [];
$authGroup = array_merge($authGroup, $nodes);
$authPrivate = array_merge($authPrivate, $nodes);
}
$authGroup = array_unique($authGroup);
$authPrivate = array_unique($authPrivate);
}
return [
$this->authGroup => $authGroup,
$this->authPrivate => $authPrivate,
];
}
/**
* 超级管理员
* @param int $adminId
* @param int $type
* @return bool
*/
public function superAdmin(int $adminId = 0, int $type = 1): bool
{
$adminId = $adminId > 1 ? $adminId : get_admin_id();
$adminInfo = $this->getUserInfo($adminId);
$adminGroup = explode(',', $adminInfo['group_id']);
if ($adminInfo['id'] == $type || array_search($type, $adminGroup)) {
return true;
}
return false;
}
/**
* 获取用户信息
* @param int $adminId
* @return array
*/
public function getUserInfo(int $adminId = 0): array
{
$_pk = is_string($this->model->getPk()) ? $this->model->getPk() : 'id';
return $this->model->where($_pk, $adminId)->findOrEmpty()->toArray();
}
/**
* 获取最后产生的错误
* @return string
*/
public function getError(): string
{
return $this->_error;
}
/**
* 设置错误
* @param string $error
*/
protected function setError(string $error): void
{
$this->_error = $error;
}
}

122
app/admin/service/LoginService.php Normal file
View File

@@ -0,0 +1,122 @@
<?php
declare (strict_types=1);
// +----------------------------------------------------------------------
// | swiftAdmin 极速开发框架 [基于WebMan开发]
// +----------------------------------------------------------------------
// | Copyright (c) 2020-2030 http://www.swiftadmin.net
// +----------------------------------------------------------------------
// | swiftAdmin.net High Speed Development Framework
// +----------------------------------------------------------------------
// | Author: meystack <coolsec@foxmail.com> Apache 2.0 License
// +----------------------------------------------------------------------
namespace app\admin\service;
use app\admin\enums\AdminEnum;
use app\common\exception\OperateException;
use app\common\library\ResultCode;
use app\common\model\system\Admin;
use app\common\model\system\AdminLog;
use think\db\exception\DataNotFoundException;
use think\db\exception\DbException;
use think\db\exception\ModelNotFoundException;
use Webman\Event\Event;
class LoginService
{
/**
* 管理员登录
* @param string $name
* @param string $pwd
* @param string $captcha
* @param array $adminInfo
* @return bool
* @throws OperateException
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public static function accountLogin(string $name, string $pwd, string $captcha = '', array $adminInfo = []): bool
{
$countLimit = isset($adminInfo['count']) && $adminInfo['count'] >= 5;
$minuteLimit = isset($adminInfo['time']) && $adminInfo['time'] >= strtotime('- 5 minutes');
if ($countLimit && $minuteLimit) {
throw new OperateException('错误次数过多,请稍后再试!');
}
// 验证码
if (isset($adminInfo['isCaptcha']) && !self::captchaCheck($captcha)) {
throw new OperateException('验证码错误!');
}
$result = Admin::checkLogin($name, $pwd);
if (empty($result)) {
$adminInfo['time'] = time();
$adminInfo['isCaptcha'] = true;
$adminInfo['count'] = isset($adminInfo['count']) ? $adminInfo['count'] + 1 : 1;
request()->session()->set(AdminEnum::ADMIN_SESSION, $adminInfo);
Event::emit(AdminEnum::ADMIN_LOGIN_ERROR, request()->all());
self::writeAdminLogs($name, ResultCode::USPWDERROR['msg']);
throw new OperateException(ResultCode::USPWDERROR['msg'], ResultCode::USPWDERROR['code']);
}
if ($result['status'] !== 1) {
throw new OperateException(ResultCode::STATUSEXCEPTION['msg'], ResultCode::STATUSEXCEPTION['code']);
}
try {
$data['login_ip'] = request()->getRealIp();
$data['login_time'] = time();
$data['count'] = $result['count'] + 1;
Admin::update($data, ['id' => $result['id']]);
$adminInfo = array_merge($adminInfo, $result->toArray());
request()->session()->set(AdminEnum::ADMIN_SESSION, $adminInfo);
self::writeAdminLogs($name, ResultCode::LOGINSUCCESS['msg'], 1);
Event::emit(AdminEnum::ADMIN_LOGIN_SUCCESS, $adminInfo);
} catch (\Throwable $th) {
throw new OperateException($th->getMessage());
}
return true;
}
/**
* 检查验证码
* @param string $text
* @return bool
*/
protected static function captchaCheck(string $text): bool
{
$captcha = $text ?? \request()->post('captcha');
if (strtolower($captcha) !== request()->session()->get('captcha')) {
return false;
}
return true;
}
/**
* 记录登录日志
* @param string $name
* @param string $error
* @param int $status
* @return void
*/
public static function writeAdminLogs(string $name, string $error, int $status = 0): void
{
$userAgent = request()->header('user-agent');
$nickname = (new Admin)->where('name', $name)->value('nickname');
preg_match('/.*?\((.*?)\).*?/', $userAgent, $matches);
$user_os = isset($matches[1]) ? substr($matches[1], 0, strpos($matches[1], ';')) : 'unknown';
$user_browser = preg_replace('/[^(]+\((.*?)[^)]+\) .*?/', '$1', $userAgent);
$data['name'] = $name;
$data['nickname'] = $nickname ?? 'unknown';
$data['user_ip'] = request()->getRealIp();
$data['user_agent'] = $userAgent;
$data['user_os'] = $user_os;
$data['user_browser'] = $user_browser;
$data['error'] = $error;
$data['status'] = $status;
AdminLog::create($data);
}
}

146
app/admin/service/UserService.php Normal file
View File

@@ -0,0 +1,146 @@
<?php
declare (strict_types=1);
// +----------------------------------------------------------------------
// | swiftAdmin 极速开发框架 [基于WebMan开发]
// +----------------------------------------------------------------------
// | Copyright (c) 2020-2030 http://www.swiftadmin.net
// +----------------------------------------------------------------------
// | swiftAdmin.net High Speed Development Framework
// +----------------------------------------------------------------------
// | Author: meystack <coolsec@foxmail.com> Apache 2.0 License
// +----------------------------------------------------------------------
namespace app\admin\service;
use app\common\exception\OperateException;
use app\common\library\Ip2Region;
use app\common\model\system\User;
use app\common\model\system\UserGroup;
use system\Random;
use think\db\exception\DataNotFoundException;
use think\db\exception\DbException;
use think\db\exception\ModelNotFoundException;
use think\facade\Db;
class UserService
{
/**
*
* @param array $params
* @param array $conditions
* @return array
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
*/
public static function dataList(array $params = [], array $conditions = []): array
{
$page = (int)$params['page'] ?: 1;
$limit = (int)$params['limit'] ?: 10;
$status = !empty($params['status']) ? $params['status']-1:1;
if (!empty($params['nickname'])) {
$where[] = ['nickname','like','%'.$params['nickname'].'%'];
}
if (!empty($params['group_id'])) {
$where[] = ['group_id','find in set',$params['group_id']];
}
$where[]=['status','=',$status];
$conditions = array_merge($conditions, $where ?? []);
$model = new User();
$count = $model->where($conditions)->count();
$page = ($count <= $limit) ? 1 : $page;
$list = $model->where($conditions)->order("id asc")->limit($limit)->page($page)->select();
// 循环处理数据
$userGroup = (new UserGroup)->select()->toArray();
foreach ($list as $key => $value) {
$value->hidden(['pwd', 'salt']);
try {
$region = Ip2Region::instance()->memorySearch($value['login_ip']);
} catch (\Exception $e) {
$region = ['region' => '未知|未知|未知'];
}
$region = explode('|',$region['region']);
$list[$key]['region'] = $region;
$result = list_search($userGroup,['id'=> $value['group_id']]);
if (!empty($result)) {
$list[$key]['group'] = $result['title'];
}
}
return [$count, $list];
}
/**
* @param array $params
* @return bool
* @throws OperateException
*/
public static function add(array $params): bool
{
$model = new User();
$whereName[] = ['nickname','=',$params['nickname']];
$whereEmail[] = ['email','=',$params['email']];
$data = $model->whereOr([$whereName,$whereEmail])->findOrEmpty()->toArray();
if(!empty($data)) {
throw new OperateException('该用户ID或邮箱已经存在');
}
Db::startTrans();
try {
$model->create($params);
} catch (\Exception $e) {
Db::rollback();
throw new OperateException('添加失败!');
}
return true;
}
/**
* @param array $params
* @return bool
* @throws DataNotFoundException
* @throws DbException
* @throws ModelNotFoundException
* @throws OperateException
*/
public static function edit(array $params): bool
{
$model = new User();
$data = $model->where('id', $params['id'])->findOrEmpty()->toArray();
if ($data['nickname'] != $params['nickname']) {
$whereName[] = ['nickname','=',$params['nickname']];
if($model->where($whereName)->find()) {
throw new OperateException('用户ID已经存在');
}
}
if ($data['email'] != $params['email']) {
$whereEmail[] = ['email','=',$params['email']];
if($model->where($whereEmail)->find()) {
throw new OperateException('用户邮箱已经存在!');
}
}
if (!empty($params['pwd'])) {
$salt = Random::alpha();
$params['salt'] = $salt;
$params['pwd'] = encryptPwd($params['pwd'],$params['salt']);
} else {
unset($params['pwd']);
}
Db::startTrans();
try {
$model->update($params);
} catch (\Exception $e) {
Db::rollback();
throw new OperateException('添加失败!');
}
return true;
}
}