You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
132 lines
4.3 KiB
132 lines
4.3 KiB
<?php
|
|
// +----------------------------------------------------------------------
|
|
// | Niucloud-admin 企业快速开发的多应用管理平台
|
|
// +----------------------------------------------------------------------
|
|
// | 官方网址:https://www.niucloud.com
|
|
// +----------------------------------------------------------------------
|
|
// | niucloud团队 版权所有 开源版本可自由商用
|
|
// +----------------------------------------------------------------------
|
|
// | Author: Niucloud Team
|
|
// +----------------------------------------------------------------------
|
|
|
|
namespace app\service\admin\auth;
|
|
|
|
use app\model\campus_person_role\CampusPersonRole;
|
|
use app\model\personnel\Personnel;
|
|
use app\Request;
|
|
use app\service\admin\sys\MenuService;
|
|
use app\service\admin\sys\RoleService;
|
|
use app\service\admin\user\UserService;
|
|
use core\base\BaseAdminService;
|
|
use core\exception\AuthException;
|
|
use Exception;
|
|
|
|
/**
|
|
* 用户服务层
|
|
* Class AuthService
|
|
* @package app\service\admin\auth
|
|
*/
|
|
class AuthService extends BaseAdminService
|
|
{
|
|
|
|
/**
|
|
* 校验权限
|
|
* @param Request $request
|
|
* @return bool
|
|
* @throws Exception
|
|
*/
|
|
public function checkRole(Request $request)
|
|
{
|
|
|
|
$rule = strtolower(trim($request->rule()->getRule()));
|
|
$method = strtolower(trim($request->method()));
|
|
|
|
$menu_service = new MenuService();
|
|
$all_menu_list = $menu_service->getAllApiList();
|
|
//先判断当前访问的接口是否收到权限的限制
|
|
$method_menu_list = $all_menu_list[ $method ] ?? [];
|
|
if (!in_array($rule, $method_menu_list))
|
|
return true;
|
|
|
|
$auth_role_list = $this->getAuthApiList();
|
|
if (!empty($auth_role_list[ $method ]) && in_array($rule, $auth_role_list[ $method ]))
|
|
return true;
|
|
|
|
throw new AuthException('NO_PERMISSION');
|
|
|
|
}
|
|
|
|
/**
|
|
* 当前授权用户接口权限
|
|
* @return array
|
|
*/
|
|
public function getAuthApiList()
|
|
{
|
|
$user_info = ( new UserService() )->getUserCache($this->uid);
|
|
if (empty($user_info))
|
|
return [];
|
|
|
|
$is_admin = $user_info[ 'is_admin' ];//是否是超级管理员组
|
|
$menu_service = new MenuService();
|
|
if ($is_admin) {//查询全部启用的权限
|
|
//获取站点信息
|
|
return ( new MenuService() )->getAllApiList(1);
|
|
} else {
|
|
$user_role_ids = $user_info[ 'role_ids' ];
|
|
$role_service = new RoleService();
|
|
$menu_keys = $role_service->getMenuKeysByRoleIds($user_role_ids ?? []);
|
|
return $menu_service->getApiListByMenuKeys($menu_keys);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* 当前授权用户菜单权限
|
|
* @return array
|
|
*/
|
|
public function getAuthMenuList($status = 'all', int $is_tree = 0, int $is_button = 1)
|
|
{
|
|
$user_info = ( new UserService() )->getUserCache($this->uid);
|
|
if (empty($user_info))
|
|
return [];
|
|
$is_admin = $user_info[ 'is_admin' ];//是否是超级管理员组
|
|
$menu_service = new MenuService();
|
|
if ($is_admin) {//查询全部启用的权限
|
|
return ( new MenuService() )->getAllMenuList($status, $is_tree, $is_button);
|
|
} else {
|
|
$per = new Personnel();
|
|
$CampusPersonRole = new CampusPersonRole();
|
|
$per_id = $per->where(['sys_user_id' => $this->uid])->column('id');
|
|
|
|
$user_role_ids = $CampusPersonRole->where(['person_id' => $per_id])->column('role_id');
|
|
//
|
|
$role_service = new RoleService();
|
|
$menu_keys = $role_service->getMenuKeysByRoleIds($user_role_ids ?? []);
|
|
return $menu_service->getMenuListByMenuKeys($menu_keys, $is_tree, is_button:$is_button);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* 获取授权用户信息
|
|
*/
|
|
public function getAuthInfo()
|
|
{
|
|
return ( new UserService() )->getUserCache($this->uid);
|
|
}
|
|
|
|
/**
|
|
* 修改用户
|
|
* @param array $data
|
|
* @return true
|
|
*/
|
|
public function editAuth(array $data)
|
|
{
|
|
if (!empty($data[ 'password' ])) {
|
|
//检测原始密码是否正确
|
|
$user = ( new UserService() )->find($this->uid);
|
|
if (!check_password($data[ 'original_password' ], $user->password))
|
|
throw new AuthException('OLD_PASSWORD_ERROR');
|
|
|
|
}
|
|
return ( new UserService() )->edit($this->uid, $data);
|
|
}
|
|
}
|
|
|