php
/
zhjwxt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
智慧教务系统
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
484 Commits
4 Branches
0 Tags
191 MiB
 
 
 
 
 
 
Tree: a580c2580a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a580c2580a'
${ noResults }
zhjwxt/niucloud/app/service/admin/auth/AuthService.php

142 lines
4.6 KiB
Raw Blame History

<?php
// +----------------------------------------------------------------------
// | Niucloud-admin 企业快速开发的多应用管理平台
// +----------------------------------------------------------------------
// | 官方网址:https://www.niucloud.com
// +----------------------------------------------------------------------
// | niucloud团队 版权所有 开源版本可自由商用
// +----------------------------------------------------------------------
// | Author: Niucloud Team
// +----------------------------------------------------------------------
namespace app\service\admin\auth;
use app\model\campus_person_role\CampusPersonRole;
use app\model\personnel\Personnel;
use app\Request;
use app\service\admin\sys\MenuService;
use app\service\admin\sys\RoleService;
use app\service\admin\user\UserService;
use core\base\BaseAdminService;
use core\exception\AuthException;
use Exception;
/**
* 用户服务层
* Class AuthService
* @package app\service\admin\auth
*/
class AuthService extends BaseAdminService
{
/**
* 校验权限
* @param Request $request
* @return bool
* @throws Exception
*/
public function checkRole(Request $request)
{
$rule = strtolower(trim($request->rule()->getRule()));
$method = strtolower(trim($request->method()));
$menu_service = new MenuService();
$all_menu_list = $menu_service->getAllApiList();
//先判断当前访问的接口是否收到权限的限制
$method_menu_list = $all_menu_list[ $method ] ?? [];
if (!in_array($rule, $method_menu_list))
return true;
$auth_role_list = $this->getAuthApiList();
if (!empty($auth_role_list[ $method ]) && in_array($rule, $auth_role_list[ $method ]))
return true;
throw new AuthException('NO_PERMISSION');
}
/**
* 当前授权用户接口权限
* @return array
*/
public function getAuthApiList()
{
$user_info = ( new UserService() )->getUserCache($this->uid);
if (empty($user_info))
return [];
$is_admin = $user_info[ 'is_admin' ];//是否是超级管理员组
$menu_service = new MenuService();
if ($is_admin) {//查询全部启用的权限
//获取站点信息
return ( new MenuService() )->getAllApiList(1);
} else {
$per = new Personnel();
$CampusPersonRole = new CampusPersonRole();
$per_id = $per->where(['sys_user_id' => $this->uid])->column('id');
$user_role_ids = $CampusPersonRole->where(['person_id' => $per_id])->column('role_id');
// $user_role_ids = $user_info[ 'role_ids' ];
$role_service = new RoleService();
$menu_keys = $role_service->getMenuKeysByRoleIds($user_role_ids ?? []);
return $menu_service->getApiListByMenuKeys($menu_keys);
}
}
/**
* 当前授权用户菜单权限
* @return array
*/
public function getAuthMenuList($status = 'all', int $is_tree = 0, int $is_button = 1)
{
$user_info = ( new UserService() )->getUserCache($this->uid);
if (empty($user_info))
return [];
$is_admin = $user_info[ 'is_admin' ];//是否是超级管理员组
$menu_service = new MenuService();
if ($is_admin) {//查询全部启用的权限
return ( new MenuService() )->getAllMenuList($status, $is_tree, $is_button);
} else {
$per = new Personnel();
$CampusPersonRole = new CampusPersonRole();
$per_id = $per->where(['sys_user_id' => $this->uid])->column('id');
$user_role_ids = $CampusPersonRole->where(['person_id' => $per_id])->column('role_id');
//
$role_service = new RoleService();
$menu_keys = $role_service->getMenuKeysByRoleIds($user_role_ids ?? []);
return $menu_service->getMenuListByMenuKeys($menu_keys, $is_tree, is_button:$is_button);
}
}
/**
* 获取授权用户信息
*/
public function getAuthInfo()
{
return ( new UserService() )->getUserCache($this->uid);
}
/**
* 修改用户
* @param array $data
* @return true
*/
public function editAuth(array $data)
{
if (!empty($data[ 'password' ])) {
//检测原始密码是否正确
$user = ( new UserService() )->find($this->uid);
if (!check_password($data[ 'original_password' ], $user->password))
throw new AuthException('OLD_PASSWORD_ERROR');
}
return ( new UserService() )->edit($this->uid, $data);
}
}