From ae7a5a213a55cc56251161b7e96f945a23247146 Mon Sep 17 00:00:00 2001 From: unset <193344396@qq.com> Date: Mon, 6 Aug 2018 01:43:58 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9C=80=E5=A4=A7=E5=85=BC=E5=AE=B9=E6=80=A7?= =?UTF-8?q?=E7=9A=84=E5=8D=87=E7=BA=A7=E6=9D=83=E9=99=90=E7=AE=A1=E7=90=86?= =?UTF-8?q?=E5=8A=9F=E8=83=BD,=E6=97=A0=E9=A1=BB=E6=94=B9=E5=8A=A8?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E5=BA=93,=20=E5=9C=A8=E5=8E=9F=E5=85=88?= =?UTF-8?q?=E7=9A=84=E8=8A=82=E7=82=B9=E9=AA=8C=E8=AF=81=E4=B8=8A=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E4=BA=86=E5=8F=82=E6=95=B0=E9=AA=8C=E8=AF=81,?= =?UTF-8?q?=E5=AE=9E=E7=8E=B0=E6=9B=B4=E7=81=B5=E6=B4=BB=E7=9A=84=E6=9D=83?= =?UTF-8?q?=E9=99=90=E7=AE=A1=E7=90=86!?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- application/admin/behavior/ApiPermission.php | 47 ++++++++++++++++---- 1 file changed, 38 insertions(+), 9 deletions(-) diff --git a/application/admin/behavior/ApiPermission.php b/application/admin/behavior/ApiPermission.php index 9a1c39e..1d9d4e9 100644 --- a/application/admin/behavior/ApiPermission.php +++ b/application/admin/behavior/ApiPermission.php @@ -1,6 +1,14 @@ */ @@ -27,12 +35,12 @@ class ApiPermission { */ public function run() { $request = Request::instance(); - $route = $request->routeInfo(); + $route = $request->param(); $header = config('apiAdmin.CROSS_DOMAIN'); $ApiAuth = $request->header('ApiAuth', ''); $userInfo = cache('Login:' . $ApiAuth); $userInfo = json_decode($userInfo, true); - if (!$this->checkAuth($userInfo['id'], $route['route'])) { + if (!$this->checkAuth($userInfo['id'], $route)) { $data = ['code' => ReturnCode::INVALID, 'msg' => '非常抱歉,您没有权限这么做!', 'data' => []]; return json($data, 200, $header); @@ -52,9 +60,23 @@ class ApiPermission { private function checkAuth($uid, $route) { $isSupper = Tools::isAdministrator($uid); if (!$isSupper) { + $keys = array_keys($route); $rules = $this->getAuth($uid); - - return in_array($route, $rules); + $baseUrl = $keys[0]; + if(isset($rules[$baseUrl])){ + if($rules[$baseUrl]['all']==1){ + return true; + }else{ + $intersect = array_intersect_assoc($route,$rules[$baseUrl]['query']); + if(sizeof(array_diff_assoc($rules[$baseUrl]['query'],$intersect))==0){ + return true; + }else{ + return false; + } + } + }else{ + return false; + } } else { return true; } @@ -79,14 +101,21 @@ class ApiPermission { foreach ($openGroup as $group) { $openGroupArr[] = $group->id; } - $allRules = (new AdminAuthRule())->whereIn('groupId', $openGroupArr)->select(); - if (isset($allRules)) { + $allRulesUrl = (new AdminAuthRule())->whereIn('groupId', $openGroupArr)->column('url'); + if (isset($allRulesUrl)) { $rules = []; - foreach ($allRules as $rule) { - $rules[] = $rule->url; + foreach ($allRulesUrl as $rule) { + $query = parse_url($rule); + $route = '/'.$query['path']; + if(!isset($query['query'])){ + $rules[$route]['all'] = 1; + }else{ + parse_str($query['query'],$query_arr); + $rules[$route]['all'] = 0; + $rules[$route]['query'] = $query_arr; + } } $rules = array_unique($rules); - return $rules; } else { return [];