From 48879c41e4e61cde72ddb056291a4de18424bf41 Mon Sep 17 00:00:00 2001
From: zhaoxiang <zhaoxiang051405@gmail.com>
Date: Mon, 26 Feb 2018 14:45:12 +0800
Subject: [PATCH] =?UTF-8?q?modified=20=E5=AE=8C=E6=88=90=E6=8E=A5=E5=8F=A3?=
 =?UTF-8?q?=E6=96=87=E6=A1=A3=E8=87=AA=E5=8A=A8=E7=94=9F=E6=88=90=EF=BC=8C?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=BB=86=E8=8A=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/admin/controller/App.php       | 10 +++++---
 application/api/behavior/ApiAuth.php       |  2 +-
 application/api/behavior/ApiPermission.php | 30 ++++++++++++++++------
 application/api/controller/BuildToken.php  |  4 +--
 application/apiRoute.php                   |  2 +-
 5 files changed, 32 insertions(+), 16 deletions(-)

diff --git a/application/admin/controller/App.php b/application/admin/controller/App.php
index e1f6503..6b59d58 100644
--- a/application/admin/controller/App.php
+++ b/application/admin/controller/App.php
@@ -98,11 +98,12 @@ class App extends Base {
             'app_api_show' => '',
         ];
         if (isset($postData['app_api']) && $postData['app_api']) {
+            $appApi = [];
             $data['app_api_show'] = json_encode($postData['app_api']);
             foreach ($postData['app_api'] as $value) {
-                $data['app_api'] .= implode(',', $value) . ',';
+                $appApi = array_merge($appApi, $value);
             }
-            $data['app_api'] = trim($data['app_api'], ',');
+            $data['app_api'] = implode(',', $appApi);
         }
         $res = ApiApp::create($data);
         if ($res === false) {
@@ -149,11 +150,12 @@ class App extends Base {
             'app_api_show' => '',
         ];
         if (isset($postData['app_api']) && $postData['app_api']) {
+            $appApi = [];
             $data['app_api_show'] = json_encode($postData['app_api']);
             foreach ($postData['app_api'] as $value) {
-                $data['app_api'] .= implode(',', $value) . ',';
+                $appApi = array_merge($appApi, $value);
             }
-            $data['app_api'] = trim($data['app_api'], ',');
+            $data['app_api'] = implode(',', $appApi);
         }
         $res = ApiApp::update($data);
         if ($res === false) {
diff --git a/application/api/behavior/ApiAuth.php b/application/api/behavior/ApiAuth.php
index 671cf5b..fc50039 100644
--- a/application/api/behavior/ApiAuth.php
+++ b/application/api/behavior/ApiAuth.php
@@ -64,7 +64,7 @@ class ApiAuth {
      * Api接口合法性检测
      */
     private function checkAccessToken() {
-        $access_token = $this->request->header('');
+        $access_token = $this->request->header('access-token');
         if (!isset($access_token) || !$access_token) {
             return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => '缺少参数access-token', 'data' => []]);
         } else {
diff --git a/application/api/behavior/ApiPermission.php b/application/api/behavior/ApiPermission.php
index ae36c69..da15119 100644
--- a/application/api/behavior/ApiPermission.php
+++ b/application/api/behavior/ApiPermission.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * 处理app_id接入接口权限
+ * 处理app_id接入接口权限 需要重新签发AccessToken才能生效新的权限
  * @since   2017-07-25
  * @author  zhaoxiang <zhaoxiang051405@gmail.com>
  */
@@ -8,23 +8,37 @@
 namespace app\api\behavior;
 
 
-use app\model\ApiFields;
-use app\util\ApiLog;
 use app\util\ReturnCode;
-use app\util\DataType;
 use think\Request;
-use think\Validate;
 
 class ApiPermission {
 
     /**
-     * 默认行为函数
+     * @var Request
+     */
+    private $request;
+
+    /**
+     * 接口鉴权
+     * @return \think\response\Json
      * @author zhaoxiang <zhaoxiang051405@gmail.com>
-     * @return \think\Request
-     * @throws \think\exception\DbException
      */
     public function run() {
+        $this->request = Request::instance();
+        $hash = $this->request->routeInfo();
+        if (isset($hash['rule'][1])) {
+            $hash = $hash['rule'][1];
+            $access_token = $this->request->header('access-token');
+            if ($access_token) {
+                $appInfo = cache($access_token);
+                $allRules = explode(',', $appInfo['app_api']);
+                if (!in_array($hash, $allRules)) {
+                    $data = ['code' => ReturnCode::INVALID, 'msg' => '非常抱歉，您没有权限怎么做！', 'data' => []];
 
+                    return json($data);
+                }
+            }
+        }
     }
 
 
diff --git a/application/api/controller/BuildToken.php b/application/api/controller/BuildToken.php
index a756a8c..9a1caa7 100644
--- a/application/api/controller/BuildToken.php
+++ b/application/api/controller/BuildToken.php
@@ -50,11 +50,11 @@ class BuildToken extends Base {
     }
 
     public function e1() {
-        return $this->buildSuccess('e1');
+        return $this->buildSuccess(['e1']);
     }
 
     public function e2() {
-        return $this->buildSuccess('e2');
+        return $this->buildSuccess(['e2']);
     }
 
     /**
diff --git a/application/apiRoute.php b/application/apiRoute.php
index e9a5824..98e6158 100644
--- a/application/apiRoute.php
+++ b/application/apiRoute.php
@@ -5,7 +5,7 @@
 
 \think\Route::miss('api/Index/index');
 
-$afterBehavior = ['\app\api\behavior\ApiAuth', '\app\api\behavior\RequestFilter'];
+$afterBehavior = ['\app\api\behavior\ApiAuth', '\app\api\behavior\ApiPermission', '\app\api\behavior\RequestFilter'];
 
 return [
     '[api]' => [