1 | <?php |
||
2 | |||
3 | namespace App\Http\Middleware\Admin; |
||
4 | |||
5 | use App\Model\Admin\Menu; |
||
6 | use Closure; |
||
7 | use Illuminate\Support\Facades\Auth; |
||
8 | use Illuminate\Support\Facades\Route; |
||
9 | |||
10 | class Authorization |
||
11 | { |
||
12 | /** |
||
13 | * Handle an incoming request. |
||
14 | * |
||
15 | * @param \Illuminate\Http\Request $request |
||
16 | * @param \Closure $next |
||
17 | * @param string |
||
18 | * @return mixed |
||
19 | */ |
||
20 | public function handle($request, Closure $next, $guard) |
||
21 | { |
||
22 | $user = Auth::guard($guard)->user(); |
||
23 | if (in_array($user->id, config('light.superAdmin'))) { |
||
24 | return $next($request); |
||
25 | } |
||
26 | |||
27 | $route = Route::current(); |
||
28 | $routeName = $route->getName(); |
||
29 | $permission = Menu::where('route', $routeName)->where('route_params', '')->first(); |
||
30 | if ($permission && $user->can($permission->name)) { |
||
31 | return $next($request); |
||
32 | } |
||
33 | |||
34 | $routeParams = $route->parameters(); |
||
35 | if (!empty($routeParams)) { |
||
36 | foreach ($routeParams as $k => $v) { |
||
37 | $val = "{$k}:{$v}"; |
||
38 | break; |
||
39 | } |
||
40 | |||
41 | $permission = Menu::where('route', $routeName)->where('route_params', $val)->first(); |
||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
Loading history...
|
|||
42 | if ($permission && $user->can($permission->name)) { |
||
43 | return $next($request); |
||
44 | } |
||
45 | } |
||
46 | |||
47 | if ($request->expectsJson()) { |
||
48 | return response()->json(['code' => 401, 'msg' => "未授权操作(路由别名:{$routeName})"], 401); |
||
49 | } |
||
50 | abort(401, "未授权操作(路由别名:{$routeName})"); |
||
51 | } |
||
52 | } |
||
53 |