From f45e832d0233c4a0e50f58c64f67d9d3582631b9 Mon Sep 17 00:00:00 2001 From: wolfcode <37436228+wolf-leo@users.noreply.github.com> Date: Mon, 7 Aug 2023 01:55:11 +0800 Subject: [PATCH] update . --- app/Exceptions/Handler.php | 2 +- app/Http/Controllers/admin/AjaxController.php | 2 +- app/Http/Middleware/CheckAuth.php | 16 +++++++- app/Http/Services/AuthService.php | 39 +++++++++---------- 4 files changed, 36 insertions(+), 23 deletions(-) diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index 665d8e7..79de51f 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -45,7 +45,7 @@ class Handler extends ExceptionHandler //系统默认错误 if (config('app.debug')) { - return response()->make($e->getMessage()); + return parent::render($request, $e); } } } diff --git a/app/Http/Controllers/admin/AjaxController.php b/app/Http/Controllers/admin/AjaxController.php index d3381c6..3154b26 100644 --- a/app/Http/Controllers/admin/AjaxController.php +++ b/app/Http/Controllers/admin/AjaxController.php @@ -22,7 +22,7 @@ class AjaxController extends AdminController { $cacheData = Cache::get('initAdmin_' . session('admin.id')); if (!empty($cacheData)) { - return json($cacheData); + // return json($cacheData); } $menuService = new MenuService(session('admin.id')); $data = [ diff --git a/app/Http/Middleware/CheckAuth.php b/app/Http/Middleware/CheckAuth.php index 5096290..87e6f2f 100644 --- a/app/Http/Middleware/CheckAuth.php +++ b/app/Http/Middleware/CheckAuth.php @@ -4,6 +4,7 @@ namespace App\Http\Middleware; use App\Http\Controllers\admin\ErrorPageController; use App\Http\JumpTrait; +use App\Http\Services\AuthService; use Closure; use Illuminate\Http\Request; use Symfony\Component\HttpFoundation\Response; @@ -24,8 +25,8 @@ class CheckAuth $adminConfig = config('admin'); $parameters = request()->route()->parameters; $controller = $parameters['controller'] ?? 'index'; + $adminId = session('admin.id', 0); if (!in_array($controller, $adminConfig['no_login_controller'])) { - $adminId = session('admin.id'); $expireTime = session('admin.expire_time'); if (empty($adminId)) { return $this->responseView('请先登录后台', [], __url("/login")); @@ -36,6 +37,19 @@ class CheckAuth return $this->responseView('登录已过期,请重新登录', [], __url("/login")); } } + // 验证权限 + if ($adminId) { + $authService = app(AuthService::class, ['adminId' => $adminId]); + $currentNode = $authService->getCurrentNode(); + if (!in_array($controller, $adminConfig['no_auth_controller']) && !in_array($controller, $adminConfig['no_auth_node'])) { + $check = $authService->checkNode($currentNode); + if (!$check) return $this->error('无权限访问'); + // 判断是否为演示环境 + if (env('EASYADMIN.IS_DEMO', false) && \request()->method() == 'POST') { + return $this->responseView('演示环境下不允许修改'); + } + } + } return $next($request); } } diff --git a/app/Http/Services/AuthService.php b/app/Http/Services/AuthService.php index 041c401..0674bc5 100644 --- a/app/Http/Services/AuthService.php +++ b/app/Http/Services/AuthService.php @@ -3,6 +3,8 @@ namespace App\Http\Services; use Illuminate\Support\Facades\DB; +use Illuminate\Support\Facades\Route; +use Illuminate\Support\Str; /** * 权限验证服务 @@ -86,7 +88,7 @@ class AuthService if (!isset($this->nodeList[$node])) { return false; } - $nodeInfo = $this->nodeList[$node]; + $nodeInfo = get_object_vars($this->nodeList[$node]); if ($nodeInfo['is_auth'] == 0) { return true; } @@ -95,7 +97,7 @@ class AuthService return false; } // 判断该节点是否允许访问 - if (in_array($node, $this->adminNode)) { + if (isset($this->adminNode[$node])) { return true; } return false; @@ -105,9 +107,10 @@ class AuthService * 获取当前节点 * @return string */ - public function getCurrentNode() + public function getCurrentNode(): string { - return $this->parseNodeStr(request()->controller() . '/' . request()->action()); + $parameters = request()->route()->parameters ?? []; + return ($parameters['secondary'] ?? '') . '.' . ($parameters['controller'] ?? '') . '/' . ($parameters['action'] ?? ''); } /** @@ -124,20 +127,16 @@ class AuthService ])->first(); $adminInfo = get_object_vars($adminInfo); if (!empty($adminInfo) && !empty($adminInfo['auth_ids'])) { - $buildAuthSql = DB::table($this->config['system_auth']) - ->distinct(true) - ->whereIn('id', $adminInfo['auth_ids']) - ->select('id') - ->toSql(); - $buildAuthNodeSql = DB::table($this->config['system_auth_node']) - ->distinct(true) - ->where("auth_id IN {$buildAuthSql}") - ->select('node_id') - ->toSql(); - $nodeList = DB::table($this->config['system_node']) - ->distinct(true) - ->where("id IN {$buildAuthNodeSql}")->get() - ->keyBy('node')->toArray(); + + $nodeIds = DB::table($this->config['system_auth_node']) + ->whereIn('auth_id', explode(',', $adminInfo['auth_ids'])) + ->select('node_id')->get()->map(function ($value) { + return (array)$value; + })->toArray(); + $nodeList = DB::table($this->config['system_node']) + ->whereIn('id', $nodeIds)->get()->keyBy('node')->map(function ($value) { + return (array)$value; + })->toArray(); } return $nodeList; } @@ -160,14 +159,14 @@ class AuthService * @param string $node * @return string */ - public function parseNodeStr($node): string + public function parseNodeStr(string $node): string { $array = explode('/', $node); foreach ($array as $key => $val) { if ($key == 0) { $val = explode('.', $val); foreach ($val as &$vo) { - $vo = \think\helper\Str::snake(lcfirst($vo)); + $vo = Str::snake(lcfirst($vo)); } $val = implode('.', $val); $array[$key] = $val; -- GitLab