From c31892056d7256f9f6574d20222b4cfbe446bd7c Mon Sep 17 00:00:00 2001
From: vilson <545522390@qq.com>
Date: Sun, 10 May 2020 15:10:31 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9D=83=E9=99=90=E7=AE=A1=E7=90=86=E4=BC=98?=
=?UTF-8?q?=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: vilson <545522390@qq.com>
---
application/common.php | 2 +-
application/common/Model/Member.php | 1 +
application/common/Model/MemberAccount.php | 3 +-
application/project/controller/Auth.php | 2 +
application/project/controller/Index.php | 1 +
application/project/controller/Project.php | 4 +-
application/project/middleware/Auth.php | 2 +
extend/service/NodeService.php | 65 +++++++++++++++++-----
8 files changed, 60 insertions(+), 20 deletions(-)
diff --git a/application/common.php b/application/common.php
index e9dbadb..7acb28c 100644
--- a/application/common.php
+++ b/application/common.php
@@ -49,7 +49,7 @@ function getCurrentMember()
function setCurrentMember($data)
{
- $key = 'member:info:' . $data['code'];
+ $key = 'member:info:' . $data['code'];//Member 里的 code
if (!$data) {
Cache::rm($key);
}else{
diff --git a/application/common/Model/Member.php b/application/common/Model/Member.php
index ca9b4f7..b33cc2c 100644
--- a/application/common/Model/Member.php
+++ b/application/common/Model/Member.php
@@ -59,6 +59,7 @@ class Member extends CommonModel
$member['authorize'] = $list[0]['authorize'];
$member['position'] = $list[0]['position'];
$member['department'] = $list[0]['department'];
+ $member['organization_code'] = $list[0]['organization_code'];
setCurrentMember($member);
!empty($member['authorize']) && NodeService::applyProjectAuthNode();
diff --git a/application/common/Model/MemberAccount.php b/application/common/Model/MemberAccount.php
index c3a44ea..3bd9aae 100644
--- a/application/common/Model/MemberAccount.php
+++ b/application/common/Model/MemberAccount.php
@@ -26,8 +26,7 @@ class MemberAccount extends CommonModel
{
NodeService::applyProjectAuthNode();
$menuModel = new ProjectMenu();
- $list = $menuModel->listForUser($isTree);
- return $list;
+ return $menuModel->listForUser($isTree);
}
/**
diff --git a/application/project/controller/Auth.php b/application/project/controller/Auth.php
index b92cc20..1d7ad84 100644
--- a/application/project/controller/Auth.php
+++ b/application/project/controller/Auth.php
@@ -81,6 +81,7 @@ class Auth extends BasicApi
*/
protected function _apply_save($auth)
{
+ //todo 优化
list($data, $post) = [[], Request::only('action,id,nodes')];
isset($post['nodes']) && $post['nodes'] = json_decode($post['nodes']);
foreach (isset($post['nodes']) ? $post['nodes'] : [] as $node) {
@@ -88,6 +89,7 @@ class Auth extends BasicApi
}
ProjectAuthNode::where(['auth' => $auth])->delete();
ProjectAuthNode::insertAll($data);
+ NodeService::clearMemberNodes(getCurrentOrganizationCode());
$this->success('节点授权更新成功!', '');
}
diff --git a/application/project/controller/Index.php b/application/project/controller/Index.php
index eb594b3..50f5ddc 100644
--- a/application/project/controller/Index.php
+++ b/application/project/controller/Index.php
@@ -77,6 +77,7 @@ class Index extends BasicApi
$member['account_id'] = $memberAccount['id'];
$member['is_owner'] = $memberAccount['is_owner'];
$member['authorize'] = $memberAccount['authorize'];
+ $member['organization_code'] = $memberAccount['organization_code'];
setCurrentMember($member);
!empty($member['authorize']) && NodeService::applyProjectAuthNode();
setCurrentOrganizationCode($organizationCode);
diff --git a/application/project/controller/Project.php b/application/project/controller/Project.php
index 2833bda..d3f2231 100644
--- a/application/project/controller/Project.php
+++ b/application/project/controller/Project.php
@@ -44,7 +44,7 @@ class Project extends BasicApi
* @return void
* @throws DbException
*/
- public function index11()
+ /* public function index11()
{
$prefix = config('database.prefix');
$type = Request::post('type');
@@ -94,7 +94,7 @@ class Project extends BasicApi
}
}
$this->success('', ['list' => $newList, 'total' => $list['total']]);
- }
+ }*/
public function index()
{
diff --git a/application/project/middleware/Auth.php b/application/project/middleware/Auth.php
index 2abf939..5a8faeb 100644
--- a/application/project/middleware/Auth.php
+++ b/application/project/middleware/Auth.php
@@ -68,6 +68,8 @@ class Auth
}
}
// 访问权限检查
+// var_dump(auth($node, 'project'));
+// die;
if (!empty($access['is_auth']) && !auth($node, 'project')) {
$nodeInfo = ProjectNode::where('node', $node)->find();
return json(['code' => 403, 'msg' => '无权限操作资源['. $nodeInfo['title'] . '],访问被拒绝']);
diff --git a/extend/service/NodeService.php b/extend/service/NodeService.php
index 57b5204..6f4b6c0 100644
--- a/extend/service/NodeService.php
+++ b/extend/service/NodeService.php
@@ -3,7 +3,9 @@
namespace service;
+use app\common\Model\MemberAccount;
use think\Db;
+use think\facade\Cache;
/**
* 系统权限节点读取器
@@ -19,23 +21,54 @@ class NodeService
*/
public static function applyProjectAuthNode()
{
- cache('member_need_access_node', null);
+// cache('member_need_access_node', null);
$member = getCurrentMember();
- $member['nodes'] = [];
- if (($authorize = $member['authorize'])) {
- $where = ['status' => '1'];
- $authorizeIds = Db::name('ProjectAuth')->whereIn('id', explode(',', $authorize))->where($where)->column('id');
- if (empty($authorizeIds)) {
- $member['nodes'] = [];
- return setCurrentMember($member);
- }
- $nodes = Db::name('ProjectAuthNode')->whereIn('auth', $authorizeIds)->column('node');
- $member['nodes'] = $nodes;
- return setCurrentMember($member);
- }
- return setCurrentMember($member);
+// $member['nodes'] = [];
+// if (($authorize = $member['authorize'])) {
+// $where = ['status' => '1'];
+// $authorizeIds = Db::name('ProjectAuth')->whereIn('id', explode(',', $authorize))->where($where)->column('id');
+// if (empty($authorizeIds)) {
+// $member['nodes'] = [];
+// return setCurrentMember($member);
+// }
+// $nodes = Db::name('ProjectAuthNode')->whereIn('auth', $authorizeIds)->column('node');
+// $member['nodes'] = $nodes;
+// return setCurrentMember($member);
+// }
+// return setCurrentMember($member);
+ $nodes = self::getMemberNodes($member['organization_code'], $member['account_id']);
+ $member['nodes'] = $nodes;
+ setCurrentMember($member);
+ return $nodes;
}
+ public static function getMemberNodes($orgCode, $memberAccountId)
+ {
+ $cacheKey = 'member:nodes:' . $memberAccountId;
+ $tagKey = 'member:codes:' . $orgCode;
+// self::clearMemberNodes($orgCode);
+ $nodes = Cache::tag($tagKey)->get($cacheKey);
+ if (!$nodes) {
+ $member = MemberAccount::get($memberAccountId);
+ $authorize = $member['authorize'];
+ $authorizeIds = Db::name('ProjectAuth')->whereIn('id', explode(',', $authorize))->where(['status' => '1'])->column('id');
+ if (empty($authorizeIds)) {
+ $nodes = [];
+ } else {
+ $nodes = Db::name('ProjectAuthNode')->whereIn('auth', $authorizeIds)->column('node');
+ }
+ Cache::tag($tagKey)->set($cacheKey, $nodes, 3600 * 24 * 7);
+ }
+ return $nodes;
+ }
+
+ public static function clearMemberNodes($orgCode)
+ {
+ $tagKey = 'member:codes:' . $orgCode;
+ return Cache::clear($tagKey);
+ }
+
+
/**
* 获取项目账号授权节点
* @return array
@@ -50,6 +83,7 @@ class NodeService
return $nodes;
}
+
/**
* 检查账号节点权限
* @param string $node 节点
@@ -69,7 +103,8 @@ class NodeService
if (!in_array($currentNode, self::getProjectAuthNode())) {
return true;
}
- return in_array($currentNode, !empty($member['nodes']) ? (array)$member['nodes'] : []);
+ $memberNodes = self::getMemberNodes($member['organization_code'], $member['account_id']);
+ return in_array($currentNode, !empty($memberNodes) ? (array)$memberNodes : $memberNodes);
}
return false;
}