module(), $request->controller(), $request->action()]; $node = "$controller/$action"; //方法转小写 foreach ($this->needAuthActions as &$action) { $arr = explode('/', $action); $arr[1] = strtolower($arr[1]); $action = implode('/', $arr); } //操作权限 if (in_array($node, $this->needAuthActions)) { $code = $this->getCode(); if (!$code) { // return json(['code' => 404, 'msg' => '资源不存在']); } if ($code) { $result = $this->checkAuth($code); if (!$result) { return json(['code' => 403, 'msg' => '无权限操作资源，访问被拒绝']); } } } //只读权限 if (in_array($node, $this->needVisibleActions)) { $code = $this->getCode(); if ($code) { $info = Project::where(['code' => $code])->field('private')->find(); if ($info['private']) { $result = $this->checkAuth($code); if (!$result) { return json(['code' => 4031, 'msg' => '无权限操作资源，访问被拒绝']); } } } } return $next($request); } public function getCode() { $code = \think\facade\Request::param('projectCode'); if (!$code) { $code = \think\facade\Request::param('project_code'); } if (!$code) { $taskCode = \think\facade\Request::param('taskCode'); if (!$taskCode) { $taskCode = \think\facade\Request::param('pcode'); // 父任务 } $task = Task::where(['code' => $taskCode])->field('project_code')->find(); if ($task) { $code = $task['project_code']; } } if (!$code) { $taskStageCode = \think\facade\Request::param('stageCode'); if ($taskStageCode) { $taskStage = TaskStages::where(['code' => $taskStageCode])->find(); if ($taskStage) { $code = $taskStage['project_code']; } } } return $code; } /** * 检测操作权限 * @param $code * @return bool * @throws \think\db\exception\DataNotFoundException * @throws \think\db\exception\ModelNotFoundException * @throws \think\exception\DbException */ public function checkAuth($code) { $info = Project::where(['code' => $code])->field('private')->find(); if (!$info) { return false; } $where = ['project_code' => $code, 'member_code' => getCurrentMember()['code']]; $projectMember = ProjectMember::where($where)->field('id')->find(); if (!$projectMember) { return false; } return true; } }