mkm/work
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
work/application/project/middleware/ProjectAuth.php
vilson 4bd4d7e717 ' 
1.项目支持开启自动更新进度信息
2.支持在看板中切换项目
3.任务工时支持先添加预估工时
4.子任务支持快速添加下一条
5.支持在当前任务中修改子任务执行者
6.优化修改头像功能
7.其他细节优化
'

Signed-off-by: vilson <545522390@qq.com>
2019-09-02 16:07:35 +08:00

154 lines
4.6 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
namespace app\project\middleware;
use app\common\Model\Project;
use app\common\Model\ProjectMember;
use app\common\Model\Task;
use app\common\Model\TaskStages;
use think\Request;
/**
* 项目内容操作权限管理
* Class ProjectAuth
* @package app\admin\middleware
*/
class ProjectAuth
{
protected $needAuthActions = [
'Project/edit',
'Project/recycle',
'Project/recovery',
'Project/archive',
'Project/recoveryArchive',
'ProjectMember/inviteMember',
'Task/save',
'Task/taskDone',
'Task/assignTask',
'Task/sort',
'Task/edit',
'Task/recycle',
'Task/recovery',
'Task/recycle',
'Task/delete',
'TaskMember/inviteMember',
'TaskMember/inviteMemberBatch',
'TaskStages/save',
'TaskStages/sort',
'TaskStages/edit',
'TaskStages/delete',
];
protected $needVisibleActions = [
'Project/read',
'Task/read',
'TaskStages/index',
];
/**
* 权限检测
* 原则上需要获取到项目的code进行判断所以接口需要传递projectCode或者taskCode来获得项目信息
* @param Request $request
* @param \Closure $next
* @return mixed
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\ModelNotFoundException
* @throws \think\exception\DbException
*/
public function handle($request, \Closure $next)
{
$member = getCurrentMember();
if (!$member) {
return $next($request);
}
list($module, $controller, $action) = [$request->module(), $request->controller(), $request->action()];
$node = "$controller/$action";
//方法转小写
foreach ($this->needAuthActions as &$action) {
$arr = explode('/', $action);
$arr[1] = strtolower($arr[1]);
$action = implode('/', $arr);
}
//操作权限
if (in_array($node, $this->needAuthActions)) {
$code = $this->getCode();
if (!$code) {
// return json(['code' => 404, 'msg' => '资源不存在']);
}
if ($code) {
$result = $this->checkAuth($code);
if (!$result) {
return json(['code' => 403, 'msg' => '无权限操作资源,访问被拒绝']);
}
}
}
//只读权限
if (in_array($node, $this->needVisibleActions)) {
$code = $this->getCode();
if ($code) {
$info = Project::where(['code' => $code])->field('private')->find();
if ($info['private']) {
$result = $this->checkAuth($code);
if (!$result) {
return json(['code' => 4031, 'msg' => '无权限操作资源,访问被拒绝']);
}
}
}
}
return $next($request);
}
public function getCode()
{
$code = \think\facade\Request::param('projectCode');
if (!$code) {
$code = \think\facade\Request::param('project_code');
}
if (!$code) {
$taskCode = \think\facade\Request::param('taskCode');
if (!$taskCode) {
$taskCode = \think\facade\Request::param('pcode'); // 父任务
}
$task = Task::where(['code' => $taskCode])->field('project_code')->find();
if ($task) {
$code = $task['project_code'];
}
}
if (!$code) {
$taskStageCode = \think\facade\Request::param('stageCode');
if ($taskStageCode) {
$taskStage = TaskStages::where(['code' => $taskStageCode])->find();
if ($taskStage) {
$code = $taskStage['project_code'];
}
}
}
return $code;
}
/**
* 检测操作权限
* @param $code
* @return bool
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\ModelNotFoundException
* @throws \think\exception\DbException
*/
public function checkAuth($code)
{
$info = Project::where(['code' => $code])->field('private')->find();
if (!$info) {
return false;
}
$where = ['project_code' => $code, 'member_code' => getCurrentMember()['code']];
$projectMember = ProjectMember::where($where)->field('id')->find();
if (!$projectMember) {
return false;
}
return true;
}
}
Reference in New Issue View Git Blame Copy Permalink