更新API权限构建
This commit is contained in:
parent
112ff1f367
commit
d75b5a6eb4
|
|
@ -15,7 +15,9 @@ use think\facade\Request;
|
|||
use think\facade\Session;
|
||||
use think\facade\View;
|
||||
use think\facade\Db;
|
||||
use think\facade\Cache;
|
||||
use think\Response;
|
||||
use systematic\Systematic;
|
||||
|
||||
/**
|
||||
* 控制器基础类
|
||||
|
|
@ -139,4 +141,32 @@ abstract class ApiController
|
|||
throw new HttpResponseException($response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证用户访问权限
|
||||
*/
|
||||
protected function checkAuth()
|
||||
{
|
||||
$uid = JWT_UID;
|
||||
$login_admin = Db::name('Admin')->where(['id' => $uid])->find();
|
||||
if(!$login_admin['status']){
|
||||
$this->apiError('用户已禁止登录');
|
||||
}
|
||||
$baseUrl = explode('/', request()->baseUrl());
|
||||
$action = $baseUrl[count($baseUrl)-1] ?? '-' ;
|
||||
$controller = $baseUrl[count($baseUrl)-2] ?? '-';
|
||||
$controllerArray = explode('_', $controller);
|
||||
$prefixMod = $controllerArray[0] ?? '-';
|
||||
$conMod = $controllerArray[1] ?? '-';
|
||||
$GOUGU = new Systematic();
|
||||
$GOUGU->auth($uid);
|
||||
$auth_list_all = Cache::get('RulesSrc0');
|
||||
$auth_list = Cache::get('RulesSrc' . $uid);
|
||||
$pathUrl = $prefixMod . '/' . $conMod . '/' . $action;
|
||||
if (!in_array($pathUrl, $auth_list)) {
|
||||
return false;
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,26 +26,26 @@ class UserDepartment extends ApiController
|
|||
//获取部门架构
|
||||
public function index()
|
||||
{
|
||||
$cate = Db::name('Department')
|
||||
$this->checkAuth();
|
||||
$param = get_params();
|
||||
if (!empty($param['tree']) && $param['tree'] == 1) {
|
||||
$list = set_recursion(get_department());
|
||||
} else {
|
||||
$cate = Db::name('Department')
|
||||
->field('d.*,a.name as leader')
|
||||
->alias('d')
|
||||
->join('Admin a', 'a.id = d.leader_id', 'LEFT')
|
||||
->order('d.sort desc,d.id asc')
|
||||
->select();
|
||||
$list = generateTree($cate);
|
||||
$list = generateTree($cate);
|
||||
}
|
||||
$this->apiSuccess('获取成功', $list);
|
||||
}
|
||||
|
||||
//获取部门树形架构
|
||||
public function tree()
|
||||
{
|
||||
$department = set_recursion(get_department());
|
||||
$this->apiSuccess('获取成功', $department);
|
||||
}
|
||||
|
||||
//添加部门
|
||||
public function operate()
|
||||
public function add()
|
||||
{
|
||||
$this->checkAuth();
|
||||
$param = get_params();
|
||||
if (!empty($param['id']) && $param['id'] > 0) {
|
||||
try {
|
||||
|
|
@ -78,6 +78,7 @@ class UserDepartment extends ApiController
|
|||
//删除
|
||||
public function delete()
|
||||
{
|
||||
$this->checkAuth();
|
||||
$id = get_params("id");
|
||||
if (empty($id)) {
|
||||
$this->apiError('部门id不能为空');
|
||||
|
|
|
|||
Loading…
Reference in New Issue