Commit f052feb7 by 宁成龙

增加权限授权

parent 21daa770
......@@ -34,7 +34,7 @@ class UserController extends AdminController
$grid->disableRefreshButton();
$grid->disableBatchDelete();
// $grid->disableCreateButton();
$grid->model()->orderBy("id", "desc");
$grid->model()->orderBy("id", "desc")->rule(\App\Models\User::$ruleViewList, 'sale_id');
UserService::userListListField($grid);
UserService::userListTool($grid);
UserService::userListActions($grid);
......
<?php
/**
* Created by PhpStorm.
* User: duwenjun
* Date: 2021/8/25
* Time: 5:33 PM
*/
namespace App\Admin\Service;
use App\Http\Caches\PermCache;
use App\Http\Models\Cms\UserInfoModel;
use App\Models\Cms\CmsUser;
use App\Models\Cms\CmsUserDepartmentModel;
use Illuminate\Support\Facades\Log;
class PermService
{
const SELF_SYSTEM_NAME = "深贸后台";
// 获取指定用户下级所有人员
public static function getSubUserId($userId)
{
$sub_user_ids = [];
array_unshift($sub_user_ids, $userId); // 将当前用户添加到数组
$user_info = CmsUser::getInfoByUserId($userId);
if (empty($user_info) || !$user_info['department_id']) {
return $sub_user_ids;
}
// 获取所有下级部门
$department_ids = self::_getDepartmentIds($user_info['department_id']);
// 获取下级部门的人员
$sub_user_ids = CmsUser::getUserIdsByDepartmentIds($department_ids);
return array_unique($sub_user_ids);
}
// 获取查询的部门id,查询销售和采购部门下所有子部门的ids
// 这里要使用循环的查询方法,如果改部门下面还有子部门,那么一并查询,最终合并用户子部门id集
public static function _getDepartmentIds($top_department_id)
{
$all_department_ids = $next_department_ids = [$top_department_id];
while ($next_department_ids) {
$next_department_ids = CmsUserDepartmentModel::getDepartmentIdsParrentIds($next_department_ids);
$all_department_ids = array_merge($all_department_ids, $next_department_ids);
}
return $all_department_ids;
}
}
......@@ -2,7 +2,7 @@
namespace App\Models;
use App\Http\Services\PermService;
use App\Admin\Service\PermService;
use Illuminate\Database\Eloquent\Model;
class BaseModel extends Model
......@@ -11,24 +11,23 @@ class BaseModel extends Model
*/
public function scopeRule($query, $viewList,$adminUser="sale_id")
{
if (getAdminUserId() == 1000) {
return $query;
}
$nowSaleId = getAdminUserId();
// if ($nowSaleId == 1000) {
// return $query;
// }
//查看所有
if (PermService::hasPerm($viewList[0])) {
if (checkPerm($viewList[0])) {
return $query;
}
//查看下级
if (PermService::hasPerm($viewList[1])) { //查看下级的权限//获取用户部门下的所有用户
$userIds = PermService::getSubUserId(getAdminUserId());
if (checkPerm($viewList[1])) { //查看下级的权限//获取用户部门下的所有用户
$userIds = PermService::getSubUserId($nowSaleId);
if (!empty($userIds)) {
return $query->whereIn($adminUser, $userIds);
}
}
$query = $query->where($adminUser, getAdminUserId());
$query = $query->where($adminUser, $nowSaleId);
return $query;
}
......
......@@ -22,4 +22,23 @@ class CmsUser extends Model
$res = self::whereIn('department_id', $departmentIds)->get();
return ($res) ? $res->toArray() : [];
}
// 根据部门ID获取用户
public static function getUserIdsByDepartmentIds($department_ids = [], $field=[], $status='')
{
$res = self::whereIn('department_id', $department_ids);
if ($status !== '') {
$res = $res->where('status', $status);
}
if (!$field) {
$res = $res->pluck('userId');
} else {
$res = $res->select($field)->get();
}
return ($res) ? $res->toArray() : [];
}
}
......@@ -329,7 +329,7 @@ function getAdminUser()
*/
function getAdminUserId()
{
$admin = request()->get("user");
$admin = request()->user;
if (!$admin) {
throw new \App\Exceptions\InvalidRequestException("没找到登录相关信息,请先登录~_~");
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment