<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Arr;
class Permission
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$isApi = $request->ajax();
$user = $request->user;
//处理权限和菜单
$permData = config('perm.perm');
$action = $request->route('key');
empty($action) && $action = 'Dashboard';
//获取菜单
if (!$isApi && empty($request->input('window'))) {
$menuData = json_decode(curl($permData['menu_url'] . $permData['menu_id']));
if (empty($menuData->data)) {
return '菜单生成错误,请联系技术';
} else {
$menuData = $menuData->data;
}
$menus = !in_array($request->user->userId, $permData['admin_group']) ?
$this->menu($menuData, $request->user->userId) : $menuData;
if (empty($menus)) {
return $this->view('Auth', '没有访问权限', $permData['go_url']);
}
$request->menus = $menus;
}
if (!in_array($user->userId, $permData['admin_group']) && $action != 'Dashboard') {//不是超级管理员
$perm = $this->perm($request->user->userId, $action);
if ($perm !== true) {
if ($isApi) {
return '没有权限';
}
return $this->view('Auth', '没有访问权限', $permData['go_url']);
}
}
return $next($request, $action);
}
//去菜单里面提取路由方法(用于权限对比)
private function getMenuPerms($menuData)
{
$perms = [];
foreach ($menuData as $k => $v) {
$v = (array)$v;
$permChild = [];
$perm = [];
if (strlen($v['href']) > 2) {
$action = explode('/', $v['href']);
$perm[] = end($action);
}
if (count($v['childs']) > 0) {
$permChild = $this->getMenuPerms($v['childs']);
}
$perms = array_merge($perms, array_merge($perm, $permChild));
}
return $perms;
}
//根据权限生成菜单
private function menu($menu, $user)
{
$perm = $this->getMenuPerms($menu);
$perm1 = implode(',', $perm);
$permArr = config('perm.perm');
$perm = $permArr['id'];
$url = $permArr['url'] . '/' . $user . '/' . $perm . '?perms=' . $perm1;
$result = json_decode(curl($url, '', false), true);
if ($result['retcode'] === 0) {
$find = $result['data']['perms'];
$menu = $this->deleteMenu($menu, $find);
if (!empty($menu) && is_array($menu)) {
foreach ($menu as $k => $v) {
$v = (array)$v;
if ($v['title'] != 'Dashboard' && count($v['childs']) == 0 && empty($v['href'])) {
unset($menu[$k]);
}
}
}
return array_merge($menu);
} else {
return false;
}
}
//删除没有权限的菜单
function deleteMenu($menu, $find)
{
foreach ($menu as $k => $v) {
if (strlen($v->href) > 2) {
$action = explode('/', $v->href);
$key = end($action);
if (empty($find[$key]) || $find[$key] == false) {
unset($menu[$k]);
}
} else {
if (count($v->childs) > 0) {
$menu[$k]->childs = array_values($this->deleteMenu($v->childs, $find));
}
if (!count($v->childs) > 0 && $v->title != '首页') {
unset($menu[$k]);
}//为了删除没有下级的目录
}
}
return array_values($menu);
}
private function view($errcode, $errinfo, $goUrl = '')
{
$data = [
'errcode' => $errcode,
'errinfo' => $errinfo,
'url' => $goUrl
];
return view('errors.error', $data);
}
//检查权限,仅支持验证单个权限
function perm($userId, $perm1 = '')
{
$permArr = config('perm.perm');
$NotAuth = $permArr['notAuth'];
$AdminID = $permArr['adminGroup'];
if ((!in_array($perm1, $NotAuth)) && !in_array($userId, $AdminID)) {//过滤不用鉴权的方法与用户
$permID = $permArr['id'];
$url = $permArr['url'] . '/' . $userId . '/' . $permID . '?perms=' . $perm1;
$result = json_decode(curl($url, '', 0), true);
if (!isset($result['retcode']) || $result['retcode'] !== 0 || $result['data']['perms'][$perm1] == false) {
return false;
} else {
return true;
}
} else {
return true;
}
}
}