Skip to content

Commit

Permalink
add:支持路由参数级别的权限控制
Browse files Browse the repository at this point in the history
  • Loading branch information
@eddy8
eddy8 committed Mar 9, 2020
1 parent 6298f9f commit affa169
Show file tree
Hide file tree
Showing 4 changed files with 74 additions and 9 deletions.
4 changes: 3 additions & 1 deletion app/Http/Controllers/Admin/MenuController.php
View file
Expand Up @@ -21,7 +21,9 @@

class MenuController extends Controller
{
protected $formNames = ['name', 'pid', 'status', 'order', 'route', 'group', 'remark', 'url', 'is_lock_name'];
protected $formNames = [
'name', 'pid', 'status', 'order', 'route', 'group', 'remark', 'url', 'is_lock_name', 'route_params'
];

public function __construct()
{
Expand Down
36 changes: 28 additions & 8 deletions app/Http/Middleware/Admin/Authorization.php
View file
Expand Up @@ -20,14 +20,34 @@ class Authorization
public function handle($request, Closure $next, $guard)
{
$user = Auth::guard($guard)->user();
$route = Route::currentRouteName();
$permission = Menu::where('route', $route)->first();
if (!in_array($user->id, config('light.superAdmin')) && (!$permission || !$user->can($permission->name))) {
if ($request->expectsJson()) {
return response()->json(['code' => 401, 'msg' => "未授权操作(路由别名:{$route}"], 401);
}
abort(401, "未授权操作(路由别名:{$route}");
if (in_array($user->id, config('light.superAdmin'))) {
return $next($request);
}
return $next($request);

$route = Route::current();
$routeName = $route->getName();
$permission = Menu::where('route', $routeName)->where('route_params', '')->first();
if ($permission && $user->can($permission->name)) {
return $next($request);
}

$routeParams = $route->parameters();
if (empty($routeParams)) {
return $next($request);
}
foreach ($routeParams as $k => $v) {
$val = "{$k}:{$v}";
break;
}

$permission = Menu::where('route', $routeName)->where('route_params', $val)->first();
if ($permission && $user->can($permission->name)) {
return $next($request);
}

if ($request->expectsJson()) {
return response()->json(['code' => 401, 'msg' => "未授权操作(路由别名:{$routeName}"], 401);
}
abort(401, "未授权操作(路由别名:{$routeName}");
}
}
36 changes: 36 additions & 0 deletions database/migrations/2020_03_09_143043_add_route_params_to_menus_table.php
View file
@@ -0,0 +1,36 @@
<?php

use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;

class AddRouteParamsToMenusTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('menus', function (Blueprint $table) {
$table->string('route_params')->default('')->comment('路由参数');
$table->dropUnique('menus_route_unique');
$table->unique(['route', 'route_params']);
});
}

/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('menus', function (Blueprint $table) {
$table->dropColumn('route_params');
$table->dropUnique('menus_route_route_params_unique');
$table->unique('route');
});
}
}
7 changes: 7 additions & 0 deletions resources/views/admin/menu/add.blade.php
View file
Expand Up @@ -40,6 +40,13 @@
<input type="text" name="route" required lay-verify="required" autocomplete="off" class="layui-input" value="{{ $model->route ?? '' }}">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">路由参数</label>
<div class="layui-input-inline">
<input type="text" name="route_params" autocomplete="off" class="layui-input" value="{{ $model->route_params ?? '' }}">
</div>
<div class="layui-form-mid layui-word-aux">用于精确控制同一路由下不同路由参数值的访问权限。填写格式:参数名称:参数值</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">URL</label>
<div class="layui-input-block">
Expand Down

0 comments on commit affa169

Please sign in to comment.