auth = $auth; } /** * Casbin 授权验证 * * @author 许祖兴 < zuxing.xu@lettered.cn> * @date 2020/3/21 20:28 * * @param $request * @param \Closure $next * @return mixed * @throws ForbiddenException * @throws \Casbin\Exceptions\CasbinException * @throws \Lettered\Support\Exceptions\FailedException * @throws \think\db\exception\DataNotFoundException * @throws \think\db\exception\ModelNotFoundException * @throws \think\exception\DbException */ public function handle($request, \Closure $next) { // 操作权限验证 v0 v1 v2 // Uid Uri Method // 当前用户 $user = $this->auth->user(); // 检查忽略项 if (in_array($request->baseUrl() . '^' . strtolower($request->method()), config('casbin.ignore.policy')) || in_array($user->id, str2arr(config('casbin.ignore.users_idx')))) { } elseif (!Casbin::enforce('user_id_' . $user->id, $request->baseUrl(), strtolower($request->method()))) { throw new ForbiddenException([ 'errmsg' => 'Unauthorized: 您无权操作！' ]); }; // 操作记录 $log =[ 'user_id' => $user->id, 'route' => $request->baseUrl(), 'operate' => strtolower($request->method()), 'query' => enjson($request->param()), 'ip' => $request->ip(), 'os' => get_user_agent(), 'browser' => get_user_agent('br') ]; // 系统日志记录 $result = model('OperationLog')::where($log)->find(); if (!$result) { model('OperationLog')::create($log); } else { $log['id'] = $result->id; $log['count'] = $result->count+1; model('OperationLog')::update($log); } return $next($request); } }