Inicio Explorar Axuda
Iniciar sesión
waibao
/
NN2022081301
2
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Rama: master
Ramas Etiquetas
NN2022081301
/
application
/
agent
/
middleware
/
CasbinAuthMiddleware.php

CasbinAuthMiddleware.php 2.9 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 
  1. <?php
    2. 

  2. 

  3. namespace app\agent\middleware;
    4. 

  4. 

  5. 

  6. use app\agent\model\auth\Log;
    7. 

  7. use CasbinAdapter\Think\Facades\AgentCasbin;
    8. 

  8. use Lettered\Support\Auth as IAuth;
    9. 

  9. use Lettered\Support\Exceptions\ForbiddenException;
    10. 

  10. use CasbinAdapter\Think\Facades\Casbin;
    11. 

  11. 

  12. 

  13. /**
    14. 

  14.  * 操作权限验证
    15. 

  15.  * Class CasbinAuthMiddleware
    16. 

  16.  * @package app\http\middleware
    17. 

  17.  */
    18. 

  18. class CasbinAuthMiddleware
    19. 

  19. {
    20. 

  20.     /**
    21. 

  21.      * @var IAuth
    22. 

  22.      */
    23. 

  23.     protected $auth;
    24. 

  24. 

  25.     /**
    26. 

  26.      * CasbinAuthMiddleware constructor.
    27. 

  27.      * @param IAuth $auth
    28. 

  28.      */
    29. 

  29.     public function __construct(IAuth $auth)
    30. 

  30.     {
    31. 

  31.         // 这里要做下来源 是admin 还是agent
    32. 

  32.         $this->auth = $auth->guard('agent');
    33. 

  33.     }
    34. 

  34. 

  35.     /**
    36. 

  36.      * Casbin 授权验证
    37. 

  37.      *
    38. 

  38.      * @author 许祖兴 < zuxing.xu@lettered.cn>
    39. 

  39.      * @date 2020/3/21 20:28
    40. 

  40.      *
    41. 

  41.      * @param $request
    42. 

  42.      * @param \Closure $next
    43. 

  43.      * @return mixed
    44. 

  44.      * @throws ForbiddenException
    45. 

  45.      * @throws \Casbin\Exceptions\CasbinException
    46. 

  46.      * @throws \Lettered\Support\Exceptions\FailedException
    47. 

  47.      * @throws \think\db\exception\DataNotFoundException
    48. 

  48.      * @throws \think\db\exception\ModelNotFoundException
    49. 

  49.      * @throws \think\exception\DbException
    50. 

  50.      */
    51. 

  51.     public function handle($request, \Closure $next)
    52. 

  52.     {
    53. 

  53.         // 操作权限验证 v0  v1  v2
    54. 

  54.         //           Uid Uri Method
    55. 

  55.         // 当前用户
    56. 

  56.         $user = $this->auth->user();
    57. 

  57.         // 在这里替换空
    58. 

  58. //        $baseUrl = str_replace('/agent', '', $request->baseUrl());
    59. 

  59.         $baseUrl = $request->baseUrl();
    60. 

  60. 

  61.         // 检查忽略项
    62. 

  62.         if (in_array($baseUrl . '^' . strtolower($request->method()), config('casbin.ignore.policy'))
    63. 

  63.             || in_array($user->id, str2arr(config('casbin.ignore.users_idx')))) {
    64. 

  64.         } elseif (!AgentCasbin::enforce('user_id_' . $user->id, $baseUrl, strtolower($request->method()))) {
    65. 

  65.             $baseUrl = str_replace('/agent', '', $request->baseUrl());
    66. 

  66.             if (!AgentCasbin::enforce('user_id_' . $user->id, $baseUrl, strtolower($request->method()))) {
    67. 

  67.                 throw new ForbiddenException([
    68. 

  68.                     'errmsg' => 'Unauthorized: 您无权操作!' . enjson(['user_id_' . $user->id, $baseUrl, strtolower($request->method())])
    69. 

  69.                 ]);
    70. 

  70.             }
    71. 

  71. 

  72.         }
    73. 

  73. 

  74.         // 操作记录
    75. 

  75.         $log =[
    76. 

  76.             'user_id' => $user->id,
    77. 

  77.             'route' => $request->baseUrl(),
    78. 

  78.             'operate'  => strtolower($request->method()),
    79. 

  79.             'query' => enjson($request->param()),
    80. 

  80.             'ip' => $request->ip(),
    81. 

  81.             'os' => get_user_agent(),
    82. 

  82.             'browser' => get_user_agent('br')
    83. 

  83.         ];
    84. 

  84. 

  85.         $Log = new Log();
    86. 

  86. 

  87.         // 系统日志记录
    88. 

  88.         $result = $Log::where($log)->find();
    89. 

  89. 

  90.         if (!$result) {
    91. 

  91.             $Log::create($log);
    92. 

  92.         } else {
    93. 

  93.             $log['id'] = $result->id;
    94. 

  94.             $log['count'] = $result->count+1;
    95. 

  95.             $Log::update($log);
    96. 

  96.         }
    97. 

  97. 

  98.         return $next($request);
    99. 

  99.     }
    100. 

  100. }
    101.