post('roleid'); // 限制超级管理员角色不能移除授权 $role = SystemRoles::find($roleId); if (empty($role)) { return showJsonErr('角色不存在'); } if ($role->is_super == 1) { return showJsonErr('抱歉，您的权限不足'); } // if (\Auth::user()->is_super != 1) { // return showJsonErr('抱歉，您的权限不足'); // } \DB::beginTransaction(); try { $permission = $role->permissions; if ($permission->isNotEmpty()) { foreach ($permission as $item) { $role->revokePermissionTo($item); } } $permissionIds = $request->post('permissionId'); if (!empty($permissionIds)) { if (is_numeric($permissionIds)) { $role = self::rolePermissions($role, $permissionIds); if ($role == false) { \DB::rollBack(); return showJsonErr('授权' . $permissionIds . '失败'); } } else { $permissionIds = explode(',', $permissionIds); foreach ($permissionIds as $permissionId) { $role = self::rolePermissions($role, $permissionId); if ($role == false) { \DB::rollBack(); return showJsonErr('授权' . $permissionId . '失败'); } } } } \DB::commit(); return showJson(101, 1001, $role); } catch (\Exception $exception) { \DB::rollBack(); return showJsonErr($exception->getMessage()); } } /** * 从角色中删除权限 * @author fatty * @date 2019/1/8 * @param Request $request * @return \Illuminate\Contracts\Routing\ResponseFactory|\Symfony\Component\HttpFoundation\Response * @description */ public function revoPermission(Request $request) { $validator = \Validator::make($param = $request->all(), [ 'roleid' => 'required|integer|exists:system_roles,id', 'permissionId' => 'required' ]); if ($validator->fails()) { return showJsonErr($validator->errors()->first()); } // 限制超级管理员角色不能移除权限 $role = SystemRoles::find($param['roleid']); if ($role->is_super == 1) { return showJsonErr('抱歉，您的权限不足'); } \DB::beginTransaction(); try { if (is_numeric($param['permissionId'])) { $res = self::roleRevoPermissions($param['roleid'], $param['permissionId']); if ($res == false) { \DB::rollBack(); return showJsonErr('移除权限-' . $param['permissionId'] . '失败'); } } else { $permissionIds = explode(',', $param['permissionId']); foreach ($permissionIds as $permissionId) { $res = self::roleRevoPermissions($param['roleid'], $permissionId); if ($res == false) { \DB::rollBack(); return showJsonErr('移除权限-' . $param['permissionId'] . '失败'); } } } \DB::commit(); return showJson(101, 1001, $res); } catch (\Exception $exception) { \DB::rollBack(); return showJsonErr($exception->getMessage()); } } /** * 角色移除权限 * @author lyh * @date 2019/4/1 * @param $roleid * @param $permissionId * @return bool * @description */ private static function roleRevoPermissions($roleid, $permissionId) { // 判断当前用户是否拥有权限 if (\Auth::user()->hasPermissionTo($permissionId)) { $role = Role::findById($roleid, config('permission.guard')); $permission = Permission::findById($permissionId, config('permission.guard')); // 判断角色是否已有该权限 if (!SystemRoleHasPermissions::whereRoleId($roleid)->wherePermissionId($permissionId)->exists()) { return false; } return $role->revokePermissionTo($permission); } return false; } /** * 给角色分配权限 * @author lyh * @date 2019/4/1 * @param $roleid * @param $permissionId * @return bool|\Spatie\Permission\Contracts\Role * @description */ private static function rolePermissions($role, $permissionId) { // 判断当前登录用户没有的权限不能操作 $permission = Permission::findById($permissionId, config('permission.guard')); $role = $role->givePermissionTo($permission); return $role; } }