项目初始化
This commit is contained in:
178
extend/ba/Auth.php
Normal file
178
extend/ba/Auth.php
Normal file
@@ -0,0 +1,178 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace ba;
|
||||
|
||||
use Throwable;
|
||||
use support\think\Db;
|
||||
|
||||
/**
|
||||
* 权限规则类(Webman 迁移版)
|
||||
*/
|
||||
class Auth
|
||||
{
|
||||
protected array $config = [
|
||||
'auth_group' => 'admin_group',
|
||||
'auth_group_access' => 'admin_group_access',
|
||||
'auth_rule' => 'admin_rule',
|
||||
];
|
||||
|
||||
protected array $children = [];
|
||||
|
||||
public function __construct(array $config = [])
|
||||
{
|
||||
$this->config = array_merge($this->config, $config);
|
||||
}
|
||||
|
||||
public function __get($name): mixed
|
||||
{
|
||||
return $this->config[$name] ?? null;
|
||||
}
|
||||
|
||||
public function getMenus(int $uid): array
|
||||
{
|
||||
$this->children = [];
|
||||
$originAuthRules = $this->getOriginAuthRules($uid);
|
||||
foreach ($originAuthRules as $rule) {
|
||||
$this->children[$rule['pid']][] = $rule;
|
||||
}
|
||||
|
||||
if (!isset($this->children[0])) {
|
||||
return [];
|
||||
}
|
||||
|
||||
return $this->getChildren($this->children[0]);
|
||||
}
|
||||
|
||||
private function getChildren(array $rules): array
|
||||
{
|
||||
foreach ($rules as $key => $rule) {
|
||||
if (array_key_exists($rule['id'], $this->children)) {
|
||||
$rules[$key]['children'] = $this->getChildren($this->children[$rule['id']]);
|
||||
}
|
||||
}
|
||||
return $rules;
|
||||
}
|
||||
|
||||
public function check(string $name, int $uid, string $relation = 'or', string $mode = 'url'): bool
|
||||
{
|
||||
$ruleList = $this->getRuleList($uid);
|
||||
if (in_array('*', $ruleList)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ($name) {
|
||||
$name = strtolower($name);
|
||||
$name = str_contains($name, ',') ? explode(',', $name) : [$name];
|
||||
}
|
||||
$list = [];
|
||||
$requestParams = [];
|
||||
if ($mode === 'url' && function_exists('request')) {
|
||||
$req = request();
|
||||
$requestParams = $req ? array_merge($req->get(), $req->post()) : [];
|
||||
$requestParams = json_decode(strtolower(json_encode($requestParams, JSON_UNESCAPED_UNICODE)), true) ?? [];
|
||||
}
|
||||
|
||||
foreach ($ruleList as $rule) {
|
||||
$query = preg_replace('/^.+\?/U', '', $rule);
|
||||
if ($mode === 'url' && $query !== $rule) {
|
||||
parse_str($query, $param);
|
||||
$intersect = array_intersect_assoc($requestParams, $param);
|
||||
$rule = preg_replace('/\?.*$/U', '', $rule);
|
||||
if (in_array($rule, $name) && $intersect == $param) {
|
||||
$list[] = $rule;
|
||||
}
|
||||
} elseif (in_array($rule, $name)) {
|
||||
$list[] = $rule;
|
||||
}
|
||||
}
|
||||
if ($relation === 'or' && !empty($list)) {
|
||||
return true;
|
||||
}
|
||||
$diff = array_diff($name, $list);
|
||||
if ($relation === 'and' && empty($diff)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function getRuleList(int $uid): array
|
||||
{
|
||||
$ids = $this->getRuleIds($uid);
|
||||
if (empty($ids)) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$originAuthRules = $this->getOriginAuthRules($uid);
|
||||
$rules = [];
|
||||
if (in_array('*', $ids)) {
|
||||
$rules[] = '*';
|
||||
}
|
||||
foreach ($originAuthRules as $rule) {
|
||||
$rules[$rule['id']] = strtolower($rule['name']);
|
||||
}
|
||||
return array_unique($rules);
|
||||
}
|
||||
|
||||
public function getOriginAuthRules(int $uid): array
|
||||
{
|
||||
$ids = $this->getRuleIds($uid);
|
||||
if (empty($ids)) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$where = [['status', '=', '1']];
|
||||
if (!in_array('*', $ids)) {
|
||||
$where[] = ['id', 'in', $ids];
|
||||
}
|
||||
$rules = Db::name($this->config['auth_rule'])
|
||||
->withoutField(['remark', 'status', 'weigh', 'update_time', 'create_time'])
|
||||
->where($where)
|
||||
->order('weigh desc,id asc')
|
||||
->select()
|
||||
->toArray();
|
||||
foreach ($rules as $key => $rule) {
|
||||
if (!empty($rule['keepalive'])) {
|
||||
$rules[$key]['keepalive'] = $rule['name'];
|
||||
}
|
||||
}
|
||||
|
||||
return $rules;
|
||||
}
|
||||
|
||||
public function getRuleIds(int $uid): array
|
||||
{
|
||||
$groups = $this->getGroups($uid);
|
||||
$ids = [];
|
||||
foreach ($groups as $g) {
|
||||
$ids = array_merge($ids, explode(',', trim($g['rules'] ?? '', ',')));
|
||||
}
|
||||
return array_unique($ids);
|
||||
}
|
||||
|
||||
public function getGroups(int $uid): array
|
||||
{
|
||||
$dbName = $this->config['auth_group_access'] ?: 'user';
|
||||
if ($this->config['auth_group_access']) {
|
||||
$userGroups = Db::name($dbName)
|
||||
->alias('aga')
|
||||
->join($this->config['auth_group'] . ' ag', 'aga.group_id = ag.id', 'LEFT')
|
||||
->field('aga.uid,aga.group_id,ag.id,ag.pid,ag.name,ag.rules')
|
||||
->where("aga.uid='$uid' and ag.status='1'")
|
||||
->select()
|
||||
->toArray();
|
||||
} else {
|
||||
$userGroups = Db::name($dbName)
|
||||
->alias('u')
|
||||
->join($this->config['auth_group'] . ' ag', 'u.group_id = ag.id', 'LEFT')
|
||||
->field('u.id as uid,u.group_id,ag.id,ag.name,ag.rules')
|
||||
->where("u.id='$uid' and ag.status='1'")
|
||||
->select()
|
||||
->toArray();
|
||||
}
|
||||
|
||||
return $userGroups;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user