Server : nginx/1.20.1
System : Linux iZ2ze9ojcl78uluczwag69Z 4.18.0-240.22.1.el8_3.x86_64 #1 SMP Thu Apr 8 19:01:30 UTC 2021 x86_64
User : www ( 1000)
PHP Version : 7.3.28
Disable Function : passthru,exec,system,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
Directory :  /www/wwwroot/0531yanglao.com/app/admin/middleware/
Upload File :
Current Directory [ Writeable ] Root Directory [ Writeable ]


Current File : /www/wwwroot/0531yanglao.com/app/admin/middleware/AdminRuleVerify.php
<?php
/*
 * @Description  : 权限验证中间件
 * @Author       : https://github.com/skyselang
 * @Date         : 2020-05-05
 * @LastEditTime : 2021-03-20
 */

namespace app\admin\middleware;

use Closure;
use think\Request;
use think\Response;
use think\facade\Config;
use app\common\cache\AdminUserCache;
use app\admin\service\AdminMenuService;

class AdminRuleVerify
{
    /**
     * 处理请求
     *
     * @param Request $request
     * @param Closure $next
     * @return Response
     */
    public function handle($request, Closure $next)
    {
        $menu_url        = request_pathinfo();
        $api_white_list  = Config::get('admin.api_white_list');
        $rule_white_list = Config::get('admin.rule_white_list');
        $white_list      = array_merge($rule_white_list, $api_white_list);
        //获取控制器名
        $request_controller = strtolower(explode('/', $menu_url)[1]);

        if (!in_array($menu_url, $white_list)) {
            $admin_user_id = admin_user_id();
            $admin_ids     = Config::get('admin.admin_ids');

            if (!in_array($admin_user_id, $admin_ids)) {
                $admin_user = AdminUserCache::get($admin_user_id);

                if (empty($admin_user)) {
                    exception('登录已失效,请重新登录', 401);
                }

                if ($admin_user['is_disable'] == 1) {
                    exception('账号已禁用,请联系管理员', 401);
                }

                if (!in_array($menu_url, $admin_user['roles'])) {
                    $admin_menu = AdminMenuService::info($menu_url);
                    exception('你没有权限操作:' . $admin_menu['menu_name'], 403);
                }
            }

            $admin_menu_url = AdminMenuService::list('url')['list'];

            //if (!in_array($menu_url, $admin_menu_url)) {
            if (!in_array($request_controller, $this->getController($admin_menu_url))) {
                $msg   = '接口地址错误';
                $debug = Config::get('app.app_debug');
                if ($debug) {
                    $msg .= ':' . $menu_url;
                }
                exception($msg, 404);
            }
        }

        return $next($request);
    }


    /**
     * @Description 获取权限控制器
     * @param $data
     * @return array
     * @author Aaron
     * @date 2021/3/23 14:52
     */
    private function getController($data)
    {
        $controller = [];
        foreach ($data as $route) {
            $parse_route = explode('/', $route);
            isset($parse_route[1]) && $controller[] = strtolower($parse_route[1]);
        }

        return array_unique($controller);
    }
}