public function store()
{
$validator = Validator::make(Request::all(), ['name' => 'required|max:255', 'cname' => 'required|max:10', 'perm' => 'required']);
if ($validator->fails()) {
return back()->withErrors($validator)->withInput();
}
$id = (int) Request::input('id');
$pid = (int) Request::input('pid');
$name = Request::input('name');
$cname = Request::input('cname');
$desc = Request::input('desc');
$perm = Request::input('perm');
if ($id) {
$role = Term::find($id);
//检测类别 不能加到 不同的分类和子分类
$terms = Term::get_item_by_type('role');
$terms = array_assort($terms, 'id', 'pid', 0, $id);
if ($pid && $pid != $role->pid && !in_array($pid, array_keys($terms))) {
$validator->errors()->add('type', '类别不正确');
return back()->withErrors($validator)->withInput();
}
$role->id = $id;
} else {
$role = new Term();
$role->type = 'role';
}
$role->pid = $pid;
$role->name = $name;
$role->cname = $cname;
$role->desc = $desc;
$role->save();
$role->set_value_by_key('perm', $perm);
return redirect()->action('Admin\\RoleController@index');
}
public function edit($id)
{
$categories = Term::get_item_by_type('category');
$tags = Term::get_item_by_type('tag');
$post = Post::find($id);
$relations = array_column($post->relations->toArray(), 'term_id');
return view('post.add', ['post' => $post, 'categories' => $categories, 'tags' => $tags, 'relations' => $relations]);
}
public static function list_paginate($term_id = 0, $term_type = 'category', $per_page = 2)
{
if ($term_id) {
$terms = Term::get_item_by_type($term_type, $term_id);
$category_ids = array_column($terms, 'id');
$category_ids[] = $term_id;
$posts = Post::leftJoin('relations', 'posts.id', '=', 'relations.object_id')->whereIn('relations.term_id', $category_ids)->orderBy('id', 'desc')->paginate($per_page);
} else {
$posts = Post::orderBy('id', 'desc')->paginate($per_page);
}
return $posts;
}
/**
* 根据currentRouteName 和 action 判断权限
* 如果currentRouteName不存在,则不判断权限
*
* 如
* currentRouteName = Admin::term
* action = add
* 则
* check_perm = term.add
* 如果
* term.add 不存在
* 则
* 按照currentRouteName 判断权限
* check_perm = term
* 如 check_perm 不存在 则不判断
*
* @param Request $request
* @param Closure $next
* @param null $need_permission
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function handle(Request $request, Closure $next, $need_permission = null)
{
$has_access = false;
$current_route = Route::currentRouteAction();
Debugbar::info('current route : ' . $current_route);
Debugbar::info('current route name : ' . Route::currentRouteName());
$route_name = substr(Route::currentRouteName(), 7);
if ($route_name && $current_route) {
$arr_route = explode('@', $current_route);
$action = strtolower($arr_route[1]);
/*
$arr_controller = explode('\\', $arr_route[0]);
$controller = array_pop($arr_controller);
$controller = strtolower(substr($controller, 0, strlen($controller) - 10));
$perm = $controller.($action == 'index' ?'':'.'.$action);
*/
//admin::term.add
$perm = $route_name . ($action == 'index' ? '' : '.' . $action);
Debugbar::info('perm ' . $perm);
$perms = Term::get_all_permission();
$check_perm = '';
if (array_key_exists($perm, $perms)) {
$check_perm = $perms[$perm];
} else {
if (array_key_exists($route_name, $perms)) {
$check_perm = $perms[$route_name];
}
}
Debugbar::info('check perm : id=' . $check_perm);
if ($check_perm) {
if ($request->user()->has_permission($check_perm)) {
$has_access = true;
}
} else {
$has_access = true;
}
} else {
$has_access = true;
}
if ($has_access) {
return $next($request);
} else {
return redirect('/admin/');
}
}
public function role($rid, $query_rid = 0)
{
Debugbar::disable();
$has_perm = [];
if ($rid) {
$role = Term::where('id', $rid)->where('type', 'role')->first();
$perm_id = $role->perm ?: [];
$perm = Term::whereIn('id', $perm_id)->get()->toArray();
if ($query_rid) {
$query_role = Term::where('id', $query_rid)->where('type', 'role')->first();
$has_perm = $query_role->perm;
}
//$has_perm = $role->perm;
} else {
$perm = Term::get_item_by_type('permission');
}
return view('perm.perm', ['perms' => $perm, 'has_perm' => $has_perm]);
}