/** * Handle an incoming request. * @param $request * @param callable $next * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws UnLoginException */ public function handle($request, Closure $next) { $resource = $this->processPermissionResource($request); $url = "/auth/"; if ($resource == null || $this->user == null) { // return redirect($url); throw new UnLoginException("没有登录", 10001, array("url" => $url)); } $admin = DeepinAuthAdministrator::find($this->user->getUid()); if (!$admin instanceof DeepinAuthAdministrator) { return redirect($url); //用户已经被删除 } if (intval($admin->uid()) != 1) { //只有这个用户可以免除所有的权限验证 $isOk = $this->checkPermission($admin, $resource); //检查权限 if ($isOk == false) { $url = \Request::header("Referer"); if (empty($url)) { $url = "/admin/app"; } // return redirect($url); throw new UnLoginException("没有权限", 10002, array("url" => $url)); } } return $next($request); }
/** * 按照用户id查找 * @param $uid * @return DeepinAuthAdministrator * @throws DeepInException */ public function find($uid) { $user = DeepinAuthAdministrator::find($uid); if ($user instanceof DeepinAuthAdministrator) { return $user; } throw new DeepInException("uid为" . $uid . '的管理员不存在~!'); }