/**
* 分配权限
* @return \Illuminate\Http\JsonResponse
* @throws DeepInException
* @throws \Exception
*/
public function toAllocation()
{
$resourceId = intval(\Input::get("resourceid"));
$gid = intval(Input::get("gid"));
$isChecked = intval(Input::get("ischecked"));
if ($resourceId < 1 || $gid < 1) {
throw new DeepInException("参数不完整~!");
}
$permission = DeepinAuthPermission::whereRaw("gid=:gid and resourceid=:resourceid", array(":gid" => $gid, ":resourceid" => $resourceId))->first();
if ($isChecked == 1) {
if (!$permission instanceof DeepinAuthPermission) {
$permission = new DeepinAuthPermission();
$permission->gid($gid);
$permission->resourceId($resourceId);
if ($permission->save() == false) {
throw new DeepInException("选择失败~!");
}
}
} else {
if ($permission instanceof DeepinAuthPermission) {
if ($permission->delete() == false) {
throw new DeepInException("取消悬着失败~!");
}
}
}
return $this->successJSON();
}
/**
* 检查权限
* @param DeepinAuthAdministrator $admin
* @param DeepinAuthResource $resource
* @return bool
*/
private function checkPermission(DeepinAuthAdministrator $admin, DeepinAuthResource $resource)
{
if ($admin->isBan() == 1) {
return redirect('/auth/logout');
//如果是被禁用直接退出
}
if ($admin->gid() == 1) {
return true;
//超级管理员组免费权限资源的检查
}
//判断用户组是否被禁用
$group = DeepinAuthGroup::find($admin->gid());
if (!$group instanceof DeepinAuthGroup || $group->inuse() != 1) {
//用户组都禁用
return redirect('/auth/logout');
//如果是被禁用直接退出
}
$resourceId = $resource->resourceId();
if ($resource->inuse() != 1) {
return true;
//该资源部需要认证
}
$permission = DeepinAuthPermission::whereRaw("gid=:gid and resourceid=:resourceid", array(":gid" => $admin->gid(), ":resourceid" => $resourceId))->first();
return $permission != null;
}
