/** * 检查权限 * @param DeepinAuthAdministrator $admin * @param DeepinAuthResource $resource * @return bool */ private function checkPermission(DeepinAuthAdministrator $admin, DeepinAuthResource $resource) { if ($admin->isBan() == 1) { return redirect('/auth/logout'); //如果是被禁用直接退出 } if ($admin->gid() == 1) { return true; //超级管理员组免费权限资源的检查 } //判断用户组是否被禁用 $group = DeepinAuthGroup::find($admin->gid()); if (!$group instanceof DeepinAuthGroup || $group->inuse() != 1) { //用户组都禁用 return redirect('/auth/logout'); //如果是被禁用直接退出 } $resourceId = $resource->resourceId(); if ($resource->inuse() != 1) { return true; //该资源部需要认证 } $permission = DeepinAuthPermission::whereRaw("gid=:gid and resourceid=:resourceid", array(":gid" => $admin->gid(), ":resourceid" => $resourceId))->first(); return $permission != null; }
/** * 按照id查找 * @param $id * @return DeepinAuthGroup * @throws DeepInException */ protected function find($id) { $group = DeepinAuthGroup::find($id); if ($group instanceof DeepinAuthGroup) { return $group; } throw new DeepInException('找不到id为' . $id . '的数据~!'); }