/** * 分配权限 * @return \Illuminate\Http\JsonResponse * @throws DeepInException * @throws \Exception */ public function toAllocation() { $resourceId = intval(\Input::get("resourceid")); $gid = intval(Input::get("gid")); $isChecked = intval(Input::get("ischecked")); if ($resourceId < 1 || $gid < 1) { throw new DeepInException("参数不完整~!"); } $permission = DeepinAuthPermission::whereRaw("gid=:gid and resourceid=:resourceid", array(":gid" => $gid, ":resourceid" => $resourceId))->first(); if ($isChecked == 1) { if (!$permission instanceof DeepinAuthPermission) { $permission = new DeepinAuthPermission(); $permission->gid($gid); $permission->resourceId($resourceId); if ($permission->save() == false) { throw new DeepInException("选择失败~!"); } } } else { if ($permission instanceof DeepinAuthPermission) { if ($permission->delete() == false) { throw new DeepInException("取消悬着失败~!"); } } } return $this->successJSON(); }
/** * 检查权限 * @param DeepinAuthAdministrator $admin * @param DeepinAuthResource $resource * @return bool */ private function checkPermission(DeepinAuthAdministrator $admin, DeepinAuthResource $resource) { if ($admin->isBan() == 1) { return redirect('/auth/logout'); //如果是被禁用直接退出 } if ($admin->gid() == 1) { return true; //超级管理员组免费权限资源的检查 } //判断用户组是否被禁用 $group = DeepinAuthGroup::find($admin->gid()); if (!$group instanceof DeepinAuthGroup || $group->inuse() != 1) { //用户组都禁用 return redirect('/auth/logout'); //如果是被禁用直接退出 } $resourceId = $resource->resourceId(); if ($resource->inuse() != 1) { return true; //该资源部需要认证 } $permission = DeepinAuthPermission::whereRaw("gid=:gid and resourceid=:resourceid", array(":gid" => $admin->gid(), ":resourceid" => $resourceId))->first(); return $permission != null; }