request = $request; $this->response = $response; } /** * @param ProceedingJoinPoint $proceedingJoinPoint * @return mixed|\Psr\Http\Message\ResponseInterface * @throws AnnotationException * @throws \Hyperf\Di\Exception\Exception */ public function process(ProceedingJoinPoint $proceedingJoinPoint) { // 切面切入后，执行对应的方法会由此来负责 $authorization = $this->getAuthorizationAnnotation($proceedingJoinPoint); $isLogin = $this->request->getAttribute("isLogin", false); if ($authorization->needLogin && !$isLogin) { return $this->response->json(['code' => 1, 'msg' => '登录已过期']); } $admin = $this->request->getAttribute("account"); if ($authorization->needLogin && $authorization->needAuth) { if (!$isLogin || empty($admin) || !$this->checkPermission($authorization->auth, $this->request->getMethod(), $admin)) { return $this->response->json(['code' => 2, 'msg' => '权限不足']); } // 再次校验接口权限 if ("*" != $authorization->role && !$this->checkRole($authorization->role, $admin)) { return $this->response->json(['code' => 2, 'msg' => '权限不足-1']); } } $response = $proceedingJoinPoint->process(); // // 记录日志 // if (config("app.log") && $isLogin && !empty($admin) && $authorization->needLog && $authorization->auth != "*") { // AccountLog::record($this->request, $admin, $authorization->auth, $response); // } return $response; } /** * desc: 获取注解类 * @param ProceedingJoinPoint $proceedingJoinPoint * @return PreAuthorization * @throws AnnotationException */ protected function getAuthorizationAnnotation(ProceedingJoinPoint $proceedingJoinPoint): PreAuthorization { $annotation = $proceedingJoinPoint->getAnnotationMetadata()->method[PreAuthorization::class] ?? null; if (!$annotation instanceof PreAuthorization) { throw new AnnotationException("Annotation PreAuthorization couldn't be collected successfully."); } return $annotation; } /** * desc: 校验操作权限 * @param string $auth * @param string $method * @param array $account * @return bool */ protected function checkPermission(string $auth, string $method, array $account): bool { return Account::checkAuth($account, $method, $auth); } /** * @param string $role * @param array $admin * @return bool */ private function checkRole(string $role, array $admin): bool { $keys = []; $roles = ['ADMIN' => 0, 'ORG' => 1]; foreach (explode(",", $role) as $key) { $keys[] = $roles[$key]; } return in_array($admin['account_type'], $keys); } }