You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
yanzong/app/admin/controller/Controller.php

176 lines
5.6 KiB

<?php
// +----------------------------------------------------------------------
// | 萤火商城系统 [ 致力于通过产品和服务,帮助商家高效化开拓市场 ]
// +----------------------------------------------------------------------
// | Copyright (c) 2017~2023 https://www.yiovo.com All rights reserved.
// +----------------------------------------------------------------------
// | Licensed 这不是一个自由软件,不允许对程序代码以任何形式任何目的的再发行
// +----------------------------------------------------------------------
// | Author: 萤火科技 <admin@yiovo.com>
// +----------------------------------------------------------------------
declare (strict_types=1);
namespace app\admin\controller;
use cores\BaseController;
use app\admin\service\admin\User as AdminUserService;
use cores\exception\BaseException;
use app\common\model\Channel;
/**
* 超管后台控制器基类
* Class Controller
* @package app\admin\controller
*/
class Controller extends BaseController
{
// 商家登录信息
protected $admin;
// 当前控制器名称
protected string $controller = '';
// 当前方法名称
protected string $action = '';
// 当前路由uri
protected string $routeUri = '';
// 当前路由:分组名称
protected string $group = '';
// 登录验证白名单
protected array $allowAllAction = [
// 登录页面
'passport/login',
];
/**
* 强制验证当前访问的控制器方法method
* 例: [ 'login' => 'POST' ]
* @var array
*/
protected array $methodRules = [];
/**
* 后台初始化
* @return void
* @throws BaseException
*/
public function initialize()
{
// 设置管理员登录信息
$this->setAdminInfo();
// 当前路由信息
$this->getRouteinfo();
// 验证登录
$this->checkLogin();
// 强制验证当前访问的控制器方法method
$this->checkMethodRules();
}
/**
* 获取当前用户的数据平台权限
* [getUserPlatform description]
* @return [type] [description]
*/
public function getUserPlatform(){
if ($this->admin['user']['role'] == 1) {
//京东账号可以看到京东和自营的
if ($this->admin['user']['channel'] == 'jd') {
$list = Channel::where('status', 1)->whereIn('code',['jd','zy'])->select();
//苏宁账号可以看到苏宁和自营的
} elseif($this->admin['user']['channel'] == 'sn'){
$list = Channel::where('status', 1)->whereIn('code',['sn','zy'])->select();
//新阙通信账号可以看到新阙通信和自营的
} elseif($this->admin['user']['channel'] == 'xqtx'){
$list = Channel::where('status', 1)->whereIn('code',['xqtx','zy'])->select();
//其他账号供应商只能看到自己的
} else {
$list = Channel::where('status', 1)->whereIn('code',[$this->admin['user']['channel']])->select();
}
} else {
//超级管理员看到所有的
$list = Channel::where('status', 1)->select();
}
return $list;
}
/**
* 获取用户添加和导入数据时的platform
* [getUserAddPlatform description]
* @return [type] [description]
*/
public function getUserAddPlatform(){
if ($this->admin['user']['role'] == 1) {
if (in_array($this->admin['user']['channel'], ['jd','sn','xqtx'])) {
return 'zy';
} else {
return $this->admin['user']['channel'];
}
} else {
return 'zy';
}
}
/**
* 设置管理员登录信息
*/
private function setAdminInfo()
{
$this->admin = AdminUserService::getLoginInfo();
}
/**
* 解析当前路由参数 (分组名称、控制器名称、方法名)
*/
protected function getRouteinfo()
{
// 控制器名称
$this->controller = uncamelize($this->request->controller());
// 方法名称
$this->action = $this->request->action();
// 控制器分组 (用于定义所属模块)
$groupstr = strstr($this->controller, '.', true);
$this->group = $groupstr !== false ? $groupstr : $this->controller;
// 当前uri
$this->routeUri = "{$this->controller}/$this->action";
}
/**
* 验证登录状态
* @return void
* @throws BaseException
*/
private function checkLogin(): void
{
// 验证当前请求是否在白名单
if (in_array($this->routeUri, $this->allowAllAction)) {
return;
}
// 验证登录状态
if (empty($this->admin) || (int)$this->admin['is_login'] !== 1) {
throwError('请先登录后再访问', config('status.not_logged'));
}
}
/**
* 强制验证当前访问的控制器方法method
* @throws BaseException
*/
private function checkMethodRules(): void
{
if (!isset($this->methodRules[$this->action])) {
return;
}
$methodRule = $this->methodRules[$this->action];
$currentMethod = $this->request->method();
if (empty($methodRule)) {
return;
}
if (is_array($methodRule) && in_array($currentMethod, $methodRule)) {
return;
}
if (is_string($methodRule) && $methodRule == $currentMethod) {
return;
}
throwError('illegal request method');
}
}