后端：修复bug

286a94d0 · hangjun83 · 2e4eac7a · 286a94d0 · 286a94d0 · 286a94d0
Commit 286a94d0 authored Apr 14, 2022 by hangjun83
4 changed files
--- a/server/app/Http/Controllers/Middleware/Authenticate.php
+++ b/server/app/Http/Controllers/Middleware/Authenticate.php
@@ -35,7 +35,8 @@ class Authenticate
    protected $whiteList = [
        '/adminapi/user/info',
        '/adminapi/auth/logout',
-        '/adminapi/permission/dictData/defaultButtonPermission'
+        '/adminapi/permission/dictData/defaultButtonPermission',
+        '/adminapi/permission/menu/userRoleMenuList'
    ];

    /**
@@ -60,7 +61,6 @@ class Authenticate
     */
    public function handle($request, Closure $next, $guard = null)
    {
-
        /**
         * 如果路由是登出或者是修改密码的时候，需要对token进行处理，否则jwt处理时会出错
         */ 
@@ -106,11 +106,17 @@ class Authenticate
        $userPermissions = [];

        $routeParams = $request->route()[1];
+
        // 如果该路由不存在权限，或者在白名单中，直接不做权限验证
-        if(!isset($routeParams['permission']) || in_array($routeParams['permission'],$this->whiteList)){
+        if(isset($routeParams['permission']) && in_array($routeParams['permission'],$this->whiteList)){
+            return true;
+        }
+
+        if(in_array($routeParams['uri'],$this->whiteList)){
            return true;
        }

+
        // 获取用户的所有角色组对应的权限
        $roles = $user->roles;
        collect($roles)->map(function($role) use (&$userPermissions){

--- a/server/app/Repositories/Criteria/UserCriteria.php
+++ b/server/app/Repositories/Criteria/UserCriteria.php
@@ -18,12 +18,16 @@ class UserCriteria extends Criteria
 {
    protected function condition(Builder $query): void
    {
-        if ($name = $this->request->get('name')) {
-            $query->where('name', '=', $name);
+        if ($name = $this->request->get('nickname')) {
+            $query->where('nickname', '=', $name);
        }

        if ($email = $this->request->get('email')) {
            $query->where('email', 'like', "%$email%");
        }
+
+        if ($username = $this->request->get('username')) {
+            $query->where('username', '=', $username);
+        }
    }
 }
--- a/server/app/Services/AuthService.php
+++ b/server/app/Services/AuthService.php
@@ -98,6 +98,7 @@ class AuthService

        }

+        $this->userRepository->pushCriteria(new UserCriteria($request));
        $users = $this->userRepository->paginate($params['page_size'],['id','username','nickname','email','token','is_admin','status','lastlogin','created_at','updated_at']);
        $returnRecord = [];
        if($users){

--- a/server/app/Services/MenusService.php
+++ b/server/app/Services/MenusService.php
@@ -212,7 +212,6 @@ class MenusService

        $params['menu_name'] = $params['name'];
        $params['menu_path'] = $params['path'];
-        $params['menu_icon'] = $params['icon'];

        // 根据role规则重组 user
        $updateMenus = [];
@@ -221,6 +220,7 @@ class MenusService
                $updateMenus[$key] = $params[$key];
            }
        });
+        $updateMenus['menu_icon'] = $params['icon'];

        // 处理action
        //app(RoleAndPermissionsService::class)->checkRequestRolesPermissions($request);