修复用户权限问题

a828185d · hangjun83 · e2b35708 · a828185d · a828185d · a828185d
Commit a828185d authored Apr 05, 2022 by hangjun83
3 changed files
--- a/server/app/Http/V1/Auth/AuthorizationController.php
+++ b/server/app/Http/V1/Auth/AuthorizationController.php
@@ -268,7 +268,7 @@ class AuthorizationController extends Controller
    {
        $message = [
            'type.required' => "菜单类型必选",
-            'parentId.required' => "菜单上统计菜单必填",
+            'parentId.required' => "上级菜单必填",
            'level.required' => "菜单深度必填",
            'sort.required' => "菜单排序必填",
            'status.required' => "菜单状态必选",

--- a/server/app/Services/AuthService.php
+++ b/server/app/Services/AuthService.php
@@ -177,29 +177,18 @@ class AuthService
                    throw new \LogicException('角色不存在');
                }

+                //判断当前用户是否有相应的角色权限
+                //如果有，先取消。然后在进行新的角色权限分配
                $belongRoles = $user->roles;
                //角色
                if(count($belongRoles->toArray()) > 0){
-                    collect($belongRoles)->map(function($role) use ($user){
-                        $user->removeRole($role);
-                        $permissions = $role->permissions;
-                        collect($permissions)->map(function($permission) use ($role){
-                            $role->revokePermissionTo($permission);
-                        });
-                    });
+                    $this->removeUserRoleAndPermission($user, $roles);
                }
-                collect($roles)->map(function($role) use ($user){
-                    $user->assignRole($role);
-                    /*echo "<pre>";
-                    print_R($role->permissions->toArray());
-                    exit;*/
-                });
+                $this->authroizeUserRoleAndPermission($user, $roles);
            }else{
                $roles = $user->roles;
                if(count($roles->toArray()) > 0){
-                    collect($roles)->map(function($role) use ($user){
-                        $user->removeRole($role);
-                    });
+                    $this->removeUserRoleAndPermission($user,$roles);
                }
            }
        }
@@ -207,6 +196,38 @@ class AuthService
        return true;
    }

+    /**
+     * 移除当前用户所在的角色及角色权限
+     * @param $user
+     * @param $roles
+     */
+    public function removeUserRoleAndPermission($user,$roles)
+    {
+        collect($roles)->map(function($role) use ($user){
+            $permissions = $role->permissions;
+            $user->removeRole($role);
+            collect($permissions)->map(function($permission) use ($user){
+                $user->revokePermissionTo($permission);
+            });
+        });
+    }
+
+    /**
+     * 授权当前用户所在的角色及角色权限
+     * @param $user
+     * @param $roles
+     */
+    public function authroizeUserRoleAndPermission($user, $roles)
+    {
+        collect($roles)->map(function($role) use ($user){
+            $user->assignRole($role);
+            $permissions = $role->permissions;
+            collect($permissions)->map(function($permission) use ($user){
+                $user->givePermissionTo($permission);
+            });
+        });
+    }
+
    /**
     * 更新用户状态
     * @param $request

--- a/server/app/Services/RoleAndPermissionsService.php
+++ b/server/app/Services/RoleAndPermissionsService.php
@@ -48,6 +48,12 @@ class RoleAndPermissionsService
        $role = $this->getAllPermissions($this->user);
    }

+    /**
+     * 获取用户所有权限
+     * @param $user
+     * @param bool $parseUserRole
+     * @return mixed
+     */
    protected function getAllPermissions($user, $parseUserRole = true)
    {
        $role = $user->getpermissionsviaroles();
@@ -358,24 +364,40 @@ class RoleAndPermissionsService
    public function deleteMenus($request)
    {
        $params = $this->formatKeysfromArray($request->all(),'toUnderScore');
+
        $menuModel = app(Menus::class);
        $menu_ids = explode(',',$params['ids']);
        if(!$menus = $menuModel->whereIn('id',$menu_ids)->get()){
-            throw new \LogicException('选中的菜单不存在!');
+            throw new \LogicException('选中的菜单不存在!',500);
        }
        //判断该菜单下面是否有其他子菜单
-        /*if($parentMenus = $menuModel->whereIn('parent_id',$menu_ids)->get()){
-            throw new \LogicException('选中的菜单中有子菜单存在，无法删除该菜单。');
+        /*if($menuModel->whereIn('parent_id',$menu_ids)->get()){
+            throw new \LogicException('选中的菜单中有子菜单存在，无法删除该菜单。',500);
        }*/
        //判断选中的菜单是否已被赋予权限给到用户组
        //查询该菜单对应的权限数据
-        $menuPermission = Permission::query()->has->whereIn('menu_id',$menu_ids)->get();
-        Permission::
+        $menuPermission = Permission::query()->whereIn('menu_id',$menu_ids)->get();
        if($menuPermission){
-            $allRole = Role::all();
-            if($allRole){
-                collect($allRole)->map(function($role) use ($menuPermission){
-                    $result = $role->permissions();
+            $allRoles = Role::all();
+            if($allRoles){
+                $hasPermission = false;
+                collect($allRoles)->map(function($role) use ($menuPermission, &$hasPermission){
+                    collect($menuPermission)->map(function($permission) use ($role, &$hasPermission){
+                        if($role->hasPermissionTo($permission)){
+                            $hasPermission = true ;
+                        }
+                    });
+                });
+                if($hasPermission){
+                    throw new \LogicException('用户权限中已经包含该菜单权限，请先取消角色中该菜单的权限，在进行删除操作.',500);
+                }
+                //删除对应的菜单
+                collect($menus)->map(function($menu) use ($menuPermission){
+                    $menu->delete();
+                    //删除对应的菜单权限
+                    collect($menuPermission)->map(function($permission){
+                        $permission->delete();
+                    });
                });
            }
        }
@@ -418,7 +440,6 @@ class RoleAndPermissionsService
        if(!$params['page_size'] || $params['page_size'] == 0){
           $params['page_size'] = 10;
        }
-        //$record = app(RolesRepository::class)->cursorPaginate($params['page_number'],$params['page_size'],['name,remark']);
        $roles = app(RolesRepository::class)->paginate($params['page_size'],['id','name','remark','created_at','updated_at']);
        if($roles){
            $rolePermission = [];
@@ -467,7 +488,7 @@ class RoleAndPermissionsService
    }

    /**
-     * 保存用户组
+     * 保存角色
     * @param $request
     * @return bool
     */
@@ -545,10 +566,10 @@ class RoleAndPermissionsService
            throw new \LogicException('角色不存在');
        }
        collect($roles)->map(function($role){
+            $role->delete();
            if(count($role->permissions->toArray()) > 0){
                $role->revokePermissionTo($role->permissions);
            }
-            $role->delete();
        });
    }
 }