54 lines
1.5 KiB
PHP
54 lines
1.5 KiB
PHP
|
<?php
|
|||
|
|
|
|||
|
|
/**
|
|||
|
|
* 文件功能:在职职务验证中间件
|
|||
|
|
* 只要用户当前持有在职职务(user_positions.is_active=true),即可访问后台。
|
|||
|
|
* id=1 超级管理员无需职务,直接通过。
|
|||
|
|
*
|
|||
|
|
* @author ChatRoom Laravel
|
|||
|
|
*
|
|||
|
|
* @version 1.0.0
|
|||
|
|
*/
|
|||
|
|
|
|||
|
|
namespace App\Http\Middleware;
|
|||
|
|
|
|||
|
|
use App\Models\Sysparam;
|
|||
|
|
use Closure;
|
|||
|
|
use Illuminate\Http\Request;
|
|||
|
|
use Illuminate\Support\Facades\Auth;
|
|||
|
|
use Symfony\Component\HttpFoundation\Response;
|
|||
|
|
|
|||
|
|
class HasActivePosition
|
|||
|
|
{
|
|||
|
|
/**
|
|||
|
|
* 校验用户是否有在职职务(或为超级管理员)。
|
|||
|
|
*
|
|||
|
|
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
|
|||
|
|
*/
|
|||
|
|
public function handle(Request $request, Closure $next): Response
|
|||
|
|
{
|
|||
|
|
if (! Auth::check()) {
|
|||
|
|
return redirect()->route('home');
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
$user = Auth::user();
|
|||
|
|
$superLevel = (int) Sysparam::getValue('superlevel', '100');
|
|||
|
|
|
|||
|
|
// id=1 或 superlevel 及以上:无需职务,直通
|
|||
|
|
if ($user->id === 1 || $user->user_level >= $superLevel) {
|
|||
|
|
return $next($request);
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 检查是否有在职职务
|
|||
|
|
if (! $user->activePosition()->exists()) {
|
|||
|
|
if ($request->expectsJson()) {
|
|||
|
|
return response()->json(['message' => '权限不足:您尚未持有任何职务', 'status' => 'error'], 403);
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
abort(403, '权限不足:您尚未持有任何职务,无法访问后台。');
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
return $next($request);
|
|||
|
|
}
|
|||
|
|
}
|