Skip to content

T
tl_estate
Commit 9de2b588 authored by hujun's avatar hujun
Browse files
Options

权限验证

parent 5efd6aa0
Hide whitespace changes
Inline Side-by-side
Showing with 21 additions and 15 deletions
application/api_broker/extend/Basic.php
View file @ 9de2b588
...@@ -49,9 +49,6 @@ class Basic extends Controller ...@@ -49,9 +49,6 @@ class Basic extends Controller
* *
* Basic constructor. * Basic constructor.
* @param Request|null $request * @param Request|null $request
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\ModelNotFoundException
* @throws \think\exception\DbException
*/ */
public function __construct(Request $request = null) public function __construct(Request $request = null)
{ {
...@@ -268,15 +265,23 @@ class Basic extends Controller ...@@ -268,15 +265,23 @@ class Basic extends Controller
* *
* @param $requestPath * @param $requestPath
* @return bool * @return bool
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\ModelNotFoundException
* @throws \think\exception\DbException
*/ */
public function userAuth($requestPath){ public function userAuth($requestPath){
$agents = new AAgents(); $agents = new AAgents();
$is_auth = $agents->agentsAuthId($this->agentId, $requestPath); $is_auth = $agents->agentsAuthId($this->agentId, $requestPath);
if (empty($is_auth['id']) && $this->agentId != 1) { $auth_arr = [
'broker/report',
'broker/addFollowUp',
'broker/marchIn',
'broker/collectingBill',
'broker/refund',
'broker/bargain',
'broker/statusBargain',
'broker/getFollowUpList',
];
if (in_array($requestPath, $auth_arr) && empty($is_auth) && $this->agentId != 1) {
echo json_encode(array( "code" => "300", "msg" => "没有权限!", "data" => [], "type" => "json" ));exit; echo json_encode(array( "code" => "300", "msg" => "没有权限!", "data" => [], "type" => "json" ));exit;
} }
......
application/model/AAgents.php
View file @ 9de2b588
...@@ -488,19 +488,20 @@ class AAgents extends BaseModel ...@@ -488,19 +488,20 @@ class AAgents extends BaseModel
* *
* @param $agents_id * @param $agents_id
* @param $rule * @param $rule
* @return array|false|\PDOStatement|string|\think\Model * @return mixed
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\ModelNotFoundException
* @throws \think\exception\DbException
*/ */
public function agentsAuthId($agents_id, $rule) { public function agentsAuthId($agents_id, $rule) {
return $this->alias('a') $rules = $this->alias('a')
->field('b.id') ->field('b.id')
->join('auth_group b','a.auth_group_id=b.id','left') ->join('auth_group b','a.auth_group_id=b.id','left')
->where('name', $rule)
->where('a.id',$agents_id)
->where('b.status',0) ->where('b.status',0)
->find(); ->where('a.id',$agents_id)
->value('rules');
$rule_model = new AuthRule();
return $rule_model->where('id', 'in', $rules)
->where('name',$rule)
->value('id');
} }
/** /**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment