From 34a71b0664c07d113b2d076272a12c8e001c060f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=80=99=E5=AD=A6=E6=9D=B0?= <houxuejie@haowumc.com>
Date: Wed, 7 Feb 2018 21:22:54 +0800
Subject: [PATCH] check role

---
 src/PdAuth/Middleware/Authenticate.php | 32 +++++++++++++-------------
 src/PdAuth/Middleware/CheckRole.php    | 30 ++++++++++++++++++++++++
 2 files changed, 46 insertions(+), 16 deletions(-)
 create mode 100644 src/PdAuth/Middleware/CheckRole.php

diff --git a/src/PdAuth/Middleware/Authenticate.php b/src/PdAuth/Middleware/Authenticate.php
index 5a92107..2ac463e 100644
--- a/src/PdAuth/Middleware/Authenticate.php
+++ b/src/PdAuth/Middleware/Authenticate.php
@@ -74,22 +74,22 @@ class Authenticate
         }
 
         //权限检测
-        $path = $request->path();
-        $privileges = config('pdauth.roles_privileges');
-        $user = $request->user();
-        $match = [];
-        foreach ($user['roles'] as $role) {
-            if (array_key_exists($role, $privileges)) {
-                //如果设置了 * ,则跳过权限检测
-                if (is_string($privileges[$role]) && $privileges[$role] == '*') {
-                    return $next($request);
-                }
-                if (!is_array($privileges[$role])) {
-                    throw new \Exception('pdauth 配置错误！');
-                }
-                $match = array_merge($match, $privileges[$role]);
-            }
-        }
+//        $path = $request->path();
+//        $privileges = config('pdauth.roles_privileges');
+//        $user = $request->user();
+//        $match = [];
+//        foreach ($user['roles'] as $role) {
+//            if (array_key_exists($role, $privileges)) {
+//                //如果设置了 * ,则跳过权限检测
+//                if (is_string($privileges[$role]) && $privileges[$role] == '*') {
+//                    return $next($request);
+//                }
+//                if (!is_array($privileges[$role])) {
+//                    throw new \Exception('pdauth 配置错误！');
+//                }
+//                $match = array_merge($match, $privileges[$role]);
+//            }
+//        }
 
         if (in_array($path, $match)) {
             return $next($request);
diff --git a/src/PdAuth/Middleware/CheckRole.php b/src/PdAuth/Middleware/CheckRole.php
new file mode 100644
index 0000000..b80a94e
--- /dev/null
+++ b/src/PdAuth/Middleware/CheckRole.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace PdAuth\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class CheckRole
+{
+
+    public function handle(Request $request, Closure $next)
+    {
+        $uses = $request->route()[1]['uses'];
+        list($controller, $action) = explode('@', $uses);
+        $roles = $controller::Privileges;
+
+        if (empty($roles) || empty($roles[$action])) {
+            api_abort(403, '未定义权限');
+        }
+
+        $user = $request->user();
+
+        if (!$user->hasRoles($roles[$action])) {
+            api_abort(403, '无权访问');
+        }
+
+        return $next($request);
+    }
+
+}
\ No newline at end of file