controller()); $action = lcfirst($request->action()); // 如果是登陆相关操作 wisdom智慧屏演示 if ($controller == 'login' || $controller == 'wisdom') return $next($request); // 微信绑定页面 if ($controller == 'index' && $action == 'wechat') return $next($request); // 判断是否登陆 $employee = session('employee'); $domain = request()->domain(); $url = strpos($domain,"zqxg.cc")!==false ? url('manage/login/index') : url('login/index'); if (empty($employee)) return redirect($url); // 如果是多企业页面 if ($controller == 'index' && $action == 'company') return $next($request); // 如果上传文件 if ($action == 'osscallback') return $next($request); // 如果是多企业 if (is_string($employee)) return redirect(url('index/company')); $sessionId = cache('employee_' . $employee['phone']); if(!empty($sessionId) && $sessionId != Session::getId()){ Session::clear(); return response(''); } $line = Employee::where([['id', '=', $employee->id], ['grant_id', '<>', '0']])->count(); if (!$line) { $employee = null; Session::clear(); return redirect(url('login/index')); } // 获取用户权限 // $grant = cache('grant_' . $employee->grand_id); // if (is_null($grant)) { $permissionIds = Grant::where('id', $employee->grant_id)->value('permission'); $permissionIds = is_null($permissionIds) ? [] : $permissionIds; $permission = Permission::where([['id', 'in', $permissionIds], ['uri', '<>', '']])->column('uri,relation'); $relation = explode(',', implode(',', array_column($permission, 'relation'))); $grant = array_merge(array_column($permission, 'uri'), $relation); // cache('grant_' . $employee->grand_id, $grant); // } // 获取用户组织 // $org = [$employee->org_id]; // if ($employee->is_manager) { // $org = cache('org_manager_' . $employee->org_id); // if (is_null($org)) { // $org = orgSubIds($employee->org_id); //$org = (new Org())->getChildOrg($employee->org_id); // cache('org_manager_' . $employee->org_id, $org); // } // } $org = orgSubIds($employee->root_id); // 设置请求信息 $request->employee = $employee; $request->grant = $grant; $request->org = $org; // 不验证权限页面 if ($controller == 'index' || $controller == 'backup' || $controller=='ueditor') return $next($request); // 如果是查询获取企业人员 if ($controller == 'statistics' && $action == 'get_person') return $next($request); if ($controller == 'org' && $action == 'employee') return $next($request); // 关联企业权限 // $request->granted = (new GrantedAuth())->getIdsByAuth($controller . '_' . $action, $employee['root_id']); // 判断是否有权限 $grant = array_unique($grant); if (!in_array($controller . '/' . $action, $grant)) { if ($request->isAjax()) { return json(['code' => 1, 'msg' => '无权限']); } throw new HttpException(404, '无权限'); } return $next($request); } }