浏览代码

get permission

tags/0.1.0
Robin Thoni 9 年前
父节点
当前提交
80c12267ef

+ 15
- 1
src/Auth/Business/LuticateBusiness.php 查看文件

@@ -63,7 +63,13 @@ class LuticateBusiness
63 63
 
64 64
         $permissions[] = LuticatePermissions::USER_LOGIN;
65 65
         foreach ($permissions as $permission) {
66
-            if (!LuticatePermissionsBusiness::getUserPermission(self::$_currentUser->getId(), $permission)) {
66
+            try {
67
+                $perm = LuticatePermissionsBusiness::getEffectivePermission(self::$_currentUser->getId(), $permission);
68
+                if (!$perm->getValue()) {
69
+                    return "Permission denied";
70
+                }
71
+            }catch (\Exception $e)
72
+            {
67 73
                 return "Permission denied";
68 74
             }
69 75
         }
@@ -120,12 +126,20 @@ class LuticateBusiness
120 126
         $route->post("$prefix/groups/$group_id/delUser/$user_id", "${ns}LuticateGroupsBusiness", "delUser", LuticatePermissions::GROUP_DEL_USER);
121 127
 
122 128
 
129
+        $route->post("$prefix/permissions/effective/$user_id/$permission_name", "${ns}LuticatePermissionsBusiness", "getEffectivePermission", LuticatePermissions::PERM_EFFECTIVE_GET);
130
+        $route->post("$prefix/permissions/effective/me/$permission_name", "${ns}LuticatePermissionsBusiness", "getEffectivePermissionMe");
131
+
132
+        $route->post("$prefix/permissions/$permission_name", "${ns}LuticatePermissionsBusiness", "get", LuticatePermissions::PERM_GET);
123 133
         $route->post("$prefix/permissions/add/$permission_name/$permission_value", "${ns}LuticatePermissionsBusiness", "add", LuticatePermissions::PERM_ADD);
124 134
         $route->post("$prefix/permissions/$permission_name/del", "${ns}LuticatePermissionsBusiness", "del", LuticatePermissions::PERM_DEL);
125 135
         $route->post("$prefix/permissions/$permission_name/edit/$permission_value", "${ns}LuticatePermissionsBusiness", "edit", LuticatePermissions::PERM_EDIT);
136
+
137
+        $route->post("$prefix/permissions/group/$group_id/$permission_name", "${ns}LuticatePermissionsGroupsBusiness", "get", LuticatePermissions::PERM_GROUP_GET);
126 138
         $route->post("$prefix/permissions/group/$group_id/add/$permission_name/$permission_value", "${ns}LuticatePermissionsGroupsBusiness", "add", LuticatePermissions::PERM_GROUP_ADD);
127 139
         $route->post("$prefix/permissions/group/$group_id/$permission_name/del", "${ns}LuticatePermissionsGroupsBusiness", "del", LuticatePermissions::PERM_GROUP_DEL);
128 140
         $route->post("$prefix/permissions/group/$group_id/$permission_name/edit/$permission_value", "${ns}LuticatePermissionsGroupsBusiness", "edit", LuticatePermissions::PERM_GROUP_EDIT);
141
+
142
+        $route->post("$prefix/permissions/user/$user_id/$permission_name", "${ns}LuticatePermissionsUsersBusiness", "get", LuticatePermissions::PERM_USER_GET);
129 143
         $route->post("$prefix/permissions/user/$user_id/add/$permission_name/$permission_value", "${ns}LuticatePermissionsUsersBusiness", "add", LuticatePermissions::PERM_USER_ADD);
130 144
         $route->post("$prefix/permissions/user/$user_id/$permission_name/del", "${ns}LuticatePermissionsUsersBusiness", "del", LuticatePermissions::PERM_USER_DEL);
131 145
         $route->post("$prefix/permissions/user/$user_id/$permission_name/edit/$permission_value", "${ns}LuticatePermissionsUsersBusiness", "edit", LuticatePermissions::PERM_USER_EDIT);

+ 20
- 9
src/Auth/Business/LuticatePermissionsBusiness.php 查看文件

@@ -21,25 +21,36 @@ class LuticatePermissionsBusiness extends LuBusiness {
21 21
         return $perm;
22 22
     }
23 23
 
24
-    public static function getUserPermission($user_id, $permission_name, $default = false)
24
+    public static function getEffectivePermission($user_id, $permission_name)
25 25
     {
26
-        $val = LuticatePermissionsDataAccess::getUserPermission($user_id, $permission_name);
27
-        if (is_null($val)) {
28
-            return $default;
29
-        }
30
-        return $val;
26
+        self::checkPermissionName($permission_name);
27
+        $val = LuticatePermissionsDataAccess::getEffectivePermission($user_id, $permission_name);
28
+        $perm = new LuticatePermissionsDbo();
29
+        $perm->setValue($val);
30
+        $perm->setName($permission_name);
31
+        return $perm;
31 32
     }
32 33
 
33
-    public static function getUserDynamicPermission($user_id, $permission_name, $action, $resource_id, $default = false)
34
+    public static function getEffectivePermissionMe($user, $permission_name)
35
+    {
36
+        return self::getEffectivePermission($user->getId(), $permission_name);
37
+    }
38
+
39
+    public static function getUserDynamicPermission($user_id, $permission_name, $action, $resource_id)
34 40
     {
35 41
         $dynamic_permission_name = "LU_DYN_" . $permission_name . "_" . $action . "_" . $resource_id;
36
-        $val = LuticatePermissionsDataAccess::getUserPermission($user_id, $dynamic_permission_name);
42
+        $val = LuticatePermissionsDataAccess::getEffectivePermission($user_id, $dynamic_permission_name);
37 43
         if (is_null($val)) {
38
-            return self::getUserPermission($user_id, $permission_name, $default);
44
+            return self::getEffectivePermission($user_id, $permission_name);
39 45
         }
40 46
         return $val;
41 47
     }
42 48
 
49
+    public static function get($permission_name)
50
+    {
51
+        return LuticatePermissionsDataAccess::getByName($permission_name);
52
+    }
53
+
43 54
     public static function add($permission_name, $permission_value)
44 55
     {
45 56
         $perm = LuticatePermissionsDataAccess::getByName($permission_name);

+ 5
- 0
src/Auth/Business/LuticatePermissionsGroupsBusiness.php 查看文件

@@ -12,6 +12,11 @@ class LuticatePermissionsGroupsBusiness extends LuBusiness {
12 12
         return new LuticatePermissionsGroupsDataAccess();
13 13
     }
14 14
 
15
+    public static function get($group_id, $permission_name)
16
+    {
17
+        return LuticatePermissionsGroupsDataAccess::getByName($group_id, $permission_name);
18
+    }
19
+
15 20
     public static function add($group_id, $permission_name, $permission_value)
16 21
     {
17 22
         LuticateGroupsBusiness::checkGroupId($group_id);

+ 5
- 0
src/Auth/Business/LuticatePermissionsUsersBusiness.php 查看文件

@@ -12,6 +12,11 @@ class LuticatePermissionsUsersBusiness extends LuBusiness {
12 12
         return new LuticatePermissionsUsersDataAccess();
13 13
     }
14 14
 
15
+    public static function get($user_id, $permission_name)
16
+    {
17
+        return LuticatePermissionsUsersDataAccess::getByName($user_id, $permission_name);
18
+    }
19
+
15 20
     public static function add($user_id, $permission_name, $permission_value)
16 21
     {
17 22
         LuticateUsersBusiness::checkUserId($user_id);

+ 4
- 0
src/Auth/DBO/LuticatePermissions.php 查看文件

@@ -24,12 +24,16 @@ class LuticatePermissions
24 24
     const GROUP_ADD_USER = "LU_GROUP_ADD_USER";
25 25
     const GROUP_DEL_USER = "LU_GROUP_DEL_USER";
26 26
 
27
+    const PERM_EFFECTIVE_GET = "LU_PERM_EFFECTIVE_GET";
28
+    const PERM_GET = "LU_PERM_GET";
27 29
     const PERM_ADD = "LU_PERM_ADD";
28 30
     const PERM_EDIT = "LU_PERM_EDIT";
29 31
     const PERM_DEL = "LU_PERM_DEL";
32
+    const PERM_GROUP_GET = "LU_PERM_GROUP_GET";
30 33
     const PERM_GROUP_ADD = "LU_PERM_GROUP_ADD";
31 34
     const PERM_GROUP_EDIT = "LU_PERM_GROUP_EDIT";
32 35
     const PERM_GROUP_DEL = "LU_PERM_GROUP_DEL";
36
+    const PERM_USER_GET = "LU_PERM_USER_GET";
33 37
     const PERM_USER_ADD = "LU_PERM_USER_ADD";
34 38
     const PERM_USER_EDIT = "LU_PERM_USER_EDIT";
35 39
     const PERM_USER_DEL = "LU_PERM_USER_DEL";

+ 1
- 1
src/Auth/DataAccess/LuticatePermissionsDataAccess.php 查看文件

@@ -13,7 +13,7 @@ class LuticatePermissionsDataAccess extends LuDataAccess {
13 13
         return new LuticatePermissions();
14 14
     }
15 15
 
16
-    public static function getUserPermission($user_id, $permission_name)
16
+    public static function getEffectivePermission($user_id, $permission_name)
17 17
     {
18 18
         return SpLuGetUserPermission::execute($user_id, $permission_name)->getVal();
19 19
     }

正在加载...
取消
保存