From f9957ff9352623573c76ff8cee17464a4d33f2fb Mon Sep 17 00:00:00 2001
From: walkor <walkor@workerman.net>
Date: Tue, 6 Dec 2022 11:24:47 +0800
Subject: [PATCH] save

---
 .../app/controller/AdminRuleController.php    | 45 ++++++++++++++++---
 src/plugin/admin/app/view/user/index.html     | 10 +++--
 src/plugin/admin/public/admin/css/reset.css   |  4 ++
 .../admin/public/admin/js/permission.js       | 22 +++++++++
 4 files changed, 70 insertions(+), 11 deletions(-)
 create mode 100644 src/plugin/admin/public/admin/js/permission.js

diff --git a/src/plugin/admin/app/controller/AdminRuleController.php b/src/plugin/admin/app/controller/AdminRuleController.php
index c0dda1f..756fbfb 100644
--- a/src/plugin/admin/app/controller/AdminRuleController.php
+++ b/src/plugin/admin/app/controller/AdminRuleController.php
@@ -19,7 +19,7 @@ class AdminRuleController extends Crud
      *
      * @var string[]
      */
-    public $noNeedAuth = ['get'];
+    public $noNeedAuth = ['get', 'controller'];
 
     /**
      * @var AdminRule
@@ -62,7 +62,8 @@ class AdminRuleController extends Crud
      */
     function get(Request $request): Response
     {
-        [$rules, $items] = $this->getRulesAndItems();
+        $rules = $this->getRules(admin('roles'));
+        $items = AdminRule::orderBy('weight', 'desc')->get()->toArray();
         $types = $request->get('type', '0,1');
         $types = is_string($types) ? explode(',', $types) : [0, 1];
         $items_map = [];
@@ -98,6 +99,38 @@ class AdminRuleController extends Crud
         return $this->json(0, 'ok', $formatted_items);
     }
 
+    /**
+     * 获取控制器详细权限
+     * @param Request $request
+     * @return Response
+     */
+    public function controller(Request $request): Response
+    {
+        $controller = $request->get('controller');
+        if (!$controller) {
+            return $this->json(0, 'ok', []);
+        }
+        $rules = $this->getRules(admin('roles'));
+        // 超级管理员
+        if (in_array('*', $rules)) {
+            return $this->json(0, 'ok', ['*']);
+        }
+        // 获取详细权限
+        $controller_search = str_replace('\\', '\\\\', $controller);
+        $keys = AdminRule::where('key', 'like', "$controller_search%")
+            ->whereIn('id', $rules)->pluck('key');
+        $permissions = [];
+        $prefix_length = strlen($controller);
+        foreach ($keys as $key) {
+            if ($key === $controller) {
+                $permissions = ['*'];
+                break;
+            }
+            $permissions[] = substr($key, $prefix_length);
+        }
+        return $this->json(0, 'ok', $permissions);
+    }
+
     /**
      * 根据类同步规则到数据库
      * @return void
@@ -307,11 +340,11 @@ class AdminRuleController extends Crud
 
     /**
      * 获取权限规则
+     * @param $roles
      * @return array
      */
-    protected function getRulesAndItems(): array
+    protected function getRules($roles): array
     {
-        $roles = admin('roles');
         $rules_strings = $roles ? AdminRole::whereIn('id', $roles)->pluck('rules') : [];
         $rules = [];
         foreach ($rules_strings as $rule_string) {
@@ -320,9 +353,7 @@ class AdminRuleController extends Crud
             }
             $rules = array_merge($rules, explode(',', $rule_string));
         }
-
-        $items = AdminRule::orderBy('weight', 'desc')->get()->toArray();
-        return [$rules, $items];
+        return $rules;
     }
 
     /**
diff --git a/src/plugin/admin/app/view/user/index.html b/src/plugin/admin/app/view/user/index.html
index 4122f5a..66be892 100644
--- a/src/plugin/admin/app/view/user/index.html
+++ b/src/plugin/admin/app/view/user/index.html
@@ -150,27 +150,29 @@
 
         <!-- 表格顶部工具栏 -->
         <script type="text/html" id="table-toolbar">
-            <button class="pear-btn pear-btn-primary pear-btn-md" lay-event="add">
+            <button class="pear-btn pear-btn-primary pear-btn-md" lay-event="add" permission="insert">
                 <i class="layui-icon layui-icon-add-1"></i>新增
             </button>
-            <button class="pear-btn pear-btn-danger pear-btn-md" lay-event="batchRemove">
+            <button class="pear-btn pear-btn-danger pear-btn-md" lay-event="batchRemove" permission="delete">
                 <i class="layui-icon layui-icon-delete"></i>删除
             </button>
         </script>
 
         <!-- 表格行工具栏 -->
         <script type="text/html" id="table-bar">
-            <button class="pear-btn pear-btn-xs tool-btn" lay-event="edit">编辑</button>
-            <button class="pear-btn pear-btn-xs tool-btn" lay-event="remove">删除</button>
+            <button class="pear-btn pear-btn-xs tool-btn" lay-event="edit" permission="update">编辑</button>
+            <button class="pear-btn pear-btn-xs tool-btn" lay-event="remove" permission="delete">删除</button>
         </script>
 
         <script src="/app/admin/component/layui/layui.js"></script>
         <script src="/app/admin/component/pear/pear.js"></script>
         <script src="/app/admin/admin/js/index.js"></script>
+        <script src="/app/admin/admin/js/permission.js"></script>
         <script>
 
             // 相关接口
             const PRIMARY_KEY = 'id';
+            const CONTROLLER = 'plugin\\admin\\app\\controller\\UserController';
             const SELECT_API = "/app/admin/user/select";
             const UPDATE_API = "/app/admin/user/update";
             const DELETE_API = "/app/admin/user/delete";
diff --git a/src/plugin/admin/public/admin/css/reset.css b/src/plugin/admin/public/admin/css/reset.css
index cd73ee2..1336e0c 100644
--- a/src/plugin/admin/public/admin/css/reset.css
+++ b/src/plugin/admin/public/admin/css/reset.css
@@ -97,6 +97,10 @@ a {
     cursor: pointer;
 }
 
+*[permission] {
+    display: none;
+}
+
 /** 左侧菜单 Start **/
 
 .pear-nav-tree .layui-nav-item a span {
diff --git a/src/plugin/admin/public/admin/js/permission.js b/src/plugin/admin/public/admin/js/permission.js
new file mode 100644
index 0000000..b85cdea
--- /dev/null
+++ b/src/plugin/admin/public/admin/js/permission.js
@@ -0,0 +1,22 @@
+/**
+ * 获取控制器详细权限，并决定展示哪些按钮或dom元素
+ */
+layui.$(function () {
+    let $ = layui.$;
+    $.ajax({
+        url: "/app/admin/admin-rule/controller",
+        dataType: "json",
+        data: {controller: CONTROLLER},
+        success: function (res) {
+            let style = '';
+            layui.each(res.data || [], function (k, action) {
+                if (action === '*') {
+                    style = '*[permission]{display: initial}';
+                    return;
+                }
+                style += '*[permission="'+action+'"]{display: initial}';
+            });
+            $("head").append("<style>"+style+"</style>");
+        }
+    });
+});
\ No newline at end of file