*/ class PowerAuth { /** * @param Request $request * @param \Closure $closure * @return mixed|\think\Response|\think\response\Json * @throws \Exception */ public function handle(Request $request, \Closure $closure) { // 超级管理员直接越过验证 if (admin_session('id') === 1) return $closure($request); // 获取当前路由的ID $route_id = array_search($request->middleware('route_path'), cache(config('admin.route_cache')) ?: []); // 判断权限 if ( (empty($route_id) && !in_array($request->action(), ['create', 'update', 'del'])) || ($route_id && in_array($route_id, admin_session('route', []))) ) { return $closure($request); } return $request->isAjax() ? ResponseJson::fail(lang('No access')) : response($this->htmlTip()); } /** * 提示页面 * @return string */ private function htmlTip() { $lang = lang('No access'); return << body{ background: #efefef; } p{ position: absolute; user-select: none; font-size: 50px; top: 50%; left: 50%; height: 50px; text-align: center; font-weight: bold; width: 300px; color: #1E9FFF; margin: -25px 0 0 -150px; text-shadow: white -1px -1px, black 1px 1px; }

{$lang}

HTML; } }