diff --git a/.github/workflows/phpstan.yml b/.github/workflows/phpstan.yml index 24b89c5d15..3023139d4a 100644 --- a/.github/workflows/phpstan.yml +++ b/.github/workflows/phpstan.yml @@ -46,11 +46,6 @@ jobs: run: | docker exec ${ENV_SERVICE} ./dev/phpstan.sh core - - name: Analyse access-control - if: ${{ env.test_prepared && always() }} - run: | - docker exec ${ENV_SERVICE} ./dev/phpstan.sh access-control - - name: Analyse amqp if: ${{ env.test_prepared && always() }} run: | diff --git a/.github/workflows/rector.yml b/.github/workflows/rector.yml index 9e15802734..955aaab4ff 100644 --- a/.github/workflows/rector.yml +++ b/.github/workflows/rector.yml @@ -46,11 +46,6 @@ jobs: run: | docker exec ${ENV_SERVICE} ./vendor/bin/rector process --dry-run - - name: Analyse access-control - if: ${{ env.test_prepared && always() }} - run: | - docker exec -w /imi/src/Components/access-control ${ENV_SERVICE} /imi/vendor/bin/rector process --dry-run - - name: Analyse amqp if: ${{ env.test_prepared && always() }} run: | diff --git a/dev/phpstan.sh b/dev/phpstan.sh index 079234356b..be8db4ad1c 100755 --- a/dev/phpstan.sh +++ b/dev/phpstan.sh @@ -6,7 +6,6 @@ __DIR__=$(pwd) components=( # "core" 默认不处理 - "access-control" "amqp" "apidoc" "fpm" diff --git a/dev/rector.sh b/dev/rector.sh index c0ef54c3df..edc07f9e5f 100644 --- a/dev/rector.sh +++ b/dev/rector.sh @@ -6,7 +6,6 @@ __DIR__=$(pwd) components=( # "core" 默认不处理 - "access-control" "amqp" "apidoc" "fpm" diff --git a/doc/SUMMARY.md b/doc/SUMMARY.md index 1a1a7f0f0d..971073e743 100644 --- a/doc/SUMMARY.md +++ b/doc/SUMMARY.md @@ -221,7 +221,6 @@ * [AMQP](components/mq/amqp.md) * [Kafka](components/mq/kafka.md) * [JWT](components/httpserver/jwt.md) - * [权限控制](components/access-control.md) * [Smarty 模版引擎](components/smarty.md) * [限流](components/rate-limit.md) * [跨进程变量共享](components/shared-memory.md) diff --git a/doc/components/access-control.md b/doc/components/access-control.md deleted file mode 100644 index 159ca8aa8d..0000000000 --- a/doc/components/access-control.md +++ /dev/null @@ -1,197 +0,0 @@ -# 权限控制 - -[toc] - -## 介绍 - -imi 框架的权限控制组件,不提供具体 API、管理界面,仅提供基础操作组件。 - -本组件中支持:角色关联操作,用户关联角色,用于关联操作。 - -用户除了角色赋予的操作权限以外,还可以单独赋予操作权限。 - -## Composer - -本项目可以使用composer安装,遵循psr-4自动加载规则,在你的 `composer.json` 中加入下面的内容: - -```json -{ - "require": { - "imiphp/imi-access-control": "~3.0.0" - } -} -``` - -然后执行 `composer update` 安装。 - -## 使用 - -在项目 `config/config.php` 中配置: - -```php -[ - 'components' => [ - // 引入本组件 - 'AccessControl' => 'Imi\AC', - ], -] -``` - -本组件中包含几个数据表,打开本组件目录,找到`Model`目录,在数据库中建立对应的表,即可使用。 -建表这里优先推荐用`generate/table`:[链接](/v3.0/dev/generate/table.html) - -### 操作权限 - -#### 引入操作权限操作类 - -```php -use Imi\AC\AccessControl\Operation; -``` - -#### 创建操作权限 - -```php -Operation::create('权限名称'); - -// 权限代码不传或为null,则和权限名称相同,不可重复 -Operation::create('权限名称', '权限代码'); - -// 指定父级ID、排序索引 -Operation::create('权限名称', '权限代码', $parentId, $index, '介绍'); -``` - -#### 修改操作权限 - -```php -// 参数比创建时多了权限id,其余都一样,注意权限id是int类型 -Operation::update(权限id, '权限名称', '权限代码', $parentId, $index, '介绍'); -``` - -#### 删除操作权限 - -```php -// 注意权限id是int类型 -Operation::delete(权限id); -``` - -#### 查询操作操作权限列表 - -```php -// 查询权限列表 -$data = Operation::selectList(); -// 将列表转换为树状结构 -$tree = Operation::listToTree($data); -``` - -### 角色 - -#### 创建角色 - -```php -use Imi\AC\AccessControl\Role; - -// 与 Operation::create 一样,不多做说明了 -$role = Role::create('权限名称', '权限代码', '介绍'); -``` - -#### 获取角色信息 - -```php -// 支持ID、Code两种模式 -$role = new Role('权限ID'); -$role = new Role('权限代码', 'code'); -$roleInfo = $role->getRoleInfo(); // $roleInfo->id/code/name/description -``` - -#### 获取角色操作权限 - -```php -// 数组,成员为 \Imi\AC\Model\Operation 类型 -$operations = $role->getOperations(); - -// 树形结构,成员为 \Imi\AC\Model\Filter\OperationTreeItem 类型,$item->children 为其下一级角色,同样为 \Imi\AC\Model\Filter\OperationTreeItem 类型 -$operationTree = $role->getOperationTree(); -``` - -#### 增加、设置角色权限 - -```php -$role->addOperations('code1', 'code2'); // 只在当前基础上增加这两个权限 - -$role->setOperations('code1', 'code2'); // 将角色权限设置为仅有这两个权限 -``` - -#### 移除角色权限 - -```php -$role->removeOperations('code1', 'code2'); -``` - -#### 判断角色是否拥有权限 - -```php -$result = $role->hasOperations('code1', 'code2'); -``` - -### 用户 - -#### 获取该用户所有角色 - -```php -use Imi\AC\AccessControl\Member; - -$memberId = 1; -$member = new Member(1); - -$roles = $member->getRoles(); -``` - -#### 增加、设置角色 - -```php -$member->addRoles('code1', 'code2'); // 只在当前基础上增加这两个角色 - -$member->setRoles('code1', 'code2'); // 将用户角色设置为仅有这两个角色 -``` - -#### 移除角色 - -```php -$member->removeRoles('code1', 'code2'); -``` - -#### 判断用户是否拥有角色 - -```php -$result = $member->hasRoles('code1', 'code2'); -``` - -#### 获取用户操作权限 - -```php -// 数组,成员为 \Imi\AC\Model\Operation 类型 -$operations = $member->getOperations(); - -// 树形结构,成员为 \Imi\AC\Model\Filter\OperationTreeItem 类型,$item->children 为其下一级角色,同样为 \Imi\AC\Model\Filter\OperationTreeItem 类型 -$operationTree = $member->getOperationTree(); -``` - -#### 增加、设置用户权限 - -```php -$member->addOperations('code1', 'code2'); // 只在当前基础上增加这两个权限 - -$member->setOperations('code1', 'code2'); // 将角色权限设置为仅有这两个权限 -``` - -#### 移除用户权限 - -```php -$member->removeOperations('code1', 'code2'); -``` - -#### 判断用户是否拥有权限 - -```php -$result = $member->hasOperations('code1', 'code2'); -``` diff --git a/doc/components/list.md b/doc/components/list.md index 9a4c9170b1..4b48704d9d 100644 --- a/doc/components/list.md +++ b/doc/components/list.md @@ -13,7 +13,6 @@ * [AMQP](/components/mq/amqp.html) * [Kafka](/components/mq/kafka.html) * [JWT](/components/httpserver/jwt.html) -* [权限控制](/components/access-control.html) * [Smarty 模版引擎](/components/smarty.html) * [限流](/components/rate-limit.html) * [跨进程变量共享](/components/shared-memory.html) diff --git a/split-repository/release.php b/split-repository/release.php index e2b83ab9a6..32779b7939 100644 --- a/split-repository/release.php +++ b/split-repository/release.php @@ -119,9 +119,6 @@ function getBranch(): string 'src/Components/workerman-gateway' => [ 'git@github.com:imiphp/imi-workerman-gateway', ], - 'src/Components/access-control' => [ - 'git@github.com:imiphp/imi-access-control', - ], 'src/Components/amqp' => [ 'git@github.com:imiphp/imi-amqp', ], diff --git a/split-repository/split.php b/split-repository/split.php index 6b2c929a1c..81974616d8 100644 --- a/split-repository/split.php +++ b/split-repository/split.php @@ -138,9 +138,6 @@ function saveConfig(): void 'src/Components/workerman-gateway' => [ 'git@github.com:imiphp/imi-workerman-gateway', ], - 'src/Components/access-control' => [ - 'git@github.com:imiphp/imi-access-control', - ], 'src/Components/amqp' => [ 'git@github.com:imiphp/imi-amqp', ], diff --git a/src/Components/access-control/.gitattributes b/src/Components/access-control/.gitattributes deleted file mode 100644 index ed65802538..0000000000 --- a/src/Components/access-control/.gitattributes +++ /dev/null @@ -1,8 +0,0 @@ -* text=auto - -/.gitattributes export-ignore -/.gitignore export-ignore -/.github export-ignore -/res export-ignore -/test export-ignore -/dev export-ignore diff --git a/src/Components/access-control/.github/workflows/pr.yml b/src/Components/access-control/.github/workflows/pr.yml deleted file mode 100644 index 230dacc658..0000000000 --- a/src/Components/access-control/.github/workflows/pr.yml +++ /dev/null @@ -1,13 +0,0 @@ -name: Close Pull Request - -on: - pull_request_target: - types: [opened] - -jobs: - run: - runs-on: ubuntu-latest - steps: - - uses: superbrothers/close-pull-request@v3 - with: - comment: "首先非常感谢您的 PR,但本仓库不支持提交 PR,请到主仓库提交:https://github.com/imiphp/imi" diff --git a/src/Components/access-control/.gitignore b/src/Components/access-control/.gitignore deleted file mode 100644 index f8cff359f4..0000000000 --- a/src/Components/access-control/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -/vendor -/composer.lock -*.log diff --git a/src/Components/access-control/LICENSE b/src/Components/access-control/LICENSE deleted file mode 100644 index 48b721c4e3..0000000000 --- a/src/Components/access-control/LICENSE +++ /dev/null @@ -1,87 +0,0 @@ -木兰宽松许可证, 第2版 - -2020年1月 http://license.coscl.org.cn/MulanPSL2 - -您对“软件”的复制、使用、修改及分发受木兰宽松许可证,第2版(“本许可证”)的如下条款的约束: - -0. 定义 - -“软件” 是指由“贡献”构成的许可在“本许可证”下的程序和相关文档的集合。 - -“贡献” 是指由任一“贡献者”许可在“本许可证”下的受版权法保护的作品。 - -“贡献者” 是指将受版权法保护的作品许可在“本许可证”下的自然人或“法人实体”。 - -“法人实体” 是指提交贡献的机构及其“关联实体”。 - -“关联实体” 是指,对“本许可证”下的行为方而言,控制、受控制或与其共同受控制的机构,此处的控制是指有受控方或共同受控方至少50%直接或间接的投票权、资金或其他有价证券。 - -1. 授予版权许可 - -每个“贡献者”根据“本许可证”授予您永久性的、全球性的、免费的、非独占的、不可撤销的版权许可,您可以复制、使用、修改、分发其“贡献”,不论修改与否。 - -2. 授予专利许可 - -每个“贡献者”根据“本许可证”授予您永久性的、全球性的、免费的、非独占的、不可撤销的(根据本条规定撤销除外)专利许可,供您制造、委托制造、使用、许诺销售、销售、进口其“贡献”或以其他方式转移其“贡献”。前述专利许可仅限于“贡献者”现在或将来拥有或控制的其“贡献”本身或其“贡献”与许可“贡献”时的“软件”结合而将必然会侵犯的专利权利要求,不包括对“贡献”的修改或包含“贡献”的其他结合。如果您或您的“关联实体”直接或间接地,就“软件”或其中的“贡献”对任何人发起专利侵权诉讼(包括反诉或交叉诉讼)或其他专利维权行动,指控其侵犯专利权,则“本许可证”授予您对“软件”的专利许可自您提起诉讼或发起维权行动之日终止。 - -3. 无商标许可 - -“本许可证”不提供对“贡献者”的商品名称、商标、服务标志或产品名称的商标许可,但您为满足第4条规定的声明义务而必须使用除外。 - -4. 分发限制 - -您可以在任何媒介中将“软件”以源程序形式或可执行形式重新分发,不论修改与否,但您必须向接收者提供“本许可证”的副本,并保留“软件”中的版权、商标、专利及免责声明。 - -5. 免责声明与责任限制 - -“软件”及其中的“贡献”在提供时不带任何明示或默示的担保。在任何情况下,“贡献者”或版权所有者不对任何人因使用“软件”或其中的“贡献”而引发的任何直接或间接损失承担责任,不论因何种原因导致或者基于何种法律理论,即使其曾被建议有此种损失的可能性。 - -6. 语言 - -“本许可证”以中英文双语表述,中英文版本具有同等法律效力。如果中英文版本存在任何冲突不一致,以中文版为准。 - -条款结束 - -Mulan Permissive Software License,Version 2 (Mulan PSL v2) - -January 2020 http://license.coscl.org.cn/MulanPSL2 - -Your reproduction, use, modification and distribution of the Software shall be subject to Mulan PSL v2 (this License) with the following terms and conditions: - -0. Definition - -Software means the program and related documents which are licensed under this License and comprise all Contribution(s). - -Contribution means the copyrightable work licensed by a particular Contributor under this License. - -Contributor means the Individual or Legal Entity who licenses its copyrightable work under this License. - -Legal Entity means the entity making a Contribution and all its Affiliates. - -Affiliates means entities that control, are controlled by, or are under common control with the acting entity under this License, ‘control’ means direct or indirect ownership of at least fifty percent (50%) of the voting power, capital or other securities of controlled or commonly controlled entity. - -1. Grant of Copyright License - -Subject to the terms and conditions of this License, each Contributor hereby grants to you a perpetual, worldwide, royalty-free, non-exclusive, irrevocable copyright license to reproduce, use, modify, or distribute its Contribution, with modification or not. - -2. Grant of Patent License - -Subject to the terms and conditions of this License, each Contributor hereby grants to you a perpetual, worldwide, royalty-free, non-exclusive, irrevocable (except for revocation under this Section) patent license to make, have made, use, offer for sale, sell, import or otherwise transfer its Contribution, where such patent license is only limited to the patent claims owned or controlled by such Contributor now or in future which will be necessarily infringed by its Contribution alone, or by combination of the Contribution with the Software to which the Contribution was contributed. The patent license shall not apply to any modification of the Contribution, and any other combination which includes the Contribution. If you or your Affiliates directly or indirectly institute patent litigation (including a cross claim or counterclaim in a litigation) or other patent enforcement activities against any individual or entity by alleging that the Software or any Contribution in it infringes patents, then any patent license granted to you under this License for the Software shall terminate as of the date such litigation or activity is filed or taken. - -3. No Trademark License - -No trademark license is granted to use the trade names, trademarks, service marks, or product names of Contributor, except as required to fulfill notice requirements in section 4. - -4. Distribution Restriction - -You may distribute the Software in any medium with or without modification, whether in source or executable forms, provided that you provide recipients with a copy of this License and retain copyright, patent, trademark and disclaimer statements in the Software. - -5. Disclaimer of Warranty and Limitation of Liability - -THE SOFTWARE AND CONTRIBUTION IN IT ARE PROVIDED WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. IN NO EVENT SHALL ANY CONTRIBUTOR OR COPYRIGHT HOLDER BE LIABLE TO YOU FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO ANY DIRECT, OR INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES ARISING FROM YOUR USE OR INABILITY TO USE THE SOFTWARE OR THE CONTRIBUTION IN IT, NO MATTER HOW IT’S CAUSED OR BASED ON WHICH LEGAL THEORY, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. - -6. Language - -THIS LICENSE IS WRITTEN IN BOTH CHINESE AND ENGLISH, AND THE CHINESE VERSION AND ENGLISH VERSION SHALL HAVE THE SAME LEGAL EFFECT. IN THE CASE OF DIVERGENCE BETWEEN THE CHINESE AND ENGLISH VERSIONS, THE CHINESE VERSION SHALL PREVAIL. - -END OF THE TERMS AND CONDITIONS \ No newline at end of file diff --git a/src/Components/access-control/README.md b/src/Components/access-control/README.md deleted file mode 100644 index de8d238ed7..0000000000 --- a/src/Components/access-control/README.md +++ /dev/null @@ -1,192 +0,0 @@ -# imi-access-control - -[![Latest Version](https://img.shields.io/packagist/v/imiphp/imi-access-control.svg)](https://packagist.org/packages/imiphp/imi-access-control) -[![Php Version](https://img.shields.io/badge/php-%3E=8.1-brightgreen.svg)](https://secure.php.net/) -[![Swoole Version](https://img.shields.io/badge/swoole-%3E=4.1.0-brightgreen.svg)](https://github.com/swoole/swoole-src) -[![IMI License](https://img.shields.io/github/license/imiphp/imi-access-control.svg)](https://github.com/imiphp/imi-access-control/blob/master/LICENSE) - -## 介绍 - -imi 框架的权限控制组件,不提供具体 API、管理界面,仅提供基础操作组件。 - -本组件中支持:角色关联操作,用户关联角色,用于关联操作。 - -用户除了角色赋予的操作权限以外,还可以单独赋予操作权限。 - -> 本仓库仅用于浏览,不接受 issue 和 Pull Requests,请前往: - -## Composer - -本项目可以使用composer安装,遵循psr-4自动加载规则,在你的 `composer.json` 中加入下面的内容: - -```json -{ - "require": { - "imiphp/imi-access-control": "~3.0.0" - } -} -``` - -然后执行 `composer update` 安装。 - -## 使用 - -在项目 `config/config.php` 中配置: - -```php -[ - 'components' => [ - // 引入本组件 - 'AccessControl' => 'Imi\AC', - ], -] -``` - -### 操作权限 - -#### 创建操作权限 - -```php -use Imi\AC\AccessControl\Operation; - -Operation::create('权限名称'); - -// 权限代码不传或为null,则和权限名称相同,不可重复 -Operation::create('权限名称', '权限代码'); - -// 指定父级ID、排序索引 -Operation::create('权限名称', '权限代码', $parentId, $index, '介绍'); -``` - -### 角色 - -#### 创建角色 - -```php -use Imi\AC\AccessControl\Role; - -// 与 Operation::create 一样,不多做说明了 -$role = Role::create('权限名称', '权限代码', '介绍'); -``` - -#### 获取角色信息 - -```php -// 支持ID、Code两种模式 -$role = new Role('权限ID'); -$role = new Role('权限代码', 'code'); -$roleInfo = $role->getRoleInfo(); // $roleInfo->id/code/name/description -``` - -#### 获取角色操作权限 - -```php -// 数组,成员为 \Imi\AC\Model\Operation 类型 -$operations = $role->getOperations(); - -// 树形结构,成员为 \Imi\AC\Model\Filter\OperationTreeItem 类型,$item->children 为其下一级角色,同样为 \Imi\AC\Model\Filter\OperationTreeItem 类型 -$operationTree = $role->getOperationTree(); -``` - -#### 增加、设置权限 - -```php -$role->addOperations('code1', 'code2'); // 只在当前基础上增加这两个权限 - -$role->setOperations('code1', 'code2'); // 将角色权限设置为仅有这两个权限 -``` - -#### 移除权限 - -```php -$role->removeOperations('code1', 'code2'); -``` - -#### 判断角色是否拥有权限 - -```php -$result = $role->hasOperations('code1', 'code2'); -``` - -### 用户 - -#### 获取该用户所有角色 - -```php -use Imi\AC\AccessControl\Member; - -$memberId = 1; -$member = new Member(1); - -$roles = $member->getRoles(); -``` - -#### 增加、设置角色 - -```php -$member->addRoles('code1', 'code2'); // 只在当前基础上增加这两个角色 - -$member->setRoles('code1', 'code2'); // 将用户角色设置为仅有这两个角色 -``` - -#### 移除角色 - -```php -$member->removeRoles('code1', 'code2'); -``` - -#### 判断用户是否拥有角色 - -```php -$result = $member->hasRoles('code1', 'code2'); -``` - -#### 获取用户操作权限 - -```php -// 数组,成员为 \Imi\AC\Model\Operation 类型 -$operations = $member->getOperations(); - -// 树形结构,成员为 \Imi\AC\Model\Filter\OperationTreeItem 类型,$item->children 为其下一级角色,同样为 \Imi\AC\Model\Filter\OperationTreeItem 类型 -$operationTree = $member->getOperationTree(); -``` - -#### 增加、设置权限 - -```php -$member->addOperations('code1', 'code2'); // 只在当前基础上增加这两个权限 - -$member->setOperations('code1', 'code2'); // 将角色权限设置为仅有这两个权限 -``` - -#### 移除权限 - -```php -$member->removeOperations('code1', 'code2'); -``` - -#### 判断用户是否拥有权限 - -```php -$result = $member->hasOperations('code1', 'code2'); -``` - -## 免费技术支持 - -QQ群:17916227 [![点击加群](https://pub.idqqimg.com/wpa/images/group.png "点击加群")](https://jq.qq.com/?_wv=1027&k=5wXf4Zq),如有问题会有人解答和修复。 - -## 运行环境 - -- [PHP](https://php.net/) >= 8.1 -- [Composer](https://getcomposer.org/) >= 2.0 -- [Swoole](https://www.swoole.com/) >= 4.1.0 - -## 版权信息 - -`imi-access-control` 遵循 MulanPSL-2.0 开源协议发布,并提供免费使用。 - -## 捐赠 - - - -开源不求盈利,多少都是心意,生活不易,随缘随缘…… diff --git a/src/Components/access-control/composer.json b/src/Components/access-control/composer.json deleted file mode 100644 index 76a009bcfd..0000000000 --- a/src/Components/access-control/composer.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "name": "imiphp/imi-access-control", - "type": "library", - "license": "MulanPSL-2.0", - "description": "imi 框架的权限控制组件", - "require": {}, - "require-dev": {}, - "autoload": { - "psr-4": { - "Imi\\AC\\": "src/", - "Imi\\AC\\Test\\": "test/" - } - }, - "autoload-dev": { - "files": [ - "../../../vendor/autoload.php" - ] - }, - "minimum-stability": "dev", - "prefer-stable": true -} \ No newline at end of file diff --git a/src/Components/access-control/rector.php b/src/Components/access-control/rector.php deleted file mode 100644 index 5e23e0976d..0000000000 --- a/src/Components/access-control/rector.php +++ /dev/null @@ -1,5 +0,0 @@ -__autoInject(); - $this->memberService = App::getBean($this->memberServiceBean); - $this->operationService = App::getBean($this->operationServiceBean); - $this->updateRoles(); - $this->updateOperations(); - } - - /** - * 处理角色的本地数据更新. - */ - private function updateRoles(): void - { - $roles = $this->memberService->getRoles($this->memberId); - $this->roles = []; - foreach ($roles as $role) - { - $this->roles[$role->code] = $role; - } - } - - /** - * 处理操作的本地数据更新. - */ - private function updateOperations(): void - { - $operations = $this->memberService->getOperations($this->memberId); - $this->operations = []; - foreach ($operations as $operation) - { - $this->operations[$operation->code] = $operation; - } - } - - /** - * 获取用户 ID. - */ - public function getMemberId(): int - { - return $this->memberId; - } - - /** - * 获取该用户所有角色. - * - * @return \Imi\AC\Model\Role[] - */ - public function getRoles(): array - { - return array_values($this->roles); - } - - /** - * 为用户增加角色. - * - * 传入角色代码 - */ - public function addRoles(string ...$roles): void - { - $this->memberService->addRoles($this->memberId, ...$roles); - $this->updateRoles(); - $this->updateOperations(); - } - - /** - * 为用户设置角色. - * - * 传入角色代码 - * - * 调用后,用户只拥有本次传入的角色 - */ - public function setRoles(string ...$roles): void - { - $this->memberService->setRoles($this->memberId, ...$roles); - $this->updateRoles(); - $this->updateOperations(); - } - - /** - * 移除用户的角色. - * - * 传入角色代码 - */ - public function removeRoles(string ...$roles): void - { - $this->memberService->removeRoles($this->memberId, ...$roles); - $this->updateRoles(); - $this->updateOperations(); - } - - /** - * 根据角色代码判断,该用户是否拥有一个或多个角色. - */ - public function hasRoles(string ...$roles): bool - { - foreach ($roles as $code) - { - if (!isset($this->roles[$code])) - { - return false; - } - } - - return true; - } - - /** - * 获取支持的所有操作权限. - * - * @return \Imi\AC\Model\Operation[] - */ - public function getOperations(): array - { - return array_values($this->operations); - } - - /** - * 获取操作权限树. - * - * @return \Imi\AC\Model\Filter\OperationTreeItem[] - */ - public function getOperationTree(): array - { - return $this->operationService->listToTree($this->operations); - } - - /** - * 增加操作权限. - * - * 传入操作代码 - */ - public function addOperations(string ...$operations): void - { - $this->memberService->addOperations($this->memberId, ...$operations); - $this->updateOperations(); - } - - /** - * 设置操作权限. - * - * 传入操作代码 - * - * 调用后,只拥有本次传入的操作权限 - */ - public function setOperations(string ...$operations): void - { - $this->memberService->setOperations($this->memberId, ...$operations); - $this->updateOperations(); - } - - /** - * 移除操作权限. - * - * 传入操作代码 - */ - public function removeOperations(string ...$operations): void - { - $this->memberService->removeOperations($this->memberId, ...$operations); - $this->updateOperations(); - } - - /** - * 根据操作代码判断,是否拥有一个或多个操作权限. - */ - public function hasOperations(string ...$operations): bool - { - foreach ($operations as $code) - { - if (!isset($this->operations[$code])) - { - return false; - } - } - - return true; - } -} diff --git a/src/Components/access-control/src/AccessControl/Operation.php b/src/Components/access-control/src/AccessControl/Operation.php deleted file mode 100644 index 7ed3f1993c..0000000000 --- a/src/Components/access-control/src/AccessControl/Operation.php +++ /dev/null @@ -1,57 +0,0 @@ -create($name, $code, $parentId, $index, $description); - } - - /** - * 修改操作权限. - */ - public static function update(int $id, string $name, ?string $code, int $parentId = 0, int $index = 0, string $description = ''): bool - { - // @phpstan-ignore-next-line - return App::getBean('ACOperationService')->update($id, $name, $code, $parentId, $index, $description); - } - - /** - * 删除操作权限. - */ - public static function delete(int $id): bool - { - // @phpstan-ignore-next-line - return App::getBean('ACOperationService')->delete($id); - } - - /** - * 查询列表. - */ - public static function selectList(): array - { - // @phpstan-ignore-next-line - return App::getBean('ACOperationService')->selectList(); - } - - /** - * 转为树形. - */ - public static function listToTree(array $list): array - { - // @phpstan-ignore-next-line - return App::getBean('ACOperationService')->listToTree($list); - } -} diff --git a/src/Components/access-control/src/AccessControl/Role.php b/src/Components/access-control/src/AccessControl/Role.php deleted file mode 100644 index 8fb6e4271c..0000000000 --- a/src/Components/access-control/src/AccessControl/Role.php +++ /dev/null @@ -1,190 +0,0 @@ -__autoInject(); - $this->roleService = App::getBean($this->roleServiceBean); - $this->operationService = App::getBean($this->operationServiceBean); - switch ($pkType) - { - case 'id': - $this->roleInfo = $this->roleService->get($pk); - if ($this->roleInfo) - { - $this->roleCode = $this->roleInfo->code; - } - break; - case 'code': - $this->roleCode = $pk; - $this->roleInfo = $this->roleService->getByCode($pk); - break; - } - if ($this->roleInfo) - { - $this->updateOperations(); - } - } - - public function getRoleCode(): string - { - return $this->roleCode; - } - - /** - * 处理操作的本地数据更新. - */ - private function updateOperations(): void - { - $operations = $this->roleService->getOperations($this->roleInfo->id); - $this->operations = []; - foreach ($operations as $operation) - { - $this->operations[$operation->code] = $operation; - } - } - - /** - * 获取角色记录. - */ - public function getRoleInfo(): \Imi\AC\Model\Role - { - return $this->roleInfo; - } - - /** - * 创建角色. - * - * @return static|false - */ - public static function create(string $name, ?string $code = null, string $description = '') - { - // @phpstan-ignore-next-line - $record = App::getBean('ACRoleService')->create($name, $code, $description); - if ($record) - { - return new static($record->code, 'code'); - } - else - { - return false; - } - } - - /** - * 获取支持的所有操作权限. - * - * @return \Imi\AC\Model\Operation[] - */ - public function getOperations(): array - { - return array_values($this->operations); - } - - /** - * 获取操作权限树. - * - * @return \Imi\AC\Model\Filter\OperationTreeItem[] - */ - public function getOperationTree(): array - { - return $this->operationService->listToTree($this->operations); - } - - /** - * 增加操作权限. - * - * 传入操作代码 - */ - public function addOperations(string ...$operations): void - { - $this->roleService->addOperations($this->roleInfo->id, ...$operations); - $this->updateOperations(); - } - - /** - * 设置操作权限. - * - * 传入操作代码 - * - * 调用后,只拥有本次传入的操作权限 - */ - public function setOperations(string ...$operations): void - { - $this->roleService->setOperations($this->roleInfo->id, ...$operations); - $this->updateOperations(); - } - - /** - * 移除操作权限. - * - * 传入操作代码 - */ - public function removeOperations(string ...$operations): void - { - $this->roleService->removeOperations($this->roleInfo->id, ...$operations); - $this->updateOperations(); - } - - /** - * 根据操作代码判断,是否拥有一个或多个操作权限. - */ - public function hasOperations(string ...$operations): bool - { - foreach ($operations as $code) - { - if (!isset($this->operations[$code])) - { - return false; - } - } - - return true; - } -} diff --git a/src/Components/access-control/src/Exception/OperationNotFound.php b/src/Components/access-control/src/Exception/OperationNotFound.php deleted file mode 100644 index f2864c8142..0000000000 --- a/src/Components/access-control/src/Exception/OperationNotFound.php +++ /dev/null @@ -1,12 +0,0 @@ -memberId; - } - - /** - * 赋值 memberId - 用户ID. - * - * @param int $memberId member_id - * - * @return static - */ - public function setMemberId($memberId) - { - $this->memberId = $memberId; - - return $this; - } - - /** - * 操作ID - * operation_id. - * - * @Column(name="operation_id", type="int", length=10, accuracy=0, nullable=false, default="", isPrimaryKey=true, primaryKeyIndex=1, isAutoIncrement=false) - * - * @var int - */ - protected $operationId; - - /** - * 获取 operationId - 操作ID. - * - * @return int - */ - public function getOperationId() - { - return $this->operationId; - } - - /** - * 赋值 operationId - 操作ID. - * - * @param int $operationId operation_id - * - * @return static - */ - public function setOperationId($operationId) - { - $this->operationId = $operationId; - - return $this; - } -} diff --git a/src/Components/access-control/src/Model/Base/MemberRoleRelationBase.php b/src/Components/access-control/src/Model/Base/MemberRoleRelationBase.php deleted file mode 100644 index 1c88c09751..0000000000 --- a/src/Components/access-control/src/Model/Base/MemberRoleRelationBase.php +++ /dev/null @@ -1,86 +0,0 @@ -memberId; - } - - /** - * 赋值 memberId - 用户ID. - * - * @param int|null $memberId member_id - * - * @return static - */ - public function setMemberId(?int $memberId) - { - $this->memberId = $memberId; - - return $this; - } - - /** - * 角色ID - * role_id. - * - * @Column(name="role_id", type="int", length=10, accuracy=0, nullable=false, default="", isPrimaryKey=true, primaryKeyIndex=1, isAutoIncrement=false) - */ - protected ?int $roleId = null; - - /** - * 获取 roleId - 角色ID. - */ - public function getRoleId(): ?int - { - return $this->roleId; - } - - /** - * 赋值 roleId - 角色ID. - * - * @param int|null $roleId role_id - * - * @return static - */ - public function setRoleId(?int $roleId) - { - $this->roleId = $roleId; - - return $this; - } -} diff --git a/src/Components/access-control/src/Model/Base/OperationBase.php b/src/Components/access-control/src/Model/Base/OperationBase.php deleted file mode 100644 index 246c07e8aa..0000000000 --- a/src/Components/access-control/src/Model/Base/OperationBase.php +++ /dev/null @@ -1,221 +0,0 @@ -id; - } - - /** - * 赋值 id. - * - * @param int|null $id id - * - * @return static - */ - public function setId(?int $id) - { - $this->id = $id; - - return $this; - } - - /** - * 父级ID,顶级为0 - * parent_id. - * - * @Column(name="parent_id", type="int", length=10, accuracy=0, nullable=false, default="0", isPrimaryKey=false, primaryKeyIndex=-1, isAutoIncrement=false) - */ - protected ?int $parentId = null; - - /** - * 获取 parentId - 父级ID,顶级为0. - */ - public function getParentId(): ?int - { - return $this->parentId; - } - - /** - * 赋值 parentId - 父级ID,顶级为0. - * - * @param int|null $parentId parent_id - * - * @return static - */ - public function setParentId(?int $parentId) - { - $this->parentId = $parentId; - - return $this; - } - - /** - * 排序,越小越靠前 - * index. - * - * @Column(name="index", type="tinyint", length=3, accuracy=0, nullable=false, default="0", isPrimaryKey=false, primaryKeyIndex=-1, isAutoIncrement=false) - */ - protected ?int $index = null; - - /** - * 获取 index - 排序,越小越靠前. - */ - public function getIndex(): ?int - { - return $this->index; - } - - /** - * 赋值 index - 排序,越小越靠前. - * - * @param int|null $index index - * - * @return static - */ - public function setIndex(?int $index) - { - $this->index = $index; - - return $this; - } - - /** - * 操作代码 - * code. - * - * @Column(name="code", type="varchar", length=32, accuracy=0, nullable=false, default="", isPrimaryKey=false, primaryKeyIndex=-1, isAutoIncrement=false) - */ - protected ?string $code = null; - - /** - * 获取 code - 操作代码 - */ - public function getCode(): ?string - { - return $this->code; - } - - /** - * 赋值 code - 操作代码 - * - * @param string|null $code code - * - * @return static - */ - public function setCode(?string $code) - { - if (\is_string($code) && mb_strlen($code) > 32) - { - throw new \InvalidArgumentException('The maximum length of $code is 32'); - } - $this->code = $code; - - return $this; - } - - /** - * 操作名称 - * name. - * - * @Column(name="name", type="varchar", length=32, accuracy=0, nullable=false, default="", isPrimaryKey=false, primaryKeyIndex=-1, isAutoIncrement=false) - */ - protected ?string $name = null; - - /** - * 获取 name - 操作名称. - */ - public function getName(): ?string - { - return $this->name; - } - - /** - * 赋值 name - 操作名称. - * - * @param string|null $name name - * - * @return static - */ - public function setName(?string $name) - { - if (\is_string($name) && mb_strlen($name) > 32) - { - throw new \InvalidArgumentException('The maximum length of $name is 32'); - } - $this->name = $name; - - return $this; - } - - /** - * 操作介绍 - * description. - * - * @Column(name="description", type="text", length=0, accuracy=0, nullable=false, default="", isPrimaryKey=false, primaryKeyIndex=-1, isAutoIncrement=false) - */ - protected ?string $description = null; - - /** - * 获取 description - 操作介绍. - */ - public function getDescription(): ?string - { - return $this->description; - } - - /** - * 赋值 description - 操作介绍. - * - * @param string|null $description description - * - * @return static - */ - public function setDescription(?string $description) - { - if (\is_string($description) && mb_strlen($description) > 65535) - { - throw new \InvalidArgumentException('The maximum length of $description is 65535'); - } - $this->description = $description; - - return $this; - } -} diff --git a/src/Components/access-control/src/Model/Base/RoleBase.php b/src/Components/access-control/src/Model/Base/RoleBase.php deleted file mode 100644 index aea7cb52a7..0000000000 --- a/src/Components/access-control/src/Model/Base/RoleBase.php +++ /dev/null @@ -1,159 +0,0 @@ -id; - } - - /** - * 赋值 id. - * - * @param int|null $id id - * - * @return static - */ - public function setId(?int $id) - { - $this->id = $id; - - return $this; - } - - /** - * 角色代码 - * code. - * - * @Column(name="code", type="varchar", length=32, accuracy=0, nullable=false, default="", isPrimaryKey=false, primaryKeyIndex=-1, isAutoIncrement=false) - */ - protected ?string $code = null; - - /** - * 获取 code - 角色代码 - */ - public function getCode(): ?string - { - return $this->code; - } - - /** - * 赋值 code - 角色代码 - * - * @param string|null $code code - * - * @return static - */ - public function setCode(?string $code) - { - if (\is_string($code) && mb_strlen($code) > 32) - { - throw new \InvalidArgumentException('The maximum length of $code is 32'); - } - $this->code = $code; - - return $this; - } - - /** - * 角色名称 - * name. - * - * @Column(name="name", type="varchar", length=32, accuracy=0, nullable=false, default="", isPrimaryKey=false, primaryKeyIndex=-1, isAutoIncrement=false) - */ - protected ?string $name = null; - - /** - * 获取 name - 角色名称. - */ - public function getName(): ?string - { - return $this->name; - } - - /** - * 赋值 name - 角色名称. - * - * @param string|null $name name - * - * @return static - */ - public function setName(?string $name) - { - if (\is_string($name) && mb_strlen($name) > 32) - { - throw new \InvalidArgumentException('The maximum length of $name is 32'); - } - $this->name = $name; - - return $this; - } - - /** - * 角色介绍 - * description. - * - * @Column(name="description", type="text", length=0, accuracy=0, nullable=false, default="", isPrimaryKey=false, primaryKeyIndex=-1, isAutoIncrement=false) - */ - protected ?string $description = null; - - /** - * 获取 description - 角色介绍. - */ - public function getDescription(): ?string - { - return $this->description; - } - - /** - * 赋值 description - 角色介绍. - * - * @param string|null $description description - * - * @return static - */ - public function setDescription(?string $description) - { - if (\is_string($description) && mb_strlen($description) > 65535) - { - throw new \InvalidArgumentException('The maximum length of $description is 65535'); - } - $this->description = $description; - - return $this; - } -} diff --git a/src/Components/access-control/src/Model/Base/RoleOperationRelationBase.php b/src/Components/access-control/src/Model/Base/RoleOperationRelationBase.php deleted file mode 100644 index 17264e03d0..0000000000 --- a/src/Components/access-control/src/Model/Base/RoleOperationRelationBase.php +++ /dev/null @@ -1,86 +0,0 @@ -roleId; - } - - /** - * 赋值 roleId - 角色ID. - * - * @param int|null $roleId role_id - * - * @return static - */ - public function setRoleId(?int $roleId) - { - $this->roleId = $roleId; - - return $this; - } - - /** - * 操作ID - * operation_id. - * - * @Column(name="operation_id", type="int", length=10, accuracy=0, nullable=false, default="", isPrimaryKey=true, primaryKeyIndex=1, isAutoIncrement=false) - */ - protected ?int $operationId = null; - - /** - * 获取 operationId - 操作ID. - */ - public function getOperationId(): ?int - { - return $this->operationId; - } - - /** - * 赋值 operationId - 操作ID. - * - * @param int|null $operationId operation_id - * - * @return static - */ - public function setOperationId(?int $operationId) - { - $this->operationId = $operationId; - - return $this; - } -} diff --git a/src/Components/access-control/src/Model/Filter/OperationTreeItem.php b/src/Components/access-control/src/Model/Filter/OperationTreeItem.php deleted file mode 100644 index 005413af60..0000000000 --- a/src/Components/access-control/src/Model/Filter/OperationTreeItem.php +++ /dev/null @@ -1,52 +0,0 @@ -children; - } - - /** - * Set 子操作列表. - * - * @param \Imi\AC\Model\Filter\OperationTreeItem[] $children 子操作列表 - * - * @return self - */ - public function setChildren($children) - { - $this->children = $children; - - return $this; - } -} diff --git a/src/Components/access-control/src/Model/MemberOperationRelation.php b/src/Components/access-control/src/Model/MemberOperationRelation.php deleted file mode 100644 index d5f2eeacb6..0000000000 --- a/src/Components/access-control/src/Model/MemberOperationRelation.php +++ /dev/null @@ -1,17 +0,0 @@ -roleService = App::getBean($this->roleServiceBean); - $this->operationService = App::getBean($this->operationServiceBean); - } - - /** - * 获取用户角色. - * - * @return \Imi\AC\Model\Role[] - */ - public function getRoles(int $memberId): array - { - $roleIds = $this->memberRoleRelationModel::query()->where('member_id', '=', $memberId) - ->field('role_id') - ->select() - ->getColumn(); - - return $this->roleService->selectListByIds($roleIds); - } - - /** - * 增加角色. - * - * 传入角色代码 - * - * @Transaction - */ - public function addRoles(int $memberId, string ...$roles): void - { - foreach ($roles as $roleCode) - { - $role = $this->roleService->getByCode($roleCode); - if (!$role) - { - throw new RoleNotFound(sprintf('Role code = %s does not found', $roleCode)); - } - $relation = $this->memberRoleRelationModel::newInstance(); - $relation->memberId = $memberId; - $relation->roleId = $role->id; - $relation->save(); - } - } - - /** - * 设置角色. - * - * 传入角色代码 - * - * 调用后,只拥有本次传入的角色 - * - * @Transaction - */ - public function setRoles(int $memberId, string ...$roles): void - { - $this->memberRoleRelationModel::query()->where('member_id', '=', $memberId)->delete(); - $this->addRoles($memberId, ...$roles); - } - - /** - * 移除角色. - * - * 传入角色代码 - */ - public function removeRoles(int $memberId, string ...$roles): void - { - $roleIds = $this->roleService->selectIdsByCodes($roles); - if (!$roleIds) - { - return; - } - $this->memberRoleRelationModel::query()->where('member_id', '=', $memberId) - ->whereIn('role_id', $roleIds) - ->delete(); - } - - /** - * 增加操作权限. - * - * 传入操作代码 - * - * @Transaction - */ - public function addOperations(int $memberId, string ...$operations): void - { - foreach ($operations as $operationCode) - { - $operation = $this->operationService->getByCode($operationCode); - if (!$operation) - { - throw new OperationNotFound(sprintf('Operation code = %s does not found', $operationCode)); - } - $relation = $this->memberOperationRelationModel::newInstance(); - $relation->memberId = $memberId; - $relation->operationId = $operation->id; - $relation->save(); - } - } - - /** - * 设置操作权限. - * - * 传入操作代码 - * - * 调用后,只拥有本次传入的操作权限。不影响角色赋予的权限。 - * - * @Transaction - */ - public function setOperations(int $memberId, string ...$operations): void - { - $this->memberOperationRelationModel::query()->where('member_id', '=', $memberId)->delete(); - $this->addOperations($memberId, ...$operations); - } - - /** - * 获取支持的所有操作权限. - * - * @return \Imi\AC\Model\Operation[] - */ - public function getOperations(int $memberId): array - { - $result = []; - foreach (array_merge($this->getRoleOperations($memberId), $this->getOwnOperations($memberId)) as $operation) - { - $result[$operation->code] = $operation; - } - - return array_values($result); - } - - /** - * 获取角色授予当前用户的权限. - * - * @return \Imi\AC\Model\Operation[] - */ - public function getRoleOperations(int $memberId): array - { - $roles = $this->getRoles($memberId); - $result = []; - foreach ($roles as $role) - { - $operations = $this->roleService->getOperations($role->id); - foreach ($operations as $operation) - { - $result[$operation->code] = $operation; - } - } - - return array_values($result); - } - - /** - * 获取当前用户单独被授予的权限. - * - * @return \Imi\AC\Model\Operation[] - */ - public function getOwnOperations(int $memberId): array - { - $operationIds = $this->memberOperationRelationModel::query()->where('member_id', '=', $memberId) - ->field('operation_id') - ->select() - ->getColumn(); - - return $this->operationService->selectListByIds($operationIds); - } - - /** - * 移除操作权限. - * - * 传入操作代码 - */ - public function removeOperations(int $memberId, string ...$operations): void - { - $operationIds = $this->operationService->selectIdsByCodes($operations); - if (!$operationIds) - { - return; - } - $this->memberOperationRelationModel::query()->where('member_id', '=', $memberId) - ->whereIn('operation_id', $operationIds) - ->delete(); - } -} diff --git a/src/Components/access-control/src/Service/OperationService.php b/src/Components/access-control/src/Service/OperationService.php deleted file mode 100644 index 8827d5e69d..0000000000 --- a/src/Components/access-control/src/Service/OperationService.php +++ /dev/null @@ -1,169 +0,0 @@ -operationModel::find($id); - } - - /** - * 创建操作权限. - * - * @return \Imi\AC\Model\Operation|false - */ - public function create(string $name, ?string $code = null, int $parentId = 0, int $index = 0, string $description = '') - { - $record = $this->operationModel::newInstance(); - $record->name = $name; - $record->code = $code ?? $name; - $record->parentId = $parentId; - $record->index = $index; - $record->description = $description; - $result = $record->insert(); - if (!$result->isSuccess()) - { - return false; - } - - return $record; - } - - /** - * 更新操作权限. - */ - public function update(int $id, string $name, ?string $code, int $parentId = 0, int $index = 0, string $description = ''): bool - { - $record = $this->get($id); - if (!$record) - { - throw new OperationNotFound(sprintf('Operation id = %s does not found', $id)); - } - $record->name = $name; - $record->code = $code; - $record->parentId = $parentId; - $record->index = $index; - $record->description = $description; - - return $record->update()->isSuccess(); - } - - /** - * 删除操作. - */ - public function delete(int $id): bool - { - $record = $this->get($id); - if (!$record) - { - throw new OperationNotFound(sprintf('Operation id = %s does not found', $id)); - } - - return $record->delete()->isSuccess(); - } - - /** - * 根据代码获取角色. - */ - public function getByCode(string $code): ?Operation - { - return $this->operationModel::query()->where('code', '=', $code)->select()->get(); - } - - /** - * 根据多个角色获取操作ID. - * - * @return int[] - */ - public function selectIdsByCodes(array $codes): array - { - if (!$codes) - { - return []; - } - - return $this->operationModel::query()->field('id')->whereIn('code', $codes)->select()->getColumn(); - } - - /** - * 根据id列表查询记录. - * - * @return \Imi\AC\Model\Operation[] - */ - public function selectListByIds(array $ids): array - { - if (!$ids) - { - return []; - } - - return $this->operationModel::query()->whereIn('id', $ids) - ->order('index') - ->select() - ->getArray(); - } - - /** - * 查询列表. - * - * @return \Imi\AC\Model\Operation[] - */ - public function selectList(): array - { - return $this->operationModel::select(); - } - - /** - * 转为树形. - * - * @param \Imi\AC\Model\Operation[] $list - * - * @return \Imi\AC\Model\Filter\OperationTreeItem[] - */ - public function listToTree(array $list): array - { - $tree = []; - - // 查询出所有分类记录 - $arr2 = []; - // 处理成ID为键名的数组 - foreach ($list as $item) - { - $arr2[$item->id] = OperationTreeItem::newInstance($item->toArray()); - } - // 循环处理关联列表 - foreach ($arr2 as $item) - { - if (isset($arr2[$item->parentId])) - { - $arr2[$item->parentId]->children[] = $arr2[$item->id]; - } - else - { - $tree[] = $arr2[$item->id]; - } - } - - return $tree; - } -} diff --git a/src/Components/access-control/src/Service/RoleService.php b/src/Components/access-control/src/Service/RoleService.php deleted file mode 100644 index 583c9db14f..0000000000 --- a/src/Components/access-control/src/Service/RoleService.php +++ /dev/null @@ -1,220 +0,0 @@ -operationService = App::getBean($this->operationServiceBean); - } - - /** - * 获取角色. - */ - public function get(int $id): ?Role - { - return $this->roleModel::find($id); - } - - /** - * 根据代码获取角色. - */ - public function getByCode(string $code): ?Role - { - return $this->roleModel::query()->where('code', '=', $code)->select()->get(); - } - - /** - * 根据id列表查询记录. - * - * @return \Imi\AC\Model\Role[] - */ - public function selectListByIds(array $ids): array - { - if (!$ids) - { - return []; - } - - return $this->roleModel::query()->whereIn('id', $ids) - ->select() - ->getArray(); - } - - /** - * 根据多个角色获取操作ID. - * - * @return int[] - */ - public function selectIdsByCodes(array $codes): array - { - if (!$codes) - { - return []; - } - - return $this->roleModel::query()->field('id')->whereIn('code', $codes)->select()->getColumn(); - } - - /** - * 查询列表. - * - * @return \Imi\AC\Model\Role[] - */ - public function selectList(): array - { - return $this->roleModel::select(); - } - - /** - * 创建角色. - * - * @return \Imi\AC\Model\Role|false - */ - public function create(string $name, ?string $code = null, string $description = '') - { - $record = $this->roleModel::newInstance(); - $record->name = $name; - $record->code = $code ?? $name; - $record->description = $description; - $result = $record->insert(); - if (!$result->isSuccess()) - { - return false; - } - - return $record; - } - - /** - * 更新角色. - */ - public function update(int $id, string $name, ?string $code, string $description = ''): bool - { - $record = $this->get($id); - if (!$record) - { - throw new RoleNotFound(sprintf('Role id = %s does not found', $id)); - } - $record->name = $name; - $record->code = $code; - $record->description = $description; - - return $record->update()->isSuccess(); - } - - /** - * 删除角色. - */ - public function delete(int $id): bool - { - $record = $this->get($id); - if (!$record) - { - throw new RoleNotFound(sprintf('Role id = %s does not found', $id)); - } - - return $record->delete()->isSuccess(); - } - - /** - * 增加操作权限. - * - * 传入操作代码 - * - * @Transaction - */ - public function addOperations(int $roleId, string ...$operations): void - { - foreach ($operations as $operationCode) - { - $operation = $this->operationService->getByCode($operationCode); - if (!$operation) - { - throw new OperationNotFound(sprintf('Operation code = %s does not found', $operationCode)); - } - $relation = $this->roleOperationRelationModel::newInstance(); - $relation->roleId = $roleId; - $relation->operationId = $operation->id; - $relation->save(); - } - } - - /** - * 设置操作权限. - * - * 传入操作代码 - * - * 调用后,只拥有本次传入的操作权限 - * - * @Transaction - */ - public function setOperations(int $roleId, string ...$operations): void - { - $this->roleOperationRelationModel::query()->where('role_id', '=', $roleId)->delete(); - $this->addOperations($roleId, ...$operations); - } - - /** - * 获取支持的所有操作权限. - * - * @return \Imi\AC\Model\Operation[] - */ - public function getOperations(int $roleId): array - { - $operationIds = $this->roleOperationRelationModel::query()->where('role_id', '=', $roleId) - ->field('operation_id') - ->select() - ->getColumn(); - - return $this->operationService->selectListByIds($operationIds); - } - - /** - * 移除操作权限. - * - * 传入操作代码 - */ - public function removeOperations(int $roleId, string ...$operations): void - { - $operationIds = $this->operationService->selectIdsByCodes($operations); - if (!$operationIds) - { - return; - } - $this->roleOperationRelationModel::query()->where('role_id', '=', $roleId) - ->whereIn('operation_id', $operationIds) - ->delete(); - } -} diff --git a/src/Components/access-control/src/config/config.php b/src/Components/access-control/src/config/config.php deleted file mode 100644 index 59bab19404..0000000000 --- a/src/Components/access-control/src/config/config.php +++ /dev/null @@ -1,11 +0,0 @@ - [ - 'Imi\AC\AccessControl', - 'Imi\AC\Model', - 'Imi\AC\Service', - ], -]; diff --git a/src/Components/access-control/test/Tool/TestTool.php b/src/Components/access-control/test/Tool/TestTool.php deleted file mode 100644 index 71f258dbbd..0000000000 --- a/src/Components/access-control/test/Tool/TestTool.php +++ /dev/null @@ -1,74 +0,0 @@ -getRoleInfo()->toArray()); - // } - // $role = Role::create('test-' . mt_rand()); - // if($role) - // { - // var_dump($role->getRoleInfo()->toArray()); - // } - - // $role = new Role('test'); - // var_dump($role->getRoleInfo()->toArray()); - // $role->addOperations('文章新增', '文章更新'); - // var_dump(json_decode(json_encode($role->getOperations()), true), json_decode(json_encode($role->getOperationTree()), true)); - - // var_dump($role->hasOperations('文章新增'), $role->hasOperations('文章新增', '文章更新'), $role->hasOperations('文章新增', '文章删除')); - - // $role->setOperations('文章新增'); - // var_dump(json_decode(json_encode($role->getOperations()), true)); - - // $role->removeOperations('文章新增'); - // var_dump(json_decode(json_encode($role->getOperations()), true)); - - $member = new Member(1); - $member->addRoles('test-297864474', 'test-710491826'); - var_dump('roles', json_decode(json_encode($member->getRoles()), true)); - var_dump('operations', json_decode(json_encode($member->getOperations()), true)); - $member->setRoles('test-297864474', 'test-710491826'); - $member->removeRoles('test-297864474'); - var_dump('roles', json_decode(json_encode($member->getRoles()), true)); - var_dump('operations', json_decode(json_encode($member->getOperations()), true)); - var_dump($member->hasRoles('test-297864474'), $member->hasRoles('test-710491826')); - - $member->addOperations('30'); - var_dump('operations', json_decode(json_encode($member->getOperations()), true)); - $member->setOperations('28'); - var_dump('operations', json_decode(json_encode($member->getOperations()), true)); - var_dump($member->hasOperations('28')); - var_dump($member->hasOperations('30')); - $member->removeOperations('28'); - var_dump('operations', json_decode(json_encode($member->getOperations()), true)); - } -} diff --git a/src/Components/access-control/test/bin/imi b/src/Components/access-control/test/bin/imi deleted file mode 100644 index 7b281ebc30..0000000000 --- a/src/Components/access-control/test/bin/imi +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env php - 'Imi\AC\Test', - // 扫描目录 - 'beanScan' => [ - 'Imi\AC\Test\Tool', - ], - // 组件命名空间 - 'components' => [ - 'AccessControl' => 'Imi\AC', - 'Macro' => 'Imi\Macro', - ], - // 主服务器配置 - 'mainServer' => [ - ], - // 子服务器(端口监听)配置 - 'subServers' => [ - ], - // 配置文件 - 'configs' => [ - 'beans' => __DIR__ . '/beans.php', - ], - 'db' => [ - // 数据库默认连接池名 - 'defaultPool' => 'maindb', - ], - 'pools' => [ - // 数据库连接池名:maindb - 'maindb' => [ - 'pool' => [ - 'class' => \Imi\Db\Pool\SyncDbPool::class, - 'config' => [ - 'maxResources' => 10, - 'minResources' => 0, - ], - ], - 'resource' => [ - 'dbClass' => 'PdoMysqlDriver', - 'host' => env('MYSQL_SERVER_HOST', '127.0.0.1'), - 'username' => 'root', - 'password' => 'root', - 'database' => 'db_imi_access_control', - ], - ], - ], - - // 日志配置 - 'logger' => [ - 'channels' => [ - 'imi' => [ - 'handlers' => [ - [ - 'class' => \Imi\Log\Handler\ConsoleHandler::class, - 'formatter' => [ - 'class' => \Imi\Log\Formatter\ConsoleLineFormatter::class, - 'construct' => [ - 'format' => null, - 'dateFormat' => 'Y-m-d H:i:s', - 'allowInlineLineBreaks' => true, - 'ignoreEmptyContextAndExtra' => true, - ], - ], - ], - [ - 'class' => \Monolog\Handler\RotatingFileHandler::class, - 'construct' => [ - 'filename' => \dirname(__DIR__, 2) . '/log.log', - ], - 'formatter' => [ - 'class' => \Monolog\Formatter\LineFormatter::class, - 'construct' => [ - 'dateFormat' => 'Y-m-d H:i:s', - 'allowInlineLineBreaks' => true, - 'ignoreEmptyContextAndExtra' => true, - ], - ], - ], - ], - ], - ], - ], -];