<?php namespace Modules\Permissions\Middlewares; use Illuminate\Http\Request; use Modules\Common\Errors\Errors; use Modules\Common\Exceptions\CommonBusinessException; use Modules\User\Models\User; /** * 检测用户角色权限 * 使用方法: * Route::get('list', [FinanceCheckController::class, 'list'])->middleware(['roleCheck:aa,bb,cc']) * aa,bb,cc 代表可以操作的多个角色的 identify */ class RoleCheck { public function handle(Request $request, \Closure $next, ...$enableRoles) { /* @var User $user */ $user = $request->user(getGuardName()); $role = $user->roles(); if($role->pluck('identify')->intersect($enableRoles)->isEmpty()) { CommonBusinessException::throwError(Errors::NO_OPERATE_PERMISSION); } return $next($request); } }