From 2a4bf701f2517ac0b63ca0aa2821c36bb4e9d497 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=85=94=E5=A7=AC=E6=A1=91?= Date: Fri, 11 Dec 2020 05:57:47 +0800 Subject: [PATCH] Add RBAC Module & More MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1. 添加RBAC的权限&角色控制件; 2. 将用户‘is_admin’转换为角色; 3. 针对RBAC对管理页面进行定制化处理; 4. 加深layout分层处理; 5. 修改部分路由名称; 6. 分解路由文件至多文件; --- app/Console/Commands/AutoJob.php | 5 - .../Admin/PermissionController.php | 93 +- app/Http/Controllers/Admin/RoleController.php | 102 +- .../Controllers/Admin/TicketController.php | 13 +- app/Http/Controllers/Admin/UserController.php | 94 +- .../Controllers/Admin/UserGroupController.php | 34 +- app/Http/Controllers/AdminController.php | 30 - app/Http/Controllers/AuthController.php | 20 +- app/Http/Controllers/UserController.php | 4 + app/Http/Kernel.php | 19 +- app/Http/Middleware/Permission.php | 31 + app/Http/Middleware/isAdmin.php | 28 - app/Http/Requests/Admin/UserUpdateRequest.php | 5 +- app/Providers/AuthServiceProvider.php | 6 +- app/Providers/RouteServiceProvider.php | 19 +- app/Providers/TelescopeServiceProvider.php | 2 +- composer.lock | 90 +- config/permission.php | 2 +- .../2020_12_07_120247_permission_data.php | 176 ++++ resources/views/_layout.blade.php | 91 ++ resources/views/admin/aff/detail.blade.php | 8 +- resources/views/admin/aff/index.blade.php | 42 +- resources/views/admin/article/index.blade.php | 86 +- resources/views/admin/config/config.blade.php | 749 +++++++------- .../views/admin/config/emailFilter.blade.php | 177 ++-- .../views/admin/config/profile.blade.php | 32 - resources/views/admin/config/system.blade.php | 33 +- resources/views/admin/coupon/index.blade.php | 26 +- resources/views/admin/index.blade.php | 474 ++++----- resources/views/admin/inviteList.blade.php | 121 +-- resources/views/admin/layouts.blade.php | 914 +++++++++--------- resources/views/admin/logs/callback.blade.php | 6 +- resources/views/admin/logs/order.blade.php | 6 +- resources/views/admin/logs/traffic.blade.php | 6 +- .../views/admin/logs/userBanHistory.blade.php | 6 +- .../views/admin/logs/userTraffic.blade.php | 6 +- .../views/admin/marketing/pushList.blade.php | 92 +- resources/views/admin/node/auth.blade.php | 34 +- .../views/admin/node/cert/index.blade.php | 91 +- resources/views/admin/node/index.blade.php | 368 +++---- .../views/admin/permission/index.blade.php | 102 ++ .../views/admin/permission/info.blade.php | 54 ++ resources/views/admin/role/index.blade.php | 109 +++ resources/views/admin/role/info.blade.php | 125 +++ .../views/admin/rule/group/index.blade.php | 101 +- resources/views/admin/rule/index.blade.php | 124 ++- resources/views/admin/rule/log.blade.php | 14 +- resources/views/admin/shop/index.blade.php | 35 +- .../views/admin/subscribe/index.blade.php | 22 +- resources/views/admin/ticket/index.blade.php | 94 +- resources/views/admin/ticket/reply.blade.php | 172 ++-- resources/views/admin/user/export.blade.php | 113 ++- .../views/admin/user/group/index.blade.php | 90 +- .../views/admin/user/group/info.blade.php | 23 +- resources/views/admin/user/index.blade.php | 132 ++- resources/views/admin/user/info.blade.php | 111 ++- resources/views/auth/error.blade.php | 123 +-- resources/views/auth/layouts.blade.php | 235 ++--- resources/views/auth/maintenance.blade.php | 162 +--- .../views/components/chat-unit.blade.php | 2 +- resources/views/user/layouts.blade.php | 525 +++++----- routes/admin.php | 119 +++ routes/user.php | 38 + routes/web.php | 159 +-- 64 files changed, 3802 insertions(+), 3123 deletions(-) create mode 100644 app/Http/Middleware/Permission.php delete mode 100644 app/Http/Middleware/isAdmin.php create mode 100644 database/migrations/2020_12_07_120247_permission_data.php create mode 100644 resources/views/_layout.blade.php delete mode 100644 resources/views/admin/config/profile.blade.php create mode 100644 resources/views/admin/permission/index.blade.php create mode 100644 resources/views/admin/permission/info.blade.php create mode 100644 resources/views/admin/role/index.blade.php create mode 100644 resources/views/admin/role/info.blade.php create mode 100644 routes/admin.php create mode 100644 routes/user.php diff --git a/app/Console/Commands/AutoJob.php b/app/Console/Commands/AutoJob.php index c0e70220..ef6e76c9 100644 --- a/app/Console/Commands/AutoJob.php +++ b/app/Console/Commands/AutoJob.php @@ -149,11 +149,6 @@ class AutoJob extends Command if (sysConfig('is_traffic_ban')) { $trafficBanTime = sysConfig('traffic_ban_time'); foreach (User::activeUser()->whereBanTime(null)->get() as $user) { - // 对管理员豁免 - if ($user->is_admin) { - continue; - } - // 多往前取5分钟,防止数据统计任务执行时间过长导致没有数据 if ($user->isTrafficWarning()) { $user->update([ diff --git a/app/Http/Controllers/Admin/PermissionController.php b/app/Http/Controllers/Admin/PermissionController.php index 4f686dfe..09356e57 100644 --- a/app/Http/Controllers/Admin/PermissionController.php +++ b/app/Http/Controllers/Admin/PermissionController.php @@ -5,82 +5,67 @@ namespace App\Http\Controllers\Admin; use App\Http\Controllers\Controller; use Illuminate\Http\Request; use Illuminate\Http\Response; +use Spatie\Permission\Models\Permission; class PermissionController extends Controller { - /** - * Display a listing of the resource. - * - * @return Response - */ public function index() { - // + $permissions = Permission::query()->paginate(15); + + return view('admin.permission.index', compact('permissions')); } - /** - * Show the form for creating a new resource. - * - * @return Response - */ public function create() { - // + return view('admin.permission.info'); } - /** - * Store a newly created resource in storage. - * - * @param Request $request - * @return Response - */ public function store(Request $request) { - // + $validator = validator()->make($request->all(), ['name' => 'required', 'description' => 'required']); + + if ($validator->fails()) { + return redirect()->back()->withInput()->withErrors($validator->errors()); + } + + $permission = Permission::create($request->all()); + + if ($permission) { + return redirect()->route('admin.permission.edit', $permission)->with('successMsg', '操作成功'); + } + + return redirect()->back()->withInput()->withErrors('操作失败'); } - /** - * Display the specified resource. - * - * @param int $id - * @return Response - */ - public function show($id) + public function edit(Permission $permission) { - // + return view('admin.permission.info', compact('permission')); } - /** - * Show the form for editing the specified resource. - * - * @param int $id - * @return Response - */ - public function edit($id) + public function update(Request $request, Permission $permission) { - // + $validator = validator()->make($request->all(), ['name' => 'required', 'description' => 'required']); + + if ($validator->fails()) { + return redirect()->back()->withInput()->withErrors($validator->errors()); + } + + if ($permission->update($request->all())) { + return redirect()->back()->with('successMsg', '操作成功'); + } + + return redirect()->back()->withInput()->withErrors('操作失败'); } - /** - * Update the specified resource in storage. - * - * @param Request $request - * @param int $id - * @return Response - */ - public function update(Request $request, $id) + public function destroy(Permission $permission) { - // - } + try { + $permission->delete(); + } catch (Exception $e) { + return Response::json(['status' => 'fail', 'message' => '删除失败,'.$e->getMessage()]); + } - /** - * Remove the specified resource from storage. - * - * @param int $id - * @return Response - */ - public function destroy($id) - { - // + return Response::json(['status' => 'success', 'message' => '清理成功']); } } diff --git a/app/Http/Controllers/Admin/RoleController.php b/app/Http/Controllers/Admin/RoleController.php index eb65a91e..45b8ce13 100644 --- a/app/Http/Controllers/Admin/RoleController.php +++ b/app/Http/Controllers/Admin/RoleController.php @@ -4,83 +4,75 @@ namespace App\Http\Controllers\Admin; use App\Http\Controllers\Controller; use Illuminate\Http\Request; -use Illuminate\Http\Response; +use Spatie\Permission\Models\Permission; +use Spatie\Permission\Models\Role; class RoleController extends Controller { - /** - * Display a listing of the resource. - * - * @return Response - */ public function index() { - // + $roles = Role::with('permissions')->paginate(15); + + return view('admin.role.index', compact('roles')); } - /** - * Show the form for creating a new resource. - * - * @return Response - */ public function create() { - // + $permissions = Permission::all()->pluck('description', 'name'); + + return view('admin.role.info', compact('permissions')); } - /** - * Store a newly created resource in storage. - * - * @param Request $request - * @return Response - */ public function store(Request $request) { - // + $validator = validator()->make($request->all(), ['name' => 'required', 'description' => 'required']); + + if ($validator->fails()) { + return redirect()->back()->withInput()->withErrors($validator->errors()); + } + + $role = Role::create($request->except('permissions')); + $permissions = $request->input('permissions') ?: []; + if ($role->givePermissionTo($permissions)) { + return redirect()->route('admin.role.edit', $role)->with('successMsg', '操作成功'); + } + + return redirect()->back()->withInput()->withErrors('操作失败'); } - /** - * Display the specified resource. - * - * @param int $id - * @return Response - */ - public function show($id) + public function edit(Role $role) { - // + $role->load('permissions'); + $permissions = Permission::all()->pluck('description', 'name'); + + return view('admin.role.info', compact('role', 'permissions')); } - /** - * Show the form for editing the specified resource. - * - * @param int $id - * @return Response - */ - public function edit($id) + public function update(Request $request, Role $role) { - // + $validator = validator()->make($request->all(), ['name' => 'required', 'description' => 'required']); + + if ($validator->fails()) { + return redirect()->back()->withInput()->withErrors($validator->errors()); + } + + $role->update($request->except('permissions')); + $permissions = $request->input('permissions') ?: []; + if ($role->syncPermissions($permissions)) { + return redirect()->back()->with('successMsg', '操作成功'); + } + + return redirect()->back()->withInput()->withErrors('操作失败'); } - /** - * Update the specified resource in storage. - * - * @param Request $request - * @param int $id - * @return Response - */ - public function update(Request $request, $id) + public function destroy(Role $role) { - // - } + try { + $role->delete(); + } catch (Exception $e) { + return Response::json(['status' => 'fail', 'message' => '删除失败,'.$e->getMessage()]); + } - /** - * Remove the specified resource from storage. - * - * @param int $id - * @return Response - */ - public function destroy($id) - { - // + return Response::json(['status' => 'success', 'message' => '清理成功']); } } diff --git a/app/Http/Controllers/Admin/TicketController.php b/app/Http/Controllers/Admin/TicketController.php index 053f3f0c..06b392a2 100644 --- a/app/Http/Controllers/Admin/TicketController.php +++ b/app/Http/Controllers/Admin/TicketController.php @@ -104,17 +104,8 @@ class TicketController extends Controller $content = '标题:'.$ticket->title.'
管理员回复:'.$content; // 发通知邮件 - if (! Auth::getUser()->is_admin) { - if (sysConfig('webmaster_email')) { - $logId = Helpers::addNotificationLog($title, $content, 1, sysConfig('webmaster_email')); - Mail::to(sysConfig('webmaster_email'))->send(new replyTicket($logId, $title, $content)); - } - // 推送通知管理员 - PushNotification::send($title, $content); - } else { - $logId = Helpers::addNotificationLog($title, $content, 1, $ticket->user->email); - Mail::to($ticket->user->email)->send(new replyTicket($logId, $title, $content)); - } + $logId = Helpers::addNotificationLog($title, $content, 1, $ticket->user->email); + Mail::to($ticket->user->email)->send(new replyTicket($logId, $title, $content)); return Response::json(['status' => 'success', 'message' => '回复成功']); } diff --git a/app/Http/Controllers/Admin/UserController.php b/app/Http/Controllers/Admin/UserController.php index e14fbff9..a4b97e8f 100644 --- a/app/Http/Controllers/Admin/UserController.php +++ b/app/Http/Controllers/Admin/UserController.php @@ -21,6 +21,7 @@ use Log; use Redirect; use Response; use Session; +use Spatie\Permission\Models\Role; use Str; class UserController extends Controller @@ -114,9 +115,18 @@ class UserController extends Controller // 添加账号页面 public function create() { + if (Auth::getUser()->hasRole('Super Admin')) { + $roles = Role::all()->pluck('description', 'name'); + } elseif (Auth::getUser()->hasPermissionTo('give roles')) { + $roles = Auth::getUser()->roles(); + } else { + $roles = []; + } + return view('admin.user.info', [ - 'levelList' => Level::orderBy('level')->get(), - 'groupList' => UserGroup::orderBy('id')->get(), + 'levels' => Level::orderBy('level')->get(), + 'userGroups' => UserGroup::orderBy('id')->get(), + 'roles' => $roles, ]); } @@ -124,7 +134,7 @@ class UserController extends Controller public function store(UserStoreRequest $request): JsonResponse { try { - $data = $request->except('_token', 'uuid'); + $data = $request->except('_token', 'uuid', 'roles'); $data['password'] = $data['password'] ?? Str::random(); $data['port'] = $data['port'] ?? Helpers::getPort(); $data['passwd'] = $data['passwd'] ?? Str::random(); @@ -135,6 +145,12 @@ class UserController extends Controller $data['reset_time'] = $data['reset_time'] > date('Y-m-d') ? $data['reset_time'] : null; $user = User::create($data); + $roles = $request->input('roles'); + if ($roles && (Auth::getUser()->hasPermissionTo('give roles') || Auth::getUser()->hasRole('Super Admin')) + || (in_array('Super Admin', $roles, true) && Auth::getUser()->hasRole('Super Admin'))) { + $user->assignRole($roles); + } + if ($user) { // 写入用户流量变动记录 Helpers::addUserTrafficModifyLog($user->id, null, 0, $data['transfer_enable'], '后台手动添加用户'); @@ -151,24 +167,29 @@ class UserController extends Controller } // 编辑账号页面 - public function edit($id) + public function edit(User $user) { - $user = User::find($id); + if (Auth::getUser()->hasRole('Super Admin')) { + $roles = Role::all()->pluck('description', 'name'); + } elseif (Auth::getUser()->hasPermissionTo('give roles')) { + $roles = Auth::getUser()->roles(); + } else { + $roles = []; + } return view('admin.user.info', [ 'user' => $user->load('inviter:id,email'), - 'levelList' => Level::orderBy('level')->get(), - 'groupList' => UserGroup::orderBy('id')->get(), + 'levels' => Level::orderBy('level')->get(), + 'userGroups' => UserGroup::orderBy('id')->get(), + 'roles' => $roles, ]); } // 编辑账号 - public function update(UserUpdateRequest $request, $id) + public function update(UserUpdateRequest $request, User $user) { - $user = User::find($id); - try { - $data = $request->except('_token', 'password', 'uuid', 'password', 'is_admin'); + $data = $request->except('_token', 'password', 'uuid', 'password', 'roles'); $data['passwd'] = $request->input('passwd') ?? Str::random(); $data['vmess_id'] = $request->input('uuid') ?? Str::uuid(); $data['transfer_enable'] *= GB; @@ -176,6 +197,14 @@ class UserController extends Controller $data['expired_at'] = $data['expired_at'] ?? date('Y-m-d', strtotime('+365 days')); $data['remark'] = str_replace(['atob', 'eval'], '', $data['remark']); + // 只有超级管理员才能赋予超级管理员 + $roles = $request->input('roles'); + + if ($roles && (Auth::getUser()->hasPermissionTo('give roles') || Auth::getUser()->hasRole('Super Admin')) + || (in_array('Super Admin', $roles, true) && Auth::getUser()->hasRole('Super Admin'))) { + $user->syncRoles($roles); + } + // Input checking for dummy if ($data['enable'] === '1') { if ($data['status'] === '-1' || $data['transfer_enable'] === 0 || $data['expired_at'] < date('Y-m-d')) { @@ -183,20 +212,15 @@ class UserController extends Controller } } - // 只有admin才有权限操作管理员属性 - if (Auth::getUser()->is_admin === 1) { - $data['is_admin'] = (int) $request->input('is_admin'); - } - // 非演示环境才可以修改管理员密码 $password = $request->input('password'); - if (! empty($password) && ! (env('APP_DEMO') && $id === 1)) { + if (! empty($password) && ! (env('APP_DEMO') && $user->id === 1)) { $data['password'] = $password; } // 写入用户流量变动记录 if ($user->transfer_enable !== $data['transfer_enable']) { - Helpers::addUserTrafficModifyLog($id, null, $user->transfer_enable, $data['transfer_enable'], '后台手动编辑用户'); + Helpers::addUserTrafficModifyLog($user->id, null, $user->transfer_enable, $data['transfer_enable'], '后台手动编辑用户'); } if ($user->update($data)) { @@ -212,26 +236,23 @@ class UserController extends Controller } // 删除用户 - public function destroy($id) + public function destroy(User $user) { - if ($id <= 1) { + if ($user->id === 1) { return Response::json(['status' => 'fail', 'message' => '系统管理员不可删除']); } try { - DB::beginTransaction(); - - User::find($id)->delete(); - - DB::commit(); - - return Response::json(['status' => 'success', 'message' => '删除成功']); + if ($user->delete()) { + return Response::json(['status' => 'success', 'message' => '删除成功']); + } } catch (Exception $e) { Log::error('删除用户信息异常:'.$e->getMessage()); - DB::rollBack(); - return Response::json(['status' => 'fail', 'message' => '删除失败']); + return Response::json(['status' => 'fail', 'message' => '删除失败'.$e->getMessage()]); } + + return Response::json(['status' => 'fail', 'message' => '删除失败']); } // 批量生成账号 @@ -262,16 +283,14 @@ class UserController extends Controller // 转换成某个用户的身份 public function switchToUser(Request $request): JsonResponse { - $id = $request->input('user_id'); - - $user = User::find($id); + $user = User::find($request->input('user_id')); if (! $user) { return Response::json(['status' => 'fail', 'message' => '用户不存在']); } // 存储当前管理员ID,并将当前登录信息改成要切换的用户的身份信息 Session::put('admin', Auth::id()); - Auth::login($user); + Session::put('user', $user->id); return Response::json(['status' => 'success', 'message' => '身份切换成功']); } @@ -312,14 +331,9 @@ class UserController extends Controller } // 导出配置信息 - public function export(Request $request, $id) + public function export(Request $request, User $user) { - if (empty($id)) { - return Redirect::back(); - } - - $user = User::find($id); - if (empty($user)) { + if ($user === null) { return Redirect::back(); } diff --git a/app/Http/Controllers/Admin/UserGroupController.php b/app/Http/Controllers/Admin/UserGroupController.php index 374afc2f..5202acca 100644 --- a/app/Http/Controllers/Admin/UserGroupController.php +++ b/app/Http/Controllers/Admin/UserGroupController.php @@ -26,15 +26,15 @@ class UserGroupController extends Controller // 添加用户分组页面 public function create() { - $view['nodeList'] = Node::whereStatus(1)->get(); + $nodes = Node::whereStatus(1)->pluck('name', 'id'); - return view('admin.user.group.info', $view); + return view('admin.user.group.info', compact('nodes')); } // 添加用户分组 public function store(Request $request): RedirectResponse { - $validator = Validator::make($request->all(), ['name' => 'required', 'nodes' => 'required']); + $validator = Validator::make($request->all(), ['name' => 'required']); if ($validator->fails()) { return Redirect::back()->withInput()->withErrors($validator->errors()); @@ -50,21 +50,25 @@ class UserGroupController extends Controller } // 编辑用户分组页面 - public function edit($id) + public function edit(UserGroup $group) { - $view['userGroup'] = UserGroup::findOrFail($id); - $view['nodeList'] = Node::whereStatus(1)->get(); + $nodes = Node::whereStatus(1)->pluck('name', 'id'); - return view('admin.user.group.info', $view); + return view('admin.user.group.info', compact('group', 'nodes')); } // 编辑用户分组 - public function update(Request $request, $id) + public function update(Request $request, UserGroup $group) { - $userGroup = UserGroup::findOrFail($id); - $userGroup->name = $request->input('name'); - $userGroup->nodes = $request->input('nodes'); - if ($userGroup->save()) { + $validator = Validator::make($request->all(), ['name' => 'required']); + + if ($validator->fails()) { + return Redirect::back()->withInput()->withErrors($validator->errors()); + } + + $group->name = $request->input('name'); + $group->nodes = $request->input('nodes'); + if ($group->save()) { return Redirect::back()->with('successMsg', '操作成功'); } @@ -72,15 +76,15 @@ class UserGroupController extends Controller } // 删除用户分组 - public function destroy($id): JsonResponse + public function destroy(UserGroup $group): JsonResponse { // 校验该分组下是否存在关联账号 - if (User::whereGroupId($id)->count()) { + if (User::whereGroupId($group->id)->count()) { return Response::json(['status' => 'fail', 'message' => '该分组下存在关联账号,请先取消关联!']); } try { - UserGroup::whereId($id)->delete(); + $group->delete(); } catch (Exception $e) { return Response::json(['status' => 'fail', 'message' => '删除失败,'.$e->getMessage()]); } diff --git a/app/Http/Controllers/AdminController.php b/app/Http/Controllers/AdminController.php index d6c3a0f3..4123ef01 100644 --- a/app/Http/Controllers/AdminController.php +++ b/app/Http/Controllers/AdminController.php @@ -67,31 +67,6 @@ class AdminController extends Controller return view('admin.index', $view); } - // 修改个人资料 - public function profile(Request $request) - { - if ($request->isMethod('POST')) { - $new_password = $request->input('new_password'); - - if (! Hash::check($request->input('old_password'), Auth::getUser()->password)) { - return Redirect::back()->withErrors('旧密码错误,请重新输入'); - } - - if (Hash::check($new_password, Auth::getUser()->password)) { - return Redirect::back()->withErrors('新密码不可与旧密码一样,请重新输入'); - } - - $ret = Auth::getUser()->update(['password' => $new_password]); - if (! $ret) { - return Redirect::back()->withErrors('修改失败'); - } - - return Redirect::back()->with('successMsg', '修改成功'); - } - - return view('admin.config.profile'); - } - // 邀请码列表 public function inviteList(Request $request) { @@ -165,9 +140,4 @@ class AdminController extends Controller return view('admin.config.config', $view); } - - public function getPort(): int - { - return Helpers::getPort(); - } } diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php index 111eb6de..bcc492dd 100644 --- a/app/Http/Controllers/AuthController.php +++ b/app/Http/Controllers/AuthController.php @@ -72,18 +72,16 @@ class AuthController extends Controller } // 校验普通用户账号状态 - if (! $user->is_admin) { - if ($user->status < 0) { - Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话 + if ($user->status < 0) { + Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话 - return Redirect::back()->withInput()->withErrors(trans('auth.login_ban', ['email' => sysConfig('webmaster_email')])); - } + return Redirect::back()->withInput()->withErrors(trans('auth.login_ban', ['email' => sysConfig('webmaster_email')])); + } - if ($user->status === 0 && sysConfig('is_activate_account')) { - Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话 + if ($user->status === 0 && sysConfig('is_activate_account')) { + Auth::logout(); // 强制销毁会话,因为Auth::attempt的时候会产生会话 - return Redirect::back()->withInput()->withErrors(trans('auth.active_tip').'【'.trans('auth.active_account').'】'); - } + return Redirect::back()->withInput()->withErrors(trans('auth.active_tip').'【'.trans('auth.active_account').'】'); } // 写入登录日志 @@ -93,7 +91,7 @@ class AuthController extends Controller Auth::getUser()->update(['last_login' => time()]); // 根据权限跳转 - if ($user->is_admin) { + if ($user->hasPermissionTo('admin.index')) { return Redirect::route('admin.index'); } @@ -101,7 +99,7 @@ class AuthController extends Controller } if (Auth::check()) { - if (Auth::getUser()->is_admin) { + if (Auth::getUser()->hasPermissionTo('admin.index')) { return Redirect::route('admin.index'); } diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php index 3446fc56..9b9dc856 100644 --- a/app/Http/Controllers/UserController.php +++ b/app/Http/Controllers/UserController.php @@ -43,6 +43,10 @@ class UserController extends Controller { public function index() { + if (Session::has('user')) { + Auth::loginUsingId(Session::get('user')); + Session::forget('user'); + } $user = Auth::getUser(); $totalTransfer = $user->transfer_enable; $usedTransfer = $user->usedTraffic(); diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 8e7084df..6353996d 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -6,12 +6,12 @@ use App\Http\Middleware\Affiliate; use App\Http\Middleware\Authenticate; use App\Http\Middleware\CheckForMaintenanceMode; use App\Http\Middleware\EncryptCookies; -use App\Http\Middleware\isAdmin; use App\Http\Middleware\isAdminLogin; use App\Http\Middleware\isForbidden; use App\Http\Middleware\isLogin; use App\Http\Middleware\isMaintenance; use App\Http\Middleware\isSecurity; +use App\Http\Middleware\Permission; use App\Http\Middleware\RedirectIfAuthenticated; use App\Http\Middleware\SetLocale; use App\Http\Middleware\TrimStrings; @@ -33,7 +33,6 @@ use Illuminate\Routing\Middleware\ThrottleRequests; use Illuminate\Routing\Middleware\ValidateSignature; use Illuminate\Session\Middleware\StartSession; use Illuminate\View\Middleware\ShareErrorsFromSession; -use Spatie\Permission\Middlewares\PermissionMiddleware; class Kernel extends HttpKernel { @@ -71,6 +70,18 @@ class Kernel extends HttpKernel SubstituteBindings::class, ], + 'user' => [ + isForbidden::class, + isMaintenance::class, + isLogin::class, + ], + + 'admin' => [ + isForbidden::class, + isAdminLogin::class, + Permission::class, + ], + 'api' => [ 'throttle:60,1', SubstituteBindings::class, @@ -96,13 +107,9 @@ class Kernel extends HttpKernel 'throttle' => ThrottleRequests::class, 'verified' => EnsureEmailIsVerified::class, 'webApi' => WebApi::class, - 'isAdmin' => isAdmin::class, - 'isAdminLogin' => isAdminLogin::class, - 'isLogin' => isLogin::class, 'isMaintenance' => isMaintenance::class, 'isSecurity' => isSecurity::class, 'isForbidden' => isForbidden::class, 'affiliate' => Affiliate::class, - 'permission' => PermissionMiddleware::class, ]; } diff --git a/app/Http/Middleware/Permission.php b/app/Http/Middleware/Permission.php new file mode 100644 index 00000000..e51fb02a --- /dev/null +++ b/app/Http/Middleware/Permission.php @@ -0,0 +1,31 @@ +guard($guard)->guest()) { + throw UnauthorizedException::notLoggedIn(); + } + + $route = request()->route()->getName(); + if (app('auth')->guard($guard)->user()->can($route)) { + return $next($request); + } + + throw UnauthorizedException::forPermissions((array) $route); + } +} diff --git a/app/Http/Middleware/isAdmin.php b/app/Http/Middleware/isAdmin.php deleted file mode 100644 index 54325158..00000000 --- a/app/Http/Middleware/isAdmin.php +++ /dev/null @@ -1,28 +0,0 @@ -is_admin) { - return Redirect::route('home'); - } - - return $next($request); - } -} diff --git a/app/Http/Requests/Admin/UserUpdateRequest.php b/app/Http/Requests/Admin/UserUpdateRequest.php index 526e6d19..fd116d22 100644 --- a/app/Http/Requests/Admin/UserUpdateRequest.php +++ b/app/Http/Requests/Admin/UserUpdateRequest.php @@ -10,8 +10,8 @@ class UserUpdateRequest extends FormRequest { return [ 'username' => 'required', - 'email' => 'required|unique:user,email,'.$this->user, - 'port' => 'required|numeric|exclude_if:port,0|gt:0|unique:user,port,'.$this->user, + 'email' => 'required|unique:user,email,'.$this->user->id, + 'port' => 'required|numeric|exclude_if:port,0|gt:0|unique:user,port,'.$this->user->id, 'passwd' => 'required|string', 'uuid' => 'required|uuid', 'transfer_enable' => 'required|numeric', @@ -24,7 +24,6 @@ class UserUpdateRequest extends FormRequest 'remark' => 'nullable|string', 'level' => 'required|numeric', 'group_id' => 'numeric', - 'is_admin' => 'boolean|exclude_unless:id,1|gte:1', 'reset_time' => 'nullable|date_format:Y-m-d', 'invite_num' => 'numeric', 'status' => 'required|integer|between:-1,1', diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 82255dc2..47590c45 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -2,6 +2,7 @@ namespace App\Providers; +use Gate; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; class AuthServiceProvider extends ServiceProvider @@ -23,6 +24,9 @@ class AuthServiceProvider extends ServiceProvider public function boot() { $this->registerPolicies(); - // + + Gate::before(function ($user) { + return $user->hasRole('Super Admin') ? true : null; + }); } } diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php index fd23b3ea..a83ec15b 100644 --- a/app/Providers/RouteServiceProvider.php +++ b/app/Providers/RouteServiceProvider.php @@ -44,7 +44,10 @@ class RouteServiceProvider extends ServiceProvider $this->mapApiRoutes(); $this->mapWebRoutes(); - // + + $this->mapUserRoutes(); + + $this->mapAdminRoutes(); } /** @@ -75,4 +78,18 @@ class RouteServiceProvider extends ServiceProvider ->namespace($this->namespace) ->group(base_path('routes/web.php')); } + + protected function mapUserRoutes() + { + Route::middleware(['web', 'user']) + ->namespace($this->namespace) + ->group(base_path('routes/user.php')); + } + + protected function mapAdminRoutes() + { + Route::middleware(['web', 'admin']) + ->namespace($this->namespace) + ->group(base_path('routes/admin.php')); + } } diff --git a/app/Providers/TelescopeServiceProvider.php b/app/Providers/TelescopeServiceProvider.php index 86ce0e2c..3f7937b1 100644 --- a/app/Providers/TelescopeServiceProvider.php +++ b/app/Providers/TelescopeServiceProvider.php @@ -63,7 +63,7 @@ class TelescopeServiceProvider extends TelescopeApplicationServiceProvider protected function gate() { Gate::define('viewTelescope', function ($user) { - return $user->is_admin; + return $user->hasRole('Super Admin'); }); } } diff --git a/composer.lock b/composer.lock index a4ae260f..7c85825b 100644 --- a/composer.lock +++ b/composer.lock @@ -4249,16 +4249,16 @@ }, { "name": "stripe/stripe-php", - "version": "v7.66.1", + "version": "v7.67.0", "source": { "type": "git", "url": "https://github.com/stripe/stripe-php.git", - "reference": "a2ebaa272a8797b21e81afaf8d5ba0953ff15e13" + "reference": "935d2c67912007f6d17b6c08a62050252c509129" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/stripe/stripe-php/zipball/a2ebaa272a8797b21e81afaf8d5ba0953ff15e13", - "reference": "a2ebaa272a8797b21e81afaf8d5ba0953ff15e13", + "url": "https://api.github.com/repos/stripe/stripe-php/zipball/935d2c67912007f6d17b6c08a62050252c509129", + "reference": "935d2c67912007f6d17b6c08a62050252c509129", "shasum": "" }, "require": { @@ -4268,7 +4268,7 @@ "php": ">=5.6.0" }, "require-dev": { - "friendsofphp/php-cs-fixer": "2.16.5", + "friendsofphp/php-cs-fixer": "2.17.1", "php-coveralls/php-coveralls": "^2.1", "phpunit/phpunit": "^5.7", "squizlabs/php_codesniffer": "^3.3", @@ -4304,38 +4304,37 @@ ], "support": { "issues": "https://github.com/stripe/stripe-php/issues", - "source": "https://github.com/stripe/stripe-php/tree/v7.66.1" + "source": "https://github.com/stripe/stripe-php/tree/v7.67.0" }, - "time": "2020-12-01T18:44:12+00:00" + "time": "2020-12-09T19:00:34+00:00" }, { "name": "swiftmailer/swiftmailer", - "version": "v6.2.3", + "version": "v6.2.4", "source": { "type": "git", "url": "https://github.com/swiftmailer/swiftmailer.git", - "reference": "149cfdf118b169f7840bbe3ef0d4bc795d1780c9" + "reference": "56f0ab23f54c4ccbb0d5dcc67ff8552e0c98d59e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/149cfdf118b169f7840bbe3ef0d4bc795d1780c9", - "reference": "149cfdf118b169f7840bbe3ef0d4bc795d1780c9", + "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/56f0ab23f54c4ccbb0d5dcc67ff8552e0c98d59e", + "reference": "56f0ab23f54c4ccbb0d5dcc67ff8552e0c98d59e", "shasum": "" }, "require": { - "egulias/email-validator": "~2.0", + "egulias/email-validator": "^2.0", "php": ">=7.0.0", "symfony/polyfill-iconv": "^1.0", "symfony/polyfill-intl-idn": "^1.10", "symfony/polyfill-mbstring": "^1.0" }, "require-dev": { - "mockery/mockery": "~0.9.1", - "symfony/phpunit-bridge": "^3.4.19|^4.1.8" + "mockery/mockery": "^1.0", + "symfony/phpunit-bridge": "^4.4|^5.0" }, "suggest": { - "ext-intl": "Needed to support internationalized email addresses", - "true/punycode": "Needed to support internationalized email addresses, if ext-intl is not installed" + "ext-intl": "Needed to support internationalized email addresses" }, "type": "library", "extra": { @@ -4370,9 +4369,19 @@ ], "support": { "issues": "https://github.com/swiftmailer/swiftmailer/issues", - "source": "https://github.com/swiftmailer/swiftmailer/tree/v6.2.3" + "source": "https://github.com/swiftmailer/swiftmailer/tree/v6.2.4" }, - "time": "2019-11-12T09:31:26+00:00" + "funding": [ + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/swiftmailer/swiftmailer", + "type": "tidelift" + } + ], + "time": "2020-12-08T18:02:06+00:00" }, { "name": "symfony/console", @@ -7471,21 +7480,21 @@ }, { "name": "barryvdh/laravel-ide-helper", - "version": "v2.8.1", + "version": "v2.8.2", "source": { "type": "git", "url": "https://github.com/barryvdh/laravel-ide-helper.git", - "reference": "affa55122f83575888d4ebf1728992686e8223de" + "reference": "5515cabea39b9cf55f98980d0f269dc9d85cfcca" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/barryvdh/laravel-ide-helper/zipball/affa55122f83575888d4ebf1728992686e8223de", - "reference": "affa55122f83575888d4ebf1728992686e8223de", + "url": "https://api.github.com/repos/barryvdh/laravel-ide-helper/zipball/5515cabea39b9cf55f98980d0f269dc9d85cfcca", + "reference": "5515cabea39b9cf55f98980d0f269dc9d85cfcca", "shasum": "" }, "require": { "barryvdh/reflection-docblock": "^2.0.6", - "composer/composer": "^1.6 || ^2.0@dev", + "composer/composer": "^1.6 || ^2", "doctrine/dbal": "~2.3", "ext-json": "*", "illuminate/console": "^6 || ^7 || ^8", @@ -7495,13 +7504,14 @@ "phpdocumentor/type-resolver": "^1.1.0" }, "require-dev": { + "ext-pdo_sqlite": "*", "friendsofphp/php-cs-fixer": "^2", "illuminate/config": "^6 || ^7 || ^8", "illuminate/view": "^6 || ^7 || ^8", - "mockery/mockery": "^1.3", + "mockery/mockery": "^1.3.3", "orchestra/testbench": "^4 || ^5 || ^6", "phpunit/phpunit": "^8.5 || ^9", - "spatie/phpunit-snapshot-assertions": "^1.4 || ^2.2 || ^3", + "spatie/phpunit-snapshot-assertions": "^1.4 || ^2.2 || ^3 || ^4", "vimeo/psalm": "^3.12" }, "type": "library", @@ -7544,7 +7554,7 @@ ], "support": { "issues": "https://github.com/barryvdh/laravel-ide-helper/issues", - "source": "https://github.com/barryvdh/laravel-ide-helper/tree/master" + "source": "https://github.com/barryvdh/laravel-ide-helper/tree/v2.8.2" }, "funding": [ { @@ -7552,7 +7562,7 @@ "type": "github" } ], - "time": "2020-09-07T07:36:37+00:00" + "time": "2020-12-06T08:55:05+00:00" }, { "name": "barryvdh/reflection-docblock", @@ -8108,16 +8118,16 @@ }, { "name": "facade/ignition", - "version": "2.5.2", + "version": "2.5.3", "source": { "type": "git", "url": "https://github.com/facade/ignition.git", - "reference": "08668034beb185fa2ac6f09b1034eaa440952ace" + "reference": "d8dc4f90ed469f9f9313b976fb078c20585d5c99" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/facade/ignition/zipball/08668034beb185fa2ac6f09b1034eaa440952ace", - "reference": "08668034beb185fa2ac6f09b1034eaa440952ace", + "url": "https://api.github.com/repos/facade/ignition/zipball/d8dc4f90ed469f9f9313b976fb078c20585d5c99", + "reference": "d8dc4f90ed469f9f9313b976fb078c20585d5c99", "shasum": "" }, "require": { @@ -8181,7 +8191,7 @@ "issues": "https://github.com/facade/ignition/issues", "source": "https://github.com/facade/ignition" }, - "time": "2020-11-17T09:18:51+00:00" + "time": "2020-12-09T20:25:45+00:00" }, { "name": "facade/ignition-contracts", @@ -8543,25 +8553,25 @@ }, { "name": "maximebf/debugbar", - "version": "v1.16.3", + "version": "v1.16.4", "source": { "type": "git", "url": "https://github.com/maximebf/php-debugbar.git", - "reference": "1a1605b8e9bacb34cc0c6278206d699772e1d372" + "reference": "c86c717e4bf3c6d98422da5c38bfa7b0f494b04c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/maximebf/php-debugbar/zipball/1a1605b8e9bacb34cc0c6278206d699772e1d372", - "reference": "1a1605b8e9bacb34cc0c6278206d699772e1d372", + "url": "https://api.github.com/repos/maximebf/php-debugbar/zipball/c86c717e4bf3c6d98422da5c38bfa7b0f494b04c", + "reference": "c86c717e4bf3c6d98422da5c38bfa7b0f494b04c", "shasum": "" }, "require": { - "php": "^7.1", + "php": "^7.1|^8", "psr/log": "^1.0", "symfony/var-dumper": "^2.6|^3|^4|^5" }, "require-dev": { - "phpunit/phpunit": "^5" + "phpunit/phpunit": "^7.5.20 || ^9.4.2" }, "suggest": { "kriswallsmith/assetic": "The best way to manage assets", @@ -8602,9 +8612,9 @@ ], "support": { "issues": "https://github.com/maximebf/php-debugbar/issues", - "source": "https://github.com/maximebf/php-debugbar/tree/v1.16.3" + "source": "https://github.com/maximebf/php-debugbar/tree/v1.16.4" }, - "time": "2020-05-06T07:06:27+00:00" + "time": "2020-12-07T10:48:48+00:00" }, { "name": "mockery/mockery", diff --git a/config/permission.php b/config/permission.php index 1f0c2b60..01bc271c 100644 --- a/config/permission.php +++ b/config/permission.php @@ -104,7 +104,7 @@ return [ * By default wildcard permission lookups are disabled. */ - 'enable_wildcard_permission' => false, + 'enable_wildcard_permission' => true, 'cache' => [ diff --git a/database/migrations/2020_12_07_120247_permission_data.php b/database/migrations/2020_12_07_120247_permission_data.php new file mode 100644 index 00000000..4a998582 --- /dev/null +++ b/database/migrations/2020_12_07_120247_permission_data.php @@ -0,0 +1,176 @@ +string('description')->after('name'); + }); + + Schema::table($tableNames['roles'], function (Blueprint $table) { + $table->string('description')->after('name'); + }); + + Artisan::call('cache:clear'); + app()[PermissionRegistrar::class]->forgetCachedPermissions(); + + $permissions = [ + ['name' => 'admin.aff.detail', 'description' => '【推广系统】提现申请详情', 'guard_name' => 'web'], + ['name' => 'admin.aff.index', 'description' => '【推广系统】提现管理列表', 'guard_name' => 'web'], + ['name' => 'admin.aff.rebate', 'description' => '【推广系统】返利流水记录', 'guard_name' => 'web'], + ['name' => 'admin.aff.setStatus', 'description' => '【推广系统】设置提现状态', 'guard_name' => 'web'], + ['name' => 'admin.article.create,store', 'description' => '【客服系统】新建文章', 'guard_name' => 'web'], + ['name' => 'admin.article.destroy', 'description' => '【客服系统】删除文章', 'guard_name' => 'web'], + ['name' => 'admin.article.edit,update', 'description' => '【客服系统】编辑文章', 'guard_name' => 'web'], + ['name' => 'admin.article.index,show', 'description' => '【客服系统】文章列表', 'guard_name' => 'web'], + ['name' => 'admin.config.*', 'description' => '【设置】通用配置', 'guard_name' => 'web'], + ['name' => 'admin.coupon.create,store', 'description' => '【商品系统】新建卡劵', 'guard_name' => 'web'], + ['name' => 'admin.coupon.destroy', 'description' => '【商品系统】删除卡劵', 'guard_name' => 'web'], + ['name' => 'admin.coupon.export', 'description' => '【商品系统】导出卡劵', 'guard_name' => 'web'], + ['name' => 'admin.coupon.index', 'description' => '【商品系统】卡劵列表', 'guard_name' => 'web'], + ['name' => 'admin.goods.create,store', 'description' => '【商品系统】新建商品', 'guard_name' => 'web'], + ['name' => 'admin.goods.destroy', 'description' => '【商品系统】删除商品', 'guard_name' => 'web'], + ['name' => 'admin.goods.edit,update', 'description' => '【商品系统】编辑商品', 'guard_name' => 'web'], + ['name' => 'admin.goods.index', 'description' => '【商品系统】商品列表', 'guard_name' => 'web'], + ['name' => 'admin.index', 'description' => '【管理中心】首页', 'guard_name' => 'web'], + ['name' => 'admin.invite.index', 'description' => '【推广系统】邀请列表', 'guard_name' => 'web'], + ['name' => 'admin.invite.create', 'description' => '【推广系统】生成邀请码', 'guard_name' => 'web'], + ['name' => 'admin.invite.export', 'description' => '【推广系统】导出邀请码', 'guard_name' => 'web'], + ['name' => 'admin.log.ban', 'description' => '【日志系统】封禁记录', 'guard_name' => 'web'], + ['name' => 'admin.log.credit', 'description' => '【日志系统】余额记录', 'guard_name' => 'web'], + ['name' => 'admin.log.flow', 'description' => '【日志系统】流量变动记录', 'guard_name' => 'web'], + ['name' => 'admin.log.ip', 'description' => '【日志系统】在线IP记录', 'guard_name' => 'web'], + ['name' => 'admin.log.notify', 'description' => '【日志系统】通知记录', 'guard_name' => 'web'], + ['name' => 'admin.log.online', 'description' => '【日志系统】在线监控', 'guard_name' => 'web'], + ['name' => 'admin.log.traffic', 'description' => '【日志系统】流量日志', 'guard_name' => 'web'], + ['name' => 'admin.log.viewer', 'description' => '【日志系统】运行日志', 'guard_name' => 'web'], + ['name' => 'admin.marketing.add', 'description' => '【客服系统】推送消息', 'guard_name' => 'web'], + ['name' => 'admin.marketing.email', 'description' => '【客服系统】邮件消息列表', 'guard_name' => 'web'], + ['name' => 'admin.marketing.push', 'description' => '【客服系统】推送消息列表', 'guard_name' => 'web'], + ['name' => 'admin.node.auth.destroy', 'description' => '【线路系统】删除授权', 'guard_name' => 'web'], + ['name' => 'admin.node.auth.index', 'description' => '【线路系统】授权列表', 'guard_name' => 'web'], + ['name' => 'admin.node.auth.store', 'description' => '【线路系统】新建授权', 'guard_name' => 'web'], + ['name' => 'admin.node.auth.update', 'description' => '【线路系统】编辑授权', 'guard_name' => 'web'], + ['name' => 'admin.node.cert.create,store', 'description' => '【线路系统】新建证书', 'guard_name' => 'web'], + ['name' => 'admin.node.cert.destroy', 'description' => '【线路系统】删除证书', 'guard_name' => 'web'], + ['name' => 'admin.node.cert.edit,update', 'description' => '【线路系统】编辑证书', 'guard_name' => 'web'], + ['name' => 'admin.node.cert.index', 'description' => '【线路系统】证书列表', 'guard_name' => 'web'], + ['name' => 'admin.node.check', 'description' => '【线路系统】阻断检测', 'guard_name' => 'web'], + ['name' => 'admin.node.create,store', 'description' => '【线路系统】新建线路', 'guard_name' => 'web'], + ['name' => 'admin.node.destroy', 'description' => '【线路系统】删除线路', 'guard_name' => 'web'], + ['name' => 'admin.node.edit,update', 'description' => '【线路系统】编辑线路', 'guard_name' => 'web'], + ['name' => 'admin.node.geo', 'description' => '【线路系统】更新地理', 'guard_name' => 'web'], + ['name' => 'admin.node.index', 'description' => '【线路系统】线路列表', 'guard_name' => 'web'], + ['name' => 'admin.node.monitor', 'description' => '【线路系统】流量监控', 'guard_name' => 'web'], + ['name' => 'admin.node.ping', 'description' => '【线路系统】测速', 'guard_name' => 'web'], + ['name' => 'admin.node.pingLog', 'description' => '【线路系统】测速日志', 'guard_name' => 'web'], + ['name' => 'admin.node.reload', 'description' => '【线路系统】重载', 'guard_name' => 'web'], + ['name' => 'admin.order', 'description' => '【商品系统】订单列表', 'guard_name' => 'web'], + ['name' => 'admin.payment.callback', 'description' => '【日志系统】回调列表', 'guard_name' => 'web'], + ['name' => 'admin.permission.create,store', 'description' => '【权限系统】新建权限', 'guard_name' => 'web'], + ['name' => 'admin.permission.destroy', 'description' => '【权限系统】删除权限', 'guard_name' => 'web'], + ['name' => 'admin.permission.edit,update', 'description' => '【权限系统】编辑权限', 'guard_name' => 'web'], + ['name' => 'admin.permission.index', 'description' => '【权限系统】权限列表', 'guard_name' => 'web'], + ['name' => 'admin.role.create,store', 'description' => '【权限系统】新建角色', 'guard_name' => 'web'], + ['name' => 'admin.role.destroy', 'description' => '【权限系统】删除角色', 'guard_name' => 'web'], + ['name' => 'admin.role.edit,update', 'description' => '【权限系统】编辑角色', 'guard_name' => 'web'], + ['name' => 'admin.role.index', 'description' => '【权限系统】角色列表', 'guard_name' => 'web'], + ['name' => 'admin.rule.clear', 'description' => '【审计规则】清除触发日志', 'guard_name' => 'web'], + ['name' => 'admin.rule.destroy', 'description' => '【审计规则】删除规则', 'guard_name' => 'web'], + ['name' => 'admin.rule.group.assign,editNode', 'description' => '【审计规则】分组关联线路', 'guard_name' => 'web'], + ['name' => 'admin.rule.group.create,store', 'description' => '【审计规则】新建分组', 'guard_name' => 'web'], + ['name' => 'admin.rule.group.destroy', 'description' => '【审计规则】删除分组', 'guard_name' => 'web'], + ['name' => 'admin.rule.group.edit,update', 'description' => '【审计规则】编辑分组', 'guard_name' => 'web'], + ['name' => 'admin.rule.group.index', 'description' => '【审计规则】分组列表', 'guard_name' => 'web'], + ['name' => 'admin.rule.index', 'description' => '【审计规则】规则列表', 'guard_name' => 'web'], + ['name' => 'admin.rule.log', 'description' => '【审计规则】触发日志', 'guard_name' => 'web'], + ['name' => 'admin.rule.store', 'description' => '【审计规则】新建规则', 'guard_name' => 'web'], + ['name' => 'admin.rule.update', 'description' => '【审计规则】编辑规则', 'guard_name' => 'web'], + ['name' => 'admin.subscribe.index', 'description' => '【用户系统】订阅列表', 'guard_name' => 'web'], + ['name' => 'admin.subscribe.log', 'description' => '【用户系统】订阅记录', 'guard_name' => 'web'], + ['name' => 'admin.subscribe.set', 'description' => '【用户系统】编辑订阅状态', 'guard_name' => 'web'], + ['name' => 'admin.system.index', 'description' => '【设置】查看系统设置', 'guard_name' => 'web'], + ['name' => 'admin.system.update,extend', 'description' => '【设置】编辑系统设置', 'guard_name' => 'web'], + ['name' => 'admin.test.*', 'description' => '【设置】通知,支付设置测试', 'guard_name' => 'web'], + ['name' => 'admin.ticket.destroy', 'description' => '【客服系统】删除工单', 'guard_name' => 'web'], + ['name' => 'admin.ticket.edit,update', 'description' => '【客服系统】回复工单', 'guard_name' => 'web'], + ['name' => 'admin.ticket.index', 'description' => '【客服系统】工单列表', 'guard_name' => 'web'], + ['name' => 'admin.ticket.store', 'description' => '【客服系统】新建工单', 'guard_name' => 'web'], + ['name' => 'admin.tools.*', 'description' => '【工具箱】', 'guard_name' => 'web'], + ['name' => 'admin.user.batch', 'description' => '【用户系统】生成用户', 'guard_name' => 'web'], + ['name' => 'admin.user.create,store', 'description' => '【用户系统】新建用户', 'guard_name' => 'web'], + ['name' => 'admin.user.destroy', 'description' => '【用户系统】删除用户', 'guard_name' => 'web'], + ['name' => 'admin.user.edit,update', 'description' => '【用户系统】编辑用户', 'guard_name' => 'web'], + ['name' => 'admin.user.export', 'description' => '【用户系统】配置信息', 'guard_name' => 'web'], + ['name' => 'admin.user.exportProxy', 'description' => '【用户系统】读取配置', 'guard_name' => 'web'], + ['name' => 'admin.user.group.create,store', 'description' => '【用户系统】新建分组', 'guard_name' => 'web'], + ['name' => 'admin.user.group.destroy', 'description' => '【用户系统】删除分组', 'guard_name' => 'web'], + ['name' => 'admin.user.group.edit,update', 'description' => '【用户系统】编辑分组', 'guard_name' => 'web'], + ['name' => 'admin.user.group.index', 'description' => '【用户系统】分组列表', 'guard_name' => 'web'], + ['name' => 'admin.user.index', 'description' => '【用户系统】用户列表', 'guard_name' => 'web'], + ['name' => 'admin.user.monitor', 'description' => '【用户系统】流量统计', 'guard_name' => 'web'], + ['name' => 'admin.user.online', 'description' => '【用户系统】在线巡查', 'guard_name' => 'web'], + ['name' => 'admin.user.reset', 'description' => '【用户系统】流量重置', 'guard_name' => 'web'], + ['name' => 'admin.user.switch', 'description' => '【用户系统】用户视角', 'guard_name' => 'web'], + ['name' => 'admin.user.updateCredit', 'description' => '【用户系统】编辑余额', 'guard_name' => 'web'], + ['name' => 'give roles', 'description' => '【用户系统】赋予角色权限', 'guard_name' => 'web'], + ]; + + Permission::insert($permissions); + Role::create(['name' => 'Super Admin', 'description' => '超级管理员']); + + foreach (User::whereIsAdmin(1)->get() as $admin) { + $admin->assignRole('Super Admin'); + } + + Schema::table('user', function (Blueprint $table) { + $table->dropColumn(['is_admin']); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + $tableNames = config('permission.table_names'); + Schema::table($tableNames['permissions'], function (Blueprint $table) { + $table->dropColumn('description'); + }); + + Schema::table($tableNames['roles'], function (Blueprint $table) { + $table->dropColumn('description'); + }); + + Artisan::call('cache:clear'); + app()[PermissionRegistrar::class]->forgetCachedPermissions(); + + Schema::table('user', function (Blueprint $table) { + $table->boolean('is_admin')->default(0)->comment('是否管理员:0-否、1-是')->after('group_id'); + }); + + foreach (User::role('Super Admin')->get() as $admin) { + $admin->is_admin = 1; + $admin->save(); + } + + Role::query()->delete(); + Permission::query()->delete(); + } +} diff --git a/resources/views/_layout.blade.php b/resources/views/_layout.blade.php new file mode 100644 index 00000000..1aba40a3 --- /dev/null +++ b/resources/views/_layout.blade.php @@ -0,0 +1,91 @@ + + + + + + + + + + + + + + + @yield('title') + + + + + + + + + + +@yield('layout_css') + + + + + + + + + + + +@yield('layout_content') + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +@yield('layout_javascript') + + diff --git a/resources/views/admin/aff/detail.blade.php b/resources/views/admin/aff/detail.blade.php index ef77f2f7..fb8fe6f7 100644 --- a/resources/views/admin/aff/detail.blade.php +++ b/resources/views/admin/aff/detail.blade.php @@ -41,9 +41,13 @@ {{$commission->id}} {{$commission->invitee->email ?? '【账号已删除】'}} - + @can('admin.order') + + {{$commission->order->goods->name}} + + @else {{$commission->order->goods->name}} - + @endcan ¥{{$commission->amount}} ¥{{$commission->commission}} diff --git a/resources/views/admin/aff/index.blade.php b/resources/views/admin/aff/index.blade.php index 477b2cb1..4fa7e8cc 100644 --- a/resources/views/admin/aff/index.blade.php +++ b/resources/views/admin/aff/index.blade.php @@ -48,9 +48,13 @@ @if(empty($apply->user)) 【账号已删除】 @else - + @can('admin.user.index') + + {{$apply->user->email}} + + @else {{$apply->user->email}} - + @endcan @endif ¥{{$apply->amount}} @@ -67,19 +71,25 @@ {{$apply->created_at == $apply->updated_at ? '' : $apply->updated_at}} -
- @if($apply->status === 0) - - 通过 - - 驳回 - @elseif($apply->status === 1) - - 已打款 - @endif - - -
+ @canany(['admin.aff.setStatus', 'admin.aff.detail']) +
+ @can('admin.aff.setStatus') + @if($apply->status === 0) + + 通过 + + 驳回 + @elseif($apply->status === 1) + + 已打款 + @endif + @endcan + @can('admin.aff.detail') + + + @endcan +
+ @endcanany @endforeach @@ -123,6 +133,7 @@ window.location.href = '{{route('admin.aff.index')}}?email=' + $('#email').val() + '&status=' + $('#status option:selected').val(); } + @can('admin.aff.setStatus') // 更改状态 function setStatus(id, status) { $.post('{{route('admin.aff.setStatus')}}', {_token: '{{csrf_token()}}', id: id, status: status}, function(ret) { @@ -133,5 +144,6 @@ } }); } + @endcan @endsection diff --git a/resources/views/admin/article/index.blade.php b/resources/views/admin/article/index.blade.php index 8e39a77b..679bba10 100644 --- a/resources/views/admin/article/index.blade.php +++ b/resources/views/admin/article/index.blade.php @@ -7,9 +7,11 @@

文章列表

-
- 添加文章 -
+ @can('admin.article.create') +
+ 添加文章 +
+ @endcan
@@ -39,17 +41,27 @@ @endif @endforeach @@ -74,32 +86,34 @@ @section('javascript') - + + @endcan @endsection diff --git a/resources/views/admin/config/config.blade.php b/resources/views/admin/config/config.blade.php index 90d6a005..3a293e1c 100644 --- a/resources/views/admin/config/config.blade.php +++ b/resources/views/admin/config/config.blade.php @@ -119,12 +119,14 @@ @if($obfs->is_default) 默认 @else - - +
+ + +
@endif @@ -279,6 +281,7 @@ + + +
未知 - {{Str::limit($article->title, 80)}} + @can('admin.article.show') + {{Str::limit($article->title, 80)}} + @else + {{Str::limit($article->title, 80)}} + @endcan {{$article->sort}} {{$article->created_at}} -
- - - -
+ @canany(['admin.article.edit', 'admin.article.destroy']) +
+ @can('admin.article.edit') + + + @endcan + @can('admin.article.destroy') + + @endcan +
+ @endcanany
@@ -31,9 +33,11 @@ @endforeach @@ -55,97 +59,102 @@ - @@ -134,6 +142,7 @@ $('#status').val(); } + @can('admin.coupon.export') // 批量导出卡券 function exportCoupon() { swal.fire({ @@ -149,7 +158,9 @@ } }); } + @endcan + @can('admin.coupon.destroy') // 删除卡券 function delCoupon(id, name) { swal.fire({ @@ -177,5 +188,6 @@ } }); } + @endcan @endsection diff --git a/resources/views/admin/index.blade.php b/resources/views/admin/index.blade.php index a62e71c9..7d98534b 100644 --- a/resources/views/admin/index.blade.php +++ b/resources/views/admin/index.blade.php @@ -5,270 +5,284 @@ @section('content')
-
- -
- - 总用户 -
- {{$totalUserCount}} - @if ($todayRegister) - + @can('admin.user.index') +
+ +
+ + 总用户 +
+ {{$totalUserCount}} + @if ($todayRegister) + {{$todayRegister}} - @endif + @endif +
-
- -
-
- -
- - 有效用户 -
- {{$enableUserCount}} + +
+
+ +
+ + 有效用户 +
+ {{$enableUserCount}} +
-
- -
-
- -
- - {{$expireDays}}日内活跃用户 -
- {{$activeUserCount}} + +
+
+ +
+ + {{$expireDays}}日内活跃用户 +
+ {{$activeUserCount}} +
-
- -
-
- -
- - {{$expireDays}}日以上不活跃用户 -
- {{$unActiveUserCount}} + +
+
+ +
+ + {{$expireDays}}日以上不活跃用户 +
+ {{$unActiveUserCount}} +
-
- -
-
- -
- - 当前在线 -
- {{$onlineUserCount}} + +
+
+ +
+ + 当前在线 +
+ {{$onlineUserCount}} +
-
- -
-
- -
- - 临近到期 -
- {{$expireWarningUserCount}} + +
+
+ +
+ + 临近到期 +
+ {{$expireWarningUserCount}} +
-
- -
-
- -
- - 流量大户(超过90%的用户) -
- {{$largeTrafficUserCount}} + +
+
+ +
+ + 流量大户(超过90%的用户) +
+ {{$largeTrafficUserCount}} +
-
- -
-
- -
- - 1小时内流量异常 -
- {{$flowAbnormalUserCount}} + +
+
+ +
+ + 1小时内流量异常 +
+ {{$flowAbnormalUserCount}} +
-
- -
-
- -
- - 节点 -
- {{$nodeCount}} + +
+ @endcan + @can('admin.node.index') +
+ +
+ + 节点 +
+ {{$nodeCount}} +
-
- -
-
- -
- - 维护中的节点 -
- {{$unnormalNodeCount}} + +
+
+ +
+ + 维护中的节点 +
+ {{$unnormalNodeCount}} +
-
- -
-
- -
- - 记录的消耗流量 -
- {{$totalFlowCount}} + +
+ @endcan + @can('admin.log.traffic') +
+ +
+ + 记录的消耗流量 +
+ {{$totalFlowCount}} +
-
- -
-
- -
- - 30日内消耗流量 -
- {{$flowCount}} - @if($todayFlowCount !== '0B') - + +
+
+ +
+ + 30日内消耗流量 +
+ {{$flowCount}} + @if($todayFlowCount !== '0B') + {{$todayFlowCount}} - @endif + @endif +
-
- -
-
- -
- - 总订单数 -
- {{$totalOrder}} - @if($todayOrder) - + +
+ @endcan + @can('admin.order') +
+ +
+ + 总订单数 +
+ {{$totalOrder}} + @if($todayOrder) + {{$todayOrder}} - @endif + @endif +
-
- -
-
- -
- - 在线支付订单数 -
- {{$totalOnlinePayOrder}} - @if($todayOnlinePayOrder) - + +
+
+ +
+ + 在线支付订单数 +
+ {{$totalOnlinePayOrder}} + @if($todayOnlinePayOrder) + {{$todayOnlinePayOrder}} - @endif + @endif +
-
- -
-
- -
- - 支付成功订单数 -
- {{$totalSuccessOrder}} - @if($todaySuccessOrder) - + +
+
+ +
+ + 支付成功订单数 +
+ {{$totalSuccessOrder}} + @if($todaySuccessOrder) + {{$todaySuccessOrder}} - @endif + @endif +
-
- -
-
-
-
- - 总余额 -
- {{$totalCredit}} + +
+ @endcan + @can('admin.log.credit') +
+
+
+ + 总余额 +
+ {{$totalCredit}} +
-
-
- -
- - 待提现佣金 -
- {{$totalWaitRefAmount}} - @if($todayWaitRefAmount) - + @endcan + @can('admin.aff.rebate') +
+ +
+ + 待提现佣金 +
+ {{$totalWaitRefAmount}} + @if($todayWaitRefAmount) + {{$todayWaitRefAmount}} - @endif + @endif +
-
- -
-
-
-
- - 已支出佣金 -
- {{$totalRefAmount}} + +
+ @endcan + @can('admin.aff.index') +
+
+
+ + 已支出佣金 +
+ {{$totalRefAmount}} +
-
+ @endcan
@endsection diff --git a/resources/views/admin/inviteList.blade.php b/resources/views/admin/inviteList.blade.php index b8a5d166..4fdcc6fc 100644 --- a/resources/views/admin/inviteList.blade.php +++ b/resources/views/admin/inviteList.blade.php @@ -12,9 +12,11 @@ {{trans('home.invite_code_make')}} - + @can('admin.invite.create') + + @endcan
@@ -24,9 +26,11 @@

{{trans('home.invite_code_my_codes')}}

-
- -
+ @can('admin.invite.export') +
+ +
+ @endcan
{{$vo->type==1? '黑':'白'}} {{$vo->words}} - + @can('admin.config.filter.destroy') + + @endcan
@if($coupon->status !== 1) - + @can('admin.coupon.destroy') + + @endcan @endif
@@ -84,61 +88,64 @@ @section('javascript') - + @endsection diff --git a/resources/views/admin/layouts.blade.php b/resources/views/admin/layouts.blade.php index bbdc23c6..d052e108 100644 --- a/resources/views/admin/layouts.blade.php +++ b/resources/views/admin/layouts.blade.php @@ -1,452 +1,490 @@ - - - - - - - - - {{sysConfig('website_name')}} - - - - - - - - - - - - - - - - - - - - - - - - +@extends('_layout') +@section('title', sysConfig('website_name')) +@section('layout_css') @yield('css') - - - - +
+
+
- + + + @endcanany + @canany(['admin.permission.index', 'admin.role.index']) +
  • + + + 权限系统 + + +
    • + @endcanany + @canany(['admin.ticket.index', 'admin.article.index', 'admin.marketing.push', 'admin.marketing.email']) +
  • + + + 客服系统 + @can('admin.ticket.index') + @php + $openTicket = App\Models\Ticket::whereStatus(0)->count() + @endphp + @if($openTicket > 0) +
    + {{$openTicket}} +
    + @endif + @endcan +     + +
    • + @endcanany + @canany(['admin.node.index', 'admin.node.auth.index', 'admin.node.cert.index', 'admin.node.pingLog']) +
  • + + + 线路系统 + + +
    • + @endcanany + @canany(['admin.rule.index', 'admin.rule.group.index', 'admin.rule.log']) +
  • + + + 审计规则 + + +
    • + @endcanany + @canany(['admin.goods.index', 'admin.coupon.index', 'admin.order']) +
  • + + + 商品系统 + + +
    • + @endcanany + @canany(['admin.invite.index', 'admin.aff.index', 'admin.aff.rebate']) +
  • + + + 推广系统 + @can('admin.aff.index') + @php + $openApply = App\Models\ReferralApply::whereStatus(0)->count() + @endphp + @if($openApply > 0) +
    + {{$openApply}} +
    + @endif + @endcan +     + +
    • + @endcanany + @canany(['admin.log.traffic', 'admin.log.flow', 'admin.log.ban', 'admin.log.ip', 'admin.log.online', 'admin.log.notify', 'admin.payment.callback']) +
  • + + + 日志系统 + + +
    • + @endcanany + @canany(['admin.tools.decompile', 'admin.tools.convert', 'admin.tools.import', 'admin.tools.analysis']) +
  • + + + 工具箱 + + +
    • + @endcanany + @canany(['admin.config.filter.index', 'admin.config', 'admin.system.index']) +
  • + + + 设置 + + +
    • + @endcanany
    - -
    -
    - +
    + + @yield('content')
    -
    -
    - - @yield('content') -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -@yield('javascript') - - + + + @yield('javascript') +@endsection \ No newline at end of file diff --git a/resources/views/admin/logs/callback.blade.php b/resources/views/admin/logs/callback.blade.php index 0b585c05..fd39c9d1 100644 --- a/resources/views/admin/logs/callback.blade.php +++ b/resources/views/admin/logs/callback.blade.php @@ -61,7 +61,11 @@
    diff --git a/resources/views/admin/logs/order.blade.php b/resources/views/admin/logs/order.blade.php index d99f0c4e..eca8db7a 100644 --- a/resources/views/admin/logs/order.blade.php +++ b/resources/views/admin/logs/order.blade.php @@ -107,7 +107,11 @@ @if(empty($order->user) ) 【账号不存在】 @else - {{$order->user->email}} + @can('admin.user.index') + {{$order->user->email}} + @else + {{$order->user->email}} + @endcan @endif diff --git a/resources/views/admin/logs/traffic.blade.php b/resources/views/admin/logs/traffic.blade.php index ec79c02b..80ffc45a 100644 --- a/resources/views/admin/logs/traffic.blade.php +++ b/resources/views/admin/logs/traffic.blade.php @@ -72,7 +72,11 @@ @if(empty($vo->user)) 【账号已删除】 @else - {{$vo->user->email}} + @can('admin.user.index') + {{$vo->user->email}} + @else + {{$vo->user->email}} + @endcan @endif diff --git a/resources/views/admin/logs/userBanHistory.blade.php b/resources/views/admin/logs/userBanHistory.blade.php index d992a826..d1c2d579 100644 --- a/resources/views/admin/logs/userBanHistory.blade.php +++ b/resources/views/admin/logs/userBanHistory.blade.php @@ -37,7 +37,11 @@
    {{$vo->type_label}} {{$vo->trade_no}} - {{$vo->out_trade_no}} + @can('admin.order') + {{$vo->out_trade_no}} + @else + {{$vo->out_trade_no}} + @endcan {{$vo->amount}}元 {!! $vo->trade_status_label !!} {{$order->order_sn}} {{$vo->node->name ?? '【节点已删除】'}} @if ($vo->user) - {{$vo->user->email}} + @can('admin.user.index') + {{$vo->user->email}} + @else + {{$vo->user->email}} + @endcan @else 【账号已删除】 @endif diff --git a/resources/views/admin/logs/userTraffic.blade.php b/resources/views/admin/logs/userTraffic.blade.php index 24c0d020..0b3672f4 100644 --- a/resources/views/admin/logs/userTraffic.blade.php +++ b/resources/views/admin/logs/userTraffic.blade.php @@ -44,7 +44,11 @@ @if ($vo->order_id) @if($vo->order) - {{$vo->order->goods->name}} + @can('admin.order') + + @else + {{$vo->order->goods->name}} + @endcan @else 【订单已删除】 @endif diff --git a/resources/views/admin/marketing/pushList.blade.php b/resources/views/admin/marketing/pushList.blade.php index 5023fd8f..6b51c575 100644 --- a/resources/views/admin/marketing/pushList.blade.php +++ b/resources/views/admin/marketing/pushList.blade.php @@ -9,9 +9,11 @@

    推送消息列表

    -
    - -
    + @can('admin.marketing.add') +
    + +
    + @endcan
    @@ -31,7 +33,7 @@ @@ -73,47 +75,49 @@ - -
    @@ -44,12 +46,16 @@ - - + @can('admin.node.auth.update') + + @endcan + @can('admin.node.auth.destroy') + + @endcan @@ -210,6 +216,7 @@ @endsection diff --git a/resources/views/admin/node/cert/index.blade.php b/resources/views/admin/node/cert/index.blade.php index 4689f91f..0e1f7e4f 100644 --- a/resources/views/admin/node/cert/index.blade.php +++ b/resources/views/admin/node/cert/index.blade.php @@ -7,11 +7,13 @@

    域名证书列表(V2Ray节点的伪装域名)

    -
    - - 添加域名证书 - -
    + @can('admin.node.cert.create') +
    + + 添加域名证书 + +
    + @endcan
    @@ -38,14 +40,20 @@ @endforeach @@ -70,34 +78,35 @@ @section('javascript') - - + + @endcan @endsection diff --git a/resources/views/admin/node/index.blade.php b/resources/views/admin/node/index.blade.php index 742fd230..f09e0e3b 100644 --- a/resources/views/admin/node/index.blade.php +++ b/resources/views/admin/node/index.blade.php @@ -16,12 +16,18 @@

    节点列表

    -
    - - 添加节点 -
    + @canany(['admin.node.geo', 'admin.node.create']) +
    + @can('admin.node.geo') + + @endcan + @can('admin.node.create') + 添加节点 + @endcan +
    + @endcan
    {{$vo->from}} {{$vo->to}} -
    - - - - -
    + @canany(['admin.node.cert.edit', 'admin.node.cert.destroy']) +
    + @can('admin.node.cert.edit') + + + + @endcan + @can('admin.node.cert.destroy') + + @endcan +
    + @endcanany
    @@ -75,38 +81,54 @@ @if(!$node->is_subscribe) @endif @endforeach @@ -133,142 +155,152 @@ @endsection diff --git a/resources/views/admin/permission/index.blade.php b/resources/views/admin/permission/index.blade.php new file mode 100644 index 00000000..53705603 --- /dev/null +++ b/resources/views/admin/permission/index.blade.php @@ -0,0 +1,102 @@ +@extends('admin.layouts') +@section('css') + +@endsection +@section('content') +
    +
    +
    +

    权限行为列表

    + @can('admin.permission.create') +
    + + 添加权限行为 + +
    + @endcan +
    +
    +
    -
    - - + @endcan
    + + + + + + + + + + @foreach ($permissions as $permission) + + + + + + + @endforeach + +
    # 名称 行为 操作
    {{$permission->id}}{{$permission->description}}{{$permission->name}} + @canany(['admin.permission.edit', 'admin.permission.destroy']) +
    + @can('admin.permission.edit') + + + @endcan + @can('admin.permission.destroy') + + @endcan +
    + @endcanany +
    +
    +
    +
    +
    + 共 {{$permissions->total()}} 条权限行为 +
    +
    + +
    +
    +
    +
    +
    +@endsection +@section('javascript') + + + @can('admin.permission.destroy') + + @endcan +@endsection \ No newline at end of file diff --git a/resources/views/admin/permission/info.blade.php b/resources/views/admin/permission/info.blade.php new file mode 100644 index 00000000..60d48627 --- /dev/null +++ b/resources/views/admin/permission/info.blade.php @@ -0,0 +1,54 @@ +@extends('admin.layouts') +@section('content') +
    +
    +
    +

    @isset($permission)编辑@else添加@endisset权限行为

    +
    + 返 回 +
    +
    + @if (Session::has('successMsg')) + + @endif + @if($errors->any()) + + @endif +
    +
    + @isset($permission)@method('PUT')@endisset + @csrf +
    + +
    + + 填写名称,例:【A系统】编辑A +
    +
    +
    + +
    + + 填写路由名称,例:admin.permission.create,update +
    +
    + +
    + +
    +
    +
    +
    +
    +@endsection +@section('javascript') + +@endsection \ No newline at end of file diff --git a/resources/views/admin/role/index.blade.php b/resources/views/admin/role/index.blade.php new file mode 100644 index 00000000..ce498223 --- /dev/null +++ b/resources/views/admin/role/index.blade.php @@ -0,0 +1,109 @@ +@extends('admin.layouts') +@section('css') + +@endsection +@section('content') +
    +
    +
    +

    权限角色列表

    + @can('admin.role.create') +
    + + 添加角色 + +
    + @endcan +
    +
    + + + + + + + + + + + @foreach ($roles as $role) + + + + + + + @endforeach + +
    # 名称 权限 操作
    {{$role->id}}{{$role->description}} + @if ($role->name === 'Super Admin') + 全部权限 + @else + @foreach($role->permissions()->pluck('description') as $description) + {{ $description }} + @endforeach + @endif + + @canany(['admin.role.edit', 'admin.role.destroy']) +
    + @can('admin.role.edit') + + + @endcan + @can('admin.role.destroy') + + @endcan +
    + @endcanany +
    +
    +
    +
    +
    + 共 {{$roles->total()}} 个权限角色 +
    +
    + +
    +
    +
    +
    +
    +@endsection +@section('javascript') + + + @can('admin.role.destroy') + + @endcan +@endsection \ No newline at end of file diff --git a/resources/views/admin/role/info.blade.php b/resources/views/admin/role/info.blade.php new file mode 100644 index 00000000..d0b7cb55 --- /dev/null +++ b/resources/views/admin/role/info.blade.php @@ -0,0 +1,125 @@ +@extends('admin.layouts') +@section('css') + + +@endsection +@section('content') +
    +
    +
    +

    @isset($role)编辑@else添加@endisset角色

    +
    + 返 回 +
    +
    + @if (Session::has('successMsg')) + + @endif + @if($errors->any()) + + @endif +
    +
    + @isset($role)@method('PUT')@endisset + @csrf +
    + +
    + + 名称,例如:管理员 +
    +
    +
    + +
    + + 名称,例如:Administrator +
    +
    +
    + +
    +
    + + +
    + +
    +
    +
    + +
    +
    +
    +
    +
    +@endsection +@section('javascript') + + + + +@endsection \ No newline at end of file diff --git a/resources/views/admin/rule/group/index.blade.php b/resources/views/admin/rule/group/index.blade.php index 6c7f1be9..e387265d 100644 --- a/resources/views/admin/rule/group/index.blade.php +++ b/resources/views/admin/rule/group/index.blade.php @@ -7,11 +7,13 @@

    规则分组

    -
    - - 添加分组 - -
    + @can('admin.rule.group.create') +
    + + 添加分组 + +
    + @endcan
    @@ -30,18 +32,26 @@ @endforeach @@ -66,33 +76,36 @@ @section('javascript') - + + @endcan @endsection + diff --git a/resources/views/admin/rule/index.blade.php b/resources/views/admin/rule/index.blade.php index b2549e14..24e222bc 100644 --- a/resources/views/admin/rule/index.blade.php +++ b/resources/views/admin/rule/index.blade.php @@ -8,11 +8,13 @@

    规则列表

    -
    - -
    + @can('admin.rule.store') +
    + +
    + @endcan
    @@ -51,10 +53,18 @@
    @endforeach @@ -76,54 +86,56 @@ - @endforeach @@ -121,8 +129,7 @@ @endsection @section('javascript') - + @endsection diff --git a/resources/views/admin/subscribe/index.blade.php b/resources/views/admin/subscribe/index.blade.php index 99eebeed..11308b80 100644 --- a/resources/views/admin/subscribe/index.blade.php +++ b/resources/views/admin/subscribe/index.blade.php @@ -51,21 +51,29 @@ @if(empty($subscribe->user)) 【账号已删除】 @else - {{$subscribe->user->email}} + @can('admin.user.index') + {{$subscribe->user->email}} + @else + {{$subscribe->user->email}} + @endcan @endif @endforeach @@ -109,6 +117,7 @@ $('#status option:selected').val(); } + @can('admin.subscribe.set') // 启用禁用用户的订阅 function setSubscribeStatus(url) { $.post(url, {_token: '{{csrf_token()}}'}, function(ret) { @@ -123,5 +132,6 @@ } }); } + @endcan @endsection diff --git a/resources/views/admin/ticket/index.blade.php b/resources/views/admin/ticket/index.blade.php index 2c4ebb51..918bca74 100644 --- a/resources/views/admin/ticket/index.blade.php +++ b/resources/views/admin/ticket/index.blade.php @@ -7,13 +7,15 @@

    工单列表

    -
    - -
    + +
    + @endcan
    @@ -43,7 +45,11 @@ @if(!$ticket->user) 【账号已删除】 @else - {{$ticket->user->email}} + @can('admin.user.index') + {{$ticket->user->email}} + @else + {{$ticket->user->email}} + @endcan @endif @@ -54,15 +60,17 @@ {!!$ticket->status_label!!}
    @endforeach @@ -84,40 +92,42 @@ - @endforeach @@ -72,45 +78,46 @@ - - + @can('admin.user.exportProxy') + + @endcan @endsection diff --git a/resources/views/admin/user/group/index.blade.php b/resources/views/admin/user/group/index.blade.php index 317c2f18..436de832 100644 --- a/resources/views/admin/user/group/index.blade.php +++ b/resources/views/admin/user/group/index.blade.php @@ -7,11 +7,13 @@

    用户分组控制(同一节点可分配至多个分组,一个用户只能属于一个分组;对于用户可见/可用节点:先按分组后按等级)

    -
    - - 添加分组 - -
    + @can('admin.user.group.create') +
    + + 添加分组 + +
    + @endcan
    {{$ruleGroup->name}} {!! $ruleGroup->type_label !!} -
    - - 分配节点 - - - 编辑 - - -
    + @canany(['admin.rule.group.editNode', 'admin.rule.group.edit', 'admin.rule.group.destroy']) +
    + @can('admin.rule.group.editNode') + + 分配节点 + + @endcan + @can('admin.rule.group.edit') + + 编辑 + + @endcan + @can('admin.rule.group.destroy') + + @endcan +
    + @endcanany
    - - + @canany(['admin.rule.update', 'admin.rule.destroy']) +
    + @can('admin.rule.update') + + @endcan + @can('admin.rule.destroy') + + @endcan +
    + @endcanany
    -
    - - - - -
    + @canany(['admin.goods.edit', 'admin.goods.destroy']) +
    + @can('admin.goods.edit') + + + + @endcan + @can('admin.goods.destroy') + + @endcan +
    + @endcanany
    {{$subscribe->code}} - {{$subscribe->times}} + @can('admin.subscribe.log') + {{$subscribe->times}} + @endcan {{$subscribe->updated_at}} {{$subscribe->ban_time ? date('Y-m-d H:i', $subscribe->ban_time): ''}} {{$subscribe->ban_desc}} - + @can('admin.subscribe.set') + + @endcan
    - - - @if($ticket->status === 2) - {{trans('home.ticket_table_view')}} - @else - {{trans('home.ticket_open')}} - @endif - - + @can('admin.ticket.edit') + + + @if($ticket->status === 2) + {{trans('home.ticket_table_view')}} + @else + {{trans('home.ticket_open')}} + @endif + + + @endcan
    {{$loop->iteration}} - {{$node->name}} + @can('admin.node.edit') + {{$node->name}} + @else + {{$node->name}} + @endcan @if($node->compatible) @endif @@ -36,17 +40,19 @@ {{$node->server}} {{$node->ip}} -
    - - - -
    + @can('admin.user.exportProxy') +
    + + + +
    + @endcan
    @@ -28,14 +30,20 @@ @endforeach @@ -61,33 +69,35 @@ - + + @endcan @endsection diff --git a/resources/views/admin/user/group/info.blade.php b/resources/views/admin/user/group/info.blade.php index d4629f77..01dc9c73 100644 --- a/resources/views/admin/user/group/info.blade.php +++ b/resources/views/admin/user/group/info.blade.php @@ -6,7 +6,7 @@
    -

    @isset($userGroup)编辑@else添加@endisset用戶分组

    +

    @isset($group)编辑@else添加@endisset用戶分组

    返 回
    @@ -18,10 +18,9 @@ @endif
    -
    - @isset($userGroup)@method('PUT')@endisset + + @isset($group)@method('PUT')@endisset @csrf
    @@ -37,8 +36,8 @@
    @@ -56,10 +55,10 @@ diff --git a/resources/views/admin/user/index.blade.php b/resources/views/admin/user/index.blade.php index 436bbdf4..a729f0e2 100644 --- a/resources/views/admin/user/index.blade.php +++ b/resources/views/admin/user/index.blade.php @@ -14,14 +14,20 @@

    用户列表

    -
    - - - 添加用户 - -
    + @canany(['admin.user.batch', 'admin.user.create']) +
    + @can('admin.user.batch') + + @endcan + @can('admin.user.create') + + 添加用户 + + @endcan +
    + @endcanany
    @@ -140,34 +146,50 @@
    @endforeach @@ -202,6 +224,22 @@ $('#enable').val({{Request::input('enable')}}); }); + //回车检测 + $(document).on('keypress', 'input', function(e) { + if (e.which === 13) { + Search(); + return false; + } + }); + + // 搜索 + function Search() { + window.location.href = '{{route('admin.user.index')}}' + '?id=' + $('#id').val() + '&email=' + $('#email').val() + '&wechat=' + + $('#wechat').val() + '&qq=' + $('#qq').val() + '&port=' + $('#port').val() + '&group=' + $('#group option:selected').val() + '&level=' + + $('#level option:selected').val() + '&status=' + $('#status option:selected').val() + '&enable=' + $('#enable option:selected').val(); + } + + @can('admin.user.batch') // 批量生成账号 function batchAddUsers() { swal.fire({ @@ -225,22 +263,9 @@ } }); } + @endcan - //回车检测 - $(document).on('keypress', 'input', function(e) { - if (e.which === 13) { - Search(); - return false; - } - }); - - // 搜索 - function Search() { - window.location.href = '{{route('admin.user.index')}}' + '?id=' + $('#id').val() + '&email=' + $('#email').val() + '&wechat=' + - $('#wechat').val() + '&qq=' + $('#qq').val() + '&port=' + $('#port').val() + '&group=' + $('#group option:selected').val() + '&level=' - + $('#level option:selected').val() + '&status=' + $('#status option:selected').val() + '&enable=' + $('#enable option:selected').val(); - } - + @can('admin.user.destroy') // 删除账号 function delUser(url, email) { swal.fire({ @@ -268,7 +293,9 @@ } }); } + @endcan + @can('admin.user.reset') // 重置流量 function resetTraffic(id, email) { swal.fire({ @@ -290,17 +317,20 @@ } }); } + @endcan + @can('admin.user.switch') // 切换用户身份 function switchToUser(id) { $.post('{{route('admin.user.switch')}}', {_token: '{{csrf_token()}}', user_id: id}, function(ret) { if (ret.status === 'success') { - swal.fire({title: ret.message, icon: 'success', timer: 1000, showConfirmButton: false}).then(() => window.location.reload()); + swal.fire({title: ret.message, icon: 'success', timer: 1000, showConfirmButton: false}).then(() => window.location.href = '/'); } else { swal.fire({title: ret.message, icon: 'error'}).then(() => window.location.reload()); } }); } + @endcan const clipboard = new ClipboardJS('.copySubscribeLink'); clipboard.on('success', function() { diff --git a/resources/views/admin/user/info.blade.php b/resources/views/admin/user/info.blade.php index 0fcee897..1184fe43 100644 --- a/resources/views/admin/user/info.blade.php +++ b/resources/views/admin/user/info.blade.php @@ -9,9 +9,11 @@

    @isset($user) 编辑用户 @else 添加用户 @endisset

    @isset($user) -
    - -
    + @can('admin.user.switch') +
    + +
    + @endcan @endisset
    @@ -42,7 +44,7 @@
    @@ -53,7 +55,7 @@
    @@ -65,12 +67,11 @@

    {{$user->credit}}

    - - - + @can('admin.user.updateCredit') +
    + +
    + @endcan
    @@ -135,27 +136,16 @@
    - @isset($user) -
    - -
    -
      -
    • -
      - - -
      -
      • -
    • -
      - - -
      -
      • -
    -
    +
    + +
    +
    - @endisset +
    @@ -203,11 +193,11 @@
    - +
    - +
    V2Ray的账户ID
    @@ -297,6 +287,7 @@
    + 返 回
    @@ -305,31 +296,33 @@ @isset($user) - -
    {{$vo->id}} {{$vo->name}} -
    - - - - -
    + @canany(['admin.user.group.edit', 'admin.user.group.destroy']) +
    + @can('admin.user.group.edit') + + + + @endcan + @can('admin.user.group.destroy') + + @endcan +
    + @endcanany
    -
    - - + @endcanany