privileges)) { return []; } $privileges = json_decode($role->privileges, true); if (!is_array($privileges)) { return []; } // 转换为权限数组格式: controller.action $permissions = []; foreach ($privileges as $controller => $actions) { if (is_array($actions)) { foreach ($actions as $action) { $permissions[] = strtolower($controller . '.' . $action); } } } return $permissions; } /** * 检查是否超级管理员 */ private static function isSuperAdmin(int $roleId): bool { $superAdminIds = Config::get('menu.super_admin_role_ids', []); return in_array($roleId, $superAdminIds); } /** * 从菜单配置中提取所有权限 */ public static function getAllPermissions(): array { $permissions = []; $menus = Config::get('menu.menus', []); self::extractPermissions($menus, $permissions); return $permissions; } /** * 递归提取权限 */ private static function extractPermissions(array $menus, array &$permissions): void { foreach ($menus as $menu) { if (!empty($menu['controller']) && !empty($menu['actions'])) { $controller = $menu['controller']; if (!isset($permissions[$controller])) { $permissions[$controller] = [ 'name' => $menu['title'], 'actions' => [] ]; } foreach ($menu['actions'] as $action => $desc) { $permissions[$controller]['actions'][$action] = $desc; } } if (!empty($menu['children'])) { self::extractPermissions($menu['children'], $permissions); } } } /** * 检查用户权限 */ public static function checkPermission(int $userId, string $controller, string $action): bool { $roleId = getUserRoleId($userId); if (!$roleId) { return false; } // 超级管理员拥有所有权限 if (self::isSuperAdmin($roleId)) { return true; } // 获取用户权限 $permissions = self::getUserPermissions($roleId); $permission = strtolower($controller . '.' . $action); return in_array($permission, $permissions); } /** * 获取权限组配置 */ public static function getPermissionGroups(): array { return Config::get('menu.permission_groups', []); } /** * 根据权限组获取权限 */ public static function getPermissionsByGroup(string $groupName): array { $groups = self::getPermissionGroups(); return $groups[$groupName]['permissions'] ?? []; } }