精度问题

app/Http/Middleware/CheckLogin.php

@@ -16,6 +16,7 @@ class CheckLogin
 
         $tree_type = $request->header('TreeType');
         if (! isset(SysMenu::tree[$tree_type])) return response()->json(['code' => 1,'msg' => '缺少参数或参数错误','data' => null]);
+        $title = SysMenu::tree[$tree_type];
 
         //校验token
         list($bool, $return) = TokenService::verifyToken($token);
@@ -24,6 +25,10 @@ class CheckLogin
         //人员在jwt里的信息
         $e_array = $return;
 
+        //校验是否越权拿菜单数据
+        $bool = LoginService::hasPersonRoleForSysMenuList($e_array['employee_id'], $tree_type);
+        if(! $bool) return response()->json(['code' => 1,'msg' => '无系统' . $title . '权限','data' => null]);
+
         //校验人员
         $checkResult = LoginService::checkUser($e_array);
         list($state, $msg) = $checkResult;

app/Service/LoginService.php

@@ -93,6 +93,23 @@ class LoginService extends Service
         return array_values($sysMenu);
     }
 
+    public static function hasPersonRoleForSysMenuList($employee_id, $tree_type) {
+        $sysMenu = SysMenu::where('del_time',0)
+            ->where('type', SysMenu::type_zero)
+            ->where('parent_id', 0)
+            ->where('tree_type', $tree_type)
+            ->pluck('id')
+            ->toArray();
+
+        return EmployeeRole::from('employee_role as a')
+            ->join('role_menu as b', 'b.role_id', '=', 'a.role_id')
+            ->where('a.del_time', 0)
+            ->where('b.del_time', 0)
+            ->where('b.menu_id', $sysMenu)
+            ->where('a.employee_id',$employee_id)
+            ->exists();
+    }
+
     public static function checkUser($employee){
         if(empty($employee['employee_id'])) return [false, 'token错误'];
         if(! isset($employee['p_version'])) return [false, 'token错误'];