qingyaokeji
/
workHour


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196
							<?php

namespace App\Service;

use App\Model\Depart;
use App\Model\Employee;
use App\Model\EmployeeDepartPermission;
use App\Model\EmployeeRole;
use App\Model\RoleMenu;
use App\Model\RoleMenuButton;
use App\Model\SysMenu;
use Illuminate\Support\Facades\Hash;

class LoginService extends Service
{
    public function login($data){
        if(empty($data['account'])) return [false, '账号不能为空'];
        if(empty($data['password'])) return [false, '密码不能为空'];

        $account = $data['account'];
        $password = $data['password'];
        $employee = Employee::where('del_time',0)
            ->where('account', $account)
            ->first();
        if(empty($employee)) return [false,'账号不存在或已被删除'];
        $employee = $employee->toArray();

        if(! Hash::check($password, $employee['password'])) return [false,'密码错误'];
        if($employee['is_admin'] == Employee::IS_ADMIN_ZERO || $employee['is_admin'] == Employee::IS_ADMIN_THREE) return [false, '账号限制登录'];

        //生成token
        list($status, $jwtToken) = TokenService::getToken($employee);
        if(! $status) return [false, $jwtToken];

        return [true, [
            'token' => $jwtToken,
            'employee_id' => $employee['id'],
            'title' => $employee['title'],
        ]];
    }

    public function clogin($data){
        if(empty($data['account'])) return [false, '账号不能为空'];
        if(empty($data['password'])) return [false, '密码不能为空'];

        $account = $data['account'];
        $password = $data['password'];
        $employee = Employee::where('del_time',0)
            ->where('account', $account)
            ->first();
        if(empty($employee)) return [false,'账号不存在或已被删除'];
        $employee = $employee->toArray();

        if(! Hash::check($password, $employee['password'])) return [false,'密码错误'];
        if($employee['is_admin'] != Employee::IS_ADMIN_THREE) return [false, '账号限制登录'];

        //生成token
        list($status, $jwtToken) = TokenService::getToken($employee);
        if(! $status) return [false, $jwtToken];

        return [true, [
            'token' => $jwtToken,
            'employee_id' => $employee['id'],
            'title' => $employee['title'],
        ]];
    }

    public static function checkUser($employee){
        if(empty($employee['employee_id'])) return [false, 'token错误'];
        if(! isset($employee['p_version'])) return [false, 'token错误'];
        $result = Employee::where('id', $employee['employee_id'])
            ->where('del_time',0)
            ->first();
        if(empty($result)) return [false, '账号不存在或已被删除'];
        $result = $result->toArray();
        if($result['is_admin'] == Employee::IS_ADMIN_ZERO || $result['is_admin'] == Employee::IS_ADMIN_THREE) return [false, '账号限制登录'];
        if($result['p_version'] != $employee['p_version']) return [false, '请重新登录'];

        return [true, $result];
    }

    public static function checkCompany($employee){
        $top_depart_id = $employee['top_depart_id'];
        if(empty($top_depart_id)) return [false, '公司信息不存在'];

        return [true, ''];
    }

    public static function checkRoute($employee, $request){
        $currentRouteName = $request->route()->getName();

        //没有取别名的路由需要校验
        if(! empty($currentRouteName)){
            if($currentRouteName == "only.admin"){
                return [false, '无接口'. $currentRouteName . '访问权限'];
            }else{
                //角色中所有的按钮
                $role_id = $employee['role_ids'];
                $bool = RoleMenuButton::from('role_menu_button as a')
                    ->join('sys_menu_button as b', 'b.id', '=', 'a.button_id')
                    ->whereIn('a.role_id', $role_id)
                    ->where('b.func',$currentRouteName)
                    ->where('a.del_time', 0)
                    ->where('b.del_time', 0)
                    ->exists();
                if(! $bool) return [false, '无接口'. $currentRouteName . '访问权限'];
            }
        }

        return [true, ''];
    }

    public static function getPersonDepart($employee_id) {
        // 1. 初始化返回结构
        $result = [
            'top_depart_id' => 0,
            'top_depart_code' => "",
            'depart_id' => [],
        ];

        // 2. 基础校验
        if (empty($employee_id) ) return $result;

        $depart = EmployeeDepartPermission::from('employee_depart_permission as a')
            ->join('depart as c', 'c.id', '=', 'a.top_depart_id') // 公司必须存在
            ->leftJoin('depart as b', 'b.id', '=', 'a.depart_id') // 部门可能为0
            ->where('a.employee_id', $employee_id)
            ->where('c.is_use', Depart::IS_UES) // 公司必须启用
            ->select('a.depart_id', 'b.is_use as dept_use','a.top_depart_id','c.code as top_depart_code')
            ->get()->toArray();

        foreach ($depart as $value){
            if($value['depart_id'] && $value['dept_use'] && ! in_array($value['depart_id'], $result['depart_id'])) $result['depart_id'][] = $value['depart_id'];
            if($value['top_depart_id'] && ! $result['top_depart_id']) $result['top_depart_id'] = $value['top_depart_id'];
            if($value['top_depart_code'] && ! $result['top_depart_code']) $result['top_depart_code'] = $value['top_depart_code'];
        }

        return $result;
    }

    public static function getPersonRoleAndPermissions($employee) {
        // 1. 初始化返回结构
        $result = [
            'role_ids'    => [],
            'menu_permissions' => []
        ];

        // 2. 是管理员账户
        if ($employee['is_admin'] == Employee::IS_ADMIN_TWO) {
            return $result;
        }

        $role_ids = EmployeeRole::from('employee_role as a')
            ->join('role as b', 'b.id', '=', 'a.role_id')
            ->where('a.del_time', 0)
            ->where('b.top_depart_id', $employee['top_depart_id'])
            ->where('a.employee_id', $employee['id'])
            ->pluck('a.role_id')
            ->unique()
            ->sort()
            ->values()
            ->toArray();

        if (empty($role_ids)) return $result;
        $result['role_ids'] = $role_ids;

        // 4. 获取合法的系统菜单 ID (用于过滤)
        $valid_menu_ids = SysMenu::where('del_time', 0)
            ->where('is_authority', '>', 0)
            ->pluck('id')
            ->toArray();

        // 5. 获取并合并菜单权限
        $role_menus = RoleMenu::where('del_time', 0)
            ->whereIn('role_id', $role_ids)
            ->select('menu_id', 'type')
            ->get();

        $permissions = [];
        foreach ($role_menus as $item) {
            // 过滤不在系统权限菜单内的记录
            if (!in_array($item->menu_id, $valid_menu_ids)) {
                continue;
            }

            // 取相同 menu_id 下最大的 type
            if (!isset($permissions[$item->menu_id]) || $permissions[$item->menu_id] < $item->type) {
                $permissions[$item->menu_id] = $item->type;
            }
        }

        $result['menu_permissions'] = $permissions;

        return $result;
    }
}