zoukankan      html  css  js  c++  java
  • 全栈微信小程序商城 学习笔记10.1 对更新收货地址接口做权限控制

    相关知识

    tp5控制器前置操作

    准备工作

    模拟枚举类

    applicationlibenumScopeEnum

    class ScopeEnum
    {
        const User = 16;
        // 是给CMS(管理员)准备的权限
        const Super = 32;
    }
    

    applicationapiserviceUserToken.php

    -$cachedValue['scope'] = 16;
    +$cachedValue['scope'] = ScopeEnum::User;
    

    异常处理

    applicationlibexceptionForbiddenException

    <?php
    
    namespace applibexception;
    
    /**
     * token验证失败时抛出此异常 
     */
    class ForbiddenException extends BaseException
    {
        public $code = 403;
        public $msg = '权限不够';
        public $errorCode = 10001;
    }
    

    Address控制器

    applicationapicontrollerv1Address.php

    class Address extends BaseController
    {
        protected $beforeActionList = [
            'checkPrimaryScope' => ['only' => 'createOrUpdateAddress']
        ]
    }
    

    BaseController控制器

    applicationapicontrollerv1BaseController.php

    class BaseController extends Controller
    {
    
        protected function checkPrimaryScope()
        {
            TokenService::needPrimaryScope();
        }
        protected function checkExclusiveScope()
        {
            TokenService::needExclusiveScope();
        }
     
    

    Token服务层

    applicationapiserviceToken.php

    class Token
    {
        // 用户和CMS管理员都能访问的接口权限
        public static function needExclusiveScope()
        {
            $scope = self::getCurrentTokenVar('scope');
            if ($scope) {
                if ($scope >= ScopeEnum::User){
                    return true;
                } else {
                    throw new ForbiddenException();
                }
            } else {
                throw new TokenException();
            }
        }
        // 只有用户才能访问的接口权限
        public static function needPrimaryScope()
        {
            $scope = self::getCurrentTokenVar('scope');
            if ($scope){
                if ($scope == ScopeEnum::User){
                    return true;
                } else {
                    throw new ForbiddenException();
                }
            } else {
                throw new TokenException();
            }
        } 
    }
    
  • 相关阅读:
    ConfigurableApplicationContext
    JCA-Java加密框架
    Resource通配符路径 ——跟我学spring3
    Spring学习总结(四)——表达式语言 Spring Expression Language
    Spring讲解-----------表达式语言
    java多线程详解(5)-Threadlocal用法
    ThreadLocal 详解
    MessageFormat
    WPF中的导航框架(一)——概述
    在WPF中实现玻璃模糊效果
  • 原文地址:https://www.cnblogs.com/Qyhg/p/15215524.html
Copyright © 2011-2022 走看看