From 84c529aa027502927c4e407d0c1385fc2864909c Mon Sep 17 00:00:00 2001
From: wanghongjun <1445693971@qq.com>
Date: Tue, 12 May 2026 10:19:17 +0800
Subject: [PATCH] =?UTF-8?q?=E7=94=A8=E6=88=B7=E8=8F=9C=E5=8D=95=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=A3=E8=AF=B7=E6=B1=82=E6=9D=83=E9=99=905?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Http/Middleware/CheckPermission.php | 28 +++++++++++++++++--------
 1 file changed, 19 insertions(+), 9 deletions(-)

diff --git a/app/Http/Middleware/CheckPermission.php b/app/Http/Middleware/CheckPermission.php
index 0fd1071..8924571 100644
--- a/app/Http/Middleware/CheckPermission.php
+++ b/app/Http/Middleware/CheckPermission.php
@@ -22,15 +22,16 @@ class CheckPermission
     {
         if (Auth::guard('sanctum')->check()) {
             $action = $request->route()->getCompiled()->getStaticPrefix();
+            $method = $request->route()->getActionMethod();
             $user = Auth::guard('sanctum')->user();
             $user_id = $user->id;
-//            $uriArr = AdminMenuService::auth($user_id);
-//            if ($this->passedOrNot($action, $uriArr)) {
-//                return (new ApiResponseService())->error(
-//                    __('middleware.check.user_auth'),
-//                    400
-//                );
-//            }
+            $uriArr = AdminMenuService::auth($user_id);
+            if ($this->passedOrNot($action, $uriArr, $method)) {
+                return (new ApiResponseService())->error(
+                    __('middleware.check.user_auth'),
+                    400
+                );
+            }
         }
         return $next($request);
     }
@@ -38,9 +39,10 @@ class CheckPermission
     /**
      * @param $action
      * @param $uriArr
+     * @param $targetMethod
      * @return bool
      */
-    protected function passedOrNot($action, $uriArr): bool
+    protected function passedOrNot($action, $uriArr, $targetMethod): bool
     {
         $search = '/api/admin/';
         $action = str_replace($search, '', $action);
@@ -54,13 +56,21 @@ class CheckPermission
         $method = $actionArr[1] ?? '';
         $newAction = $actionArr[0] ?? '';
 
+        // 短写法接口
+        if (empty($method)) {
+            $targetAction = $newAction . '.' . $targetMethod;
+            if (in_array($targetAction, $uriArr)) {
+                return false;
+            }
+        }
+
         // 特殊
         if (in_array($newAction, ['logout', 'me', 'menu'])) {
             return false;
         }
 
         // 特殊
-        if (in_array($method, ['rule', 'import', 'search'])) {
+        if (in_array($method, ['rule', 'uploadImage', 'search'])) {
             return false;
         }