From e6058fbdc7c06472de166b14dc7b6a2792009298 Mon Sep 17 00:00:00 2001
From: panliang <1163816051@qq.com>
Date: Fri, 12 Apr 2024 12:26:45 +0800
Subject: [PATCH] api Employee::UserRole

---
 app/Http/Middleware/CheckUserRole.php | 9 +++++++--
 app/Models/Employee.php               | 9 +++++----
 routes/api.php                        | 2 +-
 3 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/app/Http/Middleware/CheckUserRole.php b/app/Http/Middleware/CheckUserRole.php
index 50d535c..8caaca9 100644
--- a/app/Http/Middleware/CheckUserRole.php
+++ b/app/Http/Middleware/CheckUserRole.php
@@ -5,6 +5,7 @@ namespace App\Http\Middleware;
 use Closure;
 use Illuminate\Http\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Illuminate\Support\Arr;
 
 class CheckUserRole
 {
@@ -17,8 +18,12 @@ class CheckUserRole
     {
         $user = auth('api')->user();
         $currentRole = $user->userRole();
-        if (!in_array($currentRole, $roles)) {
-            throw new \App\Exceptions\RuntimeException('没有权限');
+        // dd($currentRole, $roles);
+        foreach ($currentRole as $role) {
+            $roleValue = $role->value;
+            if (!in_array($roleValue, $roles)) {
+                throw new \App\Exceptions\RuntimeException('没有权限');
+            }
         }
         return $next($request);
     }
diff --git a/app/Models/Employee.php b/app/Models/Employee.php
index ee06ca9..b631691 100644
--- a/app/Models/Employee.php
+++ b/app/Models/Employee.php
@@ -99,14 +99,15 @@ class Employee extends Model implements AuthenticatableContract
     /**
      * 用户身份
      * user: 普通员工, store: 店长, admin: 管理员
+     * @return array
      */
     public function userRole()
     {
-        $role = UserRole::User;
+        $role = [
+            $this->store_id && $this->store->master_id == $this->id ? UserRole::Store : UserRole::User
+        ];
         if ($this->isAdministrator()) {
-            $role = UserRole::Admin;
-        } else if ($this->store_id && $this->store->master_id == $this->id) {
-            $role = UserRole::Store;
+            array_push($role, UserRole::Admin);
         }
         return $role;
     }
diff --git a/routes/api.php b/routes/api.php
index 8db7e55..573c1d0 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -30,5 +30,5 @@ Route::group([
     Route::post('feedback', [FeedbackController::class, 'store']);
 
     // 员工管理
-    Route::get('hr/employee', [\App\Http\Controllers\Api\Hr\EmployeeController::class, 'index'])->middleware(['user_role:store,admin']);
+    Route::get('hr/employee', [\App\Http\Controllers\Api\Hr\EmployeeController::class, 'index'])->middleware(['user_role:admin,store']);
 });