From 8b7c6ed2cc6581ecf5e42a3299e556bb5a4f8ba5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=AD=99=E5=BB=BA=E5=8D=8E?= <cumtsjh@163.com>
Date: Sat, 11 Sep 2021 16:56:36 +0800
Subject: [PATCH] fix: Authorization bug

---
 app/Http/Middleware/Admin/Authorization.php | 19 +++---
 tests/Feature/Admin/AuthorizationTest.php   | 70 +++++++++++++++++++++
 2 files changed, 79 insertions(+), 10 deletions(-)
 create mode 100644 tests/Feature/Admin/AuthorizationTest.php

diff --git a/app/Http/Middleware/Admin/Authorization.php b/app/Http/Middleware/Admin/Authorization.php
index c125540..419aa77 100644
--- a/app/Http/Middleware/Admin/Authorization.php
+++ b/app/Http/Middleware/Admin/Authorization.php
@@ -32,17 +32,16 @@ public function handle($request, Closure $next, $guard)
         }
 
         $routeParams = $route->parameters();
-        if (empty($routeParams)) {
-            return $next($request);
-        }
-        foreach ($routeParams as $k => $v) {
-            $val = "{$k}:{$v}";
-            break;
-        }
+        if (!empty($routeParams)) {
+            foreach ($routeParams as $k => $v) {
+                $val = "{$k}:{$v}";
+                break;
+            }
 
-        $permission = Menu::where('route', $routeName)->where('route_params', $val)->first();
-        if ($permission && $user->can($permission->name)) {
-            return $next($request);
+            $permission = Menu::where('route', $routeName)->where('route_params', $val)->first();
+            if ($permission && $user->can($permission->name)) {
+                return $next($request);
+            }
         }
 
         if ($request->expectsJson()) {
diff --git a/tests/Feature/Admin/AuthorizationTest.php b/tests/Feature/Admin/AuthorizationTest.php
new file mode 100644
index 0000000..400d527
--- /dev/null
+++ b/tests/Feature/Admin/AuthorizationTest.php
@@ -0,0 +1,70 @@
+<?php
+
+namespace Tests\Feature\Admin;
+
+use App\Model\Admin\AdminUser;
+use App\Model\Admin\Entity;
+use App\Model\Admin\Menu;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Schema;
+use Tests\TestCase;
+
+class AuthorizationTest extends TestCase
+{
+    use RefreshDatabase;
+
+    protected $user;
+    protected $superUser;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        $this->superUser = factory(AdminUser::class)->create(['id' => 1]);
+        $this->user = factory(AdminUser::class)->create(['id' => 2]);
+    }
+
+    public function testUserVistEntityListPage()
+    {
+        factory(Entity::class, 1)->create();
+        $testUrl = '/admin/entities';
+
+        $response = $this->actingAs($this->superUser, 'admin')->get($testUrl);
+        $response->assertStatus(200);
+
+        $response = $this->actingAs($this->user, 'admin')->get($testUrl);
+        $response->assertStatus(401);
+
+        // 授权后可访问
+        $response = $this->actingAs($this->superUser, 'admin')->post(
+            '/admin/menus',
+            [
+                'name' => '模型列表',
+                'route' => 'admin::entity.index',
+                'url' => '/admin/entities'
+            ]
+        );
+        $response->assertStatus(200);
+        $response = $this->actingAs($this->superUser, 'admin')->post('/admin/roles', ['name' => 'entity']);
+        $response->assertStatus(200);
+        $response = $this->actingAs($this->superUser, 'admin')->put(
+            '/admin/roles/1/permission',
+            ['permission' => [1 => '模型列表']]
+        );
+        $response->assertStatus(200);
+        $response = $this->actingAs($this->superUser, 'admin')->put(
+            '/admin/admin_user/' . $this->user->id . '/role',
+            ['role' => [1 => 'entity']]
+        );
+        $response->assertStatus(200);
+        $response = $this->actingAs($this->user, 'admin')->get($testUrl);
+        $response->assertStatus(200);
+    }
+
+    public function tearDown(): void
+    {
+        parent::tearDown();
+    }
+}