From fa966ab489d2685d351397885b87389adc9cbb12 Mon Sep 17 00:00:00 2001 From: Boen_Shi Date: Wed, 6 May 2026 18:26:00 +0800 Subject: [PATCH] =?UTF-8?q?fix(api):=20=E4=BF=AE=E5=A4=8D=E6=9D=83?= =?UTF-8?q?=E9=99=90=E5=8F=AF=E8=A7=81=E6=80=A7=E4=B8=8E=E8=B5=84=E6=BA=90?= =?UTF-8?q?=E8=AE=BF=E9=97=AE=E6=8E=88=E6=9D=83=E5=88=A4=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/Http/Controllers/Api/PermissionController.php | 2 +- app/Http/Controllers/Api/ServerResourceController.php | 9 +-------- app/Http/Controllers/Api/UserController.php | 2 +- 3 files changed, 3 insertions(+), 10 deletions(-) diff --git a/app/Http/Controllers/Api/PermissionController.php b/app/Http/Controllers/Api/PermissionController.php index 0ad7b45..d062746 100644 --- a/app/Http/Controllers/Api/PermissionController.php +++ b/app/Http/Controllers/Api/PermissionController.php @@ -17,7 +17,7 @@ class PermissionController extends Controller public function __construct() { $this->middleware('auth:api'); - $this->middleware('permission:platform.permissions.view,api')->only(['index', 'show']); + $this->middleware('permission:platform.permissions.view|platform.roles.manage|platform.users.manage,api')->only(['index', 'show']); $this->middleware('permission:platform.permissions.manage,api')->only(['store', 'update', 'destroy', 'syncRolePermissions']); } diff --git a/app/Http/Controllers/Api/ServerResourceController.php b/app/Http/Controllers/Api/ServerResourceController.php index 6feb590..505edc6 100644 --- a/app/Http/Controllers/Api/ServerResourceController.php +++ b/app/Http/Controllers/Api/ServerResourceController.php @@ -72,13 +72,6 @@ class ServerResourceController extends Controller private function resolveResourceIdsFromPermissions(User $user): Collection { $allPermissions = $user->getAllPermissions(); - if ($allPermissions->contains(fn (Permission $permission): bool => $permission->name === 'resource.servers.use')) { - return ServerResource::query() - ->whereNotNull('parent_id') - ->pluck('id') - ->values(); - } - $resourceIds = collect(); foreach ($allPermissions as $permission) { $permissionName = (string) $permission->name; @@ -682,7 +675,7 @@ class ServerResourceController extends Controller private function canUseResource(User $user, ServerResource $resource, string $protocol): bool { - if ($user->can('platform.servers.view') || $user->can('resource.servers.use')) { + if ($user->can('platform.servers.view')) { return true; } diff --git a/app/Http/Controllers/Api/UserController.php b/app/Http/Controllers/Api/UserController.php index 5b4133d..10caf48 100644 --- a/app/Http/Controllers/Api/UserController.php +++ b/app/Http/Controllers/Api/UserController.php @@ -544,7 +544,7 @@ class UserController extends Controller $managedResourceIds = Permission::query() ->where('guard_name', 'api') ->where('name', 'like', 'resource.servers.use.%') - ->where('description', 'like', '服务器资源访问权限(资源ID:%') + ->where('description', 'like', '服务器资源访问权限(%资源ID:%') ->pluck('description') ->map(fn (string $description): ?int => $this->resourceIdFromPermissionDescription($description)) ->filter(fn (?int $resourceId): bool => $resourceId !== null)