<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Session;
use Illuminate\Support\Str;

class Rbac
{
    public $guardName;

    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = null)
    {
        !$guard ? $guard = config("auth.defaults.guard") : "";
        $this->guardName = $guard;

        if (!$this->checkPermissionByUrl()) {
            abort(401);
        }
        return $next($request);
    }

    /**
     * 权限校验
     * @param $request
     * @return bool
     */
    public function checkPermissionByUrl()
    {
        $user = Auth::guard($this->guardName)->user();
        $permissions = $user->getAllPermissions();

        //校验权限
        foreach ($permissions as $permission) {
            if (!$permission->url) continue;
            if (Str::startsWith(request()->route()->uri(), $permission->url)) {
                return true;
            }
        };

        return false;
    }
}