diff --git a/server/app/common/dao/system/SysAdminDao.php b/server/app/common/dao/system/SysAdminDao.php index 029930cc80737d0b42a5346b2b21f3c56f60ab94..89ce32b25810d7a772fd02b01eded53e84fa09cc 100644 --- a/server/app/common/dao/system/SysAdminDao.php +++ b/server/app/common/dao/system/SysAdminDao.php @@ -201,7 +201,7 @@ class SysAdminDao extends BaseDao { $result = $this->getModel() ->where('id', $id) - ->with(['depts', 'posts', 'casbin.roles',]) + ->with(['depts', 'posts', 'casbin.roles','roles']) ->first() ->makeHidden(['password', 'backend_setting']); diff --git a/server/app/functions.php b/server/app/functions.php index e8fbac0c244d5aa3cd145071649bd08883380470..708afe65ec0b7aa4642617b7a6c21c58ee312d9e 100644 --- a/server/app/functions.php +++ b/server/app/functions.php @@ -18,24 +18,28 @@ use support\Container; */ function getCurrentUser(bool $fullInfo = false, bool $refresh = false): mixed { - // 1. 验证请求和授权令牌 - $token = resolveAuthorizationToken(); - if ($token === null) { - return null; - } + try { + // 1. 验证请求和授权令牌 + $token = resolveAuthorizationToken(); + if ($token === null) { + return null; + } - // 2. 获取当前用户ID - $userId = JwtToken::getCurrentId(); - if ($userId === null) { - return null; - } + // 2. 获取当前用户ID + $userId = JwtToken::getCurrentId(); + if ($userId === null) { + return null; + } - // 3. 根据参数返回相应数据 - if ($refresh) { - return $fullInfo ? JwtToken::getUser() : $userId; - } + // 3. 根据参数返回相应数据 + if ($refresh) { + return $fullInfo ? JwtToken::getUser() : $userId; + } - return $fullInfo ? JwtToken::getExtend() : $userId; + return $fullInfo ? JwtToken::getExtend() : $userId; + } catch (\Exception $e) { + return null; + } } function resolveAuthorizationToken(): ?string diff --git a/server/app/middleware/AuthTokenMiddleware.php b/server/app/middleware/AuthTokenMiddleware.php index 02a64a8982d4c6628d588c47a6c843cec2d583fc..27de2cafe2ef2f1a48c30cc81af2e0910a605ae7 100644 --- a/server/app/middleware/AuthTokenMiddleware.php +++ b/server/app/middleware/AuthTokenMiddleware.php @@ -14,6 +14,7 @@ namespace app\middleware; use core\jwt\JwtToken; use core\exception\handler\UnauthorizedHttpException; +use core\utils\Json; use Webman\Http\Request; use Webman\Http\Response; use Webman\MiddlewareInterface; @@ -49,9 +50,13 @@ class AuthTokenMiddleware implements MiddlewareInterface return $handler($request); } - $userId = JwtToken::getCurrentId(); - if (0 === $userId) { - throw new UnauthorizedHttpException(); + try { + $userId = JwtToken::getCurrentId(); + if (0 === $userId) { + throw new UnauthorizedHttpException(); + } + }catch (\Exception $e){ + return Json::fail($e->getMessage(), [], 401); } return $handler($request); } diff --git a/server/app/middleware/PermissionMiddleware.php b/server/app/middleware/PermissionMiddleware.php index ecb88e65ea9259f49a0fea144113e01f0fcacd69..65a98ce2c75604016fa3b11c2c4bd758d12a83e3 100644 --- a/server/app/middleware/PermissionMiddleware.php +++ b/server/app/middleware/PermissionMiddleware.php @@ -20,6 +20,7 @@ use core\enum\system\PolicyPrefix; use core\exception\handler\ForbiddenHttpException; use core\exception\handler\UnauthorizedHttpException; use core\jwt\JwtToken; +use core\utils\Json; use Webman\Http\Request; use Webman\Http\Response; use Webman\MiddlewareInterface; @@ -63,9 +64,13 @@ class PermissionMiddleware implements MiddlewareInterface return $handler($request); } - $userId = JwtToken::getCurrentId(); - if ($userId === 0) { - throw new UnauthorizedHttpException(); + try { + $userId = JwtToken::getCurrentId(); + if (0 === $userId) { + throw new UnauthorizedHttpException(); + } + }catch (\Exception $e){ + return Json::fail($e->getMessage(), [], 401); } $userData = JwtToken::getExtend(); // 顶级管理员直接跳过权限验证 diff --git a/server/core/abstract/BaseDao.php b/server/core/abstract/BaseDao.php index 8945ea6da71dfd157facdf3793fcd5a9dd48f9e7..e7dd0008306a7d225534575c148f990449265080 100644 --- a/server/core/abstract/BaseDao.php +++ b/server/core/abstract/BaseDao.php @@ -13,6 +13,7 @@ namespace core\abstract; use madong\helper\Arr; +use support\Db; /** * @method count(array $where = [], bool $search = true) @@ -726,24 +727,25 @@ abstract class BaseDao } /** - * 高精度加法 + * 高精度加法(修正精度问题) * - * @param $key - * @param string $incField - * @param string $inc - * @param string|null $keyField - * @param int $acc + * @param mixed $key 主键值或条件值 + * @param string $incField 要增加的字段 + * @param string $inc 增加的值 + * @param string|null $keyField 条件字段名,默认为'id' + * @param int $acc 精度(小数位数) * * @return bool + * @throws \Exception */ - public function bcInc($key, string $incField, string $inc, string $keyField = null, int $acc = 2): bool + public function bcInc(mixed $key, string $incField, string $inc, string $keyField = null, int $acc = 2): bool { // 获取模型实例 $model = $this->getModel(); // 构建查询条件 $query = $keyField ? $model->where($keyField, $key) : $model->where('id', $key); - // 执行增量操作 - return $query->update([$incField => \DB::raw("COALESCE($incField, 0) + CAST($inc AS DECIMAL($acc, $acc))")]) > 0; + // 执行增量操作,使用合适的精度 DECIMAL(10, $acc) + return $query->update([$incField => Db::raw("COALESCE($incField, 0) + CAST($inc AS DECIMAL(10, $acc))")]) > 0; } /**