<?php

namespace App\Domains\Permission\Handler;

use Illuminate\Http\Request;
use App\Exceptions\AuthException;
use App\Domains\Permission\Services\PermissionService;

class AuthAdminCheckPermission
{
    public function handle($account, $request)
    {
        $alias = $request->route()[1]['as'];

        if ($this->hasConfigured($alias) && !$this->shouldPassThrough($request)) {
            if (!$account->can($alias)) {
                throw new AuthException('用户无访问权限', AuthException::PERMISSION_DENIED);
            }
        }
    }

    /**
     * 可以跳过验证的路由
     *
     * @param Request $request
     * @return void
     */
    protected function shouldPassThrough($request)
    {
        $exceptArr = (array)config('domain.permission.except');

        foreach ($exceptArr as $except) {
            if ($except !== '/') {
                $except = trim($except, '/');
            }

            if ($request->is($except)) {
                return true;
            }
        }

        return false;
    }

    /**
     * 已配置过权限的
     *
     * @param Request $request
     * @return void
     */
    protected function hasConfigured($alias)
    {
        $permissions = app(PermissionService::class)->getPermissions()->pluck('name')->toArray();

        if (in_array($alias, $permissions)) {
            return true;
        }

        return false;
    }
}