mall/modules/client/behaviors/CashierAdminAuth.php

<?php

namespace app\modules\client\behaviors;

use app\models\CashierUserExt;
use app\models\SaasUser;
use app\models\TeamGrades;
use app\models\TeamGradesLevel;
use app\models\User;
use yii\base\ActionFilter;
use yii\web\Response;

class CashierAdminAuth extends ActionFilter
{

    public function beforeAction($action)
    {


        $store_id = get_params('store_id') ?: post_params('store_id');
        $access_token = get_params('access_token') ?: post_params('access_token');
        if (!$access_token) {
            \Yii::$app->response->format = Response::FORMAT_JSON;
            \Yii::$app->response->data = [
                'code' => 401,
                'msg' => 'access_token 不能为空'
            ];
            return false;
        }

        $saasUser = SaasUser::findIdentityByAccessToken($access_token);
        if (!$saasUser) {
            \Yii::$app->response->format = Response::FORMAT_JSON;
            \Yii::$app->response->data = [
                'code' => 401,
                'msg' => '登录失败 获取不到用户信息'
            ];
            return false;
        }

        $user = User::findOne(['store_id' => $store_id, 'binding' => $saasUser->mobile, 'is_delete' => 0]);

        if (!$user) {
            \Yii::$app->response->format = Response::FORMAT_JSON;
            \Yii::$app->response->data = [
                'code' => 401,
                'msg' => '登录失败 获取不到商城用户信息'
            ];
            return false;
        }

        if (!intval($user->is_cashier)) {
            \Yii::$app->response->format = Response::FORMAT_JSON;
            \Yii::$app->response->data = [
                'code' => 1,
                'msg' => '当前用户不是收银台管理员'
            ];
            return false;
        }

        $cashierUserExt = CashierUserExt::findOne(['user_id' => $user->id, 'is_delete' => 0]);
        if ($cashierUserExt) {
            $action->controller->md_id = intval($cashierUserExt->md_id);
            return true;
        }

        return true;

    }
}