update

app/hdl/hdl_comm.go

@@ -0,0 +1,109 @@
+package hdl
+
+import (
+	"applet/app/e"
+	"applet/app/enum"
+	"applet/app/md"
+	"applet/app/svc"
+	"applet/app/utils"
+	db "code.fnuoos.com/zhimeng/model.git/src"
+	"code.fnuoos.com/zhimeng/model.git/src/super/implement"
+	"github.com/gin-gonic/gin"
+)
+
+func MenuList(c *gin.Context) {
+	masterId := svc.GetMasterId(c)
+	engine := db.DBs[masterId]
+	admin := svc.GetUser(c)
+	qrcodeWithBatchRecordsDb := implement.NewPermissionGroupDb(engine)
+	groupList, err := qrcodeWithBatchRecordsDb.FindPermissionGroupV2()
+	if err != nil {
+		e.OutErr(c, e.ERR_DB_ORM, err.Error())
+		return
+	}
+
+	// 1、查询出当前用户所有角色
+	adminRoleDb := implement.NewAdminRoleDb(engine)
+	roles, err := adminRoleDb.FindAdminRole(admin.AdmId)
+	if err != nil {
+		e.OutErr(c, e.ERR_DB_ORM, err.Error())
+		return
+	}
+
+	roleDb := implement.NewRoleDb(engine, 0)
+	var adminHasPermissionGroupIds []string
+	for _, v := range *roles {
+		list, _, err1 := roleDb.FindPermissionGroupByRole(v.RoleId)
+		if err1 != nil {
+			e.OutErr(c, e.ERR_DB_ORM, err1.Error())
+			return
+		}
+		for _, v1 := range list {
+			adminHasPermissionGroupIds = append(adminHasPermissionGroupIds, utils.IntToStr(v1.PermissionGroup.Id))
+		}
+	}
+
+	var tempRespMap = map[string]*md.PermissionGroupListResp{}
+	var tempRespMapKeys []string
+	for _, v := range *groupList {
+
+		var isCheck bool
+		if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure {
+			isCheck = true
+		} else {
+			isCheck = false
+		}
+
+		if utils.InArr(utils.IntToStr(v.Id), adminHasPermissionGroupIds) {
+			isCheck = true
+		}
+
+		if v.State == enum.PermissionGroupStateForDiscard {
+			isCheck = false
+		}
+
+		tempRespMap[utils.IntToStr(v.Id)] = &md.PermissionGroupListResp{
+			Id:       v.Id,
+			Name:     v.Name,
+			Key:      v.Key,
+			State:    v.State,
+			ParentId: v.ParentId,
+			CreateAt: v.CreateAt,
+			UpdateAt: v.UpdateAt,
+			IsCheck:  isCheck,
+		}
+		tempRespMapKeys = append(tempRespMapKeys, utils.IntToStr(v.Id))
+	}
+	for _, v := range tempRespMap {
+		if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId != 0 {
+			tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)
+		}
+	}
+	for _, v := range tempRespMap {
+		if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId == 0 {
+			tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)
+		}
+	}
+
+	var resp []*md.PermissionGroupListResp
+	for _, v := range tempRespMapKeys {
+		if tempRespMap[v].ParentId == 0 {
+			resp = append(resp, tempRespMap[v])
+		}
+	}
+
+	e.OutSuc(c, map[string]interface{}{
+		"list": resp,
+		"state": []map[string]interface{}{
+			{
+				"name":  enum.PermissionGroupState(enum.PermissionGroupStateForNormal).String(),
+				"value": enum.PermissionGroupStateForNormal,
+			},
+			{
+				"name":  enum.PermissionGroupState(enum.PermissionGroupStateForDiscard).String(),
+				"value": enum.PermissionGroupStateForDiscard,
+			},
+		},
+	}, nil)
+	return
+}

app/md/app_redis_key.go

@@ -15,4 +15,6 @@ const (
 	KEY_SYS_CFG_CACHE = "sys_cfg_cache"
 
 	CfgCacheTime = 86400
+
+	AdminRolePermissionKey = "%s:advertisement_super_admin_role_permission:%s" // 占位符：ip, admin:id
 )

app/mw/mw_admin_permission.go

@@ -0,0 +1,33 @@
+package mw
+
+import (
+	"applet/app/e"
+	"applet/app/enum"
+	"applet/app/md"
+	"applet/app/svc"
+	"applet/app/utils"
+	"fmt"
+	"github.com/gin-gonic/gin"
+)
+
+// CheckPermission 检查权限
+func CheckPermission(c *gin.Context) {
+	admin := svc.GetUser(c)
+	masterId := svc.GetMasterId(c)
+	// TODO::判断是否为超管
+	if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure {
+		c.Next()
+	} else {
+		rolePermissionKey := fmt.Sprintf(md.AdminRolePermissionKey, masterId, utils.AnyToString(admin.AdmId))
+		isHasPermission, err := svc.CheckUserRole(c, rolePermissionKey, c.Request.RequestURI, admin.AdmId)
+		if err != nil {
+			e.OutErr(c, e.ERR, err.Error())
+			return
+		}
+		if !isHasPermission {
+			e.OutErr(c, e.ERR_FORBIDEN, "当前用户暂未拥有该路由权限，请联系管理员")
+			return
+		}
+		c.Next()
+	}
+}

app/router/router.go

@@ -69,11 +69,19 @@ func route(r *gin.RouterGroup) {
 
 	r.Use(mw.Auth) // 以下接口需要JWT验证
 	r.GET("/loginInfo", hdl.LoginInfo)
+
+	rComm(r.Group("/comm"))
+
+	r.Use(mw.CheckPermission)           // 检测权限
 	rRole(r.Group("/role"))             // 权限管理
 	rDataCenter(r.Group("/dataCenter")) // 数据中心
 	rSmsCenter(r.Group("/smsCenter"))   // 短信中心
 }
 
+func rComm(r *gin.RouterGroup) {
+	r.POST("/getMenuList", hdl.MenuList) // 获取菜单栏列表
+}
+
 func rRole(r *gin.RouterGroup) {
 	r.GET("/roleList", hdl.RoleList)                                // 角色列表
 	r.POST("/addRole", hdl.AddRole)                                 // 角色添加

etc/cfg.yml

@@ -6,7 +6,7 @@ local: true
 # 服务器参数
 srv_addr: ':1000'
 # 缓存
-redis_addr: '127.0.0.1:6379'
+redis_addr: '120.24.28.6:32572'
 
 # 连接官网数据库获取db mapping
 db: