diff --git a/app/hdl/hdl_comm.go b/app/hdl/hdl_comm.go new file mode 100644 index 0000000..f24351d --- /dev/null +++ b/app/hdl/hdl_comm.go @@ -0,0 +1,109 @@ +package hdl + +import ( + "applet/app/e" + "applet/app/enum" + "applet/app/md" + "applet/app/svc" + "applet/app/utils" + db "code.fnuoos.com/zhimeng/model.git/src" + "code.fnuoos.com/zhimeng/model.git/src/super/implement" + "github.com/gin-gonic/gin" +) + +func MenuList(c *gin.Context) { + masterId := svc.GetMasterId(c) + engine := db.DBs[masterId] + admin := svc.GetUser(c) + qrcodeWithBatchRecordsDb := implement.NewPermissionGroupDb(engine) + groupList, err := qrcodeWithBatchRecordsDb.FindPermissionGroupV2() + if err != nil { + e.OutErr(c, e.ERR_DB_ORM, err.Error()) + return + } + + // 1、查询出当前用户所有角色 + adminRoleDb := implement.NewAdminRoleDb(engine) + roles, err := adminRoleDb.FindAdminRole(admin.AdmId) + if err != nil { + e.OutErr(c, e.ERR_DB_ORM, err.Error()) + return + } + + roleDb := implement.NewRoleDb(engine, 0) + var adminHasPermissionGroupIds []string + for _, v := range *roles { + list, _, err1 := roleDb.FindPermissionGroupByRole(v.RoleId) + if err1 != nil { + e.OutErr(c, e.ERR_DB_ORM, err1.Error()) + return + } + for _, v1 := range list { + adminHasPermissionGroupIds = append(adminHasPermissionGroupIds, utils.IntToStr(v1.PermissionGroup.Id)) + } + } + + var tempRespMap = map[string]*md.PermissionGroupListResp{} + var tempRespMapKeys []string + for _, v := range *groupList { + + var isCheck bool + if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure { + isCheck = true + } else { + isCheck = false + } + + if utils.InArr(utils.IntToStr(v.Id), adminHasPermissionGroupIds) { + isCheck = true + } + + if v.State == enum.PermissionGroupStateForDiscard { + isCheck = false + } + + tempRespMap[utils.IntToStr(v.Id)] = &md.PermissionGroupListResp{ + Id: v.Id, + Name: v.Name, + Key: v.Key, + State: v.State, + ParentId: v.ParentId, + CreateAt: v.CreateAt, + UpdateAt: v.UpdateAt, + IsCheck: isCheck, + } + tempRespMapKeys = append(tempRespMapKeys, utils.IntToStr(v.Id)) + } + for _, v := range tempRespMap { + if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId != 0 { + tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v) + } + } + for _, v := range tempRespMap { + if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId == 0 { + tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v) + } + } + + var resp []*md.PermissionGroupListResp + for _, v := range tempRespMapKeys { + if tempRespMap[v].ParentId == 0 { + resp = append(resp, tempRespMap[v]) + } + } + + e.OutSuc(c, map[string]interface{}{ + "list": resp, + "state": []map[string]interface{}{ + { + "name": enum.PermissionGroupState(enum.PermissionGroupStateForNormal).String(), + "value": enum.PermissionGroupStateForNormal, + }, + { + "name": enum.PermissionGroupState(enum.PermissionGroupStateForDiscard).String(), + "value": enum.PermissionGroupStateForDiscard, + }, + }, + }, nil) + return +} diff --git a/app/md/app_redis_key.go b/app/md/app_redis_key.go index ee55d9f..2b61714 100644 --- a/app/md/app_redis_key.go +++ b/app/md/app_redis_key.go @@ -15,4 +15,6 @@ const ( KEY_SYS_CFG_CACHE = "sys_cfg_cache" CfgCacheTime = 86400 + + AdminRolePermissionKey = "%s:advertisement_super_admin_role_permission:%s" // 占位符:ip, admin:id ) diff --git a/app/mw/mw_admin_permission.go b/app/mw/mw_admin_permission.go new file mode 100644 index 0000000..57109b7 --- /dev/null +++ b/app/mw/mw_admin_permission.go @@ -0,0 +1,33 @@ +package mw + +import ( + "applet/app/e" + "applet/app/enum" + "applet/app/md" + "applet/app/svc" + "applet/app/utils" + "fmt" + "github.com/gin-gonic/gin" +) + +// CheckPermission 检查权限 +func CheckPermission(c *gin.Context) { + admin := svc.GetUser(c) + masterId := svc.GetMasterId(c) + // TODO::判断是否为超管 + if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure { + c.Next() + } else { + rolePermissionKey := fmt.Sprintf(md.AdminRolePermissionKey, masterId, utils.AnyToString(admin.AdmId)) + isHasPermission, err := svc.CheckUserRole(c, rolePermissionKey, c.Request.RequestURI, admin.AdmId) + if err != nil { + e.OutErr(c, e.ERR, err.Error()) + return + } + if !isHasPermission { + e.OutErr(c, e.ERR_FORBIDEN, "当前用户暂未拥有该路由权限,请联系管理员") + return + } + c.Next() + } +} diff --git a/app/router/router.go b/app/router/router.go index a3119b7..1d26dc8 100644 --- a/app/router/router.go +++ b/app/router/router.go @@ -69,11 +69,19 @@ func route(r *gin.RouterGroup) { r.Use(mw.Auth) // 以下接口需要JWT验证 r.GET("/loginInfo", hdl.LoginInfo) + + rComm(r.Group("/comm")) + + r.Use(mw.CheckPermission) // 检测权限 rRole(r.Group("/role")) // 权限管理 rDataCenter(r.Group("/dataCenter")) // 数据中心 rSmsCenter(r.Group("/smsCenter")) // 短信中心 } +func rComm(r *gin.RouterGroup) { + r.POST("/getMenuList", hdl.MenuList) // 获取菜单栏列表 +} + func rRole(r *gin.RouterGroup) { r.GET("/roleList", hdl.RoleList) // 角色列表 r.POST("/addRole", hdl.AddRole) // 角色添加 diff --git a/etc/cfg.yml b/etc/cfg.yml index 88f1c10..841ed21 100644 --- a/etc/cfg.yml +++ b/etc/cfg.yml @@ -6,7 +6,7 @@ local: true # 服务器参数 srv_addr: ':1000' # 缓存 -redis_addr: '127.0.0.1:6379' +redis_addr: '120.24.28.6:32572' # 连接官网数据库获取db mapping db: