广告平台(总站长使用)
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
 
 
 
 
 
 

185 рядки
4.6 KiB

  1. package svc
  2. import (
  3. "applet/app/md"
  4. "applet/app/utils"
  5. "applet/app/utils/cache"
  6. db "code.fnuoos.com/zhimeng/model.git/src"
  7. "code.fnuoos.com/zhimeng/model.git/src/super/implement"
  8. "code.fnuoos.com/zhimeng/model.git/src/super/model"
  9. "encoding/json"
  10. "errors"
  11. "github.com/gin-gonic/gin"
  12. "regexp"
  13. "strings"
  14. "time"
  15. )
  16. func CheckUserRole(c *gin.Context, cacheKey, uri string, admId int) (isHasPermission bool, err error) {
  17. uri = utils.UriFilterExcludeQueryString(uri) //去除uri中?后的query参数
  18. isHasPermission = false
  19. var rolePermission []string
  20. var rolePermissionString string
  21. rolePermissionString, _ = cache.GetString(cacheKey)
  22. //TODO::判断是否在白名单中
  23. if utils.InArr(uri, md.WhiteUri) {
  24. isHasPermission = true
  25. return
  26. }
  27. if rolePermissionString != "" {
  28. //if false {
  29. if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil {
  30. return
  31. }
  32. } else {
  33. adminDb := implement.NewAdminDb(db.Db)
  34. list, _, err1 := adminDb.GetAdminRolePermission(admId)
  35. if err1 != nil {
  36. return isHasPermission, err1
  37. }
  38. for _, v := range list {
  39. rolePermission = append(rolePermission, v.Permission.Action)
  40. }
  41. marshal, err1 := json.Marshal(rolePermission)
  42. if err1 != nil {
  43. return isHasPermission, err1
  44. }
  45. rolePermissionString = string(marshal)
  46. _, err = cache.SetEx(cacheKey, rolePermissionString, md.AdminRolePermissionCacheTime)
  47. }
  48. if utils.InArr(uri, rolePermission) {
  49. isHasPermission = true
  50. } else {
  51. //正则匹配占位符情况
  52. compileRegex := regexp.MustCompile("[0-9]+")
  53. matchArr := compileRegex.FindAllString(uri, -1)
  54. if len(matchArr) > 0 {
  55. uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1)
  56. if utils.InArr(uri, rolePermission) {
  57. isHasPermission = true
  58. }
  59. }
  60. }
  61. return
  62. }
  63. func DeleteRole(c *gin.Context, roleId int) (err error) {
  64. session := db.Db.NewSession()
  65. defer session.Close()
  66. session.Begin()
  67. //1、删除 `role`
  68. roleDb := implement.NewRoleDb(db.Db, roleId)
  69. _, err = roleDb.RoleDeleteBySession(session, roleId)
  70. if err != nil {
  71. _ = session.Rollback()
  72. return
  73. }
  74. //2、删除 `role_permission_group`
  75. rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
  76. _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, roleId)
  77. if err != nil {
  78. _ = session.Rollback()
  79. return
  80. }
  81. //3、删除 `admin_role`
  82. adminRoleDb := implement.NewAdminRoleDb(db.Db)
  83. _, err = adminRoleDb.AdminRoleDeleteForRoleBySession(session, roleId)
  84. if err != nil {
  85. _ = session.Rollback()
  86. return
  87. }
  88. return session.Commit()
  89. }
  90. func RoleBindPermissionGroup(c *gin.Context, req md.RoleBindPermissionGroupReq) (err error) {
  91. session := db.Db.NewSession()
  92. defer session.Close()
  93. session.Begin()
  94. //1、查询 `role`
  95. roleDb := implement.NewRoleDb(db.Db, req.RoleId)
  96. role, err := roleDb.GetRole()
  97. if err != nil {
  98. return
  99. }
  100. if role == nil {
  101. return errors.New("未查询到相应记录")
  102. }
  103. //1、删除 `role_permission_group`
  104. rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
  105. _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, req.RoleId)
  106. if err != nil {
  107. _ = session.Rollback()
  108. return
  109. }
  110. //2、新增 `role_permission_group``
  111. var mm []*model.RolePermissionGroup
  112. now := time.Now()
  113. for _, v := range req.PermissionIds {
  114. mm = append(mm, &model.RolePermissionGroup{
  115. RoleId: role.Id,
  116. GroupId: v,
  117. CreateAt: now.Format("2006-01-02 15:04:05"),
  118. UpdateAt: now.Format("2006-01-02 15:04:05"),
  119. })
  120. }
  121. _, err = rolePermissionGroupDb.BatchAddRolePermissionGroupBySession(session, mm)
  122. if err != nil {
  123. _ = session.Rollback()
  124. return
  125. }
  126. return session.Commit()
  127. }
  128. func BindAdminRole(c *gin.Context, req md.BindAdminRoleReq) (err error) {
  129. session := db.Db.NewSession()
  130. defer session.Close()
  131. session.Begin()
  132. //1、查询 `role`
  133. adminDb := implement.NewAdminDb(db.Db)
  134. role, err := adminDb.GetAdmin(req.AdmId)
  135. if err != nil {
  136. return
  137. }
  138. if role == nil {
  139. return errors.New("未查询到相应记录")
  140. }
  141. //1、删除 `admin_role`
  142. adminRoleDb := implement.NewAdminRoleDb(db.Db)
  143. _, err = adminRoleDb.AdminRoleDeleteBySession(session, req.AdmId)
  144. if err != nil {
  145. _ = session.Rollback()
  146. return
  147. }
  148. //2、新增 `删除 `admin_role``
  149. var mm []*model.AdminRole
  150. now := time.Now()
  151. for _, v := range req.RoleIds {
  152. mm = append(mm, &model.AdminRole{
  153. AdmId: req.AdmId,
  154. RoleId: v,
  155. State: 1,
  156. CreateAt: now.Format("2006-01-02 15:04:05"),
  157. UpdateAt: now.Format("2006-01-02 15:04:05"),
  158. })
  159. }
  160. _, err = adminRoleDb.BatchAddAdminRoleBySession(session, mm)
  161. if err != nil {
  162. _ = session.Rollback()
  163. return
  164. }
  165. return session.Commit()
  166. }