蛋蛋星球 后台端
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。

hdl_comm.go 10 KiB

1ヶ月前
2週間前
1ヶ月前
1ヶ月前
1ヶ月前
3週間前
1ヶ月前
3週間前
1ヶ月前
2週間前
2週間前
2週間前
1ヶ月前
2週間前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
2週間前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
1ヶ月前
3週間前
3週間前
3週間前
3週間前
3週間前
2週間前
3週間前
3週間前
3週間前
3週間前
3週間前
3週間前
3週間前
3週間前
3週間前
3週間前
3週間前
3週間前
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338
  1. package comm
  2. import (
  3. "applet/app/db"
  4. "applet/app/e"
  5. "applet/app/enum"
  6. "applet/app/md"
  7. "applet/app/svc"
  8. "applet/app/svc/sys_cfg"
  9. "applet/app/utils"
  10. "applet/app/utils/cache"
  11. "code.fnuoos.com/EggPlanet/egg_models.git/src/implement"
  12. enum2 "code.fnuoos.com/EggPlanet/egg_system_rules.git/enum"
  13. "fmt"
  14. sts20150401 "github.com/alibabacloud-go/sts-20150401/v2/client"
  15. "github.com/aliyun/aliyun-oss-go-sdk/oss"
  16. "github.com/gin-gonic/gin"
  17. "strings"
  18. )
  19. // MenuList
  20. // @Summary 通用请求-权限列表-菜单栏列表(获取)
  21. // @Tags 权限列表
  22. // @Description 菜单栏列表(获取)
  23. // @Accept json
  24. // @Produce json
  25. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  26. // @Success 200 {object} map[string]interface{} "具体路由"
  27. // @Failure 400 {object} md.Response "具体错误"
  28. // @Router /api/comm/getMenuList [POST]
  29. func MenuList(c *gin.Context) {
  30. engine := db.Db
  31. admin := svc.GetUser(c)
  32. qrcodeWithBatchRecordsDb := implement.NewPermissionGroupDb(engine)
  33. groupList, err := qrcodeWithBatchRecordsDb.FindPermissionGroup()
  34. if err != nil {
  35. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  36. return
  37. }
  38. // 1、查询出当前用户所有角色
  39. adminRoleDb := implement.NewAdminRoleDb(engine)
  40. roles, err := adminRoleDb.FindAdminRole(admin.AdmId)
  41. if err != nil {
  42. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  43. return
  44. }
  45. roleDb := implement.NewRoleDb(engine, 0)
  46. var adminHasPermissionGroupIds []string
  47. for _, v := range *roles {
  48. list, _, err1 := roleDb.FindPermissionGroupByRole(v.RoleId)
  49. if err1 != nil {
  50. e.OutErr(c, e.ERR_DB_ORM, err1.Error())
  51. return
  52. }
  53. for _, v1 := range list {
  54. adminHasPermissionGroupIds = append(adminHasPermissionGroupIds, utils.IntToStr(v1.PermissionGroup.Id))
  55. }
  56. }
  57. var tempRespMap = map[string]*md.PermissionGroupListResp{}
  58. var tempRespMapKeys []string
  59. for _, v := range *groupList {
  60. var isCheck bool
  61. if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure {
  62. isCheck = true
  63. } else {
  64. isCheck = false
  65. }
  66. if utils.InArr(utils.IntToStr(v.Id), adminHasPermissionGroupIds) {
  67. isCheck = true
  68. }
  69. if v.State == enum.PermissionGroupStateForDiscard {
  70. isCheck = false
  71. }
  72. tempRespMap[utils.IntToStr(v.Id)] = &md.PermissionGroupListResp{
  73. Id: v.Id,
  74. Name: v.Name,
  75. Key: v.Key,
  76. State: v.State,
  77. ParentId: v.ParentId,
  78. CreateAt: v.CreateAt,
  79. UpdateAt: v.UpdateAt,
  80. IsCheck: isCheck,
  81. }
  82. tempRespMapKeys = append(tempRespMapKeys, utils.IntToStr(v.Id))
  83. }
  84. for _, v := range tempRespMap {
  85. if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId != 0 {
  86. tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)
  87. }
  88. }
  89. for _, v := range tempRespMap {
  90. if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId == 0 {
  91. tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)
  92. }
  93. }
  94. var resp []*md.PermissionGroupListResp
  95. for _, v := range tempRespMapKeys {
  96. if tempRespMap[v].ParentId == 0 {
  97. resp = append(resp, tempRespMap[v])
  98. }
  99. }
  100. e.OutSuc(c, map[string]interface{}{
  101. "list": resp,
  102. "state": []map[string]interface{}{
  103. {
  104. "name": enum.PermissionGroupState(enum.PermissionGroupStateForNormal).String(),
  105. "value": enum.PermissionGroupStateForNormal,
  106. },
  107. {
  108. "name": enum.PermissionGroupState(enum.PermissionGroupStateForDiscard).String(),
  109. "value": enum.PermissionGroupStateForDiscard,
  110. },
  111. },
  112. }, nil)
  113. return
  114. }
  115. type ImgReqUploadReq struct {
  116. FileName string `json:"file_name" binding:"required" example:"文件名"`
  117. ContentType string `json:"content_type,required" binding:"required" example:"image/jpeg"`
  118. }
  119. type ImgReqUploadResp struct {
  120. SignUrl string `json:"sign_url" example:"签名上传url"`
  121. }
  122. // GetOssUrl
  123. // @Summary 通用请求-对象存储-上传许可链接(获取)
  124. // @Tags 对象存储
  125. // @Description 上传许可链接(获取)
  126. // @Accept json
  127. // @Produce json
  128. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  129. // @Param req body comm.ImgReqUploadReq true "签名上传url"
  130. // @Success 200 {string} "许可链接"
  131. // @Failure 400 {object} md.Response "具体错误"
  132. // @Router /api/comm/getOssUrl [POST]
  133. func GetOssUrl(c *gin.Context) {
  134. var args ImgReqUploadReq
  135. err := c.ShouldBindJSON(&args)
  136. if err != nil {
  137. err = svc.HandleValidateErr(err)
  138. err1 := err.(e.E)
  139. e.OutErr(c, err1.Code, err1.Error())
  140. return
  141. }
  142. CommOss(c, args)
  143. }
  144. func CommOss(c *gin.Context, args ImgReqUploadReq) {
  145. sysCfgDb := sys_cfg.NewSysCfgDb(db.Db)
  146. sysCfgs, err := sysCfgDb.SysCfgGetAll()
  147. if err != nil {
  148. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  149. return
  150. }
  151. if sysCfgs == nil {
  152. e.OutErr(c, e.ERR_CFG_CACHE, nil)
  153. return
  154. }
  155. cfgMap := make(map[string]string, len(*sysCfgs))
  156. for _, cfg := range *sysCfgs {
  157. cfgMap[cfg.Key] = cfg.Val
  158. }
  159. endpoint := cfgMap[enum2.AliyunOssEndpoint]
  160. bucketName := cfgMap[enum2.AliyunOssBucketName]
  161. ossBucketScheme := cfgMap[enum2.AliyunOssBucketScheme]
  162. accessKeyID := cfgMap[enum2.AliyunOssAccessKeyID]
  163. accessKeySecret := cfgMap[enum2.AliyunOssAccessKeySecret]
  164. // 创建OSSClient实例。
  165. client, err := oss.New(ossBucketScheme+"://"+endpoint, accessKeyID, accessKeySecret)
  166. if err != nil {
  167. e.OutErr(c, e.ERR, err.Error())
  168. return
  169. }
  170. // 获取存储空间。
  171. bucket, err := client.Bucket(bucketName)
  172. if err != nil {
  173. e.OutErr(c, e.ERR, err.Error())
  174. return
  175. }
  176. options := []oss.Option{
  177. oss.ContentType(args.ContentType),
  178. }
  179. signedURL, err := bucket.SignURL(args.FileName, oss.HTTPPut, 60*5, options...)
  180. if err != nil {
  181. e.OutErr(c, e.ERR_AES_ENCODE, err.Error())
  182. return
  183. }
  184. e.OutSuc(c, signedURL, nil)
  185. }
  186. const STSVoucherRedisKey = "STS_Voucher_Cache_Key"
  187. type GetSTSVoucherResp struct {
  188. STSToken sts20150401.AssumeRoleResponseBodyCredentials `json:"sts_token"` // STS 凭证
  189. Bucket string `json:"bucket"` // oss 桶名称
  190. Region string `json:"region"` // 所在地域
  191. }
  192. // GetSTSVoucher
  193. // @Summary 通用请求-打包机使用-STS临时访问凭证(获取)
  194. // @Tags 打包机使用
  195. // @Description STS临时访问凭证(获取)
  196. // @Accept json
  197. // @Produce json
  198. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  199. // @Success 200 {object} comm.GetSTSVoucherResp "凭证及其他信息"
  200. // @Failure 400 {object} md.Response "具体错误"
  201. // @Router /api/getSTSVoucher [GET]
  202. func GetSTSVoucher(c *gin.Context) {
  203. sysCfgDb := sys_cfg.NewSysCfgDb(db.Db)
  204. sysCfgs, err := sysCfgDb.SysCfgGetAll()
  205. if err != nil {
  206. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  207. return
  208. }
  209. if sysCfgs == nil {
  210. e.OutErr(c, e.ERR_CFG_CACHE, nil)
  211. return
  212. }
  213. cfgMap := make(map[string]string, len(*sysCfgs))
  214. for _, cfg := range *sysCfgs {
  215. cfgMap[cfg.Key] = cfg.Val
  216. }
  217. endpoint := cfgMap[enum2.AliyunOssEndpoint]
  218. redisKey := STSVoucherRedisKey
  219. redisValue, err := cache.GetString(redisKey)
  220. if err != nil {
  221. if err.Error() == "redigo: nil returned" {
  222. assumeRoleAccessKeyID := cfgMap[enum2.AliyunOssAssumeRoleAccessKeyID]
  223. assumeRoleAccessKeySecret := cfgMap[enum2.AliyunOssAssumeRoleAccessKeySecret]
  224. assumeRoleARN := cfgMap[enum2.AliyunOssAssumeRoleARN]
  225. roleSessionName := "STSRam"
  226. endpointList := strings.Split(endpoint, "-")
  227. stsEndPoint := fmt.Sprintf("sts.%s-%s", endpointList[1], endpointList[2])
  228. client, err := svc.CreateSTSClient(&assumeRoleAccessKeyID, &assumeRoleAccessKeySecret, &stsEndPoint)
  229. if err != nil {
  230. e.OutErr(c, e.ERR, err.Error())
  231. return
  232. }
  233. roleArn := assumeRoleARN
  234. durationSeconds := 3600
  235. assumeRoleResponse, err := svc.AssumeRole(client, &roleArn, &roleSessionName, int64(durationSeconds))
  236. if err != nil {
  237. e.OutErr(c, e.ERR, err.Error())
  238. return
  239. }
  240. CredentialsStr := utils.SerializeStr(assumeRoleResponse.Body.Credentials)
  241. // 提早 60s 释放,避免能拿到令牌但无法上传
  242. cache.SetEx(redisKey, CredentialsStr, durationSeconds-60)
  243. credentials := sts20150401.AssumeRoleResponseBodyCredentials{
  244. AccessKeyId: assumeRoleResponse.Body.Credentials.AccessKeyId,
  245. AccessKeySecret: assumeRoleResponse.Body.Credentials.AccessKeySecret,
  246. Expiration: assumeRoleResponse.Body.Credentials.Expiration,
  247. SecurityToken: assumeRoleResponse.Body.Credentials.SecurityToken,
  248. }
  249. bucket := cfgMap[enum2.AliyunOssBucketName]
  250. region := strings.Split(endpoint, ".")[0]
  251. resp := GetSTSVoucherResp{
  252. STSToken: credentials,
  253. Bucket: bucket,
  254. Region: region,
  255. }
  256. e.OutSuc(c, resp, nil)
  257. return
  258. } else {
  259. e.OutErr(c, e.ERR, nil)
  260. return
  261. }
  262. }
  263. var credentials sts20150401.AssumeRoleResponseBodyCredentials
  264. utils.Unserialize([]byte(redisValue), &credentials)
  265. bucket := cfgMap[enum2.AliyunOssBucketName]
  266. region := strings.Split(endpoint, ".")[0]
  267. resp := GetSTSVoucherResp{
  268. STSToken: credentials,
  269. Bucket: bucket,
  270. Region: region,
  271. }
  272. e.OutSuc(c, resp, nil)
  273. return
  274. }
  275. type GetAdminInfoResp struct {
  276. AdmId int `json:"adm_id"` // 管理员id
  277. Username string `json:"username"` // 用户名
  278. State int `json:"state"` // 状态(1:正常 2:冻结)
  279. IsSuperAdministrator int `json:"is_super_administrator"` // 是否为超级管理员(0:否 1:是)
  280. Memo string `json:"memo"` // 备注信息
  281. }
  282. // GetAdminInfo
  283. // @Summary 通用请求-获取管理员信息
  284. // @Tags 通用请求
  285. // @Description 获取管理员信息
  286. // @Accept json
  287. // @Produce json
  288. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  289. // @Success 200 {object} GetAdminInfoResp "管理员信息"
  290. // @Failure 400 {object} md.Response "具体错误"
  291. // @Router /api/comm/adminInfo [POST]
  292. func GetAdminInfo(c *gin.Context) {
  293. admin := svc.GetUser(c)
  294. resp := GetAdminInfoResp{
  295. AdmId: admin.AdmId,
  296. Username: admin.Username,
  297. State: admin.State,
  298. IsSuperAdministrator: admin.IsSuperAdministrator,
  299. Memo: admin.Memo,
  300. }
  301. e.OutSuc(c, resp, nil)
  302. }