蛋蛋星球 后台端
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.

hdl_comm.go 8.9 KiB

2 månader sedan
1 månad sedan
2 månader sedan
1 månad sedan
1 månad sedan
1 månad sedan
2 månader sedan
1 månad sedan
2 månader sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
1 månad sedan
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302
  1. package comm
  2. import (
  3. "applet/app/db"
  4. "applet/app/e"
  5. "applet/app/enum"
  6. "applet/app/md"
  7. "applet/app/svc"
  8. "applet/app/utils"
  9. "applet/app/utils/cache"
  10. "code.fnuoos.com/EggPlanet/egg_models.git/src/implement"
  11. enum2 "code.fnuoos.com/EggPlanet/egg_system_rules.git/enum"
  12. "fmt"
  13. sts20150401 "github.com/alibabacloud-go/sts-20150401/v2/client"
  14. "github.com/aliyun/aliyun-oss-go-sdk/oss"
  15. "github.com/gin-gonic/gin"
  16. "strings"
  17. )
  18. func MenuList(c *gin.Context) {
  19. engine := db.Db
  20. admin := svc.GetUser(c)
  21. qrcodeWithBatchRecordsDb := implement.NewPermissionGroupDb(engine)
  22. groupList, err := qrcodeWithBatchRecordsDb.FindPermissionGroupV2()
  23. if err != nil {
  24. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  25. return
  26. }
  27. // 1、查询出当前用户所有角色
  28. adminRoleDb := implement.NewAdminRoleDb(engine)
  29. roles, err := adminRoleDb.FindAdminRole(admin.AdmId)
  30. if err != nil {
  31. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  32. return
  33. }
  34. roleDb := implement.NewRoleDb(engine, 0)
  35. var adminHasPermissionGroupIds []string
  36. for _, v := range *roles {
  37. list, _, err1 := roleDb.FindPermissionGroupByRole(v.RoleId)
  38. if err1 != nil {
  39. e.OutErr(c, e.ERR_DB_ORM, err1.Error())
  40. return
  41. }
  42. for _, v1 := range list {
  43. adminHasPermissionGroupIds = append(adminHasPermissionGroupIds, utils.IntToStr(v1.PermissionGroup.Id))
  44. }
  45. }
  46. var tempRespMap = map[string]*md.PermissionGroupListResp{}
  47. var tempRespMapKeys []string
  48. for _, v := range *groupList {
  49. var isCheck bool
  50. if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure {
  51. isCheck = true
  52. } else {
  53. isCheck = false
  54. }
  55. if utils.InArr(utils.IntToStr(v.Id), adminHasPermissionGroupIds) {
  56. isCheck = true
  57. }
  58. if v.State == enum.PermissionGroupStateForDiscard {
  59. isCheck = false
  60. }
  61. tempRespMap[utils.IntToStr(v.Id)] = &md.PermissionGroupListResp{
  62. Id: v.Id,
  63. Name: v.Name,
  64. Key: v.Key,
  65. State: v.State,
  66. ParentId: v.ParentId,
  67. CreateAt: v.CreateAt,
  68. UpdateAt: v.UpdateAt,
  69. IsCheck: isCheck,
  70. }
  71. tempRespMapKeys = append(tempRespMapKeys, utils.IntToStr(v.Id))
  72. }
  73. for _, v := range tempRespMap {
  74. if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId != 0 {
  75. tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)
  76. }
  77. }
  78. for _, v := range tempRespMap {
  79. if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId == 0 {
  80. tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)
  81. }
  82. }
  83. var resp []*md.PermissionGroupListResp
  84. for _, v := range tempRespMapKeys {
  85. if tempRespMap[v].ParentId == 0 {
  86. resp = append(resp, tempRespMap[v])
  87. }
  88. }
  89. e.OutSuc(c, map[string]interface{}{
  90. "list": resp,
  91. "state": []map[string]interface{}{
  92. {
  93. "name": enum.PermissionGroupState(enum.PermissionGroupStateForNormal).String(),
  94. "value": enum.PermissionGroupStateForNormal,
  95. },
  96. {
  97. "name": enum.PermissionGroupState(enum.PermissionGroupStateForDiscard).String(),
  98. "value": enum.PermissionGroupStateForDiscard,
  99. },
  100. },
  101. }, nil)
  102. return
  103. }
  104. type ImgReqUploadReq struct {
  105. FileName string `json:"file_name" binding:"required" example:"文件名"`
  106. ContentType string `json:"content_type,required" binding:"required" example:"image/jpeg"`
  107. }
  108. type ImgReqUploadResp struct {
  109. SignUrl string `json:"sign_url" example:"签名上传url"`
  110. }
  111. // GetOssUrl
  112. // @Summary 通用请求-对象存储-上传许可链接(获取)
  113. // @Tags 对象存储
  114. // @Description 上传许可链接(获取)
  115. // @Accept json
  116. // @Produce json
  117. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  118. // @Param req body comm.ImgReqUploadReq true "签名上传url"
  119. // @Success 200 {string} "许可链接"
  120. // @Failure 400 {object} md.Response "具体错误"
  121. // @Router /api/comm/getOssUrl [POST]
  122. func GetOssUrl(c *gin.Context) {
  123. var args ImgReqUploadReq
  124. err := c.ShouldBindJSON(&args)
  125. if err != nil {
  126. err = svc.HandleValidateErr(err)
  127. err1 := err.(e.E)
  128. e.OutErr(c, err1.Code, err1.Error())
  129. return
  130. }
  131. CommOss(c, args)
  132. }
  133. func CommOss(c *gin.Context, args ImgReqUploadReq) {
  134. redisConn := cache.GetPool().Get()
  135. sysCfgDb := implement.NewSysCfgDb(db.Db, redisConn)
  136. sysCfgs, err := sysCfgDb.SysCfgGetAll()
  137. if err != nil {
  138. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  139. return
  140. }
  141. if sysCfgs == nil {
  142. e.OutErr(c, e.ERR_CFG_CACHE, nil)
  143. return
  144. }
  145. cfgMap := make(map[string]string, len(*sysCfgs))
  146. for _, cfg := range *sysCfgs {
  147. cfgMap[cfg.Key] = cfg.Val
  148. }
  149. endpoint := cfgMap[enum2.AliyunOssEndpoint]
  150. bucketName := cfgMap[enum2.AliyunOssBucketName]
  151. ossBucketScheme := cfgMap[enum2.AliyunOssBucketScheme]
  152. accessKeyID := cfgMap[enum2.AliyunOssAccessKeyID]
  153. accessKeySecret := cfgMap[enum2.AliyunOssAccessKeySecret]
  154. // 创建OSSClient实例。
  155. client, err := oss.New(ossBucketScheme+"://"+endpoint, accessKeyID, accessKeySecret)
  156. if err != nil {
  157. e.OutErr(c, e.ERR, err.Error())
  158. return
  159. }
  160. // 获取存储空间。
  161. bucket, err := client.Bucket(bucketName)
  162. if err != nil {
  163. e.OutErr(c, e.ERR, err.Error())
  164. return
  165. }
  166. options := []oss.Option{
  167. oss.ContentType(args.ContentType),
  168. }
  169. signedURL, err := bucket.SignURL(args.FileName, oss.HTTPPut, 60*5, options...)
  170. if err != nil {
  171. e.OutErr(c, e.ERR_AES_ENCODE, err.Error())
  172. return
  173. }
  174. e.OutSuc(c, signedURL, nil)
  175. }
  176. const STSVoucherRedisKey = "STS_Voucher_Cache_Key"
  177. type GetSTSVoucherResp struct {
  178. STSToken sts20150401.AssumeRoleResponseBodyCredentials `json:"sts_token"` // STS 凭证
  179. Bucket string `json:"bucket"` // oss 桶名称
  180. Region string `json:"region"` // 所在地域
  181. }
  182. // GetSTSVoucher
  183. // @Summary 通用请求-对象存储-STS临时访问凭证(获取)
  184. // @Tags 对象存储
  185. // @Description STS临时访问凭证(获取)
  186. // @Accept json
  187. // @Produce json
  188. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  189. // @Success 200 {object} comm.GetSTSVoucherResp "凭证及其他信息"
  190. // @Failure 400 {object} md.Response "具体错误"
  191. // @Router /api/comm/getSTSVoucher [GET]
  192. func GetSTSVoucher(c *gin.Context) {
  193. redisConn := cache.GetPool().Get()
  194. sysCfgDb := implement.NewSysCfgDb(db.Db, redisConn)
  195. sysCfgs, err := sysCfgDb.SysCfgGetAll()
  196. if err != nil {
  197. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  198. return
  199. }
  200. if sysCfgs == nil {
  201. e.OutErr(c, e.ERR_CFG_CACHE, nil)
  202. return
  203. }
  204. cfgMap := make(map[string]string, len(*sysCfgs))
  205. for _, cfg := range *sysCfgs {
  206. cfgMap[cfg.Key] = cfg.Val
  207. }
  208. redisKey := STSVoucherRedisKey
  209. redisValue, err := cache.GetString(redisKey)
  210. if err != nil {
  211. if err.Error() == "redigo: nil returned" {
  212. endpoint := cfgMap[enum2.AliyunOssEndpoint]
  213. //assumeRoleAccessKeyID := cfgMap[enum2.AliyunOssAssumeRoleAccessKeyID]
  214. //assumeRoleAccessKeySecret := cfgMap[enum2.AliyunOssAssumeRoleAccessKeySecret]
  215. //assumeRoleARN := cfgMap[enum2.AliyunOssAssumeRoleARN]
  216. assumeRoleAccessKeyID := "LTAI5t7NtS83omCUZwBLQNU5"
  217. assumeRoleAccessKeySecret := "cMQyPeZIZJPt7bIwvMXHfKxoeFx09u"
  218. assumeRoleARN := "acs:ram::1319334214744861:role/ramosstest"
  219. roleSessionName := "STSRam"
  220. endpointList := strings.Split(endpoint, "-")
  221. stsEndPoint := fmt.Sprintf("sts.%s-%s", endpointList[1], endpointList[2])
  222. client, err := svc.CreateSTSClient(&assumeRoleAccessKeyID, &assumeRoleAccessKeySecret, &stsEndPoint)
  223. if err != nil {
  224. e.OutErr(c, e.ERR, err.Error())
  225. return
  226. }
  227. roleArn := assumeRoleARN
  228. fmt.Println(roleArn)
  229. durationSeconds := 3600
  230. assumeRoleResponse, err := svc.AssumeRole(client, &roleArn, &roleSessionName, int64(durationSeconds))
  231. if err != nil {
  232. e.OutErr(c, e.ERR, err.Error())
  233. return
  234. }
  235. CredentialsStr := utils.SerializeStr(assumeRoleResponse.Body.Credentials)
  236. // 提早 60s 释放,避免能拿到令牌但无法上传
  237. cache.SetEx(redisKey, CredentialsStr, durationSeconds-60)
  238. credentials := sts20150401.AssumeRoleResponseBodyCredentials{
  239. AccessKeyId: assumeRoleResponse.Body.Credentials.AccessKeyId,
  240. AccessKeySecret: assumeRoleResponse.Body.Credentials.AccessKeySecret,
  241. Expiration: assumeRoleResponse.Body.Credentials.Expiration,
  242. SecurityToken: assumeRoleResponse.Body.Credentials.SecurityToken,
  243. }
  244. bucket := cfgMap[enum2.AliyunOssBucketName]
  245. region := strings.Split(bucket, ".")[0]
  246. resp := GetSTSVoucherResp{
  247. STSToken: credentials,
  248. Bucket: bucket,
  249. Region: region,
  250. }
  251. e.OutSuc(c, resp, nil)
  252. } else {
  253. e.OutErr(c, e.ERR, nil)
  254. return
  255. }
  256. }
  257. var credentials sts20150401.AssumeRoleResponseBodyCredentials
  258. utils.Unserialize([]byte(redisValue), &credentials)
  259. bucket := cfgMap[enum2.AliyunOssBucketName]
  260. region := strings.Split(bucket, ".")[0]
  261. resp := GetSTSVoucherResp{
  262. STSToken: credentials,
  263. Bucket: bucket,
  264. Region: region,
  265. }
  266. e.OutSuc(c, resp, nil)
  267. return
  268. }