|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220 |
- package svc
-
- import (
- "applet/app/cfg"
- "applet/app/db"
- "applet/app/md"
- "applet/app/utils"
- "applet/app/utils/cache"
- "code.fnuoos.com/EggPlanet/egg_models.git/src/implement"
- "code.fnuoos.com/EggPlanet/egg_models.git/src/model"
- "encoding/json"
- "errors"
- "fmt"
- "github.com/gin-gonic/gin"
- "regexp"
- "strings"
- "time"
- )
-
- func CheckUserRole(c *gin.Context, cacheKey, uri string, admId int) (isHasPermission bool, err error) {
- uri = utils.UriFilterExcludeQueryString(uri)
- isHasPermission = false
- var rolePermission []string
- var rolePermissionString string
- rolePermissionString, _ = cache.GetString(cacheKey)
-
-
- if utils.InArr(uri, md.WhiteUri) {
- isHasPermission = true
- return
- }
-
- if rolePermissionString != "" {
-
- if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil {
- return
- }
- } else {
- adminDb := implement.NewAdminDb(db.Db)
- list, _, err1 := adminDb.GetAdminRolePermission(admId)
- if err1 != nil {
- return isHasPermission, err1
- }
- for _, v := range list {
- rolePermission = append(rolePermission, v.Permission.Action)
- }
- marshal, err1 := json.Marshal(rolePermission)
- if err1 != nil {
- return isHasPermission, err1
- }
- rolePermissionString = string(marshal)
- _, err = cache.SetEx(cacheKey, rolePermissionString, cfg.AdminRolePermissionCacheTime)
- }
-
- if utils.InArr(uri, rolePermission) {
- isHasPermission = true
- } else {
-
- compileRegex := regexp.MustCompile("[0-9]+")
- matchArr := compileRegex.FindAllString(uri, -1)
- if len(matchArr) > 0 {
- uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1)
- if utils.InArr(uri, rolePermission) {
- isHasPermission = true
- }
- }
- }
- return
- }
-
- func DeleteRole(c *gin.Context, roleId int) (err error) {
- engine := db.Db
- session := engine.NewSession()
- defer session.Close()
- session.Begin()
-
-
- roleDb := implement.NewRoleDb(engine, roleId)
- _, err = roleDb.RoleDeleteBySession(session, roleId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
-
- rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
- _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, roleId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
-
- adminRoleDb := implement.NewAdminRoleDb(db.Db)
- _, err = adminRoleDb.AdminRoleDeleteForRoleBySession(session, roleId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- return session.Commit()
- }
-
- func RoleBindPermissionGroup(req md.RoleBindPermissionGroupReq) (err error) {
- engine := db.Db
- session := engine.NewSession()
- defer session.Close()
- session.Begin()
-
- roleDb := implement.NewRoleDb(db.Db, req.RoleId)
- role, err := roleDb.GetRole()
- if err != nil {
- return
- }
- if role == nil {
- return errors.New("未查询到相应记录")
- }
-
-
- rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
- _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, req.RoleId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
-
- var mm []*model.RolePermissionGroup
- now := time.Now()
- for _, v := range req.PermissionIds {
- mm = append(mm, &model.RolePermissionGroup{
- RoleId: role.Id,
- GroupId: v,
- CreateAt: now.Format("2006-01-02 15:04:05"),
- UpdateAt: now.Format("2006-01-02 15:04:05"),
- })
- }
- _, err = rolePermissionGroupDb.BatchAddRolePermissionGroupBySession(session, mm)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- session.Commit()
- var data []model.AdminRole
- engine.Where("role_id=?", role.Id).Find(&data)
- for _, v := range data {
- rolePermissionKey := fmt.Sprintf(cfg.AdminRolePermissionKey, utils.AnyToString(v.AdmId))
- cache.Del(rolePermissionKey)
- }
- return nil
- }
-
- func BindAdminRole(c *gin.Context, req md.BindAdminRoleReq) (err error) {
- engine := db.Db
- session := engine.NewSession()
- defer session.Close()
- session.Begin()
-
- adminDb := implement.NewAdminDb(db.Db)
- role, err := adminDb.GetAdmin(req.AdmId)
- if err != nil {
- return
- }
- if role == nil {
- return errors.New("未查询到相应记录")
- }
-
-
- adminRoleDb := implement.NewAdminRoleDb(db.Db)
- _, err = adminRoleDb.AdminRoleDeleteBySession(session, req.AdmId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
-
- var mm []*model.AdminRole
- now := time.Now()
- for _, v := range req.RoleIds {
- mm = append(mm, &model.AdminRole{
- AdmId: req.AdmId,
- RoleId: v,
- State: 1,
- CreateAt: now.Format("2006-01-02 15:04:05"),
- UpdateAt: now.Format("2006-01-02 15:04:05"),
- })
- }
- _, err = adminRoleDb.BatchAddAdminRoleBySession(session, mm)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- return session.Commit()
- }
-
- func AdminDelete(admIds []int) (err error) {
- engine := db.Db
- session := engine.NewSession()
- defer session.Close()
- session.Begin()
-
- adminDb := implement.NewAdminDb(engine)
- _, err = adminDb.AdminDeleteBySession(session, admIds)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
-
- adminRoleDb := implement.NewAdminRoleDb(engine)
- _, err = adminRoleDb.AdminDeleteBySessionForAdmId(session, admIds)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- return session.Commit()
- }
|