EggPlanet
/
egg_admin
3
0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
蛋蛋星球 后台端
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
71 Комити
1 Грана
3.6 MiB
Дрво: d226e01d1b
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from 'd226e01d1b'
${ noResults }
egg_admin/app/svc/svc_role.go

svc_role.go 4.8 KiB
Датотека Normal View Историја

add 权限
пре 2 недеља
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195 
  1. package svc

  2. 

  3. import (

  4. 	"applet/app/db"

  5. 	"applet/app/md"

  6. 	"applet/app/utils"

  7. 	"applet/app/utils/cache"

  8. 	"code.fnuoos.com/EggPlanet/egg_models.git/src/implement"

  9. 	"code.fnuoos.com/EggPlanet/egg_models.git/src/model"

  10. 	"encoding/json"

  11. 	"errors"

  12. 	"fmt"

  13. 	"github.com/gin-gonic/gin"

  14. 	"regexp"

  15. 	"strings"

  16. 	"time"

  17. )

  18. 

  19. func CheckUserRole(c *gin.Context, cacheKey, uri string, admId int) (isHasPermission bool, err error) {

  20. 	uri = utils.UriFilterExcludeQueryString(uri) // 去除uri中?后的query参数

  21. 	isHasPermission = false

  22. 	var rolePermission []string

  23. 	var rolePermissionString string

  24. 	rolePermissionString, _ = cache.GetString(cacheKey)

  25. 

  26. 	// TODO::判断是否在白名单中

  27. 	if utils.InArr(uri, md.WhiteUri) {

  28. 		isHasPermission = true

  29. 		return

  30. 	}

  31. 

  32. 	if rolePermissionString != "" {

  33. 		// if false {

  34. 		if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil {

  35. 			return

  36. 		}

  37. 	} else {

  38. 		adminDb := implement.NewAdminDb(db.Db)

  39. 		list, _, err1 := adminDb.GetAdminRolePermission(admId)

  40. 		if err1 != nil {

  41. 			return isHasPermission, err1

  42. 		}

  43. 		for _, v := range list {

  44. 			rolePermission = append(rolePermission, v.Permission.Action)

  45. 		}

  46. 		marshal, err1 := json.Marshal(rolePermission)

  47. 		if err1 != nil {

  48. 			return isHasPermission, err1

  49. 		}

  50. 		rolePermissionString = string(marshal)

  51. 		_, err = cache.SetEx(cacheKey, rolePermissionString, md.AdminRolePermissionCacheTime)

  52. 	}

  53. 

  54. 	if utils.InArr(uri, rolePermission) {

  55. 		isHasPermission = true

  56. 	} else {

  57. 		// 正则匹配占位符情况

  58. 		compileRegex := regexp.MustCompile("[0-9]+")

  59. 		matchArr := compileRegex.FindAllString(uri, -1)

  60. 		if len(matchArr) > 0 {

  61. 			uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1)

  62. 			if utils.InArr(uri, rolePermission) {

  63. 				isHasPermission = true

  64. 			}

  65. 		}

  66. 	}

  67. 	return

  68. }

  69. 

  70. func DeleteRole(c *gin.Context, roleId int) (err error) {

  71. 	engine := db.Db

  72. 	session := engine.NewSession()

  73. 	defer session.Close()

  74. 	session.Begin()

  75. 

  76. 	// 1、删除 `role`

  77. 	roleDb := implement.NewRoleDb(engine, roleId)

  78. 	_, err = roleDb.RoleDeleteBySession(session, roleId)

  79. 	if err != nil {

  80. 		_ = session.Rollback()

  81. 		return

  82. 	}

  83. 

  84. 	// 2、删除 `role_permission_group`

  85. 	rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)

  86. 	_, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, roleId)

  87. 	if err != nil {

  88. 		_ = session.Rollback()

  89. 		return

  90. 	}

  91. 

  92. 	// 3、删除 `admin_role`

  93. 	adminRoleDb := implement.NewAdminRoleDb(db.Db)

  94. 	_, err = adminRoleDb.AdminRoleDeleteForRoleBySession(session, roleId)

  95. 	if err != nil {

  96. 		_ = session.Rollback()

  97. 		return

  98. 	}

  99. 

  100. 	return session.Commit()

  101. }

  102. 

  103. func RoleBindPermissionGroup(c *gin.Context, req md.RoleBindPermissionGroupReq) (err error) {

  104. 	engine := db.Db

  105. 	session := engine.NewSession()

  106. 	defer session.Close()

  107. 	session.Begin()

  108. 	// 1、查询 `role`

  109. 	roleDb := implement.NewRoleDb(db.Db, req.RoleId)

  110. 	role, err := roleDb.GetRole()

  111. 	if err != nil {

  112. 		return

  113. 	}

  114. 	if role == nil {

  115. 		return errors.New("未查询到相应记录")

  116. 	}

  117. 

  118. 	// 1、删除 `role_permission_group`

  119. 	rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)

  120. 	_, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, req.RoleId)

  121. 	if err != nil {

  122. 		_ = session.Rollback()

  123. 		return

  124. 	}

  125. 

  126. 	// 2、新增 `role_permission_group``

  127. 	var mm []*model.RolePermissionGroup

  128. 	now := time.Now()

  129. 	for _, v := range req.PermissionIds {

  130. 		mm = append(mm, &model.RolePermissionGroup{

  131. 			RoleId:   role.Id,

  132. 			GroupId:  v,

  133. 			CreateAt: now.Format("2006-01-02 15:04:05"),

  134. 			UpdateAt: now.Format("2006-01-02 15:04:05"),

  135. 		})

  136. 	}

  137. 	_, err = rolePermissionGroupDb.BatchAddRolePermissionGroupBySession(session, mm)

  138. 	if err != nil {

  139. 		_ = session.Rollback()

  140. 		return

  141. 	}

  142. 

  143. 	session.Commit()

  144. 	var data []model.AdminRole

  145. 	engine.Where("role_id=?", role.Id).Find(&data)

  146. 	for _, v := range data {

  147. 		rolePermissionKey := fmt.Sprintf(md.AdminRolePermissionKey, utils.AnyToString(v.AdmId))

  148. 		cache.Del(rolePermissionKey)

  149. 	}

  150. 	return nil

  151. }

  152. 

  153. func BindAdminRole(c *gin.Context, req md.BindAdminRoleReq) (err error) {

  154. 	engine := db.Db

  155. 	session := engine.NewSession()

  156. 	defer session.Close()

  157. 	session.Begin()

  158. 	// 1、查询 `role`

  159. 	adminDb := implement.NewAdminDb(db.Db)

  160. 	role, err := adminDb.GetAdmin(req.AdmId)

  161. 	if err != nil {

  162. 		return

  163. 	}

  164. 	if role == nil {

  165. 		return errors.New("未查询到相应记录")

  166. 	}

  167. 

  168. 	// 1、删除 `admin_role`

  169. 	adminRoleDb := implement.NewAdminRoleDb(db.Db)

  170. 	_, err = adminRoleDb.AdminRoleDeleteBySession(session, req.AdmId)

  171. 	if err != nil {

  172. 		_ = session.Rollback()

  173. 		return

  174. 	}

  175. 

  176. 	// 2、新增 `删除 `admin_role``

  177. 	var mm []*model.AdminRole

  178. 	now := time.Now()

  179. 	for _, v := range req.RoleIds {

  180. 		mm = append(mm, &model.AdminRole{

  181. 			AdmId:    req.AdmId,

  182. 			RoleId:   v,

  183. 			State:    1,

  184. 			CreateAt: now.Format("2006-01-02 15:04:05"),

  185. 			UpdateAt: now.Format("2006-01-02 15:04:05"),

  186. 		})

  187. 	}

  188. 	_, err = adminRoleDb.BatchAddAdminRoleBySession(session, mm)

  189. 	if err != nil {

  190. 		_ = session.Rollback()

  191. 		return

  192. 	}

  193. 

  194. 	return session.Commit()

  195. }