package svc import ( "applet/app/cfg" "applet/app/db" "applet/app/md" "applet/app/utils" "applet/app/utils/cache" "code.fnuoos.com/EggPlanet/egg_models.git/src/implement" "code.fnuoos.com/EggPlanet/egg_models.git/src/model" "encoding/json" "errors" "fmt" "github.com/gin-gonic/gin" "regexp" "strings" "time" ) func CheckUserRole(c *gin.Context, cacheKey, uri string, admId int) (isHasPermission bool, err error) { uri = utils.UriFilterExcludeQueryString(uri) // 去除uri中?后的query参数 isHasPermission = false var rolePermission []string var rolePermissionString string rolePermissionString, _ = cache.GetString(cacheKey) // TODO::判断是否在白名单中 if utils.InArr(uri, md.WhiteUri) { isHasPermission = true return } if rolePermissionString != "" { // if false { if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil { return } } else { adminDb := implement.NewAdminDb(db.Db) list, _, err1 := adminDb.GetAdminRolePermission(admId) if err1 != nil { return isHasPermission, err1 } for _, v := range list { rolePermission = append(rolePermission, v.Permission.Action) } marshal, err1 := json.Marshal(rolePermission) if err1 != nil { return isHasPermission, err1 } rolePermissionString = string(marshal) _, err = cache.SetEx(cacheKey, rolePermissionString, cfg.AdminRolePermissionCacheTime) } if utils.InArr(uri, rolePermission) { isHasPermission = true } else { // 正则匹配占位符情况 compileRegex := regexp.MustCompile("[0-9]+") matchArr := compileRegex.FindAllString(uri, -1) if len(matchArr) > 0 { uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1) if utils.InArr(uri, rolePermission) { isHasPermission = true } } } return } func DeleteRole(c *gin.Context, roleId int) (err error) { engine := db.Db session := engine.NewSession() defer session.Close() session.Begin() // 1、删除 `role` roleDb := implement.NewRoleDb(engine, roleId) _, err = roleDb.RoleDeleteBySession(session, roleId) if err != nil { _ = session.Rollback() return } // 2、删除 `role_permission_group` rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db) _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, roleId) if err != nil { _ = session.Rollback() return } // 3、删除 `admin_role` adminRoleDb := implement.NewAdminRoleDb(db.Db) _, err = adminRoleDb.AdminRoleDeleteForRoleBySession(session, roleId) if err != nil { _ = session.Rollback() return } return session.Commit() } func RoleBindPermissionGroup(req md.RoleBindPermissionGroupReq) (err error) { engine := db.Db session := engine.NewSession() defer session.Close() session.Begin() // 1、查询 `role` roleDb := implement.NewRoleDb(db.Db, req.RoleId) role, err := roleDb.GetRole() if err != nil { return } if role == nil { return errors.New("未查询到相应记录") } // 1、删除 `role_permission_group` rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db) _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, req.RoleId) if err != nil { _ = session.Rollback() return } // 2、新增 `role_permission_group`` var mm []*model.RolePermissionGroup now := time.Now() for _, v := range req.PermissionIds { mm = append(mm, &model.RolePermissionGroup{ RoleId: role.Id, GroupId: v, CreateAt: now.Format("2006-01-02 15:04:05"), UpdateAt: now.Format("2006-01-02 15:04:05"), }) } _, err = rolePermissionGroupDb.BatchAddRolePermissionGroupBySession(session, mm) if err != nil { _ = session.Rollback() return } session.Commit() var data []model.AdminRole engine.Where("role_id=?", role.Id).Find(&data) for _, v := range data { rolePermissionKey := fmt.Sprintf(cfg.AdminRolePermissionKey, utils.AnyToString(v.AdmId)) cache.Del(rolePermissionKey) } return nil } func BindAdminRole(c *gin.Context, req md.BindAdminRoleReq) (err error) { engine := db.Db session := engine.NewSession() defer session.Close() session.Begin() // 1、查询 `role` adminDb := implement.NewAdminDb(db.Db) role, err := adminDb.GetAdmin(req.AdmId) if err != nil { return } if role == nil { return errors.New("未查询到相应记录") } // 1、删除 `admin_role` adminRoleDb := implement.NewAdminRoleDb(db.Db) _, err = adminRoleDb.AdminRoleDeleteBySession(session, req.AdmId) if err != nil { _ = session.Rollback() return } // 2、新增 `删除 `admin_role`` var mm []*model.AdminRole now := time.Now() for _, v := range req.RoleIds { mm = append(mm, &model.AdminRole{ AdmId: req.AdmId, RoleId: v, State: 1, CreateAt: now.Format("2006-01-02 15:04:05"), UpdateAt: now.Format("2006-01-02 15:04:05"), }) } _, err = adminRoleDb.BatchAddAdminRoleBySession(session, mm) if err != nil { _ = session.Rollback() return } return session.Commit() } func AdminDelete(admIds []int) (err error) { engine := db.Db session := engine.NewSession() defer session.Close() session.Begin() //1、删除 `admin` adminDb := implement.NewAdminDb(engine) _, err = adminDb.AdminDeleteBySession(session, admIds) if err != nil { _ = session.Rollback() return } //2、删除 `admin_role` adminRoleDb := implement.NewAdminRoleDb(engine) _, err = adminRoleDb.AdminDeleteBySessionForAdmId(session, admIds) if err != nil { _ = session.Rollback() return } return session.Commit() }