蛋蛋星球 后台端
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
 
 
 
 

340 linhas
10 KiB

  1. package comm
  2. import (
  3. "applet/app/db"
  4. "applet/app/e"
  5. "applet/app/enum"
  6. "applet/app/md"
  7. "applet/app/svc"
  8. "applet/app/utils"
  9. "applet/app/utils/cache"
  10. "code.fnuoos.com/EggPlanet/egg_models.git/src/implement"
  11. enum2 "code.fnuoos.com/EggPlanet/egg_system_rules.git/enum"
  12. "fmt"
  13. sts20150401 "github.com/alibabacloud-go/sts-20150401/v2/client"
  14. "github.com/aliyun/aliyun-oss-go-sdk/oss"
  15. "github.com/gin-gonic/gin"
  16. "strings"
  17. )
  18. // MenuList
  19. // @Summary 通用请求-权限列表-菜单栏列表(获取)
  20. // @Tags 权限列表
  21. // @Description 菜单栏列表(获取)
  22. // @Accept json
  23. // @Produce json
  24. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  25. // @Success 200 {object} map[string]interface{} "具体路由"
  26. // @Failure 400 {object} md.Response "具体错误"
  27. // @Router /api/comm/getMenuList [POST]
  28. func MenuList(c *gin.Context) {
  29. engine := db.Db
  30. admin := svc.GetUser(c)
  31. qrcodeWithBatchRecordsDb := implement.NewPermissionGroupDb(engine)
  32. groupList, err := qrcodeWithBatchRecordsDb.FindPermissionGroup()
  33. if err != nil {
  34. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  35. return
  36. }
  37. // 1、查询出当前用户所有角色
  38. adminRoleDb := implement.NewAdminRoleDb(engine)
  39. roles, err := adminRoleDb.FindAdminRole(admin.AdmId)
  40. if err != nil {
  41. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  42. return
  43. }
  44. roleDb := implement.NewRoleDb(engine, 0)
  45. var adminHasPermissionGroupIds []string
  46. for _, v := range *roles {
  47. list, _, err1 := roleDb.FindPermissionGroupByRole(v.RoleId)
  48. if err1 != nil {
  49. e.OutErr(c, e.ERR_DB_ORM, err1.Error())
  50. return
  51. }
  52. for _, v1 := range list {
  53. adminHasPermissionGroupIds = append(adminHasPermissionGroupIds, utils.IntToStr(v1.PermissionGroup.Id))
  54. }
  55. }
  56. var tempRespMap = map[string]*md.PermissionGroupListResp{}
  57. var tempRespMapKeys []string
  58. for _, v := range *groupList {
  59. var isCheck bool
  60. if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure {
  61. isCheck = true
  62. } else {
  63. isCheck = false
  64. }
  65. if utils.InArr(utils.IntToStr(v.Id), adminHasPermissionGroupIds) {
  66. isCheck = true
  67. }
  68. if v.State == enum.PermissionGroupStateForDiscard {
  69. isCheck = false
  70. }
  71. tempRespMap[utils.IntToStr(v.Id)] = &md.PermissionGroupListResp{
  72. Id: v.Id,
  73. Name: v.Name,
  74. Key: v.Key,
  75. State: v.State,
  76. ParentId: v.ParentId,
  77. CreateAt: v.CreateAt,
  78. UpdateAt: v.UpdateAt,
  79. IsCheck: isCheck,
  80. }
  81. tempRespMapKeys = append(tempRespMapKeys, utils.IntToStr(v.Id))
  82. }
  83. for _, v := range tempRespMap {
  84. if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId != 0 {
  85. tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)
  86. }
  87. }
  88. for _, v := range tempRespMap {
  89. if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId == 0 {
  90. tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)
  91. }
  92. }
  93. var resp []*md.PermissionGroupListResp
  94. for _, v := range tempRespMapKeys {
  95. if tempRespMap[v].ParentId == 0 {
  96. resp = append(resp, tempRespMap[v])
  97. }
  98. }
  99. e.OutSuc(c, map[string]interface{}{
  100. "list": resp,
  101. "state": []map[string]interface{}{
  102. {
  103. "name": enum.PermissionGroupState(enum.PermissionGroupStateForNormal).String(),
  104. "value": enum.PermissionGroupStateForNormal,
  105. },
  106. {
  107. "name": enum.PermissionGroupState(enum.PermissionGroupStateForDiscard).String(),
  108. "value": enum.PermissionGroupStateForDiscard,
  109. },
  110. },
  111. }, nil)
  112. return
  113. }
  114. type ImgReqUploadReq struct {
  115. FileName string `json:"file_name" binding:"required" example:"文件名"`
  116. ContentType string `json:"content_type,required" binding:"required" example:"image/jpeg"`
  117. }
  118. type ImgReqUploadResp struct {
  119. SignUrl string `json:"sign_url" example:"签名上传url"`
  120. }
  121. // GetOssUrl
  122. // @Summary 通用请求-对象存储-上传许可链接(获取)
  123. // @Tags 对象存储
  124. // @Description 上传许可链接(获取)
  125. // @Accept json
  126. // @Produce json
  127. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  128. // @Param req body comm.ImgReqUploadReq true "签名上传url"
  129. // @Success 200 {string} "许可链接"
  130. // @Failure 400 {object} md.Response "具体错误"
  131. // @Router /api/comm/getOssUrl [POST]
  132. func GetOssUrl(c *gin.Context) {
  133. var args ImgReqUploadReq
  134. err := c.ShouldBindJSON(&args)
  135. if err != nil {
  136. err = svc.HandleValidateErr(err)
  137. err1 := err.(e.E)
  138. e.OutErr(c, err1.Code, err1.Error())
  139. return
  140. }
  141. CommOss(c, args)
  142. }
  143. func CommOss(c *gin.Context, args ImgReqUploadReq) {
  144. redisConn := cache.GetPool().Get()
  145. sysCfgDb := implement.NewSysCfgDb(db.Db, redisConn)
  146. sysCfgs, err := sysCfgDb.SysCfgGetAll()
  147. if err != nil {
  148. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  149. return
  150. }
  151. if sysCfgs == nil {
  152. e.OutErr(c, e.ERR_CFG_CACHE, nil)
  153. return
  154. }
  155. cfgMap := make(map[string]string, len(*sysCfgs))
  156. for _, cfg := range *sysCfgs {
  157. cfgMap[cfg.Key] = cfg.Val
  158. }
  159. endpoint := cfgMap[enum2.AliyunOssEndpoint]
  160. bucketName := cfgMap[enum2.AliyunOssBucketName]
  161. ossBucketScheme := cfgMap[enum2.AliyunOssBucketScheme]
  162. accessKeyID := cfgMap[enum2.AliyunOssAccessKeyID]
  163. accessKeySecret := cfgMap[enum2.AliyunOssAccessKeySecret]
  164. // 创建OSSClient实例。
  165. client, err := oss.New(ossBucketScheme+"://"+endpoint, accessKeyID, accessKeySecret)
  166. if err != nil {
  167. e.OutErr(c, e.ERR, err.Error())
  168. return
  169. }
  170. // 获取存储空间。
  171. bucket, err := client.Bucket(bucketName)
  172. if err != nil {
  173. e.OutErr(c, e.ERR, err.Error())
  174. return
  175. }
  176. options := []oss.Option{
  177. oss.ContentType(args.ContentType),
  178. }
  179. signedURL, err := bucket.SignURL(args.FileName, oss.HTTPPut, 60*5, options...)
  180. if err != nil {
  181. e.OutErr(c, e.ERR_AES_ENCODE, err.Error())
  182. return
  183. }
  184. e.OutSuc(c, signedURL, nil)
  185. }
  186. const STSVoucherRedisKey = "STS_Voucher_Cache_Key"
  187. type GetSTSVoucherResp struct {
  188. STSToken sts20150401.AssumeRoleResponseBodyCredentials `json:"sts_token"` // STS 凭证
  189. Bucket string `json:"bucket"` // oss 桶名称
  190. Region string `json:"region"` // 所在地域
  191. }
  192. // GetSTSVoucher
  193. // @Summary 通用请求-打包机使用-STS临时访问凭证(获取)
  194. // @Tags 打包机使用
  195. // @Description STS临时访问凭证(获取)
  196. // @Accept json
  197. // @Produce json
  198. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  199. // @Success 200 {object} comm.GetSTSVoucherResp "凭证及其他信息"
  200. // @Failure 400 {object} md.Response "具体错误"
  201. // @Router /api/getSTSVoucher [GET]
  202. func GetSTSVoucher(c *gin.Context) {
  203. redisConn := cache.GetPool().Get()
  204. sysCfgDb := implement.NewSysCfgDb(db.Db, redisConn)
  205. sysCfgs, err := sysCfgDb.SysCfgGetAll()
  206. if err != nil {
  207. e.OutErr(c, e.ERR_DB_ORM, err.Error())
  208. return
  209. }
  210. if sysCfgs == nil {
  211. e.OutErr(c, e.ERR_CFG_CACHE, nil)
  212. return
  213. }
  214. cfgMap := make(map[string]string, len(*sysCfgs))
  215. for _, cfg := range *sysCfgs {
  216. cfgMap[cfg.Key] = cfg.Val
  217. }
  218. endpoint := cfgMap[enum2.AliyunOssEndpoint]
  219. redisKey := STSVoucherRedisKey
  220. redisValue, err := cache.GetString(redisKey)
  221. if err != nil {
  222. if err.Error() == "redigo: nil returned" {
  223. assumeRoleAccessKeyID := cfgMap[enum2.AliyunOssAssumeRoleAccessKeyID]
  224. assumeRoleAccessKeySecret := cfgMap[enum2.AliyunOssAssumeRoleAccessKeySecret]
  225. assumeRoleARN := cfgMap[enum2.AliyunOssAssumeRoleARN]
  226. roleSessionName := "STSRam"
  227. endpointList := strings.Split(endpoint, "-")
  228. stsEndPoint := fmt.Sprintf("sts.%s-%s", endpointList[1], endpointList[2])
  229. client, err := svc.CreateSTSClient(&assumeRoleAccessKeyID, &assumeRoleAccessKeySecret, &stsEndPoint)
  230. if err != nil {
  231. e.OutErr(c, e.ERR, err.Error())
  232. return
  233. }
  234. roleArn := assumeRoleARN
  235. durationSeconds := 3600
  236. assumeRoleResponse, err := svc.AssumeRole(client, &roleArn, &roleSessionName, int64(durationSeconds))
  237. if err != nil {
  238. e.OutErr(c, e.ERR, err.Error())
  239. return
  240. }
  241. CredentialsStr := utils.SerializeStr(assumeRoleResponse.Body.Credentials)
  242. // 提早 60s 释放,避免能拿到令牌但无法上传
  243. cache.SetEx(redisKey, CredentialsStr, durationSeconds-60)
  244. credentials := sts20150401.AssumeRoleResponseBodyCredentials{
  245. AccessKeyId: assumeRoleResponse.Body.Credentials.AccessKeyId,
  246. AccessKeySecret: assumeRoleResponse.Body.Credentials.AccessKeySecret,
  247. Expiration: assumeRoleResponse.Body.Credentials.Expiration,
  248. SecurityToken: assumeRoleResponse.Body.Credentials.SecurityToken,
  249. }
  250. bucket := cfgMap[enum2.AliyunOssBucketName]
  251. region := strings.Split(endpoint, ".")[0]
  252. resp := GetSTSVoucherResp{
  253. STSToken: credentials,
  254. Bucket: bucket,
  255. Region: region,
  256. }
  257. e.OutSuc(c, resp, nil)
  258. return
  259. } else {
  260. e.OutErr(c, e.ERR, nil)
  261. return
  262. }
  263. }
  264. var credentials sts20150401.AssumeRoleResponseBodyCredentials
  265. utils.Unserialize([]byte(redisValue), &credentials)
  266. bucket := cfgMap[enum2.AliyunOssBucketName]
  267. region := strings.Split(endpoint, ".")[0]
  268. resp := GetSTSVoucherResp{
  269. STSToken: credentials,
  270. Bucket: bucket,
  271. Region: region,
  272. }
  273. e.OutSuc(c, resp, nil)
  274. return
  275. }
  276. type GetAdminInfoResp struct {
  277. AdmId int `json:"adm_id"` // 管理员id
  278. Username string `json:"username"` // 用户名
  279. State int `json:"state"` // 状态(1:正常 2:冻结)
  280. IsSuperAdministrator int `json:"is_super_administrator"` // 是否为超级管理员(0:否 1:是)
  281. Memo string `json:"memo"` // 备注信息
  282. }
  283. // GetAdminInfo
  284. // @Summary 通用请求-获取管理员信息
  285. // @Tags 通用请求
  286. // @Description 获取管理员信息
  287. // @Accept json
  288. // @Produce json
  289. // @param Authorization header string true "验证参数Bearer和token空格拼接"
  290. // @Success 200 {object} GetAdminInfoResp "管理员信息"
  291. // @Failure 400 {object} md.Response "具体错误"
  292. // @Router /api/comm/adminInfo [POST]
  293. func GetAdminInfo(c *gin.Context) {
  294. admin := svc.GetUser(c)
  295. resp := GetAdminInfoResp{
  296. AdmId: admin.AdmId,
  297. Username: admin.Username,
  298. State: admin.State,
  299. IsSuperAdministrator: admin.IsSuperAdministrator,
  300. Memo: admin.Memo,
  301. }
  302. e.OutSuc(c, resp, nil)
  303. }