|
- package svc
-
- import (
- "applet/app/cfg"
- "applet/app/db"
- "applet/app/md"
- "applet/app/utils"
- "applet/app/utils/cache"
- "code.fnuoos.com/EggPlanet/egg_models.git/src/implement"
- "code.fnuoos.com/EggPlanet/egg_models.git/src/model"
- "encoding/json"
- "errors"
- "fmt"
- "github.com/gin-gonic/gin"
- "regexp"
- "strings"
- "time"
- )
-
- func CheckUserRole(c *gin.Context, cacheKey, uri string, admId int) (isHasPermission bool, err error) {
- uri = utils.UriFilterExcludeQueryString(uri) // 去除uri中?后的query参数
- isHasPermission = false
- var rolePermission []string
- var rolePermissionString string
- rolePermissionString, _ = cache.GetString(cacheKey)
-
- // TODO::判断是否在白名单中
- if utils.InArr(uri, md.WhiteUri) {
- isHasPermission = true
- return
- }
-
- if rolePermissionString != "" {
- // if false {
- if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil {
- return
- }
- } else {
- adminDb := implement.NewAdminDb(db.Db)
- list, _, err1 := adminDb.GetAdminRolePermission(admId)
- if err1 != nil {
- return isHasPermission, err1
- }
- for _, v := range list {
- rolePermission = append(rolePermission, v.Permission.Action)
- }
- marshal, err1 := json.Marshal(rolePermission)
- if err1 != nil {
- return isHasPermission, err1
- }
- rolePermissionString = string(marshal)
- _, err = cache.SetEx(cacheKey, rolePermissionString, cfg.AdminRolePermissionCacheTime)
- }
-
- if utils.InArr(uri, rolePermission) {
- isHasPermission = true
- } else {
- // 正则匹配占位符情况
- compileRegex := regexp.MustCompile("[0-9]+")
- matchArr := compileRegex.FindAllString(uri, -1)
- if len(matchArr) > 0 {
- uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1)
- if utils.InArr(uri, rolePermission) {
- isHasPermission = true
- }
- }
- }
- return
- }
-
- func DeleteRole(c *gin.Context, roleId int) (err error) {
- engine := db.Db
- session := engine.NewSession()
- defer session.Close()
- session.Begin()
-
- // 1、删除 `role`
- roleDb := implement.NewRoleDb(engine, roleId)
- _, err = roleDb.RoleDeleteBySession(session, roleId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- // 2、删除 `role_permission_group`
- rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
- _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, roleId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- // 3、删除 `admin_role`
- adminRoleDb := implement.NewAdminRoleDb(db.Db)
- _, err = adminRoleDb.AdminRoleDeleteForRoleBySession(session, roleId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- return session.Commit()
- }
-
- func RoleBindPermissionGroup(req md.RoleBindPermissionGroupReq) (err error) {
- engine := db.Db
- session := engine.NewSession()
- defer session.Close()
- session.Begin()
- // 1、查询 `role`
- roleDb := implement.NewRoleDb(db.Db, req.RoleId)
- role, err := roleDb.GetRole()
- if err != nil {
- return
- }
- if role == nil {
- return errors.New("未查询到相应记录")
- }
-
- // 1、删除 `role_permission_group`
- rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
- _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, req.RoleId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- // 2、新增 `role_permission_group``
- var mm []*model.RolePermissionGroup
- now := time.Now()
- for _, v := range req.PermissionIds {
- mm = append(mm, &model.RolePermissionGroup{
- RoleId: role.Id,
- GroupId: v,
- CreateAt: now.Format("2006-01-02 15:04:05"),
- UpdateAt: now.Format("2006-01-02 15:04:05"),
- })
- }
- _, err = rolePermissionGroupDb.BatchAddRolePermissionGroupBySession(session, mm)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- session.Commit()
- var data []model.AdminRole
- engine.Where("role_id=?", role.Id).Find(&data)
- for _, v := range data {
- rolePermissionKey := fmt.Sprintf(cfg.AdminRolePermissionKey, utils.AnyToString(v.AdmId))
- cache.Del(rolePermissionKey)
- }
- return nil
- }
-
- func BindAdminRole(c *gin.Context, req md.BindAdminRoleReq) (err error) {
- engine := db.Db
- session := engine.NewSession()
- defer session.Close()
- session.Begin()
- // 1、查询 `role`
- adminDb := implement.NewAdminDb(db.Db)
- role, err := adminDb.GetAdmin(req.AdmId)
- if err != nil {
- return
- }
- if role == nil {
- return errors.New("未查询到相应记录")
- }
-
- // 1、删除 `admin_role`
- adminRoleDb := implement.NewAdminRoleDb(db.Db)
- _, err = adminRoleDb.AdminRoleDeleteBySession(session, req.AdmId)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- // 2、新增 `删除 `admin_role``
- var mm []*model.AdminRole
- now := time.Now()
- for _, v := range req.RoleIds {
- mm = append(mm, &model.AdminRole{
- AdmId: req.AdmId,
- RoleId: v,
- State: 1,
- CreateAt: now.Format("2006-01-02 15:04:05"),
- UpdateAt: now.Format("2006-01-02 15:04:05"),
- })
- }
- _, err = adminRoleDb.BatchAddAdminRoleBySession(session, mm)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- return session.Commit()
- }
-
- func AdminDelete(admIds []int) (err error) {
- engine := db.Db
- session := engine.NewSession()
- defer session.Close()
- session.Begin()
- //1、删除 `admin`
- adminDb := implement.NewAdminDb(engine)
- _, err = adminDb.AdminDeleteBySession(session, admIds)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- //2、删除 `admin_role`
- adminRoleDb := implement.NewAdminRoleDb(engine)
- _, err = adminRoleDb.AdminDeleteBySessionForAdmId(session, admIds)
- if err != nil {
- _ = session.Rollback()
- return
- }
-
- return session.Commit()
- }
|