蛋蛋星球 后台端
No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
 
 
 
 
 

196 líneas
4.8 KiB

  1. package svc
  2. import (
  3. "applet/app/db"
  4. "applet/app/md"
  5. "applet/app/utils"
  6. "applet/app/utils/cache"
  7. "code.fnuoos.com/EggPlanet/egg_models.git/src/implement"
  8. "code.fnuoos.com/EggPlanet/egg_models.git/src/model"
  9. "encoding/json"
  10. "errors"
  11. "fmt"
  12. "github.com/gin-gonic/gin"
  13. "regexp"
  14. "strings"
  15. "time"
  16. )
  17. func CheckUserRole(c *gin.Context, cacheKey, uri string, admId int) (isHasPermission bool, err error) {
  18. uri = utils.UriFilterExcludeQueryString(uri) // 去除uri中?后的query参数
  19. isHasPermission = false
  20. var rolePermission []string
  21. var rolePermissionString string
  22. rolePermissionString, _ = cache.GetString(cacheKey)
  23. // TODO::判断是否在白名单中
  24. if utils.InArr(uri, md.WhiteUri) {
  25. isHasPermission = true
  26. return
  27. }
  28. if rolePermissionString != "" {
  29. // if false {
  30. if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil {
  31. return
  32. }
  33. } else {
  34. adminDb := implement.NewAdminDb(db.Db)
  35. list, _, err1 := adminDb.GetAdminRolePermission(admId)
  36. if err1 != nil {
  37. return isHasPermission, err1
  38. }
  39. for _, v := range list {
  40. rolePermission = append(rolePermission, v.Permission.Action)
  41. }
  42. marshal, err1 := json.Marshal(rolePermission)
  43. if err1 != nil {
  44. return isHasPermission, err1
  45. }
  46. rolePermissionString = string(marshal)
  47. _, err = cache.SetEx(cacheKey, rolePermissionString, md.AdminRolePermissionCacheTime)
  48. }
  49. if utils.InArr(uri, rolePermission) {
  50. isHasPermission = true
  51. } else {
  52. // 正则匹配占位符情况
  53. compileRegex := regexp.MustCompile("[0-9]+")
  54. matchArr := compileRegex.FindAllString(uri, -1)
  55. if len(matchArr) > 0 {
  56. uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1)
  57. if utils.InArr(uri, rolePermission) {
  58. isHasPermission = true
  59. }
  60. }
  61. }
  62. return
  63. }
  64. func DeleteRole(c *gin.Context, roleId int) (err error) {
  65. engine := db.Db
  66. session := engine.NewSession()
  67. defer session.Close()
  68. session.Begin()
  69. // 1、删除 `role`
  70. roleDb := implement.NewRoleDb(engine, roleId)
  71. _, err = roleDb.RoleDeleteBySession(session, roleId)
  72. if err != nil {
  73. _ = session.Rollback()
  74. return
  75. }
  76. // 2、删除 `role_permission_group`
  77. rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
  78. _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, roleId)
  79. if err != nil {
  80. _ = session.Rollback()
  81. return
  82. }
  83. // 3、删除 `admin_role`
  84. adminRoleDb := implement.NewAdminRoleDb(db.Db)
  85. _, err = adminRoleDb.AdminRoleDeleteForRoleBySession(session, roleId)
  86. if err != nil {
  87. _ = session.Rollback()
  88. return
  89. }
  90. return session.Commit()
  91. }
  92. func RoleBindPermissionGroup(c *gin.Context, req md.RoleBindPermissionGroupReq) (err error) {
  93. engine := db.Db
  94. session := engine.NewSession()
  95. defer session.Close()
  96. session.Begin()
  97. // 1、查询 `role`
  98. roleDb := implement.NewRoleDb(db.Db, req.RoleId)
  99. role, err := roleDb.GetRole()
  100. if err != nil {
  101. return
  102. }
  103. if role == nil {
  104. return errors.New("未查询到相应记录")
  105. }
  106. // 1、删除 `role_permission_group`
  107. rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
  108. _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, req.RoleId)
  109. if err != nil {
  110. _ = session.Rollback()
  111. return
  112. }
  113. // 2、新增 `role_permission_group``
  114. var mm []*model.RolePermissionGroup
  115. now := time.Now()
  116. for _, v := range req.PermissionIds {
  117. mm = append(mm, &model.RolePermissionGroup{
  118. RoleId: role.Id,
  119. GroupId: v,
  120. CreateAt: now.Format("2006-01-02 15:04:05"),
  121. UpdateAt: now.Format("2006-01-02 15:04:05"),
  122. })
  123. }
  124. _, err = rolePermissionGroupDb.BatchAddRolePermissionGroupBySession(session, mm)
  125. if err != nil {
  126. _ = session.Rollback()
  127. return
  128. }
  129. session.Commit()
  130. var data []model.AdminRole
  131. engine.Where("role_id=?", role.Id).Find(&data)
  132. for _, v := range data {
  133. rolePermissionKey := fmt.Sprintf(md.AdminRolePermissionKey, utils.AnyToString(v.AdmId))
  134. cache.Del(rolePermissionKey)
  135. }
  136. return nil
  137. }
  138. func BindAdminRole(c *gin.Context, req md.BindAdminRoleReq) (err error) {
  139. engine := db.Db
  140. session := engine.NewSession()
  141. defer session.Close()
  142. session.Begin()
  143. // 1、查询 `role`
  144. adminDb := implement.NewAdminDb(db.Db)
  145. role, err := adminDb.GetAdmin(req.AdmId)
  146. if err != nil {
  147. return
  148. }
  149. if role == nil {
  150. return errors.New("未查询到相应记录")
  151. }
  152. // 1、删除 `admin_role`
  153. adminRoleDb := implement.NewAdminRoleDb(db.Db)
  154. _, err = adminRoleDb.AdminRoleDeleteBySession(session, req.AdmId)
  155. if err != nil {
  156. _ = session.Rollback()
  157. return
  158. }
  159. // 2、新增 `删除 `admin_role``
  160. var mm []*model.AdminRole
  161. now := time.Now()
  162. for _, v := range req.RoleIds {
  163. mm = append(mm, &model.AdminRole{
  164. AdmId: req.AdmId,
  165. RoleId: v,
  166. State: 1,
  167. CreateAt: now.Format("2006-01-02 15:04:05"),
  168. UpdateAt: now.Format("2006-01-02 15:04:05"),
  169. })
  170. }
  171. _, err = adminRoleDb.BatchAddAdminRoleBySession(session, mm)
  172. if err != nil {
  173. _ = session.Rollback()
  174. return
  175. }
  176. return session.Commit()
  177. }