EggPlanet
/
egg_admin
3
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
蛋蛋星球 后台端
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
532 Commits
1 Branch
15 MiB
 
 
 
 
Tree: 3cc7f19880
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3cc7f19880'
${ noResults }
egg_admin/app/hdl/comm/hdl_comm.go

345 lines
10 KiB
Raw Blame History 

  1. package comm

  2. 

  3. import (

  4. 	"applet/app/cfg"

  5. 	"applet/app/db"

  6. 	"applet/app/e"

  7. 	"applet/app/enum"

  8. 	"applet/app/md"

  9. 	"applet/app/svc"

  10. 	"applet/app/svc/sys_cfg"

  11. 	"applet/app/utils"

  12. 	"applet/app/utils/cache"

  13. 	"code.fnuoos.com/EggPlanet/egg_models.git/src/implement"

  14. 	enum2 "code.fnuoos.com/EggPlanet/egg_system_rules.git/enum"

  15. 	"fmt"

  16. 	sts20150401 "github.com/alibabacloud-go/sts-20150401/v2/client"

  17. 	"github.com/aliyun/aliyun-oss-go-sdk/oss"

  18. 	"github.com/gin-gonic/gin"

  19. 	"os"

  20. 	"strings"

  21. )

  22. 

  23. // MenuList

  24. // @Summary      通用请求-权限列表-菜单栏列表(获取)

  25. // @Tags         权限列表

  26. // @Description  菜单栏列表(获取)

  27. // @Accept       json

  28. // @Produce      json

  29. // @param Authorization header string true "验证参数Bearer和token空格拼接"

  30. // @Success      200   {object}    map[string]interface{}	"具体路由"

  31. // @Failure      400   {object}   md.Response              	"具体错误"

  32. // @Router       /api/comm/getMenuList [POST]

  33. func MenuList(c *gin.Context) {

  34. 	engine := db.Db

  35. 	admin := svc.GetUser(c)

  36. 	qrcodeWithBatchRecordsDb := implement.NewPermissionGroupDb(engine)

  37. 	groupList, err := qrcodeWithBatchRecordsDb.FindPermissionGroup()

  38. 	if err != nil {

  39. 		e.OutErr(c, e.ERR_DB_ORM, err.Error())

  40. 		return

  41. 	}

  42. 

  43. 	// 1、查询出当前用户所有角色

  44. 	adminRoleDb := implement.NewAdminRoleDb(engine)

  45. 	roles, err := adminRoleDb.FindAdminRole(admin.AdmId)

  46. 	if err != nil {

  47. 		e.OutErr(c, e.ERR_DB_ORM, err.Error())

  48. 		return

  49. 	}

  50. 

  51. 	roleDb := implement.NewRoleDb(engine, 0)

  52. 	var adminHasPermissionGroupIds []string

  53. 	for _, v := range *roles {

  54. 		list, _, err1 := roleDb.FindPermissionGroupByRole(v.RoleId)

  55. 		if err1 != nil {

  56. 			e.OutErr(c, e.ERR_DB_ORM, err1.Error())

  57. 			return

  58. 		}

  59. 		for _, v1 := range list {

  60. 			adminHasPermissionGroupIds = append(adminHasPermissionGroupIds, utils.IntToStr(v1.PermissionGroup.Id))

  61. 		}

  62. 	}

  63. 

  64. 	var tempRespMap = map[string]*md.PermissionGroupListResp{}

  65. 	var tempRespMapKeys []string

  66. 	for _, v := range *groupList {

  67. 

  68. 		var isCheck bool

  69. 		if admin.IsSuperAdministrator == enum.IsSuperAdministratorTure {

  70. 			isCheck = true

  71. 		} else {

  72. 			isCheck = false

  73. 		}

  74. 

  75. 		if utils.InArr(utils.IntToStr(v.Id), adminHasPermissionGroupIds) {

  76. 			isCheck = true

  77. 		}

  78. 

  79. 		if v.State == enum.PermissionGroupStateForDiscard {

  80. 			isCheck = false

  81. 		}

  82. 

  83. 		tempRespMap[utils.IntToStr(v.Id)] = &md.PermissionGroupListResp{

  84. 			Id:       v.Id,

  85. 			Name:     v.Name,

  86. 			Key:      v.Key,

  87. 			State:    v.State,

  88. 			ParentId: v.ParentId,

  89. 			CreateAt: v.CreateAt,

  90. 			UpdateAt: v.UpdateAt,

  91. 			IsCheck:  isCheck,

  92. 		}

  93. 		tempRespMapKeys = append(tempRespMapKeys, utils.IntToStr(v.Id))

  94. 	}

  95. 	for _, v := range tempRespMap {

  96. 		if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId != 0 {

  97. 			tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)

  98. 		}

  99. 	}

  100. 	for _, v := range tempRespMap {

  101. 		if v.ParentId != 0 && tempRespMap[utils.IntToStr(v.ParentId)].ParentId == 0 {

  102. 			tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList = append(tempRespMap[utils.IntToStr(v.ParentId)].SubPermissionGroupList, *v)

  103. 		}

  104. 	}

  105. 

  106. 	var resp []*md.PermissionGroupListResp

  107. 	for _, v := range tempRespMapKeys {

  108. 		if tempRespMap[v].ParentId == 0 {

  109. 			resp = append(resp, tempRespMap[v])

  110. 		}

  111. 	}

  112. 

  113. 	e.OutSuc(c, map[string]interface{}{

  114. 		"list": resp,

  115. 		"state": []map[string]interface{}{

  116. 			{

  117. 				"name":  enum.PermissionGroupState(enum.PermissionGroupStateForNormal).String(),

  118. 				"value": enum.PermissionGroupStateForNormal,

  119. 			},

  120. 			{

  121. 				"name":  enum.PermissionGroupState(enum.PermissionGroupStateForDiscard).String(),

  122. 				"value": enum.PermissionGroupStateForDiscard,

  123. 			},

  124. 		},

  125. 	}, nil)

  126. 	return

  127. }

  128. 

  129. type ImgReqUploadReq struct {

  130. 	FileName    string `json:"file_name" binding:"required" example:"文件名"`

  131. 	ContentType string `json:"content_type,required" binding:"required" example:"image/jpeg"`

  132. }

  133. type ImgReqUploadResp struct {

  134. 	SignUrl string `json:"sign_url" example:"签名上传url"`

  135. }

  136. 

  137. // GetOssUrl

  138. // @Summary      通用请求-对象存储-上传许可链接(获取)

  139. // @Tags         对象存储

  140. // @Description  上传许可链接(获取)

  141. // @Accept       json

  142. // @Produce      json

  143. // @param Authorization header string true "验证参数Bearer和token空格拼接"

  144. // @Param    req    body	comm.ImgReqUploadReq 	true  "签名上传url"

  145. // @Success      200   {string}  	"许可链接"

  146. // @Failure      400   {object}   md.Response              	"具体错误"

  147. // @Router       /api/comm/getOssUrl [POST]

  148. func GetOssUrl(c *gin.Context) {

  149. 	var args ImgReqUploadReq

  150. 	err := c.ShouldBindJSON(&args)

  151. 	if err != nil {

  152. 		err = svc.HandleValidateErr(err)

  153. 		err1 := err.(e.E)

  154. 		e.OutErr(c, err1.Code, err1.Error())

  155. 		return

  156. 	}

  157. 	CommOss(c, args)

  158. }

  159. func CommOss(c *gin.Context, args ImgReqUploadReq) {

  160. 	sysCfgDb := sys_cfg.NewSysCfgDb(db.Db)

  161. 	sysCfgs, err := sysCfgDb.SysCfgGetAll()

  162. 	if err != nil {

  163. 		e.OutErr(c, e.ERR_DB_ORM, err.Error())

  164. 		return

  165. 	}

  166. 	if sysCfgs == nil {

  167. 		e.OutErr(c, e.ERR_CFG_CACHE, nil)

  168. 		return

  169. 	}

  170. 

  171. 	cfgMap := make(map[string]string, len(*sysCfgs))

  172. 	for _, cfg := range *sysCfgs {

  173. 		cfgMap[cfg.Key] = cfg.Val

  174. 	}

  175. 	endpoint := cfgMap[enum2.AliyunOssEndpoint]

  176. 	bucketName := cfgMap[enum2.AliyunOssBucketName]

  177. 	ossBucketScheme := cfgMap[enum2.AliyunOssBucketScheme]

  178. 	accessKeyID := cfgMap[enum2.AliyunOssAccessKeyID]

  179. 	accessKeySecret := cfgMap[enum2.AliyunOssAccessKeySecret]

  180. 	if cfg.Prd {

  181. 		accessKeyID = os.Getenv(enum2.AliyunOssAccessKeyID)

  182. 		accessKeySecret = os.Getenv(enum2.AliyunOssAccessKeySecret)

  183. 	}

  184. 

  185. 	// 创建OSSClient实例。

  186. 	client, err := oss.New(ossBucketScheme+"://"+endpoint, accessKeyID, accessKeySecret)

  187. 	if err != nil {

  188. 		e.OutErr(c, e.ERR, err.Error())

  189. 		return

  190. 	}

  191. 

  192. 	// 获取存储空间。

  193. 	bucket, err := client.Bucket(bucketName)

  194. 	if err != nil {

  195. 		e.OutErr(c, e.ERR, err.Error())

  196. 		return

  197. 	}

  198. 

  199. 	options := []oss.Option{

  200. 		oss.ContentType(args.ContentType),

  201. 	}

  202. 

  203. 	signedURL, err := bucket.SignURL(args.FileName, oss.HTTPPut, 60*5, options...)

  204. 	if err != nil {

  205. 		e.OutErr(c, e.ERR_AES_ENCODE, err.Error())

  206. 		return

  207. 	}

  208. 

  209. 	e.OutSuc(c, signedURL, nil)

  210. }

  211. 

  212. const STSVoucherRedisKey = "STS_Voucher_Cache_Key"

  213. 

  214. type GetSTSVoucherResp struct {

  215. 	STSToken sts20150401.AssumeRoleResponseBodyCredentials `json:"sts_token"` // STS 凭证

  216. 	Bucket   string                                        `json:"bucket"`    // oss 桶名称

  217. 	Region   string                                        `json:"region"`    // 所在地域

  218. }

  219. 

  220. // GetSTSVoucher

  221. // @Summary      通用请求-打包机使用-STS临时访问凭证(获取)

  222. // @Tags         打包机使用

  223. // @Description  STS临时访问凭证(获取)

  224. // @Accept       json

  225. // @Produce      json

  226. // @param Authorization header string true "验证参数Bearer和token空格拼接"

  227. // @Success      200   {object}  comm.GetSTSVoucherResp  "凭证及其他信息"

  228. // @Failure      400   {object}   md.Response              	"具体错误"

  229. // @Router       /api/getSTSVoucher [GET]

  230. func GetSTSVoucher(c *gin.Context) {

  231. 	sysCfgDb := sys_cfg.NewSysCfgDb(db.Db)

  232. 	sysCfgs, err := sysCfgDb.SysCfgGetAll()

  233. 	if err != nil {

  234. 		e.OutErr(c, e.ERR_DB_ORM, err.Error())

  235. 		return

  236. 	}

  237. 	if sysCfgs == nil {

  238. 		e.OutErr(c, e.ERR_CFG_CACHE, nil)

  239. 		return

  240. 	}

  241. 	cfgMap := make(map[string]string, len(*sysCfgs))

  242. 	for _, cfg := range *sysCfgs {

  243. 		cfgMap[cfg.Key] = cfg.Val

  244. 	}

  245. 	endpoint := cfgMap[enum2.AliyunOssEndpoint]

  246. 

  247. 	redisKey := STSVoucherRedisKey

  248. 	redisValue, err := cache.GetString(redisKey)

  249. 	if err != nil {

  250. 		if err.Error() == "redigo: nil returned" {

  251. 

  252. 			assumeRoleAccessKeyID := cfgMap[enum2.AliyunOssAssumeRoleAccessKeyID]

  253. 			assumeRoleAccessKeySecret := cfgMap[enum2.AliyunOssAssumeRoleAccessKeySecret]

  254. 			assumeRoleARN := cfgMap[enum2.AliyunOssAssumeRoleARN]

  255. 			roleSessionName := "STSRam"

  256. 

  257. 			endpointList := strings.Split(endpoint, "-")

  258. 			stsEndPoint := fmt.Sprintf("sts.%s-%s", endpointList[1], endpointList[2])

  259. 

  260. 			client, err := svc.CreateSTSClient(&assumeRoleAccessKeyID, &assumeRoleAccessKeySecret, &stsEndPoint)

  261. 			if err != nil {

  262. 				e.OutErr(c, e.ERR, err.Error())

  263. 				return

  264. 			}

  265. 

  266. 			roleArn := assumeRoleARN

  267. 			durationSeconds := 3600

  268. 

  269. 			assumeRoleResponse, err := svc.AssumeRole(client, &roleArn, &roleSessionName, int64(durationSeconds))

  270. 			if err != nil {

  271. 				e.OutErr(c, e.ERR, err.Error())

  272. 				return

  273. 			}

  274. 

  275. 			CredentialsStr := utils.SerializeStr(assumeRoleResponse.Body.Credentials)

  276. 			// 提早 60s 释放,避免能拿到令牌但无法上传

  277. 			cache.SetEx(redisKey, CredentialsStr, durationSeconds-60)

  278. 			credentials := sts20150401.AssumeRoleResponseBodyCredentials{

  279. 				AccessKeyId:     assumeRoleResponse.Body.Credentials.AccessKeyId,

  280. 				AccessKeySecret: assumeRoleResponse.Body.Credentials.AccessKeySecret,

  281. 				Expiration:      assumeRoleResponse.Body.Credentials.Expiration,

  282. 				SecurityToken:   assumeRoleResponse.Body.Credentials.SecurityToken,

  283. 			}

  284. 

  285. 			bucket := cfgMap[enum2.AliyunOssBucketName]

  286. 			region := strings.Split(endpoint, ".")[0]

  287. 

  288. 			resp := GetSTSVoucherResp{

  289. 				STSToken: credentials,

  290. 				Bucket:   bucket,

  291. 				Region:   region,

  292. 			}

  293. 			e.OutSuc(c, resp, nil)

  294. 			return

  295. 		} else {

  296. 			e.OutErr(c, e.ERR, nil)

  297. 			return

  298. 		}

  299. 	}

  300. 

  301. 	var credentials sts20150401.AssumeRoleResponseBodyCredentials

  302. 	utils.Unserialize([]byte(redisValue), &credentials)

  303. 	bucket := cfgMap[enum2.AliyunOssBucketName]

  304. 	region := strings.Split(endpoint, ".")[0]

  305. 

  306. 	resp := GetSTSVoucherResp{

  307. 		STSToken: credentials,

  308. 		Bucket:   bucket,

  309. 		Region:   region,

  310. 	}

  311. 	e.OutSuc(c, resp, nil)

  312. 	return

  313. 

  314. }

  315. 

  316. type GetAdminInfoResp struct {

  317. 	AdmId                int    `json:"adm_id"`                 // 管理员id

  318. 	Username             string `json:"username"`               // 用户名

  319. 	State                int    `json:"state"`                  // 状态(1:正常 2:冻结)

  320. 	IsSuperAdministrator int    `json:"is_super_administrator"` // 是否为超级管理员(0:否 1:是)

  321. 	Memo                 string `json:"memo"`                   // 备注信息

  322. }

  323. 

  324. // GetAdminInfo

  325. // @Summary      通用请求-获取管理员信息

  326. // @Tags         通用请求

  327. // @Description  获取管理员信息

  328. // @Accept       json

  329. // @Produce      json

  330. // @param Authorization header string true "验证参数Bearer和token空格拼接"

  331. // @Success      200   {object}  GetAdminInfoResp  	"管理员信息"

  332. // @Failure      400   {object}   md.Response              	"具体错误"

  333. // @Router       /api/comm/adminInfo [POST]

  334. func GetAdminInfo(c *gin.Context) {

  335. 	admin := svc.GetUser(c)

  336. 	resp := GetAdminInfoResp{

  337. 		AdmId:                admin.AdmId,

  338. 		Username:             admin.Username,

  339. 		State:                admin.State,

  340. 		IsSuperAdministrator: admin.IsSuperAdministrator,

  341. 		Memo:                 admin.Memo,

  342. 	}

  343. 	e.OutSuc(c, resp, nil)

  344. }