蛋蛋星球 后台端
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

197 line
4.9 KiB

  1. package svc
  2. import (
  3. "applet/app/cfg"
  4. "applet/app/db"
  5. "applet/app/md"
  6. "applet/app/utils"
  7. "applet/app/utils/cache"
  8. "code.fnuoos.com/EggPlanet/egg_models.git/src/implement"
  9. "code.fnuoos.com/EggPlanet/egg_models.git/src/model"
  10. "encoding/json"
  11. "errors"
  12. "fmt"
  13. "github.com/gin-gonic/gin"
  14. "regexp"
  15. "strings"
  16. "time"
  17. )
  18. func CheckUserRole(c *gin.Context, cacheKey, uri string, admId int) (isHasPermission bool, err error) {
  19. uri = utils.UriFilterExcludeQueryString(uri) // 去除uri中?后的query参数
  20. isHasPermission = false
  21. var rolePermission []string
  22. var rolePermissionString string
  23. rolePermissionString, _ = cache.GetString(cacheKey)
  24. // TODO::判断是否在白名单中
  25. if utils.InArr(uri, md.WhiteUri) {
  26. isHasPermission = true
  27. return
  28. }
  29. if rolePermissionString != "" {
  30. // if false {
  31. if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil {
  32. return
  33. }
  34. } else {
  35. adminDb := implement.NewAdminDb(db.Db)
  36. list, _, err1 := adminDb.GetAdminRolePermission(admId)
  37. if err1 != nil {
  38. return isHasPermission, err1
  39. }
  40. for _, v := range list {
  41. rolePermission = append(rolePermission, v.Permission.Action)
  42. }
  43. marshal, err1 := json.Marshal(rolePermission)
  44. if err1 != nil {
  45. return isHasPermission, err1
  46. }
  47. rolePermissionString = string(marshal)
  48. _, err = cache.SetEx(cacheKey, rolePermissionString, cfg.AdminRolePermissionCacheTime)
  49. }
  50. if utils.InArr(uri, rolePermission) {
  51. isHasPermission = true
  52. } else {
  53. // 正则匹配占位符情况
  54. compileRegex := regexp.MustCompile("[0-9]+")
  55. matchArr := compileRegex.FindAllString(uri, -1)
  56. if len(matchArr) > 0 {
  57. uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1)
  58. if utils.InArr(uri, rolePermission) {
  59. isHasPermission = true
  60. }
  61. }
  62. }
  63. return
  64. }
  65. func DeleteRole(c *gin.Context, roleId int) (err error) {
  66. engine := db.Db
  67. session := engine.NewSession()
  68. defer session.Close()
  69. session.Begin()
  70. // 1、删除 `role`
  71. roleDb := implement.NewRoleDb(engine, roleId)
  72. _, err = roleDb.RoleDeleteBySession(session, roleId)
  73. if err != nil {
  74. _ = session.Rollback()
  75. return
  76. }
  77. // 2、删除 `role_permission_group`
  78. rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
  79. _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, roleId)
  80. if err != nil {
  81. _ = session.Rollback()
  82. return
  83. }
  84. // 3、删除 `admin_role`
  85. adminRoleDb := implement.NewAdminRoleDb(db.Db)
  86. _, err = adminRoleDb.AdminRoleDeleteForRoleBySession(session, roleId)
  87. if err != nil {
  88. _ = session.Rollback()
  89. return
  90. }
  91. return session.Commit()
  92. }
  93. func RoleBindPermissionGroup(c *gin.Context, req md.RoleBindPermissionGroupReq) (err error) {
  94. engine := db.Db
  95. session := engine.NewSession()
  96. defer session.Close()
  97. session.Begin()
  98. // 1、查询 `role`
  99. roleDb := implement.NewRoleDb(db.Db, req.RoleId)
  100. role, err := roleDb.GetRole()
  101. if err != nil {
  102. return
  103. }
  104. if role == nil {
  105. return errors.New("未查询到相应记录")
  106. }
  107. // 1、删除 `role_permission_group`
  108. rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.Db)
  109. _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, req.RoleId)
  110. if err != nil {
  111. _ = session.Rollback()
  112. return
  113. }
  114. // 2、新增 `role_permission_group``
  115. var mm []*model.RolePermissionGroup
  116. now := time.Now()
  117. for _, v := range req.PermissionIds {
  118. mm = append(mm, &model.RolePermissionGroup{
  119. RoleId: role.Id,
  120. GroupId: v,
  121. CreateAt: now.Format("2006-01-02 15:04:05"),
  122. UpdateAt: now.Format("2006-01-02 15:04:05"),
  123. })
  124. }
  125. _, err = rolePermissionGroupDb.BatchAddRolePermissionGroupBySession(session, mm)
  126. if err != nil {
  127. _ = session.Rollback()
  128. return
  129. }
  130. session.Commit()
  131. var data []model.AdminRole
  132. engine.Where("role_id=?", role.Id).Find(&data)
  133. for _, v := range data {
  134. rolePermissionKey := fmt.Sprintf(cfg.AdminRolePermissionKey, utils.AnyToString(v.AdmId))
  135. cache.Del(rolePermissionKey)
  136. }
  137. return nil
  138. }
  139. func BindAdminRole(c *gin.Context, req md.BindAdminRoleReq) (err error) {
  140. engine := db.Db
  141. session := engine.NewSession()
  142. defer session.Close()
  143. session.Begin()
  144. // 1、查询 `role`
  145. adminDb := implement.NewAdminDb(db.Db)
  146. role, err := adminDb.GetAdmin(req.AdmId)
  147. if err != nil {
  148. return
  149. }
  150. if role == nil {
  151. return errors.New("未查询到相应记录")
  152. }
  153. // 1、删除 `admin_role`
  154. adminRoleDb := implement.NewAdminRoleDb(db.Db)
  155. _, err = adminRoleDb.AdminRoleDeleteBySession(session, req.AdmId)
  156. if err != nil {
  157. _ = session.Rollback()
  158. return
  159. }
  160. // 2、新增 `删除 `admin_role``
  161. var mm []*model.AdminRole
  162. now := time.Now()
  163. for _, v := range req.RoleIds {
  164. mm = append(mm, &model.AdminRole{
  165. AdmId: req.AdmId,
  166. RoleId: v,
  167. State: 1,
  168. CreateAt: now.Format("2006-01-02 15:04:05"),
  169. UpdateAt: now.Format("2006-01-02 15:04:05"),
  170. })
  171. }
  172. _, err = adminRoleDb.BatchAddAdminRoleBySession(session, mm)
  173. if err != nil {
  174. _ = session.Rollback()
  175. return
  176. }
  177. return session.Commit()
  178. }