广告平台(站长使用)
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
 
 
 
 
 

247 linhas
6.6 KiB

  1. package svc
  2. import (
  3. "applet/app/md"
  4. "applet/app/utils"
  5. "applet/app/utils/cache"
  6. db "code.fnuoos.com/zhimeng/model.git/src"
  7. "code.fnuoos.com/zhimeng/model.git/src/implement"
  8. "code.fnuoos.com/zhimeng/model.git/src/model"
  9. implement2 "code.fnuoos.com/zhimeng/model.git/src/super/implement"
  10. "encoding/json"
  11. "errors"
  12. "fmt"
  13. "github.com/gin-gonic/gin"
  14. "regexp"
  15. "strings"
  16. "time"
  17. )
  18. func CheckUserRole(c *gin.Context, cacheKey, uri string, admId int) (isHasPermission bool, err error) {
  19. uri = utils.UriFilterExcludeQueryString(uri) // 去除uri中?后的query参数
  20. isHasPermission = false
  21. var rolePermission []string
  22. var rolePermissionString string
  23. rolePermissionString, _ = cache.GetString(cacheKey)
  24. // TODO::判断是否在白名单中
  25. if utils.InArr(uri, md.WhiteUri) {
  26. isHasPermission = true
  27. return
  28. }
  29. if rolePermissionString != "" {
  30. // if false {
  31. if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil {
  32. return
  33. }
  34. } else {
  35. adminDb := implement.NewAdminDb(db.DBs[GetMasterId(c)])
  36. list, _, err1 := adminDb.GetAdminRolePermission(admId)
  37. if err1 != nil {
  38. return isHasPermission, err1
  39. }
  40. for _, v := range list {
  41. rolePermission = append(rolePermission, v.Permission.Action)
  42. }
  43. marshal, err1 := json.Marshal(rolePermission)
  44. if err1 != nil {
  45. return isHasPermission, err1
  46. }
  47. rolePermissionString = string(marshal)
  48. _, err = cache.SetEx(cacheKey, rolePermissionString, md.AdminRolePermissionCacheTime)
  49. }
  50. if utils.InArr(uri, rolePermission) {
  51. isHasPermission = true
  52. } else {
  53. // 正则匹配占位符情况
  54. compileRegex := regexp.MustCompile("[0-9]+")
  55. matchArr := compileRegex.FindAllString(uri, -1)
  56. if len(matchArr) > 0 {
  57. uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1)
  58. if utils.InArr(uri, rolePermission) {
  59. isHasPermission = true
  60. }
  61. }
  62. }
  63. return
  64. }
  65. func CheckUserRoleByOpen(c *gin.Context, cacheKey, uri string, masterId int) (isHasPermission bool, err error) {
  66. uri = utils.UriFilterExcludeQueryString(uri) // 去除uri中?后的query参数
  67. isHasPermission = false
  68. var rolePermission []string
  69. var rolePermissionString string
  70. rolePermissionString, _ = cache.GetString(cacheKey)
  71. // TODO::判断是否在白名单中
  72. if utils.InArr(uri, md.WhiteUri) {
  73. isHasPermission = true
  74. return
  75. }
  76. if rolePermissionString != "" {
  77. if err = json.Unmarshal([]byte(rolePermissionString), &rolePermission); err != nil {
  78. return
  79. }
  80. } else {
  81. userOpenPermissionDb := implement2.NewUserOpenPermissionDb(db.Db)
  82. list, _, err1 := userOpenPermissionDb.GetUserOpenPermission(masterId)
  83. if err1 != nil {
  84. return isHasPermission, err1
  85. }
  86. for _, v := range list {
  87. rolePermission = append(rolePermission, v.OpenPermission.Action)
  88. }
  89. marshal, err1 := json.Marshal(rolePermission)
  90. if err1 != nil {
  91. return isHasPermission, err1
  92. }
  93. rolePermissionString = string(marshal)
  94. _, err = cache.SetEx(cacheKey, rolePermissionString, md.AdminRolePermissionByOpenCacheTime)
  95. }
  96. if utils.InArr(uri, rolePermission) {
  97. isHasPermission = true
  98. } else {
  99. // 正则匹配占位符情况
  100. compileRegex := regexp.MustCompile("[0-9]+")
  101. matchArr := compileRegex.FindAllString(uri, -1)
  102. if len(matchArr) > 0 {
  103. uri = strings.Replace(uri, matchArr[len(matchArr)-1], ":id", 1)
  104. if utils.InArr(uri, rolePermission) {
  105. isHasPermission = true
  106. }
  107. }
  108. }
  109. return
  110. }
  111. func DeleteRole(c *gin.Context, roleId int) (err error) {
  112. engine := db.DBs[GetMasterId(c)]
  113. session := engine.NewSession()
  114. defer session.Close()
  115. session.Begin()
  116. // 1、删除 `role`
  117. roleDb := implement.NewRoleDb(engine, roleId)
  118. _, err = roleDb.RoleDeleteBySession(session, roleId)
  119. if err != nil {
  120. _ = session.Rollback()
  121. return
  122. }
  123. // 2、删除 `role_permission_group`
  124. rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.DBs[GetMasterId(c)])
  125. _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, roleId)
  126. if err != nil {
  127. _ = session.Rollback()
  128. return
  129. }
  130. // 3、删除 `admin_role`
  131. adminRoleDb := implement.NewAdminRoleDb(db.DBs[GetMasterId(c)])
  132. _, err = adminRoleDb.AdminRoleDeleteForRoleBySession(session, roleId)
  133. if err != nil {
  134. _ = session.Rollback()
  135. return
  136. }
  137. return session.Commit()
  138. }
  139. func RoleBindPermissionGroup(c *gin.Context, req md.RoleBindPermissionGroupReq) (err error) {
  140. engine := db.DBs[GetMasterId(c)]
  141. session := engine.NewSession()
  142. defer session.Close()
  143. session.Begin()
  144. // 1、查询 `role`
  145. roleDb := implement.NewRoleDb(db.DBs[GetMasterId(c)], req.RoleId)
  146. role, err := roleDb.GetRole()
  147. if err != nil {
  148. return
  149. }
  150. if role == nil {
  151. return errors.New("未查询到相应记录")
  152. }
  153. // 1、删除 `role_permission_group`
  154. rolePermissionGroupDb := implement.NewRolePermissionGroupDb(db.DBs[GetMasterId(c)])
  155. _, err = rolePermissionGroupDb.RolePermissionGroupDeleteForRoleBySession(session, req.RoleId)
  156. if err != nil {
  157. _ = session.Rollback()
  158. return
  159. }
  160. // 2、新增 `role_permission_group``
  161. var mm []*model.RolePermissionGroup
  162. now := time.Now()
  163. for _, v := range req.PermissionIds {
  164. mm = append(mm, &model.RolePermissionGroup{
  165. RoleId: role.Id,
  166. GroupId: v,
  167. CreateAt: now.Format("2006-01-02 15:04:05"),
  168. UpdateAt: now.Format("2006-01-02 15:04:05"),
  169. })
  170. }
  171. _, err = rolePermissionGroupDb.BatchAddRolePermissionGroupBySession(session, mm)
  172. if err != nil {
  173. _ = session.Rollback()
  174. return
  175. }
  176. session.Commit()
  177. var data []model.AdminRole
  178. MasterDb(c).Where("role_id=?", role.Id).Find(&data)
  179. for _, v := range data {
  180. rolePermissionKey := fmt.Sprintf(md.AdminRolePermissionKey, c.GetString("mid"), utils.AnyToString(v.AdmId))
  181. cache.Del(rolePermissionKey)
  182. }
  183. return nil
  184. }
  185. func BindAdminRole(c *gin.Context, req md.BindAdminRoleReq) (err error) {
  186. engine := db.DBs[GetMasterId(c)]
  187. session := engine.NewSession()
  188. defer session.Close()
  189. session.Begin()
  190. // 1、查询 `role`
  191. adminDb := implement.NewAdminDb(db.DBs[GetMasterId(c)])
  192. role, err := adminDb.GetAdmin(req.AdmId)
  193. if err != nil {
  194. return
  195. }
  196. if role == nil {
  197. return errors.New("未查询到相应记录")
  198. }
  199. // 1、删除 `admin_role`
  200. adminRoleDb := implement.NewAdminRoleDb(db.DBs[GetMasterId(c)])
  201. _, err = adminRoleDb.AdminRoleDeleteBySession(session, req.AdmId)
  202. if err != nil {
  203. _ = session.Rollback()
  204. return
  205. }
  206. // 2、新增 `删除 `admin_role``
  207. var mm []*model.AdminRole
  208. now := time.Now()
  209. for _, v := range req.RoleIds {
  210. mm = append(mm, &model.AdminRole{
  211. AdmId: req.AdmId,
  212. RoleId: v,
  213. State: 1,
  214. CreateAt: now.Format("2006-01-02 15:04:05"),
  215. UpdateAt: now.Format("2006-01-02 15:04:05"),
  216. })
  217. }
  218. _, err = adminRoleDb.BatchAddAdminRoleBySession(session, mm)
  219. if err != nil {
  220. _ = session.Rollback()
  221. return
  222. }
  223. return session.Commit()
  224. }