正在显示
32 个修改的文件
包含
766 行增加
和
24 行删除
@@ -6,6 +6,7 @@ require ( | @@ -6,6 +6,7 @@ require ( | ||
6 | github.com/astaxie/beego v1.12.2 | 6 | github.com/astaxie/beego v1.12.2 |
7 | github.com/go-pg/pg/v10 v10.0.0-beta.2 | 7 | github.com/go-pg/pg/v10 v10.0.0-beta.2 |
8 | github.com/tiptok/gocomm v1.0.2 | 8 | github.com/tiptok/gocomm v1.0.2 |
9 | + github.com/GeeTeam/gt3-golang-sdk v0.0.0-20200116043922-446ca8a507d2 | ||
9 | ) | 10 | ) |
10 | 11 | ||
11 | replace github.com/tiptok/gocomm v1.0.2 => F:\go\src\learn_project\gocomm | 12 | replace github.com/tiptok/gocomm v1.0.2 => F:\go\src\learn_project\gocomm |
@@ -4,6 +4,7 @@ import ( | @@ -4,6 +4,7 @@ import ( | ||
4 | "github.com/astaxie/beego" | 4 | "github.com/astaxie/beego" |
5 | _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/constant" | 5 | _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/constant" |
6 | _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/pg" | 6 | _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/pg" |
7 | + _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/redis" | ||
7 | _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego" | 8 | _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego" |
8 | ) | 9 | ) |
9 | 10 |
1 | package auth | 1 | package auth |
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | + "encoding/json" | ||
4 | "fmt" | 5 | "fmt" |
6 | + "github.com/GeeTeam/gt3-golang-sdk/geetest" | ||
5 | "github.com/tiptok/gocomm/common" | 7 | "github.com/tiptok/gocomm/common" |
8 | + "github.com/tiptok/gocomm/pkg/cache" | ||
6 | "github.com/tiptok/gocomm/pkg/log" | 9 | "github.com/tiptok/gocomm/pkg/log" |
10 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/cachex" | ||
7 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory" | 11 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory" |
8 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" | 12 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" |
13 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/dao" | ||
9 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol" | 14 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol" |
10 | protocolx "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol/auth" | 15 | protocolx "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol/auth" |
16 | + "time" | ||
11 | ) | 17 | ) |
12 | 18 | ||
13 | type AuthService struct { | 19 | type AuthService struct { |
@@ -44,6 +50,8 @@ func (svr *AuthService) Login(header *protocol.RequestHeader, request *protocolx | @@ -44,6 +50,8 @@ func (svr *AuthService) Login(header *protocol.RequestHeader, request *protocolx | ||
44 | "accessToken": "Bearer " + token, | 50 | "accessToken": "Bearer " + token, |
45 | "expiresIn": domain.TokenExpire, | 51 | "expiresIn": domain.TokenExpire, |
46 | } | 52 | } |
53 | + | ||
54 | + cache.Delete(cachex.UserRoleAccessCacheKey(user.Id)) | ||
47 | err = transactionContext.CommitTransaction() | 55 | err = transactionContext.CommitTransaction() |
48 | return | 56 | return |
49 | } | 57 | } |
@@ -68,13 +76,18 @@ func (svr *AuthService) Logout(header *protocol.RequestHeader, request *protocol | @@ -68,13 +76,18 @@ func (svr *AuthService) Logout(header *protocol.RequestHeader, request *protocol | ||
68 | return | 76 | return |
69 | } | 77 | } |
70 | 78 | ||
71 | -func (svr *AuthService) Profile(header *protocol.RequestHeader, request *protocolx.ProfileRequest) (rsp *protocolx.ProfileResponse, err error) { | 79 | +func (svr *AuthService) Profile(header *protocol.RequestHeader, request *protocolx.ProfileRequest) (rsp interface{}, err error) { |
72 | var ( | 80 | var ( |
73 | transactionContext, _ = factory.CreateTransactionContext(nil) | 81 | transactionContext, _ = factory.CreateTransactionContext(nil) |
82 | + UserRepository, _ = factory.CreateUserRepository(transactionContext) | ||
83 | + RoleRepository, _ = factory.CreateRoleRepository(transactionContext) | ||
84 | + RoleAccessDao, _ = dao.NewRoleAccessDao(transactionContext) | ||
85 | + AccessRepository, _ = factory.CreateAccessRepository(transactionContext) | ||
74 | ) | 86 | ) |
75 | rsp = &protocolx.ProfileResponse{} | 87 | rsp = &protocolx.ProfileResponse{} |
76 | if err = request.ValidateCommand(); err != nil { | 88 | if err = request.ValidateCommand(); err != nil { |
77 | err = protocol.NewCustomMessage(2, err.Error()) | 89 | err = protocol.NewCustomMessage(2, err.Error()) |
90 | + return | ||
78 | } | 91 | } |
79 | if err = transactionContext.StartTransaction(); err != nil { | 92 | if err = transactionContext.StartTransaction(); err != nil { |
80 | log.Error(err) | 93 | log.Error(err) |
@@ -84,17 +97,43 @@ func (svr *AuthService) Profile(header *protocol.RequestHeader, request *protoco | @@ -84,17 +97,43 @@ func (svr *AuthService) Profile(header *protocol.RequestHeader, request *protoco | ||
84 | transactionContext.RollbackTransaction() | 97 | transactionContext.RollbackTransaction() |
85 | }() | 98 | }() |
86 | 99 | ||
100 | + var user *domain.User | ||
101 | + if user, err = UserRepository.FindOne(map[string]interface{}{"id": request.UserId}); err != nil { | ||
102 | + err = protocol.NewCustomMessage(1, "用户不存在") | ||
103 | + return | ||
104 | + } | ||
105 | + _, roles, _ := RoleRepository.Find(map[string]interface{}{"inRoleIds": user.Roles}) | ||
106 | + | ||
107 | + rspMap := map[string]interface{}{ | ||
108 | + "menus": struct{}{}, | ||
109 | + } | ||
110 | + rspMap["user"] = map[string]interface{}{ | ||
111 | + "name": user.Name, | ||
112 | + "id": user.Id, | ||
113 | + "phone": user.Phone, | ||
114 | + "address": user.Address, | ||
115 | + "isAdmin": user.IsAdmin, | ||
116 | + "roles": roles, | ||
117 | + } | ||
118 | + | ||
119 | + accessIds, _ := RoleAccessDao.GetRoleAccess(user.Roles...) | ||
120 | + if len(accessIds) > 0 { | ||
121 | + _, accesses, _ := AccessRepository.Find(map[string]interface{}{"inAccessIds": accessIds}) | ||
122 | + rspMap["menus"] = accesses | ||
123 | + } | ||
124 | + rsp = rspMap | ||
87 | err = transactionContext.CommitTransaction() | 125 | err = transactionContext.CommitTransaction() |
88 | return | 126 | return |
89 | } | 127 | } |
90 | 128 | ||
91 | -func (svr *AuthService) CaptchaInit(header *protocol.RequestHeader, request *protocolx.CaptchaInitRequest) (rsp *protocolx.CaptchaInitResponse, err error) { | 129 | +func (svr *AuthService) CaptchaInit(header *protocol.RequestHeader, request *protocolx.CaptchaInitRequest) (rsp interface{}, err error) { |
92 | var ( | 130 | var ( |
93 | transactionContext, _ = factory.CreateTransactionContext(nil) | 131 | transactionContext, _ = factory.CreateTransactionContext(nil) |
94 | ) | 132 | ) |
95 | rsp = &protocolx.CaptchaInitResponse{} | 133 | rsp = &protocolx.CaptchaInitResponse{} |
96 | if err = request.ValidateCommand(); err != nil { | 134 | if err = request.ValidateCommand(); err != nil { |
97 | err = protocol.NewCustomMessage(2, err.Error()) | 135 | err = protocol.NewCustomMessage(2, err.Error()) |
136 | + return | ||
98 | } | 137 | } |
99 | if err = transactionContext.StartTransaction(); err != nil { | 138 | if err = transactionContext.StartTransaction(); err != nil { |
100 | log.Error(err) | 139 | log.Error(err) |
@@ -104,6 +143,21 @@ func (svr *AuthService) CaptchaInit(header *protocol.RequestHeader, request *pro | @@ -104,6 +143,21 @@ func (svr *AuthService) CaptchaInit(header *protocol.RequestHeader, request *pro | ||
104 | transactionContext.RollbackTransaction() | 143 | transactionContext.RollbackTransaction() |
105 | }() | 144 | }() |
106 | 145 | ||
146 | + const ( | ||
147 | + captchaID = "33a2abf9c5df0d6bc3b89fb39280114b" | ||
148 | + privateKey = "13320fd2b10199e9a2440a4fbb4d46f7" | ||
149 | + ) | ||
150 | + newGeetest := geetest.NewGeetestLib(captchaID, privateKey, 2*time.Second) | ||
151 | + _, responseBt := newGeetest.PreProcess("", request.UserIp) | ||
152 | + var geetestRsp geetest.FailbackRegisterRespnse | ||
153 | + json.Unmarshal(responseBt, &geetestRsp) | ||
154 | + rspData := map[string]interface{}{ | ||
155 | + "success": geetestRsp.Success, | ||
156 | + "gt": geetestRsp.GT, | ||
157 | + "challenge": geetestRsp.Challenge, | ||
158 | + "newCaptcha": geetestRsp.NewCaptcha, | ||
159 | + } | ||
160 | + rsp = rspData | ||
107 | err = transactionContext.CommitTransaction() | 161 | err = transactionContext.CommitTransaction() |
108 | return | 162 | return |
109 | } | 163 | } |
pkg/application/cachex/cahce.go
0 → 100644
1 | +package cachex | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/tiptok/gocomm/pkg/cache" | ||
6 | + "github.com/tiptok/gocomm/pkg/log" | ||
7 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory" | ||
8 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" | ||
9 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/dao" | ||
10 | + "regexp" | ||
11 | + "strings" | ||
12 | +) | ||
13 | + | ||
14 | +//redis key | ||
15 | +func UserRoleAccessCacheKey(userId int64) string { | ||
16 | + return fmt.Sprintf("godevp:user:access:%v", userId) | ||
17 | +} | ||
18 | + | ||
19 | +type CacheService struct { | ||
20 | +} | ||
21 | + | ||
22 | +func (svr *CacheService) CacheUserAccess(userId int64) func() (interface{}, error) { | ||
23 | + return func() (interface{}, error) { | ||
24 | + var ( | ||
25 | + transactionContext, _ = factory.CreateTransactionContext(nil) | ||
26 | + UserRepository, _ = factory.CreateUserRepository(transactionContext) | ||
27 | + RoleAccessDao, _ = dao.NewRoleAccessDao(transactionContext) | ||
28 | + AccessRepository, _ = factory.CreateAccessRepository(transactionContext) | ||
29 | + err error | ||
30 | + ) | ||
31 | + if err = transactionContext.StartTransaction(); err != nil { | ||
32 | + log.Error(err) | ||
33 | + return nil, err | ||
34 | + } | ||
35 | + defer func() { | ||
36 | + transactionContext.RollbackTransaction() | ||
37 | + }() | ||
38 | + | ||
39 | + var user *domain.User | ||
40 | + if user, err = UserRepository.FindOne(map[string]interface{}{"id": userId}); err != nil { | ||
41 | + return []*domain.Access{}, nil | ||
42 | + } | ||
43 | + accessIds, _ := RoleAccessDao.GetRoleAccess(user.Roles...) | ||
44 | + if len(accessIds) == 0 { | ||
45 | + return []*domain.Access{}, nil | ||
46 | + } | ||
47 | + _, accesses, _ := AccessRepository.Find(map[string]interface{}{"inAccessIds": accessIds}) | ||
48 | + err = transactionContext.CommitTransaction() | ||
49 | + return accesses, nil | ||
50 | + } | ||
51 | +} | ||
52 | +func (svr *CacheService) ValidUserAccess(userId int64, object string, method string) (result bool, err error) { | ||
53 | + var userAccess []*domain.Access | ||
54 | + defer func() { | ||
55 | + log.Info(fmt.Sprintf("ValidUserAccess user:%v object:%v method:%v result:%v", userId, object, method, result)) | ||
56 | + }() | ||
57 | + cache.GetObject(UserRoleAccessCacheKey(userId), &userAccess, 3600, svr.CacheUserAccess(userId)) | ||
58 | + for i := range userAccess { | ||
59 | + if KeyMatch3(object, userAccess[i].Object) && KeyEqual(userAccess[i].Action, method) { | ||
60 | + result = true | ||
61 | + return | ||
62 | + } | ||
63 | + } | ||
64 | + return | ||
65 | +} | ||
66 | + | ||
67 | +// KeyMatch3 determines whether key1 matches the pattern of key2 (similar to RESTful path), key2 can contain a *. | ||
68 | +// For example, "/foo/bar" matches "/foo/*", "/resource1" matches "/{resource}" | ||
69 | +func KeyMatch3(key1 string, key2 string) bool { | ||
70 | + key2 = strings.Replace(key2, "/*", "/.*", -1) | ||
71 | + | ||
72 | + re := regexp.MustCompile(`\{[^/]+\}`) | ||
73 | + key2 = re.ReplaceAllString(key2, "$1[^/]+$2") | ||
74 | + | ||
75 | + return RegexMatch(key1, "^"+key2+"$") | ||
76 | +} | ||
77 | + | ||
78 | +// KeyEqual case key1='*' or key1=' ' result=true | ||
79 | +func KeyEqual(key1 string, key2 string) bool { | ||
80 | + if key1 == "*" { | ||
81 | + return true | ||
82 | + } | ||
83 | + if len(key1) == 0 { | ||
84 | + return true | ||
85 | + } | ||
86 | + key1 = strings.ToLower(strings.TrimSpace(key1)) | ||
87 | + key2 = strings.ToLower(strings.TrimSpace(key2)) | ||
88 | + return strings.EqualFold(key1, key2) | ||
89 | +} | ||
90 | + | ||
91 | +// RegexMatch determines whether key1 matches the pattern of key2 in regular expression. | ||
92 | +func RegexMatch(key1 string, key2 string) bool { | ||
93 | + res, err := regexp.MatchString(key2, key1) | ||
94 | + if err != nil { | ||
95 | + panic(err) | ||
96 | + } | ||
97 | + return res | ||
98 | +} |
@@ -10,6 +10,10 @@ func CreateAccessRepository(transactionContext *transaction.TransactionContext) | @@ -10,6 +10,10 @@ func CreateAccessRepository(transactionContext *transaction.TransactionContext) | ||
10 | return repository.NewAccessRepository(transactionContext) | 10 | return repository.NewAccessRepository(transactionContext) |
11 | } | 11 | } |
12 | 12 | ||
13 | +func CreateRoleAccessRepository(transactionContext *transaction.TransactionContext) (domain.RoleAccessRepository, error) { | ||
14 | + return repository.NewRoleAccessRepository(transactionContext) | ||
15 | +} | ||
16 | + | ||
13 | func CreateMenuRepository(transactionContext *transaction.TransactionContext) (domain.MenuRepository, error) { | 17 | func CreateMenuRepository(transactionContext *transaction.TransactionContext) (domain.MenuRepository, error) { |
14 | return repository.NewMenuRepository(transactionContext) | 18 | return repository.NewMenuRepository(transactionContext) |
15 | } | 19 | } |
pkg/application/rbac/rbac.go
0 → 100644
1 | +package rbac | ||
2 | + | ||
3 | +import ( | ||
4 | + "github.com/tiptok/gocomm/pkg/log" | ||
5 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory" | ||
6 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" | ||
7 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/dao" | ||
8 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol" | ||
9 | + protocolx "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol/rbac" | ||
10 | +) | ||
11 | + | ||
12 | +type RbacService struct { | ||
13 | +} | ||
14 | + | ||
15 | +func (svr *RbacService) Access(header *protocol.RequestHeader, request *protocolx.AccessRequest) (rsp interface{}, err error) { | ||
16 | + var ( | ||
17 | + transactionContext, _ = factory.CreateTransactionContext(nil) | ||
18 | + ) | ||
19 | + rsp = &protocolx.AccessResponse{} | ||
20 | + if err = request.ValidateCommand(); err != nil { | ||
21 | + err = protocol.NewCustomMessage(2, err.Error()) | ||
22 | + return | ||
23 | + } | ||
24 | + if err = transactionContext.StartTransaction(); err != nil { | ||
25 | + log.Error(err) | ||
26 | + return nil, err | ||
27 | + } | ||
28 | + defer func() { | ||
29 | + transactionContext.RollbackTransaction() | ||
30 | + }() | ||
31 | + | ||
32 | + var AccessRepository, _ = factory.CreateAccessRepository(transactionContext) | ||
33 | + var access []*domain.Access | ||
34 | + if _, access, err = AccessRepository.Find(map[string]interface{}{}); err != nil { | ||
35 | + return | ||
36 | + } | ||
37 | + var rspList []interface{} | ||
38 | + for _, item := range access { | ||
39 | + rspList = append(rspList, map[string]interface{}{ | ||
40 | + "id": item.Id, | ||
41 | + "name": item.AccessName, | ||
42 | + "icon": "", | ||
43 | + "parentId": item.ParentId, | ||
44 | + "sort": item.Sort, | ||
45 | + "code": item.AccessCode, | ||
46 | + }) | ||
47 | + } | ||
48 | + rsp = map[string]interface{}{ | ||
49 | + "lists": rspList, | ||
50 | + } | ||
51 | + | ||
52 | + err = transactionContext.CommitTransaction() | ||
53 | + return | ||
54 | +} | ||
55 | + | ||
56 | +func (svr *RbacService) RoleAccess(header *protocol.RequestHeader, request *protocolx.RoleAccessRequest) (rsp interface{}, err error) { | ||
57 | + var ( | ||
58 | + transactionContext, _ = factory.CreateTransactionContext(nil) | ||
59 | + RoleAccessDao, _ = dao.NewRoleAccessDao(transactionContext) | ||
60 | + RoleRepository, _ = factory.CreateRoleRepository(transactionContext) | ||
61 | + role *domain.Role | ||
62 | + ) | ||
63 | + rsp = &protocolx.RoleAccessResponse{} | ||
64 | + if err = request.ValidateCommand(); err != nil { | ||
65 | + err = protocol.NewCustomMessage(2, err.Error()) | ||
66 | + return | ||
67 | + } | ||
68 | + if err = transactionContext.StartTransaction(); err != nil { | ||
69 | + log.Error(err) | ||
70 | + return nil, err | ||
71 | + } | ||
72 | + defer func() { | ||
73 | + transactionContext.RollbackTransaction() | ||
74 | + }() | ||
75 | + | ||
76 | + if role, err = RoleRepository.FindOne(map[string]interface{}{"id": request.RoleId}); err != nil { | ||
77 | + log.Error(err) | ||
78 | + err = protocol.NewCustomMessage(1, "角色不存在") | ||
79 | + return | ||
80 | + } | ||
81 | + accessIds, _ := RoleAccessDao.GetRoleAccess(request.RoleId) | ||
82 | + rsp = map[string]interface{}{ | ||
83 | + "roleId": role.Id, | ||
84 | + "roleName": role.RoleName, | ||
85 | + "accessIds": accessIds, | ||
86 | + } | ||
87 | + | ||
88 | + err = transactionContext.CommitTransaction() | ||
89 | + return | ||
90 | +} | ||
91 | + | ||
92 | +func (svr *RbacService) SetRoleAccess(header *protocol.RequestHeader, request *protocolx.SetRoleAccessRequest) (rsp *protocolx.SetRoleAccessResponse, err error) { | ||
93 | + var ( | ||
94 | + transactionContext, _ = factory.CreateTransactionContext(nil) | ||
95 | + AccessRepository, _ = factory.CreateAccessRepository(transactionContext) | ||
96 | + RoleRepository, _ = factory.CreateRoleRepository(transactionContext) | ||
97 | + RoleAccessDao, _ = dao.NewRoleAccessDao(transactionContext) | ||
98 | + ) | ||
99 | + rsp = &protocolx.SetRoleAccessResponse{} | ||
100 | + if err = request.ValidateCommand(); err != nil { | ||
101 | + err = protocol.NewCustomMessage(2, err.Error()) | ||
102 | + } | ||
103 | + if err = transactionContext.StartTransaction(); err != nil { | ||
104 | + log.Error(err) | ||
105 | + return nil, err | ||
106 | + } | ||
107 | + defer func() { | ||
108 | + transactionContext.RollbackTransaction() | ||
109 | + }() | ||
110 | + | ||
111 | + if _, err = RoleRepository.FindOne(map[string]interface{}{"id": request.RoleId}); err != nil { | ||
112 | + log.Error(err) | ||
113 | + err = protocol.NewCustomMessage(1, "角色不存在") | ||
114 | + return | ||
115 | + } | ||
116 | + | ||
117 | + var accessMap = make(map[int64]*domain.Access) | ||
118 | + _, access, e := AccessRepository.Find(map[string]interface{}{"inAccessIds": request.AccessIds}) | ||
119 | + if e != nil { | ||
120 | + err = e | ||
121 | + return | ||
122 | + } | ||
123 | + for _, v := range access { | ||
124 | + accessMap[v.Id] = v | ||
125 | + } | ||
126 | + | ||
127 | + if err = RoleAccessDao.DeleteRoleAccess(request.RoleId); err != nil { | ||
128 | + return | ||
129 | + } | ||
130 | + if len(request.AccessIds) > 0 { | ||
131 | + var roleAccess []*domain.RoleAccess | ||
132 | + for _, v := range request.AccessIds { | ||
133 | + item := &domain.RoleAccess{ | ||
134 | + RoleId: request.RoleId, | ||
135 | + AccessId: v, | ||
136 | + } | ||
137 | + if accessItem, ok := accessMap[v]; ok { | ||
138 | + item.Object = accessItem.Object | ||
139 | + item.Action = accessItem.Action | ||
140 | + item.Option = accessItem.AccessCode | ||
141 | + } | ||
142 | + roleAccess = append(roleAccess, item) | ||
143 | + } | ||
144 | + if err = RoleAccessDao.SaveRoleAccess(roleAccess); err != nil { | ||
145 | + return | ||
146 | + } | ||
147 | + } | ||
148 | + err = transactionContext.CommitTransaction() | ||
149 | + return | ||
150 | +} | ||
151 | + | ||
152 | +func NewRbacService(options map[string]interface{}) *RbacService { | ||
153 | + svr := &RbacService{} | ||
154 | + return svr | ||
155 | +} |
1 | package user | 1 | package user |
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | + "crypto/sha1" | ||
5 | + "fmt" | ||
4 | "github.com/tiptok/gocomm/common" | 6 | "github.com/tiptok/gocomm/common" |
5 | "github.com/tiptok/gocomm/pkg/log" | 7 | "github.com/tiptok/gocomm/pkg/log" |
6 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory" | 8 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory" |
@@ -19,6 +21,7 @@ func (svr *UserService) CreateUser(header *protocol.RequestHeader, request *prot | @@ -19,6 +21,7 @@ func (svr *UserService) CreateUser(header *protocol.RequestHeader, request *prot | ||
19 | rsp = &protocolx.CreateUserResponse{} | 21 | rsp = &protocolx.CreateUserResponse{} |
20 | if err = request.ValidateCommand(); err != nil { | 22 | if err = request.ValidateCommand(); err != nil { |
21 | err = protocol.NewCustomMessage(2, err.Error()) | 23 | err = protocol.NewCustomMessage(2, err.Error()) |
24 | + return | ||
22 | } | 25 | } |
23 | if err = transactionContext.StartTransaction(); err != nil { | 26 | if err = transactionContext.StartTransaction(); err != nil { |
24 | log.Error(err) | 27 | log.Error(err) |
@@ -31,12 +34,21 @@ func (svr *UserService) CreateUser(header *protocol.RequestHeader, request *prot | @@ -31,12 +34,21 @@ func (svr *UserService) CreateUser(header *protocol.RequestHeader, request *prot | ||
31 | Name: request.Name, | 34 | Name: request.Name, |
32 | Address: request.Address, | 35 | Address: request.Address, |
33 | Phone: request.Phone, | 36 | Phone: request.Phone, |
34 | - Passwd: request.Passwd, | 37 | + //Passwd: request.Passwd, |
35 | Roles: request.Roles, | 38 | Roles: request.Roles, |
36 | IsAdmin: request.IsAdmin, | 39 | IsAdmin: request.IsAdmin, |
37 | } | 40 | } |
38 | 41 | ||
39 | var UserRepository, _ = factory.CreateUserRepository(transactionContext) | 42 | var UserRepository, _ = factory.CreateUserRepository(transactionContext) |
43 | + if request.Phone != "" { | ||
44 | + if _, err = UserRepository.FindOne(map[string]interface{}{"phone": request.Phone}); err == nil { | ||
45 | + err = protocol.NewCustomMessage(1, "手机号已存在") | ||
46 | + return | ||
47 | + } | ||
48 | + } | ||
49 | + if len(newUser.Passwd) == 0 { | ||
50 | + newUser.Passwd = fmt.Sprintf("%x", sha1.Sum([]byte("123456"))) | ||
51 | + } | ||
40 | if m, err := UserRepository.Save(newUser); err != nil { | 52 | if m, err := UserRepository.Save(newUser); err != nil { |
41 | return nil, err | 53 | return nil, err |
42 | } else { | 54 | } else { |
@@ -53,6 +65,7 @@ func (svr *UserService) UpdateUser(header *protocol.RequestHeader, request *prot | @@ -53,6 +65,7 @@ func (svr *UserService) UpdateUser(header *protocol.RequestHeader, request *prot | ||
53 | rsp = &protocolx.UpdateUserResponse{} | 65 | rsp = &protocolx.UpdateUserResponse{} |
54 | if err = request.ValidateCommand(); err != nil { | 66 | if err = request.ValidateCommand(); err != nil { |
55 | err = protocol.NewCustomMessage(2, err.Error()) | 67 | err = protocol.NewCustomMessage(2, err.Error()) |
68 | + return | ||
56 | } | 69 | } |
57 | if err = transactionContext.StartTransaction(); err != nil { | 70 | if err = transactionContext.StartTransaction(); err != nil { |
58 | log.Error(err) | 71 | log.Error(err) |
@@ -64,9 +77,16 @@ func (svr *UserService) UpdateUser(header *protocol.RequestHeader, request *prot | @@ -64,9 +77,16 @@ func (svr *UserService) UpdateUser(header *protocol.RequestHeader, request *prot | ||
64 | 77 | ||
65 | var UserRepository, _ = factory.CreateUserRepository(transactionContext) | 78 | var UserRepository, _ = factory.CreateUserRepository(transactionContext) |
66 | var user *domain.User | 79 | var user *domain.User |
67 | - if user, err = UserRepository.FindOne(common.ObjectToMap(request)); err != nil { | 80 | + if user, err = UserRepository.FindOne(map[string]interface{}{"id": request.Id}); err != nil { |
81 | + err = protocol.NewCustomMessage(1, "用户不存在") | ||
68 | return | 82 | return |
69 | } | 83 | } |
84 | + if request.Phone != "" { | ||
85 | + if _, err = UserRepository.FindOne(map[string]interface{}{"phone": request.Phone}); err == nil { | ||
86 | + err = protocol.NewCustomMessage(1, "手机号已存在") | ||
87 | + return | ||
88 | + } | ||
89 | + } | ||
70 | if err = user.Update(common.ObjectToMap(request)); err != nil { | 90 | if err = user.Update(common.ObjectToMap(request)); err != nil { |
71 | return | 91 | return |
72 | } | 92 | } |
@@ -84,6 +104,7 @@ func (svr *UserService) GetUser(header *protocol.RequestHeader, request *protoco | @@ -84,6 +104,7 @@ func (svr *UserService) GetUser(header *protocol.RequestHeader, request *protoco | ||
84 | rsp = &protocolx.GetUserResponse{} | 104 | rsp = &protocolx.GetUserResponse{} |
85 | if err = request.ValidateCommand(); err != nil { | 105 | if err = request.ValidateCommand(); err != nil { |
86 | err = protocol.NewCustomMessage(2, err.Error()) | 106 | err = protocol.NewCustomMessage(2, err.Error()) |
107 | + return | ||
87 | } | 108 | } |
88 | if err = transactionContext.StartTransaction(); err != nil { | 109 | if err = transactionContext.StartTransaction(); err != nil { |
89 | log.Error(err) | 110 | log.Error(err) |
@@ -110,6 +131,7 @@ func (svr *UserService) DeleteUser(header *protocol.RequestHeader, request *prot | @@ -110,6 +131,7 @@ func (svr *UserService) DeleteUser(header *protocol.RequestHeader, request *prot | ||
110 | rsp = &protocolx.DeleteUserResponse{} | 131 | rsp = &protocolx.DeleteUserResponse{} |
111 | if err = request.ValidateCommand(); err != nil { | 132 | if err = request.ValidateCommand(); err != nil { |
112 | err = protocol.NewCustomMessage(2, err.Error()) | 133 | err = protocol.NewCustomMessage(2, err.Error()) |
134 | + return | ||
113 | } | 135 | } |
114 | if err = transactionContext.StartTransaction(); err != nil { | 136 | if err = transactionContext.StartTransaction(); err != nil { |
115 | log.Error(err) | 137 | log.Error(err) |
pkg/constant/redis.go
0 → 100644
1 | +package constant | ||
2 | + | ||
3 | +import "os" | ||
4 | + | ||
5 | +var REDIS_HOST = "127.0.0.1" | ||
6 | +var REDIS_PORT = "6379" | ||
7 | +var REDIS_AUTH = "123456" | ||
8 | + | ||
9 | +func init() { | ||
10 | + if os.Getenv("REDIS_HOST") != "" { | ||
11 | + REDIS_HOST = os.Getenv("REDIS_HOST") | ||
12 | + REDIS_AUTH = os.Getenv("REDIS_AUTH") | ||
13 | + } | ||
14 | + if os.Getenv("REDIS_PORT") != "" { | ||
15 | + REDIS_PORT = os.Getenv("REDIS_PORT") | ||
16 | + } | ||
17 | + if _, ok := os.LookupEnv("REDIS_AUTH"); ok { | ||
18 | + REDIS_AUTH = os.Getenv("REDIS_AUTH") | ||
19 | + } | ||
20 | +} |
@@ -11,7 +11,7 @@ type User struct { | @@ -11,7 +11,7 @@ type User struct { | ||
11 | // 手机号 | 11 | // 手机号 |
12 | Phone string `json:"phone"` | 12 | Phone string `json:"phone"` |
13 | // 密码 | 13 | // 密码 |
14 | - Passwd string `json:"passwd"` | 14 | + Passwd string `json:"-"` |
15 | // 用户角色 | 15 | // 用户角色 |
16 | Roles []int64 `json:"roles"` | 16 | Roles []int64 `json:"roles"` |
17 | // 是否是超级管理员 true:是 false:否 | 17 | // 是否是超级管理员 true:是 false:否 |
@@ -33,5 +33,23 @@ func (m *User) Identify() interface{} { | @@ -33,5 +33,23 @@ func (m *User) Identify() interface{} { | ||
33 | } | 33 | } |
34 | 34 | ||
35 | func (m *User) Update(data map[string]interface{}) error { | 35 | func (m *User) Update(data map[string]interface{}) error { |
36 | + if name, ok := data["name"]; ok { | ||
37 | + m.Name = name.(string) | ||
38 | + } | ||
39 | + if address, ok := data["address"]; ok { | ||
40 | + m.Address = address.(string) | ||
41 | + } | ||
42 | + if phone, ok := data["phone"]; ok { | ||
43 | + m.Phone = phone.(string) | ||
44 | + } | ||
45 | + if Passwd, ok := data["passwd"]; ok { | ||
46 | + m.Passwd = Passwd.(string) | ||
47 | + } | ||
48 | + if roles, ok := data["roles"]; ok { | ||
49 | + m.Roles = roles.([]int64) | ||
50 | + } | ||
51 | + if isAdmin, ok := data["isAdmin"]; ok { | ||
52 | + m.IsAdmin = isAdmin.(bool) | ||
53 | + } | ||
36 | return nil | 54 | return nil |
37 | } | 55 | } |
pkg/infrastructure/dao/pg_role_access_dao.go
0 → 100644
1 | +package dao | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/go-pg/pg/v10" | ||
6 | + "github.com/tiptok/gocomm/common" | ||
7 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" | ||
8 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/pg/models" | ||
9 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/pg/transaction" | ||
10 | +) | ||
11 | + | ||
12 | +type RoleAccessDao struct { | ||
13 | + transactionContext *transaction.TransactionContext | ||
14 | +} | ||
15 | + | ||
16 | +func (dao *RoleAccessDao) DeleteRoleAccess(roleId int64) error { | ||
17 | + tx := dao.transactionContext.PgTx | ||
18 | + q := tx.Model(new(models.RoleAccess)) | ||
19 | + q.Where("role_id=?", roleId) | ||
20 | + _, err := q.Delete() | ||
21 | + return err | ||
22 | +} | ||
23 | + | ||
24 | +func (dao *RoleAccessDao) GetRoleAccess(roleId ...int64) ([]int64, error) { | ||
25 | + if len(roleId) == 0 { | ||
26 | + return []int64{}, nil | ||
27 | + } | ||
28 | + tx := dao.transactionContext.PgDd | ||
29 | + q := tx.Model(new(models.RoleAccess)) | ||
30 | + q.Column("access_id") | ||
31 | + if len(roleId) == 1 { | ||
32 | + q.Where("role_id=?", roleId[0]) | ||
33 | + } else { | ||
34 | + q.Where("role_id in (?)", pg.In(roleId)) | ||
35 | + } | ||
36 | + var accessIds []int64 | ||
37 | + err := q.Distinct().Select(&accessIds) | ||
38 | + return accessIds, err | ||
39 | +} | ||
40 | + | ||
41 | +func (dao *RoleAccessDao) SaveRoleAccess(roleAccess []*domain.RoleAccess) error { | ||
42 | + if len(roleAccess) == 0 { | ||
43 | + return nil | ||
44 | + } | ||
45 | + tx := dao.transactionContext.PgTx | ||
46 | + var modelsRoleAccess []*models.RoleAccess | ||
47 | + for i := range roleAccess { | ||
48 | + var item *models.RoleAccess | ||
49 | + common.GobModelTransform(&item, roleAccess[i]) | ||
50 | + if item == nil { | ||
51 | + continue | ||
52 | + } | ||
53 | + modelsRoleAccess = append(modelsRoleAccess, item) | ||
54 | + } | ||
55 | + _, err := tx.Model(&modelsRoleAccess).Insert() | ||
56 | + return err | ||
57 | +} | ||
58 | + | ||
59 | +func NewRoleAccessDao(transactionContext *transaction.TransactionContext) (*RoleAccessDao, error) { | ||
60 | + if transactionContext == nil { | ||
61 | + return nil, fmt.Errorf("transactionContext参数不能为nil") | ||
62 | + } else { | ||
63 | + return &RoleAccessDao{ | ||
64 | + transactionContext: transactionContext, | ||
65 | + }, nil | ||
66 | + } | ||
67 | +} |
pkg/infrastructure/redis/init.go
0 → 100644
1 | +package redis | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/tiptok/gocomm/pkg/cache" | ||
6 | + "github.com/tiptok/gocomm/pkg/log" | ||
7 | + "github.com/tiptok/gocomm/pkg/redis" | ||
8 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/constant" | ||
9 | +) | ||
10 | + | ||
11 | +func init() { | ||
12 | + redisSource := fmt.Sprintf("%v:%v", constant.REDIS_HOST, constant.REDIS_PORT) | ||
13 | + err := redis.InitWithDb(100, redisSource, constant.REDIS_AUTH, "0") | ||
14 | + if err != nil { | ||
15 | + log.Error(err) | ||
16 | + } | ||
17 | + cache.InitDefault(cache.WithDefaultRedisPool(redis.GetRedisPool())) | ||
18 | +} |
@@ -2,6 +2,7 @@ package repository | @@ -2,6 +2,7 @@ package repository | ||
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | "fmt" | 4 | "fmt" |
5 | + "github.com/go-pg/pg/v10" | ||
5 | "github.com/tiptok/gocomm/common" | 6 | "github.com/tiptok/gocomm/common" |
6 | . "github.com/tiptok/gocomm/pkg/orm/pgx" | 7 | . "github.com/tiptok/gocomm/pkg/orm/pgx" |
7 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" | 8 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" |
@@ -66,6 +67,10 @@ func (repository *AccessRepository) Find(queryOptions map[string]interface{}) (i | @@ -66,6 +67,10 @@ func (repository *AccessRepository) Find(queryOptions map[string]interface{}) (i | ||
66 | query := NewQuery(tx.Model(&AccessModels), queryOptions). | 67 | query := NewQuery(tx.Model(&AccessModels), queryOptions). |
67 | SetOrder("create_time", "sortByCreateTime"). | 68 | SetOrder("create_time", "sortByCreateTime"). |
68 | SetOrder("update_time", "sortByUpdateTime") | 69 | SetOrder("update_time", "sortByUpdateTime") |
70 | + | ||
71 | + if inAccessIds, ok := queryOptions["inAccessIds"]; ok { | ||
72 | + query.Where("id in (?)", pg.In(inAccessIds)) | ||
73 | + } | ||
69 | var err error | 74 | var err error |
70 | if query.AffectRow, err = query.SelectAndCount(); err != nil { | 75 | if query.AffectRow, err = query.SelectAndCount(); err != nil { |
71 | return 0, Accesss, err | 76 | return 0, Accesss, err |
@@ -64,6 +64,7 @@ func (repository *RoleAccessRepository) Find(queryOptions map[string]interface{} | @@ -64,6 +64,7 @@ func (repository *RoleAccessRepository) Find(queryOptions map[string]interface{} | ||
64 | var RoleAccessModels []*models.RoleAccess | 64 | var RoleAccessModels []*models.RoleAccess |
65 | RoleAccesss := make([]*domain.RoleAccess, 0) | 65 | RoleAccesss := make([]*domain.RoleAccess, 0) |
66 | query := NewQuery(tx.Model(&RoleAccessModels), queryOptions). | 66 | query := NewQuery(tx.Model(&RoleAccessModels), queryOptions). |
67 | + SetWhere("role_id=?", "roleId"). | ||
67 | SetOrder("create_time", "sortByCreateTime"). | 68 | SetOrder("create_time", "sortByCreateTime"). |
68 | SetOrder("update_time", "sortByUpdateTime") | 69 | SetOrder("update_time", "sortByUpdateTime") |
69 | var err error | 70 | var err error |
@@ -2,6 +2,7 @@ package repository | @@ -2,6 +2,7 @@ package repository | ||
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | "fmt" | 4 | "fmt" |
5 | + "github.com/go-pg/pg/v10" | ||
5 | "github.com/tiptok/gocomm/common" | 6 | "github.com/tiptok/gocomm/common" |
6 | . "github.com/tiptok/gocomm/pkg/orm/pgx" | 7 | . "github.com/tiptok/gocomm/pkg/orm/pgx" |
7 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" | 8 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" |
@@ -68,6 +69,9 @@ func (repository *RoleRepository) Find(queryOptions map[string]interface{}) (int | @@ -68,6 +69,9 @@ func (repository *RoleRepository) Find(queryOptions map[string]interface{}) (int | ||
68 | SetOrder("create_time", "sortByCreateTime"). | 69 | SetOrder("create_time", "sortByCreateTime"). |
69 | SetOrder("update_time", "sortByUpdateTime") | 70 | SetOrder("update_time", "sortByUpdateTime") |
70 | var err error | 71 | var err error |
72 | + if inRoleIds, ok := queryOptions["inRoleIds"]; ok { | ||
73 | + query.Where("id in (?)", pg.In(inRoleIds)) | ||
74 | + } | ||
71 | if query.AffectRow, err = query.SelectAndCount(); err != nil { | 75 | if query.AffectRow, err = query.SelectAndCount(); err != nil { |
72 | return 0, Roles, err | 76 | return 0, Roles, err |
73 | } | 77 | } |
@@ -26,6 +26,7 @@ func (repository *UserRepository) Save(dm *domain.User) (*domain.User, error) { | @@ -26,6 +26,7 @@ func (repository *UserRepository) Save(dm *domain.User) (*domain.User, error) { | ||
26 | if err = tx.Insert(m); err != nil { | 26 | if err = tx.Insert(m); err != nil { |
27 | return nil, err | 27 | return nil, err |
28 | } | 28 | } |
29 | + dm.Id = m.Id | ||
29 | return dm, nil | 30 | return dm, nil |
30 | } | 31 | } |
31 | if err = tx.Update(m); err != nil { | 32 | if err = tx.Update(m); err != nil { |
@@ -50,6 +51,7 @@ func (repository *UserRepository) FindOne(queryOptions map[string]interface{}) ( | @@ -50,6 +51,7 @@ func (repository *UserRepository) FindOne(queryOptions map[string]interface{}) ( | ||
50 | UserModel := new(models.User) | 51 | UserModel := new(models.User) |
51 | query := NewQuery(tx.Model(UserModel), queryOptions) | 52 | query := NewQuery(tx.Model(UserModel), queryOptions) |
52 | query.SetWhere("id = ?", "id") | 53 | query.SetWhere("id = ?", "id") |
54 | + query.SetWhere("phone = ?", "phone") | ||
53 | if err := query.First(); err != nil { | 55 | if err := query.First(); err != nil { |
54 | return nil, fmt.Errorf("query row not found") | 56 | return nil, fmt.Errorf("query row not found") |
55 | } | 57 | } |
@@ -3,6 +3,7 @@ package beego | @@ -3,6 +3,7 @@ package beego | ||
3 | import ( | 3 | import ( |
4 | "github.com/astaxie/beego" | 4 | "github.com/astaxie/beego" |
5 | "github.com/astaxie/beego/plugins/cors" | 5 | "github.com/astaxie/beego/plugins/cors" |
6 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego/middleware" | ||
6 | _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego/routers" | 7 | _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego/routers" |
7 | ) | 8 | ) |
8 | 9 | ||
@@ -14,4 +15,10 @@ func init() { | @@ -14,4 +15,10 @@ func init() { | ||
14 | ExposeHeaders: []string{"Content-Length", "Access-Control-Allow-Origin"}, | 15 | ExposeHeaders: []string{"Content-Length", "Access-Control-Allow-Origin"}, |
15 | AllowCredentials: true, | 16 | AllowCredentials: true, |
16 | })) | 17 | })) |
18 | + | ||
19 | + beego.InsertFilter("/user/*", beego.BeforeExec, middleware.InspectRoleAccess()) | ||
20 | + beego.InsertFilter("/role/*", beego.BeforeExec, middleware.InspectRoleAccess()) | ||
21 | + beego.InsertFilter("/project_module/*", beego.BeforeExec, middleware.CheckAuthorization) | ||
22 | + beego.InsertFilter("/project_module_files/*", beego.BeforeExec, middleware.CheckAuthorization) | ||
23 | + beego.InsertFilter("/rbac/*", beego.BeforeExec, middleware.CheckAuthorization) | ||
17 | } | 24 | } |
@@ -86,15 +86,12 @@ func (this *AuthController) CaptchaInit() { | @@ -86,15 +86,12 @@ func (this *AuthController) CaptchaInit() { | ||
86 | var ( | 86 | var ( |
87 | msg *protocol.ResponseMessage | 87 | msg *protocol.ResponseMessage |
88 | svr = auth.NewAuthService(nil) | 88 | svr = auth.NewAuthService(nil) |
89 | - request *protocolx.CaptchaInitRequest | 89 | + request = &protocolx.CaptchaInitRequest{} |
90 | ) | 90 | ) |
91 | defer func() { | 91 | defer func() { |
92 | this.Resp(msg) | 92 | this.Resp(msg) |
93 | }() | 93 | }() |
94 | - if err := this.JsonUnmarshal(&request); err != nil { | ||
95 | - msg = protocol.BadRequestParam(1) | ||
96 | - return | ||
97 | - } | 94 | + request.UserIp = this.Ctx.Input.IP() |
98 | header := this.GetRequestHeader(this.Ctx) | 95 | header := this.GetRequestHeader(this.Ctx) |
99 | data, err := svr.CaptchaInit(header, request) | 96 | data, err := svr.CaptchaInit(header, request) |
100 | if err != nil { | 97 | if err != nil { |
pkg/port/beego/controllers/rbac.go
0 → 100644
1 | +package controllers | ||
2 | + | ||
3 | +import ( | ||
4 | + "github.com/tiptok/gocomm/pkg/log" | ||
5 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/rbac" | ||
6 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol" | ||
7 | + protocolx "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol/rbac" | ||
8 | +) | ||
9 | + | ||
10 | +type RbacController struct { | ||
11 | + BaseController | ||
12 | +} | ||
13 | + | ||
14 | +// Access | ||
15 | +// 权限列表 | ||
16 | +func (this *RbacController) Access() { | ||
17 | + var ( | ||
18 | + msg *protocol.ResponseMessage | ||
19 | + svr = rbac.NewRbacService(nil) | ||
20 | + request *protocolx.AccessRequest | ||
21 | + ) | ||
22 | + defer func() { | ||
23 | + this.Resp(msg) | ||
24 | + }() | ||
25 | + header := this.GetRequestHeader(this.Ctx) | ||
26 | + data, err := svr.Access(header, request) | ||
27 | + if err != nil { | ||
28 | + log.Error(err) | ||
29 | + } | ||
30 | + msg = protocol.NewReturnResponse(data, err) | ||
31 | +} | ||
32 | + | ||
33 | +// RoleAccess | ||
34 | +// 获取角色权限 | ||
35 | +func (this *RbacController) RoleAccess() { | ||
36 | + var ( | ||
37 | + msg *protocol.ResponseMessage | ||
38 | + svr = rbac.NewRbacService(nil) | ||
39 | + request = &protocolx.RoleAccessRequest{} | ||
40 | + ) | ||
41 | + defer func() { | ||
42 | + this.Resp(msg) | ||
43 | + }() | ||
44 | + request.RoleId, _ = this.GetInt64(":roleId") | ||
45 | + header := this.GetRequestHeader(this.Ctx) | ||
46 | + data, err := svr.RoleAccess(header, request) | ||
47 | + if err != nil { | ||
48 | + log.Error(err) | ||
49 | + } | ||
50 | + msg = protocol.NewReturnResponse(data, err) | ||
51 | +} | ||
52 | + | ||
53 | +// SetRoleAccess | ||
54 | +// 设置权限 | ||
55 | +func (this *RbacController) SetRoleAccess() { | ||
56 | + var ( | ||
57 | + msg *protocol.ResponseMessage | ||
58 | + svr = rbac.NewRbacService(nil) | ||
59 | + request *protocolx.SetRoleAccessRequest | ||
60 | + ) | ||
61 | + defer func() { | ||
62 | + this.Resp(msg) | ||
63 | + }() | ||
64 | + if err := this.JsonUnmarshal(&request); err != nil { | ||
65 | + msg = protocol.BadRequestParam(1) | ||
66 | + return | ||
67 | + } | ||
68 | + header := this.GetRequestHeader(this.Ctx) | ||
69 | + data, err := svr.SetRoleAccess(header, request) | ||
70 | + if err != nil { | ||
71 | + log.Error(err) | ||
72 | + } | ||
73 | + msg = protocol.NewReturnResponse(data, err) | ||
74 | +} |
@@ -49,6 +49,7 @@ func (this *UserController) UpdateUser() { | @@ -49,6 +49,7 @@ func (this *UserController) UpdateUser() { | ||
49 | msg = protocol.BadRequestParam(1) | 49 | msg = protocol.BadRequestParam(1) |
50 | return | 50 | return |
51 | } | 51 | } |
52 | + request.Id, _ = this.GetInt64(":userId") | ||
52 | header := this.GetRequestHeader(this.Ctx) | 53 | header := this.GetRequestHeader(this.Ctx) |
53 | data, err := svr.UpdateUser(header, request) | 54 | data, err := svr.UpdateUser(header, request) |
54 | if err != nil { | 55 | if err != nil { |
@@ -63,15 +64,12 @@ func (this *UserController) GetUser() { | @@ -63,15 +64,12 @@ func (this *UserController) GetUser() { | ||
63 | var ( | 64 | var ( |
64 | msg *protocol.ResponseMessage | 65 | msg *protocol.ResponseMessage |
65 | svr = user.NewUserService(nil) | 66 | svr = user.NewUserService(nil) |
66 | - request *protocolx.GetUserRequest | 67 | + request = &protocolx.GetUserRequest{} |
67 | ) | 68 | ) |
68 | defer func() { | 69 | defer func() { |
69 | this.Resp(msg) | 70 | this.Resp(msg) |
70 | }() | 71 | }() |
71 | - if err := this.JsonUnmarshal(&request); err != nil { | ||
72 | - msg = protocol.BadRequestParam(1) | ||
73 | - return | ||
74 | - } | 72 | + request.Id, _ = this.GetInt64(":userId") |
75 | header := this.GetRequestHeader(this.Ctx) | 73 | header := this.GetRequestHeader(this.Ctx) |
76 | data, err := svr.GetUser(header, request) | 74 | data, err := svr.GetUser(header, request) |
77 | if err != nil { | 75 | if err != nil { |
@@ -86,15 +84,12 @@ func (this *UserController) DeleteUser() { | @@ -86,15 +84,12 @@ func (this *UserController) DeleteUser() { | ||
86 | var ( | 84 | var ( |
87 | msg *protocol.ResponseMessage | 85 | msg *protocol.ResponseMessage |
88 | svr = user.NewUserService(nil) | 86 | svr = user.NewUserService(nil) |
89 | - request *protocolx.DeleteUserRequest | 87 | + request = &protocolx.DeleteUserRequest{} |
90 | ) | 88 | ) |
91 | defer func() { | 89 | defer func() { |
92 | this.Resp(msg) | 90 | this.Resp(msg) |
93 | }() | 91 | }() |
94 | - if err := this.JsonUnmarshal(&request); err != nil { | ||
95 | - msg = protocol.BadRequestParam(1) | ||
96 | - return | ||
97 | - } | 92 | + request.Id, _ = this.GetInt64(":userId") |
98 | header := this.GetRequestHeader(this.Ctx) | 93 | header := this.GetRequestHeader(this.Ctx) |
99 | data, err := svr.DeleteUser(header, request) | 94 | data, err := svr.DeleteUser(header, request) |
100 | if err != nil { | 95 | if err != nil { |
@@ -4,6 +4,7 @@ import ( | @@ -4,6 +4,7 @@ import ( | ||
4 | "errors" | 4 | "errors" |
5 | "github.com/astaxie/beego/context" | 5 | "github.com/astaxie/beego/context" |
6 | "github.com/tiptok/gocomm/common" | 6 | "github.com/tiptok/gocomm/common" |
7 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/cachex" | ||
7 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol" | 8 | "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol" |
8 | "strconv" | 9 | "strconv" |
9 | "strings" | 10 | "strings" |
@@ -28,7 +29,13 @@ func CheckAuthorization(ctx *context.Context) { | @@ -28,7 +29,13 @@ func CheckAuthorization(ctx *context.Context) { | ||
28 | msg = protocol.NewResponseMessage(1, errAuthorization.Error()) | 29 | msg = protocol.NewResponseMessage(1, errAuthorization.Error()) |
29 | return | 30 | return |
30 | } | 31 | } |
31 | - token := strings.Split(authorization, " ")[1] | 32 | + var token string |
33 | + splitToken := strings.Split(authorization, " ") | ||
34 | + if len(splitToken) == 1 { | ||
35 | + token = splitToken[0] | ||
36 | + } else { | ||
37 | + token = splitToken[1] | ||
38 | + } | ||
32 | claim, err := common.ParseJWTToken(token) | 39 | claim, err := common.ParseJWTToken(token) |
33 | if err != nil { | 40 | if err != nil { |
34 | msg = protocol.NewResponseMessage(1, errAuthorizationExpire.Error()) | 41 | msg = protocol.NewResponseMessage(1, errAuthorizationExpire.Error()) |
@@ -36,5 +43,39 @@ func CheckAuthorization(ctx *context.Context) { | @@ -36,5 +43,39 @@ func CheckAuthorization(ctx *context.Context) { | ||
36 | } | 43 | } |
37 | userId, _ := strconv.Atoi(claim.Username) | 44 | userId, _ := strconv.Atoi(claim.Username) |
38 | ctx.Input.SetData("x-mmm-id", userId) | 45 | ctx.Input.SetData("x-mmm-id", userId) |
39 | - //TODO:check redis cache | 46 | + return |
47 | +} | ||
48 | + | ||
49 | +func CheckRoleAccess(ctx *context.Context) { | ||
50 | + var ( | ||
51 | + msg *protocol.ResponseMessage | ||
52 | + ) | ||
53 | + defer func() { | ||
54 | + if msg != nil { | ||
55 | + ctx.Output.JSON(msg, false, false) | ||
56 | + } | ||
57 | + }() | ||
58 | + userId := ctx.Input.GetData("x-mmm-id") | ||
59 | + | ||
60 | + validUserRole := cachex.CacheService{} | ||
61 | + if ok, _ := validUserRole.ValidUserAccess(int64(userId.(int)), ctx.Input.URL(), ctx.Input.Method()); !ok { | ||
62 | + msg = protocol.NewResponseMessage(1, errAuthorization.Error()) | ||
63 | + return | ||
64 | + } | ||
65 | + return | ||
66 | +} | ||
67 | + | ||
68 | +func InspectRoleAccess(skipUrl ...string) func(*context.Context) { | ||
69 | + return func(c *context.Context) { | ||
70 | + if len(skipUrl) > 0 { | ||
71 | + requestUrl := c.Input.URL() | ||
72 | + for _, url := range skipUrl { | ||
73 | + if strings.EqualFold(requestUrl, url) { | ||
74 | + return | ||
75 | + } | ||
76 | + } | ||
77 | + } | ||
78 | + CheckAuthorization(c) | ||
79 | + CheckRoleAccess(c) | ||
80 | + } | ||
40 | } | 81 | } |
pkg/port/beego/routers/rbac_router.go
0 → 100644
1 | +package routers | ||
2 | + | ||
3 | +import ( | ||
4 | + "github.com/astaxie/beego" | ||
5 | + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego/controllers" | ||
6 | +) | ||
7 | + | ||
8 | +func init() { | ||
9 | + beego.Router("/rbac/access", &controllers.RbacController{}, "get:Access") | ||
10 | + beego.Router("/rbac/roleAccess/:roleId", &controllers.RbacController{}, "get:RoleAccess") | ||
11 | + beego.Router("/rbac/setRoleAccess", &controllers.RbacController{}, "post:SetRoleAccess") | ||
12 | +} |
@@ -6,6 +6,7 @@ import ( | @@ -6,6 +6,7 @@ import ( | ||
6 | ) | 6 | ) |
7 | 7 | ||
8 | type ProfileRequest struct { | 8 | type ProfileRequest struct { |
9 | + UserId int64 `valid:"Required"` | ||
9 | } | 10 | } |
10 | 11 | ||
11 | func (ProfileRequest *ProfileRequest) ValidateCommand() error { | 12 | func (ProfileRequest *ProfileRequest) ValidateCommand() error { |
@@ -6,6 +6,7 @@ import ( | @@ -6,6 +6,7 @@ import ( | ||
6 | ) | 6 | ) |
7 | 7 | ||
8 | type CaptchaInitRequest struct { | 8 | type CaptchaInitRequest struct { |
9 | + UserIp string `json:"userIp" valid:"Required"` | ||
9 | } | 10 | } |
10 | 11 | ||
11 | func (CaptchaInitRequest *CaptchaInitRequest) ValidateCommand() error { | 12 | func (CaptchaInitRequest *CaptchaInitRequest) ValidateCommand() error { |
@@ -6,8 +6,10 @@ import ( | @@ -6,8 +6,10 @@ import ( | ||
6 | ) | 6 | ) |
7 | 7 | ||
8 | type CreateProjectModuleVersionRequest struct { | 8 | type CreateProjectModuleVersionRequest struct { |
9 | + // 当前版本编号 | ||
10 | + CurrentVersionId int64 `json:"currentVersionId" valid:"Required"` | ||
9 | // 版本号 | 11 | // 版本号 |
10 | - Version string `json:"version,omitempty"` | 12 | + Version string `json:"version,omitempty" valid:"Required"` |
11 | // 项目描述信息 | 13 | // 项目描述信息 |
12 | Description string `json:"description,omitempty"` | 14 | Description string `json:"description,omitempty"` |
13 | // 状态 0:正常 1:删除 | 15 | // 状态 0:正常 1:删除 |
1 | +package rbac | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/astaxie/beego/validation" | ||
6 | +) | ||
7 | + | ||
8 | +type SetRoleAccessRequest struct { | ||
9 | + RoleId int64 `json:"roleId"` | ||
10 | + AccessIds []int64 `json:"accessIds"` | ||
11 | +} | ||
12 | + | ||
13 | +func (SetRoleAccessRequest *SetRoleAccessRequest) ValidateCommand() error { | ||
14 | + valid := validation.Validation{} | ||
15 | + b, err := valid.Valid(SetRoleAccessRequest) | ||
16 | + if err != nil { | ||
17 | + return err | ||
18 | + } | ||
19 | + if !b { | ||
20 | + for _, validErr := range valid.Errors { | ||
21 | + return fmt.Errorf("%s %s", validErr.Key, validErr.Message) | ||
22 | + } | ||
23 | + } | ||
24 | + return nil | ||
25 | +} |
1 | +package rbac | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/astaxie/beego/validation" | ||
6 | +) | ||
7 | + | ||
8 | +type SetRoleAccessResponse struct { | ||
9 | +} | ||
10 | + | ||
11 | +func (SetRoleAccessResponse *SetRoleAccessResponse) ValidateCommand() error { | ||
12 | + valid := validation.Validation{} | ||
13 | + b, err := valid.Valid(SetRoleAccessResponse) | ||
14 | + if err != nil { | ||
15 | + return err | ||
16 | + } | ||
17 | + if !b { | ||
18 | + for _, validErr := range valid.Errors { | ||
19 | + return fmt.Errorf("%s %s", validErr.Key, validErr.Message) | ||
20 | + } | ||
21 | + } | ||
22 | + return nil | ||
23 | +} |
pkg/protocol/rbac/query_access_request.go
0 → 100644
1 | +package rbac | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/astaxie/beego/validation" | ||
6 | +) | ||
7 | + | ||
8 | +type AccessRequest struct { | ||
9 | +} | ||
10 | + | ||
11 | +func (AccessRequest *AccessRequest) ValidateCommand() error { | ||
12 | + valid := validation.Validation{} | ||
13 | + b, err := valid.Valid(AccessRequest) | ||
14 | + if err != nil { | ||
15 | + return err | ||
16 | + } | ||
17 | + if !b { | ||
18 | + for _, validErr := range valid.Errors { | ||
19 | + return fmt.Errorf("%s %s", validErr.Key, validErr.Message) | ||
20 | + } | ||
21 | + } | ||
22 | + return nil | ||
23 | +} |
pkg/protocol/rbac/query_access_response.go
0 → 100644
1 | +package rbac | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/astaxie/beego/validation" | ||
6 | +) | ||
7 | + | ||
8 | +type AccessResponse struct { | ||
9 | +} | ||
10 | + | ||
11 | +func (AccessResponse *AccessResponse) ValidateCommand() error { | ||
12 | + valid := validation.Validation{} | ||
13 | + b, err := valid.Valid(AccessResponse) | ||
14 | + if err != nil { | ||
15 | + return err | ||
16 | + } | ||
17 | + if !b { | ||
18 | + for _, validErr := range valid.Errors { | ||
19 | + return fmt.Errorf("%s %s", validErr.Key, validErr.Message) | ||
20 | + } | ||
21 | + } | ||
22 | + return nil | ||
23 | +} |
1 | +package rbac | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/astaxie/beego/validation" | ||
6 | +) | ||
7 | + | ||
8 | +type RoleAccessRequest struct { | ||
9 | + RoleId int64 `json:"roleId" valid:"Required"` | ||
10 | +} | ||
11 | + | ||
12 | +func (RoleAccessRequest *RoleAccessRequest) ValidateCommand() error { | ||
13 | + valid := validation.Validation{} | ||
14 | + b, err := valid.Valid(RoleAccessRequest) | ||
15 | + if err != nil { | ||
16 | + return err | ||
17 | + } | ||
18 | + if !b { | ||
19 | + for _, validErr := range valid.Errors { | ||
20 | + return fmt.Errorf("%s %s", validErr.Key, validErr.Message) | ||
21 | + } | ||
22 | + } | ||
23 | + return nil | ||
24 | +} |
1 | +package rbac | ||
2 | + | ||
3 | +import ( | ||
4 | + "fmt" | ||
5 | + "github.com/astaxie/beego/validation" | ||
6 | +) | ||
7 | + | ||
8 | +type RoleAccessResponse struct { | ||
9 | +} | ||
10 | + | ||
11 | +func (RoleAccessResponse *RoleAccessResponse) ValidateCommand() error { | ||
12 | + valid := validation.Validation{} | ||
13 | + b, err := valid.Valid(RoleAccessResponse) | ||
14 | + if err != nil { | ||
15 | + return err | ||
16 | + } | ||
17 | + if !b { | ||
18 | + for _, validErr := range valid.Errors { | ||
19 | + return fmt.Errorf("%s %s", validErr.Key, validErr.Message) | ||
20 | + } | ||
21 | + } | ||
22 | + return nil | ||
23 | +} |
@@ -11,7 +11,7 @@ type CreateUserRequest struct { | @@ -11,7 +11,7 @@ type CreateUserRequest struct { | ||
11 | // 地址 | 11 | // 地址 |
12 | Address string `json:"address,omitempty"` | 12 | Address string `json:"address,omitempty"` |
13 | // 手机号 | 13 | // 手机号 |
14 | - Phone string `json:"phone,omitempty"` | 14 | + Phone string `json:"phone,omitempty" valid:"Required"` |
15 | // 密码 | 15 | // 密码 |
16 | Passwd string `json:"passwd,omitempty"` | 16 | Passwd string `json:"passwd,omitempty"` |
17 | // 用户角色 | 17 | // 用户角色 |
-
请 注册 或 登录 后发表评论