作者 yangfu

1.增加user access 校验

@@ -6,6 +6,7 @@ require ( @@ -6,6 +6,7 @@ require (
6 github.com/astaxie/beego v1.12.2 6 github.com/astaxie/beego v1.12.2
7 github.com/go-pg/pg/v10 v10.0.0-beta.2 7 github.com/go-pg/pg/v10 v10.0.0-beta.2
8 github.com/tiptok/gocomm v1.0.2 8 github.com/tiptok/gocomm v1.0.2
  9 + github.com/GeeTeam/gt3-golang-sdk v0.0.0-20200116043922-446ca8a507d2
9 ) 10 )
10 11
11 replace github.com/tiptok/gocomm v1.0.2 => F:\go\src\learn_project\gocomm 12 replace github.com/tiptok/gocomm v1.0.2 => F:\go\src\learn_project\gocomm
@@ -4,6 +4,7 @@ import ( @@ -4,6 +4,7 @@ import (
4 "github.com/astaxie/beego" 4 "github.com/astaxie/beego"
5 _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/constant" 5 _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/constant"
6 _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/pg" 6 _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/pg"
  7 + _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/redis"
7 _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego" 8 _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego"
8 ) 9 )
9 10
1 package auth 1 package auth
2 2
3 import ( 3 import (
  4 + "encoding/json"
4 "fmt" 5 "fmt"
  6 + "github.com/GeeTeam/gt3-golang-sdk/geetest"
5 "github.com/tiptok/gocomm/common" 7 "github.com/tiptok/gocomm/common"
  8 + "github.com/tiptok/gocomm/pkg/cache"
6 "github.com/tiptok/gocomm/pkg/log" 9 "github.com/tiptok/gocomm/pkg/log"
  10 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/cachex"
7 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory" 11 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory"
8 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" 12 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain"
  13 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/dao"
9 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol" 14 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol"
10 protocolx "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol/auth" 15 protocolx "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol/auth"
  16 + "time"
11 ) 17 )
12 18
13 type AuthService struct { 19 type AuthService struct {
@@ -44,6 +50,8 @@ func (svr *AuthService) Login(header *protocol.RequestHeader, request *protocolx @@ -44,6 +50,8 @@ func (svr *AuthService) Login(header *protocol.RequestHeader, request *protocolx
44 "accessToken": "Bearer " + token, 50 "accessToken": "Bearer " + token,
45 "expiresIn": domain.TokenExpire, 51 "expiresIn": domain.TokenExpire,
46 } 52 }
  53 +
  54 + cache.Delete(cachex.UserRoleAccessCacheKey(user.Id))
47 err = transactionContext.CommitTransaction() 55 err = transactionContext.CommitTransaction()
48 return 56 return
49 } 57 }
@@ -68,13 +76,18 @@ func (svr *AuthService) Logout(header *protocol.RequestHeader, request *protocol @@ -68,13 +76,18 @@ func (svr *AuthService) Logout(header *protocol.RequestHeader, request *protocol
68 return 76 return
69 } 77 }
70 78
71 -func (svr *AuthService) Profile(header *protocol.RequestHeader, request *protocolx.ProfileRequest) (rsp *protocolx.ProfileResponse, err error) { 79 +func (svr *AuthService) Profile(header *protocol.RequestHeader, request *protocolx.ProfileRequest) (rsp interface{}, err error) {
72 var ( 80 var (
73 transactionContext, _ = factory.CreateTransactionContext(nil) 81 transactionContext, _ = factory.CreateTransactionContext(nil)
  82 + UserRepository, _ = factory.CreateUserRepository(transactionContext)
  83 + RoleRepository, _ = factory.CreateRoleRepository(transactionContext)
  84 + RoleAccessDao, _ = dao.NewRoleAccessDao(transactionContext)
  85 + AccessRepository, _ = factory.CreateAccessRepository(transactionContext)
74 ) 86 )
75 rsp = &protocolx.ProfileResponse{} 87 rsp = &protocolx.ProfileResponse{}
76 if err = request.ValidateCommand(); err != nil { 88 if err = request.ValidateCommand(); err != nil {
77 err = protocol.NewCustomMessage(2, err.Error()) 89 err = protocol.NewCustomMessage(2, err.Error())
  90 + return
78 } 91 }
79 if err = transactionContext.StartTransaction(); err != nil { 92 if err = transactionContext.StartTransaction(); err != nil {
80 log.Error(err) 93 log.Error(err)
@@ -84,17 +97,43 @@ func (svr *AuthService) Profile(header *protocol.RequestHeader, request *protoco @@ -84,17 +97,43 @@ func (svr *AuthService) Profile(header *protocol.RequestHeader, request *protoco
84 transactionContext.RollbackTransaction() 97 transactionContext.RollbackTransaction()
85 }() 98 }()
86 99
  100 + var user *domain.User
  101 + if user, err = UserRepository.FindOne(map[string]interface{}{"id": request.UserId}); err != nil {
  102 + err = protocol.NewCustomMessage(1, "用户不存在")
  103 + return
  104 + }
  105 + _, roles, _ := RoleRepository.Find(map[string]interface{}{"inRoleIds": user.Roles})
  106 +
  107 + rspMap := map[string]interface{}{
  108 + "menus": struct{}{},
  109 + }
  110 + rspMap["user"] = map[string]interface{}{
  111 + "name": user.Name,
  112 + "id": user.Id,
  113 + "phone": user.Phone,
  114 + "address": user.Address,
  115 + "isAdmin": user.IsAdmin,
  116 + "roles": roles,
  117 + }
  118 +
  119 + accessIds, _ := RoleAccessDao.GetRoleAccess(user.Roles...)
  120 + if len(accessIds) > 0 {
  121 + _, accesses, _ := AccessRepository.Find(map[string]interface{}{"inAccessIds": accessIds})
  122 + rspMap["menus"] = accesses
  123 + }
  124 + rsp = rspMap
87 err = transactionContext.CommitTransaction() 125 err = transactionContext.CommitTransaction()
88 return 126 return
89 } 127 }
90 128
91 -func (svr *AuthService) CaptchaInit(header *protocol.RequestHeader, request *protocolx.CaptchaInitRequest) (rsp *protocolx.CaptchaInitResponse, err error) { 129 +func (svr *AuthService) CaptchaInit(header *protocol.RequestHeader, request *protocolx.CaptchaInitRequest) (rsp interface{}, err error) {
92 var ( 130 var (
93 transactionContext, _ = factory.CreateTransactionContext(nil) 131 transactionContext, _ = factory.CreateTransactionContext(nil)
94 ) 132 )
95 rsp = &protocolx.CaptchaInitResponse{} 133 rsp = &protocolx.CaptchaInitResponse{}
96 if err = request.ValidateCommand(); err != nil { 134 if err = request.ValidateCommand(); err != nil {
97 err = protocol.NewCustomMessage(2, err.Error()) 135 err = protocol.NewCustomMessage(2, err.Error())
  136 + return
98 } 137 }
99 if err = transactionContext.StartTransaction(); err != nil { 138 if err = transactionContext.StartTransaction(); err != nil {
100 log.Error(err) 139 log.Error(err)
@@ -104,6 +143,21 @@ func (svr *AuthService) CaptchaInit(header *protocol.RequestHeader, request *pro @@ -104,6 +143,21 @@ func (svr *AuthService) CaptchaInit(header *protocol.RequestHeader, request *pro
104 transactionContext.RollbackTransaction() 143 transactionContext.RollbackTransaction()
105 }() 144 }()
106 145
  146 + const (
  147 + captchaID = "33a2abf9c5df0d6bc3b89fb39280114b"
  148 + privateKey = "13320fd2b10199e9a2440a4fbb4d46f7"
  149 + )
  150 + newGeetest := geetest.NewGeetestLib(captchaID, privateKey, 2*time.Second)
  151 + _, responseBt := newGeetest.PreProcess("", request.UserIp)
  152 + var geetestRsp geetest.FailbackRegisterRespnse
  153 + json.Unmarshal(responseBt, &geetestRsp)
  154 + rspData := map[string]interface{}{
  155 + "success": geetestRsp.Success,
  156 + "gt": geetestRsp.GT,
  157 + "challenge": geetestRsp.Challenge,
  158 + "newCaptcha": geetestRsp.NewCaptcha,
  159 + }
  160 + rsp = rspData
107 err = transactionContext.CommitTransaction() 161 err = transactionContext.CommitTransaction()
108 return 162 return
109 } 163 }
  1 +package cachex
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/tiptok/gocomm/pkg/cache"
  6 + "github.com/tiptok/gocomm/pkg/log"
  7 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory"
  8 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain"
  9 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/dao"
  10 + "regexp"
  11 + "strings"
  12 +)
  13 +
  14 +//redis key
  15 +func UserRoleAccessCacheKey(userId int64) string {
  16 + return fmt.Sprintf("godevp:user:access:%v", userId)
  17 +}
  18 +
  19 +type CacheService struct {
  20 +}
  21 +
  22 +func (svr *CacheService) CacheUserAccess(userId int64) func() (interface{}, error) {
  23 + return func() (interface{}, error) {
  24 + var (
  25 + transactionContext, _ = factory.CreateTransactionContext(nil)
  26 + UserRepository, _ = factory.CreateUserRepository(transactionContext)
  27 + RoleAccessDao, _ = dao.NewRoleAccessDao(transactionContext)
  28 + AccessRepository, _ = factory.CreateAccessRepository(transactionContext)
  29 + err error
  30 + )
  31 + if err = transactionContext.StartTransaction(); err != nil {
  32 + log.Error(err)
  33 + return nil, err
  34 + }
  35 + defer func() {
  36 + transactionContext.RollbackTransaction()
  37 + }()
  38 +
  39 + var user *domain.User
  40 + if user, err = UserRepository.FindOne(map[string]interface{}{"id": userId}); err != nil {
  41 + return []*domain.Access{}, nil
  42 + }
  43 + accessIds, _ := RoleAccessDao.GetRoleAccess(user.Roles...)
  44 + if len(accessIds) == 0 {
  45 + return []*domain.Access{}, nil
  46 + }
  47 + _, accesses, _ := AccessRepository.Find(map[string]interface{}{"inAccessIds": accessIds})
  48 + err = transactionContext.CommitTransaction()
  49 + return accesses, nil
  50 + }
  51 +}
  52 +func (svr *CacheService) ValidUserAccess(userId int64, object string, method string) (result bool, err error) {
  53 + var userAccess []*domain.Access
  54 + defer func() {
  55 + log.Info(fmt.Sprintf("ValidUserAccess user:%v object:%v method:%v result:%v", userId, object, method, result))
  56 + }()
  57 + cache.GetObject(UserRoleAccessCacheKey(userId), &userAccess, 3600, svr.CacheUserAccess(userId))
  58 + for i := range userAccess {
  59 + if KeyMatch3(object, userAccess[i].Object) && KeyEqual(userAccess[i].Action, method) {
  60 + result = true
  61 + return
  62 + }
  63 + }
  64 + return
  65 +}
  66 +
  67 +// KeyMatch3 determines whether key1 matches the pattern of key2 (similar to RESTful path), key2 can contain a *.
  68 +// For example, "/foo/bar" matches "/foo/*", "/resource1" matches "/{resource}"
  69 +func KeyMatch3(key1 string, key2 string) bool {
  70 + key2 = strings.Replace(key2, "/*", "/.*", -1)
  71 +
  72 + re := regexp.MustCompile(`\{[^/]+\}`)
  73 + key2 = re.ReplaceAllString(key2, "$1[^/]+$2")
  74 +
  75 + return RegexMatch(key1, "^"+key2+"$")
  76 +}
  77 +
  78 +// KeyEqual case key1='*' or key1=' ' result=true
  79 +func KeyEqual(key1 string, key2 string) bool {
  80 + if key1 == "*" {
  81 + return true
  82 + }
  83 + if len(key1) == 0 {
  84 + return true
  85 + }
  86 + key1 = strings.ToLower(strings.TrimSpace(key1))
  87 + key2 = strings.ToLower(strings.TrimSpace(key2))
  88 + return strings.EqualFold(key1, key2)
  89 +}
  90 +
  91 +// RegexMatch determines whether key1 matches the pattern of key2 in regular expression.
  92 +func RegexMatch(key1 string, key2 string) bool {
  93 + res, err := regexp.MatchString(key2, key1)
  94 + if err != nil {
  95 + panic(err)
  96 + }
  97 + return res
  98 +}
@@ -10,6 +10,10 @@ func CreateAccessRepository(transactionContext *transaction.TransactionContext) @@ -10,6 +10,10 @@ func CreateAccessRepository(transactionContext *transaction.TransactionContext)
10 return repository.NewAccessRepository(transactionContext) 10 return repository.NewAccessRepository(transactionContext)
11 } 11 }
12 12
  13 +func CreateRoleAccessRepository(transactionContext *transaction.TransactionContext) (domain.RoleAccessRepository, error) {
  14 + return repository.NewRoleAccessRepository(transactionContext)
  15 +}
  16 +
13 func CreateMenuRepository(transactionContext *transaction.TransactionContext) (domain.MenuRepository, error) { 17 func CreateMenuRepository(transactionContext *transaction.TransactionContext) (domain.MenuRepository, error) {
14 return repository.NewMenuRepository(transactionContext) 18 return repository.NewMenuRepository(transactionContext)
15 } 19 }
  1 +package rbac
  2 +
  3 +import (
  4 + "github.com/tiptok/gocomm/pkg/log"
  5 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory"
  6 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain"
  7 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/dao"
  8 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol"
  9 + protocolx "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol/rbac"
  10 +)
  11 +
  12 +type RbacService struct {
  13 +}
  14 +
  15 +func (svr *RbacService) Access(header *protocol.RequestHeader, request *protocolx.AccessRequest) (rsp interface{}, err error) {
  16 + var (
  17 + transactionContext, _ = factory.CreateTransactionContext(nil)
  18 + )
  19 + rsp = &protocolx.AccessResponse{}
  20 + if err = request.ValidateCommand(); err != nil {
  21 + err = protocol.NewCustomMessage(2, err.Error())
  22 + return
  23 + }
  24 + if err = transactionContext.StartTransaction(); err != nil {
  25 + log.Error(err)
  26 + return nil, err
  27 + }
  28 + defer func() {
  29 + transactionContext.RollbackTransaction()
  30 + }()
  31 +
  32 + var AccessRepository, _ = factory.CreateAccessRepository(transactionContext)
  33 + var access []*domain.Access
  34 + if _, access, err = AccessRepository.Find(map[string]interface{}{}); err != nil {
  35 + return
  36 + }
  37 + var rspList []interface{}
  38 + for _, item := range access {
  39 + rspList = append(rspList, map[string]interface{}{
  40 + "id": item.Id,
  41 + "name": item.AccessName,
  42 + "icon": "",
  43 + "parentId": item.ParentId,
  44 + "sort": item.Sort,
  45 + "code": item.AccessCode,
  46 + })
  47 + }
  48 + rsp = map[string]interface{}{
  49 + "lists": rspList,
  50 + }
  51 +
  52 + err = transactionContext.CommitTransaction()
  53 + return
  54 +}
  55 +
  56 +func (svr *RbacService) RoleAccess(header *protocol.RequestHeader, request *protocolx.RoleAccessRequest) (rsp interface{}, err error) {
  57 + var (
  58 + transactionContext, _ = factory.CreateTransactionContext(nil)
  59 + RoleAccessDao, _ = dao.NewRoleAccessDao(transactionContext)
  60 + RoleRepository, _ = factory.CreateRoleRepository(transactionContext)
  61 + role *domain.Role
  62 + )
  63 + rsp = &protocolx.RoleAccessResponse{}
  64 + if err = request.ValidateCommand(); err != nil {
  65 + err = protocol.NewCustomMessage(2, err.Error())
  66 + return
  67 + }
  68 + if err = transactionContext.StartTransaction(); err != nil {
  69 + log.Error(err)
  70 + return nil, err
  71 + }
  72 + defer func() {
  73 + transactionContext.RollbackTransaction()
  74 + }()
  75 +
  76 + if role, err = RoleRepository.FindOne(map[string]interface{}{"id": request.RoleId}); err != nil {
  77 + log.Error(err)
  78 + err = protocol.NewCustomMessage(1, "角色不存在")
  79 + return
  80 + }
  81 + accessIds, _ := RoleAccessDao.GetRoleAccess(request.RoleId)
  82 + rsp = map[string]interface{}{
  83 + "roleId": role.Id,
  84 + "roleName": role.RoleName,
  85 + "accessIds": accessIds,
  86 + }
  87 +
  88 + err = transactionContext.CommitTransaction()
  89 + return
  90 +}
  91 +
  92 +func (svr *RbacService) SetRoleAccess(header *protocol.RequestHeader, request *protocolx.SetRoleAccessRequest) (rsp *protocolx.SetRoleAccessResponse, err error) {
  93 + var (
  94 + transactionContext, _ = factory.CreateTransactionContext(nil)
  95 + AccessRepository, _ = factory.CreateAccessRepository(transactionContext)
  96 + RoleRepository, _ = factory.CreateRoleRepository(transactionContext)
  97 + RoleAccessDao, _ = dao.NewRoleAccessDao(transactionContext)
  98 + )
  99 + rsp = &protocolx.SetRoleAccessResponse{}
  100 + if err = request.ValidateCommand(); err != nil {
  101 + err = protocol.NewCustomMessage(2, err.Error())
  102 + }
  103 + if err = transactionContext.StartTransaction(); err != nil {
  104 + log.Error(err)
  105 + return nil, err
  106 + }
  107 + defer func() {
  108 + transactionContext.RollbackTransaction()
  109 + }()
  110 +
  111 + if _, err = RoleRepository.FindOne(map[string]interface{}{"id": request.RoleId}); err != nil {
  112 + log.Error(err)
  113 + err = protocol.NewCustomMessage(1, "角色不存在")
  114 + return
  115 + }
  116 +
  117 + var accessMap = make(map[int64]*domain.Access)
  118 + _, access, e := AccessRepository.Find(map[string]interface{}{"inAccessIds": request.AccessIds})
  119 + if e != nil {
  120 + err = e
  121 + return
  122 + }
  123 + for _, v := range access {
  124 + accessMap[v.Id] = v
  125 + }
  126 +
  127 + if err = RoleAccessDao.DeleteRoleAccess(request.RoleId); err != nil {
  128 + return
  129 + }
  130 + if len(request.AccessIds) > 0 {
  131 + var roleAccess []*domain.RoleAccess
  132 + for _, v := range request.AccessIds {
  133 + item := &domain.RoleAccess{
  134 + RoleId: request.RoleId,
  135 + AccessId: v,
  136 + }
  137 + if accessItem, ok := accessMap[v]; ok {
  138 + item.Object = accessItem.Object
  139 + item.Action = accessItem.Action
  140 + item.Option = accessItem.AccessCode
  141 + }
  142 + roleAccess = append(roleAccess, item)
  143 + }
  144 + if err = RoleAccessDao.SaveRoleAccess(roleAccess); err != nil {
  145 + return
  146 + }
  147 + }
  148 + err = transactionContext.CommitTransaction()
  149 + return
  150 +}
  151 +
  152 +func NewRbacService(options map[string]interface{}) *RbacService {
  153 + svr := &RbacService{}
  154 + return svr
  155 +}
1 package user 1 package user
2 2
3 import ( 3 import (
  4 + "crypto/sha1"
  5 + "fmt"
4 "github.com/tiptok/gocomm/common" 6 "github.com/tiptok/gocomm/common"
5 "github.com/tiptok/gocomm/pkg/log" 7 "github.com/tiptok/gocomm/pkg/log"
6 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory" 8 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/factory"
@@ -19,6 +21,7 @@ func (svr *UserService) CreateUser(header *protocol.RequestHeader, request *prot @@ -19,6 +21,7 @@ func (svr *UserService) CreateUser(header *protocol.RequestHeader, request *prot
19 rsp = &protocolx.CreateUserResponse{} 21 rsp = &protocolx.CreateUserResponse{}
20 if err = request.ValidateCommand(); err != nil { 22 if err = request.ValidateCommand(); err != nil {
21 err = protocol.NewCustomMessage(2, err.Error()) 23 err = protocol.NewCustomMessage(2, err.Error())
  24 + return
22 } 25 }
23 if err = transactionContext.StartTransaction(); err != nil { 26 if err = transactionContext.StartTransaction(); err != nil {
24 log.Error(err) 27 log.Error(err)
@@ -31,12 +34,21 @@ func (svr *UserService) CreateUser(header *protocol.RequestHeader, request *prot @@ -31,12 +34,21 @@ func (svr *UserService) CreateUser(header *protocol.RequestHeader, request *prot
31 Name: request.Name, 34 Name: request.Name,
32 Address: request.Address, 35 Address: request.Address,
33 Phone: request.Phone, 36 Phone: request.Phone,
34 - Passwd: request.Passwd, 37 + //Passwd: request.Passwd,
35 Roles: request.Roles, 38 Roles: request.Roles,
36 IsAdmin: request.IsAdmin, 39 IsAdmin: request.IsAdmin,
37 } 40 }
38 41
39 var UserRepository, _ = factory.CreateUserRepository(transactionContext) 42 var UserRepository, _ = factory.CreateUserRepository(transactionContext)
  43 + if request.Phone != "" {
  44 + if _, err = UserRepository.FindOne(map[string]interface{}{"phone": request.Phone}); err == nil {
  45 + err = protocol.NewCustomMessage(1, "手机号已存在")
  46 + return
  47 + }
  48 + }
  49 + if len(newUser.Passwd) == 0 {
  50 + newUser.Passwd = fmt.Sprintf("%x", sha1.Sum([]byte("123456")))
  51 + }
40 if m, err := UserRepository.Save(newUser); err != nil { 52 if m, err := UserRepository.Save(newUser); err != nil {
41 return nil, err 53 return nil, err
42 } else { 54 } else {
@@ -53,6 +65,7 @@ func (svr *UserService) UpdateUser(header *protocol.RequestHeader, request *prot @@ -53,6 +65,7 @@ func (svr *UserService) UpdateUser(header *protocol.RequestHeader, request *prot
53 rsp = &protocolx.UpdateUserResponse{} 65 rsp = &protocolx.UpdateUserResponse{}
54 if err = request.ValidateCommand(); err != nil { 66 if err = request.ValidateCommand(); err != nil {
55 err = protocol.NewCustomMessage(2, err.Error()) 67 err = protocol.NewCustomMessage(2, err.Error())
  68 + return
56 } 69 }
57 if err = transactionContext.StartTransaction(); err != nil { 70 if err = transactionContext.StartTransaction(); err != nil {
58 log.Error(err) 71 log.Error(err)
@@ -64,9 +77,16 @@ func (svr *UserService) UpdateUser(header *protocol.RequestHeader, request *prot @@ -64,9 +77,16 @@ func (svr *UserService) UpdateUser(header *protocol.RequestHeader, request *prot
64 77
65 var UserRepository, _ = factory.CreateUserRepository(transactionContext) 78 var UserRepository, _ = factory.CreateUserRepository(transactionContext)
66 var user *domain.User 79 var user *domain.User
67 - if user, err = UserRepository.FindOne(common.ObjectToMap(request)); err != nil { 80 + if user, err = UserRepository.FindOne(map[string]interface{}{"id": request.Id}); err != nil {
  81 + err = protocol.NewCustomMessage(1, "用户不存在")
68 return 82 return
69 } 83 }
  84 + if request.Phone != "" {
  85 + if _, err = UserRepository.FindOne(map[string]interface{}{"phone": request.Phone}); err == nil {
  86 + err = protocol.NewCustomMessage(1, "手机号已存在")
  87 + return
  88 + }
  89 + }
70 if err = user.Update(common.ObjectToMap(request)); err != nil { 90 if err = user.Update(common.ObjectToMap(request)); err != nil {
71 return 91 return
72 } 92 }
@@ -84,6 +104,7 @@ func (svr *UserService) GetUser(header *protocol.RequestHeader, request *protoco @@ -84,6 +104,7 @@ func (svr *UserService) GetUser(header *protocol.RequestHeader, request *protoco
84 rsp = &protocolx.GetUserResponse{} 104 rsp = &protocolx.GetUserResponse{}
85 if err = request.ValidateCommand(); err != nil { 105 if err = request.ValidateCommand(); err != nil {
86 err = protocol.NewCustomMessage(2, err.Error()) 106 err = protocol.NewCustomMessage(2, err.Error())
  107 + return
87 } 108 }
88 if err = transactionContext.StartTransaction(); err != nil { 109 if err = transactionContext.StartTransaction(); err != nil {
89 log.Error(err) 110 log.Error(err)
@@ -110,6 +131,7 @@ func (svr *UserService) DeleteUser(header *protocol.RequestHeader, request *prot @@ -110,6 +131,7 @@ func (svr *UserService) DeleteUser(header *protocol.RequestHeader, request *prot
110 rsp = &protocolx.DeleteUserResponse{} 131 rsp = &protocolx.DeleteUserResponse{}
111 if err = request.ValidateCommand(); err != nil { 132 if err = request.ValidateCommand(); err != nil {
112 err = protocol.NewCustomMessage(2, err.Error()) 133 err = protocol.NewCustomMessage(2, err.Error())
  134 + return
113 } 135 }
114 if err = transactionContext.StartTransaction(); err != nil { 136 if err = transactionContext.StartTransaction(); err != nil {
115 log.Error(err) 137 log.Error(err)
  1 +package constant
  2 +
  3 +import "os"
  4 +
  5 +var REDIS_HOST = "127.0.0.1"
  6 +var REDIS_PORT = "6379"
  7 +var REDIS_AUTH = "123456"
  8 +
  9 +func init() {
  10 + if os.Getenv("REDIS_HOST") != "" {
  11 + REDIS_HOST = os.Getenv("REDIS_HOST")
  12 + REDIS_AUTH = os.Getenv("REDIS_AUTH")
  13 + }
  14 + if os.Getenv("REDIS_PORT") != "" {
  15 + REDIS_PORT = os.Getenv("REDIS_PORT")
  16 + }
  17 + if _, ok := os.LookupEnv("REDIS_AUTH"); ok {
  18 + REDIS_AUTH = os.Getenv("REDIS_AUTH")
  19 + }
  20 +}
@@ -11,7 +11,7 @@ type User struct { @@ -11,7 +11,7 @@ type User struct {
11 // 手机号 11 // 手机号
12 Phone string `json:"phone"` 12 Phone string `json:"phone"`
13 // 密码 13 // 密码
14 - Passwd string `json:"passwd"` 14 + Passwd string `json:"-"`
15 // 用户角色 15 // 用户角色
16 Roles []int64 `json:"roles"` 16 Roles []int64 `json:"roles"`
17 // 是否是超级管理员 true:是 false:否 17 // 是否是超级管理员 true:是 false:否
@@ -33,5 +33,23 @@ func (m *User) Identify() interface{} { @@ -33,5 +33,23 @@ func (m *User) Identify() interface{} {
33 } 33 }
34 34
35 func (m *User) Update(data map[string]interface{}) error { 35 func (m *User) Update(data map[string]interface{}) error {
  36 + if name, ok := data["name"]; ok {
  37 + m.Name = name.(string)
  38 + }
  39 + if address, ok := data["address"]; ok {
  40 + m.Address = address.(string)
  41 + }
  42 + if phone, ok := data["phone"]; ok {
  43 + m.Phone = phone.(string)
  44 + }
  45 + if Passwd, ok := data["passwd"]; ok {
  46 + m.Passwd = Passwd.(string)
  47 + }
  48 + if roles, ok := data["roles"]; ok {
  49 + m.Roles = roles.([]int64)
  50 + }
  51 + if isAdmin, ok := data["isAdmin"]; ok {
  52 + m.IsAdmin = isAdmin.(bool)
  53 + }
36 return nil 54 return nil
37 } 55 }
  1 +package dao
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/go-pg/pg/v10"
  6 + "github.com/tiptok/gocomm/common"
  7 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain"
  8 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/pg/models"
  9 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/infrastructure/pg/transaction"
  10 +)
  11 +
  12 +type RoleAccessDao struct {
  13 + transactionContext *transaction.TransactionContext
  14 +}
  15 +
  16 +func (dao *RoleAccessDao) DeleteRoleAccess(roleId int64) error {
  17 + tx := dao.transactionContext.PgTx
  18 + q := tx.Model(new(models.RoleAccess))
  19 + q.Where("role_id=?", roleId)
  20 + _, err := q.Delete()
  21 + return err
  22 +}
  23 +
  24 +func (dao *RoleAccessDao) GetRoleAccess(roleId ...int64) ([]int64, error) {
  25 + if len(roleId) == 0 {
  26 + return []int64{}, nil
  27 + }
  28 + tx := dao.transactionContext.PgDd
  29 + q := tx.Model(new(models.RoleAccess))
  30 + q.Column("access_id")
  31 + if len(roleId) == 1 {
  32 + q.Where("role_id=?", roleId[0])
  33 + } else {
  34 + q.Where("role_id in (?)", pg.In(roleId))
  35 + }
  36 + var accessIds []int64
  37 + err := q.Distinct().Select(&accessIds)
  38 + return accessIds, err
  39 +}
  40 +
  41 +func (dao *RoleAccessDao) SaveRoleAccess(roleAccess []*domain.RoleAccess) error {
  42 + if len(roleAccess) == 0 {
  43 + return nil
  44 + }
  45 + tx := dao.transactionContext.PgTx
  46 + var modelsRoleAccess []*models.RoleAccess
  47 + for i := range roleAccess {
  48 + var item *models.RoleAccess
  49 + common.GobModelTransform(&item, roleAccess[i])
  50 + if item == nil {
  51 + continue
  52 + }
  53 + modelsRoleAccess = append(modelsRoleAccess, item)
  54 + }
  55 + _, err := tx.Model(&modelsRoleAccess).Insert()
  56 + return err
  57 +}
  58 +
  59 +func NewRoleAccessDao(transactionContext *transaction.TransactionContext) (*RoleAccessDao, error) {
  60 + if transactionContext == nil {
  61 + return nil, fmt.Errorf("transactionContext参数不能为nil")
  62 + } else {
  63 + return &RoleAccessDao{
  64 + transactionContext: transactionContext,
  65 + }, nil
  66 + }
  67 +}
  1 +package redis
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/tiptok/gocomm/pkg/cache"
  6 + "github.com/tiptok/gocomm/pkg/log"
  7 + "github.com/tiptok/gocomm/pkg/redis"
  8 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/constant"
  9 +)
  10 +
  11 +func init() {
  12 + redisSource := fmt.Sprintf("%v:%v", constant.REDIS_HOST, constant.REDIS_PORT)
  13 + err := redis.InitWithDb(100, redisSource, constant.REDIS_AUTH, "0")
  14 + if err != nil {
  15 + log.Error(err)
  16 + }
  17 + cache.InitDefault(cache.WithDefaultRedisPool(redis.GetRedisPool()))
  18 +}
@@ -2,6 +2,7 @@ package repository @@ -2,6 +2,7 @@ package repository
2 2
3 import ( 3 import (
4 "fmt" 4 "fmt"
  5 + "github.com/go-pg/pg/v10"
5 "github.com/tiptok/gocomm/common" 6 "github.com/tiptok/gocomm/common"
6 . "github.com/tiptok/gocomm/pkg/orm/pgx" 7 . "github.com/tiptok/gocomm/pkg/orm/pgx"
7 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" 8 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain"
@@ -66,6 +67,10 @@ func (repository *AccessRepository) Find(queryOptions map[string]interface{}) (i @@ -66,6 +67,10 @@ func (repository *AccessRepository) Find(queryOptions map[string]interface{}) (i
66 query := NewQuery(tx.Model(&AccessModels), queryOptions). 67 query := NewQuery(tx.Model(&AccessModels), queryOptions).
67 SetOrder("create_time", "sortByCreateTime"). 68 SetOrder("create_time", "sortByCreateTime").
68 SetOrder("update_time", "sortByUpdateTime") 69 SetOrder("update_time", "sortByUpdateTime")
  70 +
  71 + if inAccessIds, ok := queryOptions["inAccessIds"]; ok {
  72 + query.Where("id in (?)", pg.In(inAccessIds))
  73 + }
69 var err error 74 var err error
70 if query.AffectRow, err = query.SelectAndCount(); err != nil { 75 if query.AffectRow, err = query.SelectAndCount(); err != nil {
71 return 0, Accesss, err 76 return 0, Accesss, err
@@ -64,6 +64,7 @@ func (repository *RoleAccessRepository) Find(queryOptions map[string]interface{} @@ -64,6 +64,7 @@ func (repository *RoleAccessRepository) Find(queryOptions map[string]interface{}
64 var RoleAccessModels []*models.RoleAccess 64 var RoleAccessModels []*models.RoleAccess
65 RoleAccesss := make([]*domain.RoleAccess, 0) 65 RoleAccesss := make([]*domain.RoleAccess, 0)
66 query := NewQuery(tx.Model(&RoleAccessModels), queryOptions). 66 query := NewQuery(tx.Model(&RoleAccessModels), queryOptions).
  67 + SetWhere("role_id=?", "roleId").
67 SetOrder("create_time", "sortByCreateTime"). 68 SetOrder("create_time", "sortByCreateTime").
68 SetOrder("update_time", "sortByUpdateTime") 69 SetOrder("update_time", "sortByUpdateTime")
69 var err error 70 var err error
@@ -2,6 +2,7 @@ package repository @@ -2,6 +2,7 @@ package repository
2 2
3 import ( 3 import (
4 "fmt" 4 "fmt"
  5 + "github.com/go-pg/pg/v10"
5 "github.com/tiptok/gocomm/common" 6 "github.com/tiptok/gocomm/common"
6 . "github.com/tiptok/gocomm/pkg/orm/pgx" 7 . "github.com/tiptok/gocomm/pkg/orm/pgx"
7 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain" 8 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/domain"
@@ -68,6 +69,9 @@ func (repository *RoleRepository) Find(queryOptions map[string]interface{}) (int @@ -68,6 +69,9 @@ func (repository *RoleRepository) Find(queryOptions map[string]interface{}) (int
68 SetOrder("create_time", "sortByCreateTime"). 69 SetOrder("create_time", "sortByCreateTime").
69 SetOrder("update_time", "sortByUpdateTime") 70 SetOrder("update_time", "sortByUpdateTime")
70 var err error 71 var err error
  72 + if inRoleIds, ok := queryOptions["inRoleIds"]; ok {
  73 + query.Where("id in (?)", pg.In(inRoleIds))
  74 + }
71 if query.AffectRow, err = query.SelectAndCount(); err != nil { 75 if query.AffectRow, err = query.SelectAndCount(); err != nil {
72 return 0, Roles, err 76 return 0, Roles, err
73 } 77 }
@@ -26,6 +26,7 @@ func (repository *UserRepository) Save(dm *domain.User) (*domain.User, error) { @@ -26,6 +26,7 @@ func (repository *UserRepository) Save(dm *domain.User) (*domain.User, error) {
26 if err = tx.Insert(m); err != nil { 26 if err = tx.Insert(m); err != nil {
27 return nil, err 27 return nil, err
28 } 28 }
  29 + dm.Id = m.Id
29 return dm, nil 30 return dm, nil
30 } 31 }
31 if err = tx.Update(m); err != nil { 32 if err = tx.Update(m); err != nil {
@@ -50,6 +51,7 @@ func (repository *UserRepository) FindOne(queryOptions map[string]interface{}) ( @@ -50,6 +51,7 @@ func (repository *UserRepository) FindOne(queryOptions map[string]interface{}) (
50 UserModel := new(models.User) 51 UserModel := new(models.User)
51 query := NewQuery(tx.Model(UserModel), queryOptions) 52 query := NewQuery(tx.Model(UserModel), queryOptions)
52 query.SetWhere("id = ?", "id") 53 query.SetWhere("id = ?", "id")
  54 + query.SetWhere("phone = ?", "phone")
53 if err := query.First(); err != nil { 55 if err := query.First(); err != nil {
54 return nil, fmt.Errorf("query row not found") 56 return nil, fmt.Errorf("query row not found")
55 } 57 }
@@ -3,6 +3,7 @@ package beego @@ -3,6 +3,7 @@ package beego
3 import ( 3 import (
4 "github.com/astaxie/beego" 4 "github.com/astaxie/beego"
5 "github.com/astaxie/beego/plugins/cors" 5 "github.com/astaxie/beego/plugins/cors"
  6 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego/middleware"
6 _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego/routers" 7 _ "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego/routers"
7 ) 8 )
8 9
@@ -14,4 +15,10 @@ func init() { @@ -14,4 +15,10 @@ func init() {
14 ExposeHeaders: []string{"Content-Length", "Access-Control-Allow-Origin"}, 15 ExposeHeaders: []string{"Content-Length", "Access-Control-Allow-Origin"},
15 AllowCredentials: true, 16 AllowCredentials: true,
16 })) 17 }))
  18 +
  19 + beego.InsertFilter("/user/*", beego.BeforeExec, middleware.InspectRoleAccess())
  20 + beego.InsertFilter("/role/*", beego.BeforeExec, middleware.InspectRoleAccess())
  21 + beego.InsertFilter("/project_module/*", beego.BeforeExec, middleware.CheckAuthorization)
  22 + beego.InsertFilter("/project_module_files/*", beego.BeforeExec, middleware.CheckAuthorization)
  23 + beego.InsertFilter("/rbac/*", beego.BeforeExec, middleware.CheckAuthorization)
17 } 24 }
@@ -86,15 +86,12 @@ func (this *AuthController) CaptchaInit() { @@ -86,15 +86,12 @@ func (this *AuthController) CaptchaInit() {
86 var ( 86 var (
87 msg *protocol.ResponseMessage 87 msg *protocol.ResponseMessage
88 svr = auth.NewAuthService(nil) 88 svr = auth.NewAuthService(nil)
89 - request *protocolx.CaptchaInitRequest 89 + request = &protocolx.CaptchaInitRequest{}
90 ) 90 )
91 defer func() { 91 defer func() {
92 this.Resp(msg) 92 this.Resp(msg)
93 }() 93 }()
94 - if err := this.JsonUnmarshal(&request); err != nil {  
95 - msg = protocol.BadRequestParam(1)  
96 - return  
97 - } 94 + request.UserIp = this.Ctx.Input.IP()
98 header := this.GetRequestHeader(this.Ctx) 95 header := this.GetRequestHeader(this.Ctx)
99 data, err := svr.CaptchaInit(header, request) 96 data, err := svr.CaptchaInit(header, request)
100 if err != nil { 97 if err != nil {
  1 +package controllers
  2 +
  3 +import (
  4 + "github.com/tiptok/gocomm/pkg/log"
  5 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/rbac"
  6 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol"
  7 + protocolx "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol/rbac"
  8 +)
  9 +
  10 +type RbacController struct {
  11 + BaseController
  12 +}
  13 +
  14 +// Access
  15 +// 权限列表
  16 +func (this *RbacController) Access() {
  17 + var (
  18 + msg *protocol.ResponseMessage
  19 + svr = rbac.NewRbacService(nil)
  20 + request *protocolx.AccessRequest
  21 + )
  22 + defer func() {
  23 + this.Resp(msg)
  24 + }()
  25 + header := this.GetRequestHeader(this.Ctx)
  26 + data, err := svr.Access(header, request)
  27 + if err != nil {
  28 + log.Error(err)
  29 + }
  30 + msg = protocol.NewReturnResponse(data, err)
  31 +}
  32 +
  33 +// RoleAccess
  34 +// 获取角色权限
  35 +func (this *RbacController) RoleAccess() {
  36 + var (
  37 + msg *protocol.ResponseMessage
  38 + svr = rbac.NewRbacService(nil)
  39 + request = &protocolx.RoleAccessRequest{}
  40 + )
  41 + defer func() {
  42 + this.Resp(msg)
  43 + }()
  44 + request.RoleId, _ = this.GetInt64(":roleId")
  45 + header := this.GetRequestHeader(this.Ctx)
  46 + data, err := svr.RoleAccess(header, request)
  47 + if err != nil {
  48 + log.Error(err)
  49 + }
  50 + msg = protocol.NewReturnResponse(data, err)
  51 +}
  52 +
  53 +// SetRoleAccess
  54 +// 设置权限
  55 +func (this *RbacController) SetRoleAccess() {
  56 + var (
  57 + msg *protocol.ResponseMessage
  58 + svr = rbac.NewRbacService(nil)
  59 + request *protocolx.SetRoleAccessRequest
  60 + )
  61 + defer func() {
  62 + this.Resp(msg)
  63 + }()
  64 + if err := this.JsonUnmarshal(&request); err != nil {
  65 + msg = protocol.BadRequestParam(1)
  66 + return
  67 + }
  68 + header := this.GetRequestHeader(this.Ctx)
  69 + data, err := svr.SetRoleAccess(header, request)
  70 + if err != nil {
  71 + log.Error(err)
  72 + }
  73 + msg = protocol.NewReturnResponse(data, err)
  74 +}
@@ -49,6 +49,7 @@ func (this *UserController) UpdateUser() { @@ -49,6 +49,7 @@ func (this *UserController) UpdateUser() {
49 msg = protocol.BadRequestParam(1) 49 msg = protocol.BadRequestParam(1)
50 return 50 return
51 } 51 }
  52 + request.Id, _ = this.GetInt64(":userId")
52 header := this.GetRequestHeader(this.Ctx) 53 header := this.GetRequestHeader(this.Ctx)
53 data, err := svr.UpdateUser(header, request) 54 data, err := svr.UpdateUser(header, request)
54 if err != nil { 55 if err != nil {
@@ -63,15 +64,12 @@ func (this *UserController) GetUser() { @@ -63,15 +64,12 @@ func (this *UserController) GetUser() {
63 var ( 64 var (
64 msg *protocol.ResponseMessage 65 msg *protocol.ResponseMessage
65 svr = user.NewUserService(nil) 66 svr = user.NewUserService(nil)
66 - request *protocolx.GetUserRequest 67 + request = &protocolx.GetUserRequest{}
67 ) 68 )
68 defer func() { 69 defer func() {
69 this.Resp(msg) 70 this.Resp(msg)
70 }() 71 }()
71 - if err := this.JsonUnmarshal(&request); err != nil {  
72 - msg = protocol.BadRequestParam(1)  
73 - return  
74 - } 72 + request.Id, _ = this.GetInt64(":userId")
75 header := this.GetRequestHeader(this.Ctx) 73 header := this.GetRequestHeader(this.Ctx)
76 data, err := svr.GetUser(header, request) 74 data, err := svr.GetUser(header, request)
77 if err != nil { 75 if err != nil {
@@ -86,15 +84,12 @@ func (this *UserController) DeleteUser() { @@ -86,15 +84,12 @@ func (this *UserController) DeleteUser() {
86 var ( 84 var (
87 msg *protocol.ResponseMessage 85 msg *protocol.ResponseMessage
88 svr = user.NewUserService(nil) 86 svr = user.NewUserService(nil)
89 - request *protocolx.DeleteUserRequest 87 + request = &protocolx.DeleteUserRequest{}
90 ) 88 )
91 defer func() { 89 defer func() {
92 this.Resp(msg) 90 this.Resp(msg)
93 }() 91 }()
94 - if err := this.JsonUnmarshal(&request); err != nil {  
95 - msg = protocol.BadRequestParam(1)  
96 - return  
97 - } 92 + request.Id, _ = this.GetInt64(":userId")
98 header := this.GetRequestHeader(this.Ctx) 93 header := this.GetRequestHeader(this.Ctx)
99 data, err := svr.DeleteUser(header, request) 94 data, err := svr.DeleteUser(header, request)
100 if err != nil { 95 if err != nil {
@@ -4,6 +4,7 @@ import ( @@ -4,6 +4,7 @@ import (
4 "errors" 4 "errors"
5 "github.com/astaxie/beego/context" 5 "github.com/astaxie/beego/context"
6 "github.com/tiptok/gocomm/common" 6 "github.com/tiptok/gocomm/common"
  7 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/application/cachex"
7 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol" 8 "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/protocol"
8 "strconv" 9 "strconv"
9 "strings" 10 "strings"
@@ -28,7 +29,13 @@ func CheckAuthorization(ctx *context.Context) { @@ -28,7 +29,13 @@ func CheckAuthorization(ctx *context.Context) {
28 msg = protocol.NewResponseMessage(1, errAuthorization.Error()) 29 msg = protocol.NewResponseMessage(1, errAuthorization.Error())
29 return 30 return
30 } 31 }
31 - token := strings.Split(authorization, " ")[1] 32 + var token string
  33 + splitToken := strings.Split(authorization, " ")
  34 + if len(splitToken) == 1 {
  35 + token = splitToken[0]
  36 + } else {
  37 + token = splitToken[1]
  38 + }
32 claim, err := common.ParseJWTToken(token) 39 claim, err := common.ParseJWTToken(token)
33 if err != nil { 40 if err != nil {
34 msg = protocol.NewResponseMessage(1, errAuthorizationExpire.Error()) 41 msg = protocol.NewResponseMessage(1, errAuthorizationExpire.Error())
@@ -36,5 +43,39 @@ func CheckAuthorization(ctx *context.Context) { @@ -36,5 +43,39 @@ func CheckAuthorization(ctx *context.Context) {
36 } 43 }
37 userId, _ := strconv.Atoi(claim.Username) 44 userId, _ := strconv.Atoi(claim.Username)
38 ctx.Input.SetData("x-mmm-id", userId) 45 ctx.Input.SetData("x-mmm-id", userId)
39 - //TODO:check redis cache 46 + return
  47 +}
  48 +
  49 +func CheckRoleAccess(ctx *context.Context) {
  50 + var (
  51 + msg *protocol.ResponseMessage
  52 + )
  53 + defer func() {
  54 + if msg != nil {
  55 + ctx.Output.JSON(msg, false, false)
  56 + }
  57 + }()
  58 + userId := ctx.Input.GetData("x-mmm-id")
  59 +
  60 + validUserRole := cachex.CacheService{}
  61 + if ok, _ := validUserRole.ValidUserAccess(int64(userId.(int)), ctx.Input.URL(), ctx.Input.Method()); !ok {
  62 + msg = protocol.NewResponseMessage(1, errAuthorization.Error())
  63 + return
  64 + }
  65 + return
  66 +}
  67 +
  68 +func InspectRoleAccess(skipUrl ...string) func(*context.Context) {
  69 + return func(c *context.Context) {
  70 + if len(skipUrl) > 0 {
  71 + requestUrl := c.Input.URL()
  72 + for _, url := range skipUrl {
  73 + if strings.EqualFold(requestUrl, url) {
  74 + return
  75 + }
  76 + }
  77 + }
  78 + CheckAuthorization(c)
  79 + CheckRoleAccess(c)
  80 + }
40 } 81 }
  1 +package routers
  2 +
  3 +import (
  4 + "github.com/astaxie/beego"
  5 + "gitlab.fjmaimaimai.com/mmm-go/godevp/pkg/port/beego/controllers"
  6 +)
  7 +
  8 +func init() {
  9 + beego.Router("/rbac/access", &controllers.RbacController{}, "get:Access")
  10 + beego.Router("/rbac/roleAccess/:roleId", &controllers.RbacController{}, "get:RoleAccess")
  11 + beego.Router("/rbac/setRoleAccess", &controllers.RbacController{}, "post:SetRoleAccess")
  12 +}
@@ -6,6 +6,7 @@ import ( @@ -6,6 +6,7 @@ import (
6 ) 6 )
7 7
8 type ProfileRequest struct { 8 type ProfileRequest struct {
  9 + UserId int64 `valid:"Required"`
9 } 10 }
10 11
11 func (ProfileRequest *ProfileRequest) ValidateCommand() error { 12 func (ProfileRequest *ProfileRequest) ValidateCommand() error {
@@ -6,6 +6,7 @@ import ( @@ -6,6 +6,7 @@ import (
6 ) 6 )
7 7
8 type CaptchaInitRequest struct { 8 type CaptchaInitRequest struct {
  9 + UserIp string `json:"userIp" valid:"Required"`
9 } 10 }
10 11
11 func (CaptchaInitRequest *CaptchaInitRequest) ValidateCommand() error { 12 func (CaptchaInitRequest *CaptchaInitRequest) ValidateCommand() error {
@@ -6,8 +6,10 @@ import ( @@ -6,8 +6,10 @@ import (
6 ) 6 )
7 7
8 type CreateProjectModuleVersionRequest struct { 8 type CreateProjectModuleVersionRequest struct {
  9 + // 当前版本编号
  10 + CurrentVersionId int64 `json:"currentVersionId" valid:"Required"`
9 // 版本号 11 // 版本号
10 - Version string `json:"version,omitempty"` 12 + Version string `json:"version,omitempty" valid:"Required"`
11 // 项目描述信息 13 // 项目描述信息
12 Description string `json:"description,omitempty"` 14 Description string `json:"description,omitempty"`
13 // 状态 0:正常 1:删除 15 // 状态 0:正常 1:删除
  1 +package rbac
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/astaxie/beego/validation"
  6 +)
  7 +
  8 +type SetRoleAccessRequest struct {
  9 + RoleId int64 `json:"roleId"`
  10 + AccessIds []int64 `json:"accessIds"`
  11 +}
  12 +
  13 +func (SetRoleAccessRequest *SetRoleAccessRequest) ValidateCommand() error {
  14 + valid := validation.Validation{}
  15 + b, err := valid.Valid(SetRoleAccessRequest)
  16 + if err != nil {
  17 + return err
  18 + }
  19 + if !b {
  20 + for _, validErr := range valid.Errors {
  21 + return fmt.Errorf("%s %s", validErr.Key, validErr.Message)
  22 + }
  23 + }
  24 + return nil
  25 +}
  1 +package rbac
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/astaxie/beego/validation"
  6 +)
  7 +
  8 +type SetRoleAccessResponse struct {
  9 +}
  10 +
  11 +func (SetRoleAccessResponse *SetRoleAccessResponse) ValidateCommand() error {
  12 + valid := validation.Validation{}
  13 + b, err := valid.Valid(SetRoleAccessResponse)
  14 + if err != nil {
  15 + return err
  16 + }
  17 + if !b {
  18 + for _, validErr := range valid.Errors {
  19 + return fmt.Errorf("%s %s", validErr.Key, validErr.Message)
  20 + }
  21 + }
  22 + return nil
  23 +}
  1 +package rbac
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/astaxie/beego/validation"
  6 +)
  7 +
  8 +type AccessRequest struct {
  9 +}
  10 +
  11 +func (AccessRequest *AccessRequest) ValidateCommand() error {
  12 + valid := validation.Validation{}
  13 + b, err := valid.Valid(AccessRequest)
  14 + if err != nil {
  15 + return err
  16 + }
  17 + if !b {
  18 + for _, validErr := range valid.Errors {
  19 + return fmt.Errorf("%s %s", validErr.Key, validErr.Message)
  20 + }
  21 + }
  22 + return nil
  23 +}
  1 +package rbac
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/astaxie/beego/validation"
  6 +)
  7 +
  8 +type AccessResponse struct {
  9 +}
  10 +
  11 +func (AccessResponse *AccessResponse) ValidateCommand() error {
  12 + valid := validation.Validation{}
  13 + b, err := valid.Valid(AccessResponse)
  14 + if err != nil {
  15 + return err
  16 + }
  17 + if !b {
  18 + for _, validErr := range valid.Errors {
  19 + return fmt.Errorf("%s %s", validErr.Key, validErr.Message)
  20 + }
  21 + }
  22 + return nil
  23 +}
  1 +package rbac
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/astaxie/beego/validation"
  6 +)
  7 +
  8 +type RoleAccessRequest struct {
  9 + RoleId int64 `json:"roleId" valid:"Required"`
  10 +}
  11 +
  12 +func (RoleAccessRequest *RoleAccessRequest) ValidateCommand() error {
  13 + valid := validation.Validation{}
  14 + b, err := valid.Valid(RoleAccessRequest)
  15 + if err != nil {
  16 + return err
  17 + }
  18 + if !b {
  19 + for _, validErr := range valid.Errors {
  20 + return fmt.Errorf("%s %s", validErr.Key, validErr.Message)
  21 + }
  22 + }
  23 + return nil
  24 +}
  1 +package rbac
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/astaxie/beego/validation"
  6 +)
  7 +
  8 +type RoleAccessResponse struct {
  9 +}
  10 +
  11 +func (RoleAccessResponse *RoleAccessResponse) ValidateCommand() error {
  12 + valid := validation.Validation{}
  13 + b, err := valid.Valid(RoleAccessResponse)
  14 + if err != nil {
  15 + return err
  16 + }
  17 + if !b {
  18 + for _, validErr := range valid.Errors {
  19 + return fmt.Errorf("%s %s", validErr.Key, validErr.Message)
  20 + }
  21 + }
  22 + return nil
  23 +}
@@ -11,7 +11,7 @@ type CreateUserRequest struct { @@ -11,7 +11,7 @@ type CreateUserRequest struct {
11 // 地址 11 // 地址
12 Address string `json:"address,omitempty"` 12 Address string `json:"address,omitempty"`
13 // 手机号 13 // 手机号
14 - Phone string `json:"phone,omitempty"` 14 + Phone string `json:"phone,omitempty" valid:"Required"`
15 // 密码 15 // 密码
16 Passwd string `json:"passwd,omitempty"` 16 Passwd string `json:"passwd,omitempty"`
17 // 用户角色 17 // 用户角色
@@ -6,6 +6,7 @@ import ( @@ -6,6 +6,7 @@ import (
6 ) 6 )
7 7
8 type UpdateUserRequest struct { 8 type UpdateUserRequest struct {
  9 + Id int64 `json:"-" valid:"Required"`
9 // 名称 10 // 名称
10 Name string `json:"name,omitempty"` 11 Name string `json:"name,omitempty"`
11 // 地址 12 // 地址