mmm-go / opp · 提交

转到一个项目

作者 yangfu
提交 429cb4caf7abb95d6fa2f4961656a3c2363ac871 1 个父辈 665e5769

公司权限验证

内嵌 并排对比
正在显示 4 个修改的文件 包含 41 行增加0 行删除
@@ -16,6 +16,7 @@ type Company struct { @@ -16,6 +16,7 @@ type Company struct {
16 UpdateAt time.Time `orm:"column(update_at);type(timestamp)" description:"更新时间"` 16 UpdateAt time.Time `orm:"column(update_at);type(timestamp)" description:"更新时间"`
17 DeleteAt time.Time `orm:"column(delete_at);type(timestamp)" description:"删除时间"` 17 DeleteAt time.Time `orm:"column(delete_at);type(timestamp)" description:"删除时间"`
18 UserCenterId int64 `orm:"column(user_center_id)" description:"统一用户中心企业id"` 18 UserCenterId int64 `orm:"column(user_center_id)" description:"统一用户中心企业id"`
  19 + Enable int8 `orm:"column(enable)" description:"是否有效【1:有效】【2:无效】"`
19 } 20 }
20 21
21 func (t *Company) TableName() string { 22 func (t *Company) TableName() string {
  1 +package agg
  2 +
  3 +import (
  4 + "fmt"
  5 + "github.com/prometheus/common/log"
  6 + "opp/models"
  7 +)
  8 +
  9 +//检查公司权限
  10 +func CheckCompanyPermission(companyId int64) (err error) {
  11 + var (
  12 + company *models.Company
  13 + )
  14 + if companyId == 0 {
  15 + return nil
  16 + }
  17 + if company, err = models.GetCompanyById(companyId); err != nil {
  18 + log.Error("公司不存在:", companyId, err)
  19 + return
  20 + }
  21 + if company.Enable == 1 {
  22 + return nil
  23 + }
  24 + if company.Enable == 2 {
  25 + err = fmt.Errorf("公司:%v 无权限,请联系管理员", company.Name)
  26 + }
  27 + return
  28 +}
@@ -257,6 +257,11 @@ func RefreshToken(request *protocol.RefreshTokenRequest) (rsp *protocol.RefreshT @@ -257,6 +257,11 @@ func RefreshToken(request *protocol.RefreshTokenRequest) (rsp *protocol.RefreshT
257 if err = models.UpdateUserAuthById(userAuth); err != nil { 257 if err = models.UpdateUserAuthById(userAuth); err != nil {
258 return 258 return
259 } 259 }
  260 + if err = agg.CheckCompanyPermission(userAuth.CurrentCompanyId); err != nil {
  261 + log.Error(err)
  262 + err = protocol.NewErrWithMessage(4140, err)
  263 + return
  264 + }
260 rsp = &protocol.RefreshTokenResponse{ 265 rsp = &protocol.RefreshTokenResponse{
261 AccessToken: userAuth.AccessToken, 266 AccessToken: userAuth.AccessToken,
262 RefreshToken: userAuth.RefreshToken, 267 RefreshToken: userAuth.RefreshToken,
@@ -21,6 +21,13 @@ func MessageCenter(header *protocol.RequestHeader, request *protocol.MessageCent @@ -21,6 +21,13 @@ func MessageCenter(header *protocol.RequestHeader, request *protocol.MessageCent
21 ) 21 )
22 rsp = &protocol.MessageCenterResponse{} 22 rsp = &protocol.MessageCenterResponse{}
23 rsp.Totals = make([]*protocol.MessageTotal, 0) 23 rsp.Totals = make([]*protocol.MessageTotal, 0)
  24 + //注入公司校验
  25 + if err = agg.CheckCompanyPermission(header.CompanyId); err != nil {
  26 + log.Error(err)
  27 + err = protocol.NewErrWithMessage(4141)
  28 + return
  29 + }
  30 +
24 if request.MsgType&protocol.MsgTypeInteraction > 0 { 31 if request.MsgType&protocol.MsgTypeInteraction > 0 {
25 if request.MsgType&protocol.MsgTypeThumbUp == 0 { 32 if request.MsgType&protocol.MsgTypeThumbUp == 0 {
26 request.MsgType |= protocol.MsgTypeThumbUp 33 request.MsgType |= protocol.MsgTypeThumbUp