作者 yangfu

企业平台二次验证修改

... ... @@ -43,3 +43,5 @@ h5_host = "http://mmm-web-open-test.fjmaimaimai.com"
#审核中心
suplus_approve_host ="http://suplus-approve-dev.fjmaimaimai.com"
#企业平台
BUSINESS_ADMIN_SERVICE_HOST ="${BUSINESS_ADMIN_SERVICE_HOST||http://suplus-business-admin-test.fjmaimaimai.com/}"
\ No newline at end of file
... ...
... ... @@ -2,7 +2,7 @@ package v1
import (
"encoding/json"
"github.com/astaxie/beego"
"opp/controllers"
"opp/protocol"
"opp/services/auth"
... ... @@ -36,6 +36,10 @@ func (this *AuthController) Login() {
return
}
header := controllers.GetRequestHeader(this.Ctx)
if beego.BConfig.RunMode == "prod" || beego.BConfig.RunMode == "test" {
msg = protocol.NewReturnResponse(auth.LoginV3(header, request))
return
}
msg = protocol.NewReturnResponse(auth.Login(header, request))
}
... ...
... ... @@ -2,6 +2,7 @@ package v1
import (
"encoding/json"
"github.com/astaxie/beego"
"gitlab.fjmaimaimai.com/mmm-go/gocomm/pkg/log"
"opp/controllers"
"opp/protocol"
... ... @@ -157,6 +158,10 @@ func (this *UserController) UserInfo() {
return
}
header := controllers.GetRequestHeader(this.Ctx)
if beego.BConfig.RunMode == "prod" || beego.BConfig.RunMode == "test" {
msg = protocol.NewReturnResponse(user.UserInfoV3(header, request))
return
}
msg = protocol.NewReturnResponse(user.UserInfo(header, request))
}
... ...
... ... @@ -94,6 +94,12 @@ spec:
value: "stdout"
- name: aliyun_logs_access
value: " /opt/logs/app.log"
- name: BUSINESS_ADMIN_SERVICE_HOST
valueFrom:
configMapKeyRef:
name: suplus-config
key: service.businessadmin
volumes:
- name: accesslogs
emptyDir: {}
... ...
... ... @@ -129,3 +129,80 @@ func CheckUcenterResponse(message *protocol.Message) (err error) {
}
return
}
/*******************企业平台****************/
var MethodUserAuth = "auth/get-user-auth"
//验证用户模块权限
func CheckUserModuleAuth(uid int64) (auth bool) {
var req = NewRequest(fmt.Sprintf("%v%v", beego.AppConfig.String("BUSINESS_ADMIN_SERVICE_HOST"), MethodUserAuth), http.MethodPost)
var message = &protocol.Message{}
var request = struct {
UserId string `json:"userId"`
PlatformId string `json:"platformId"`
}{UserId: fmt.Sprintf("%v", uid), PlatformId: "3"} //平台id:1素+;2问题;3机会;18价值
var response = struct {
UserAuth bool `json:"userAuth"`
}{}
if data, err := req.ActionDefault(request, &message); err != nil {
log.Error(err)
return false
} else {
log.Debug(req.Url, string(data))
}
if message.Errno != 0 {
log.Debug("CheckUserModuleAuth :", message.Errno, message.Errmsg)
return false
}
if err := json.Unmarshal(message.Data, &response); err != nil {
log.Error(err, message, string(message.Data))
return
}
return response.UserAuth
}
type Request struct {
HttpReq *httplib.BeegoHTTPRequest
Url string
}
func NewRequest(url, httpMethod string) *Request {
var (
httpReq *httplib.BeegoHTTPRequest
)
if httpMethod == http.MethodGet {
httpReq = httplib.Get(url)
} else if httpMethod == http.MethodPost {
httpReq = httplib.Post(url)
} else if httpMethod == http.MethodPut {
httpReq = httplib.Put(url)
}
ret := &Request{
HttpReq: httpReq,
Url: url,
}
return ret
}
func (req *Request) ActionDefault(request interface{}, message interface{}) (data []byte, err error) {
var (
httpRsp *http.Response
)
req.HttpReq.JSONBody(request)
req.HttpReq.Header("Content-Type", "application/json")
if httpRsp, err = req.HttpReq.DoRequest(); err != nil {
log.Error(err)
return
}
data, err = ioutil.ReadAll(httpRsp.Body)
defer httpRsp.Body.Close()
if err != nil {
log.Error(err)
return
}
if err = json.Unmarshal(data, message); err != nil {
log.Error(err)
return
}
return
}
... ...
... ... @@ -15,3 +15,9 @@ func Test_UcenterIsUserExists(t *testing.T) {
log.Fatal(err)
}
}
func Test_CheckUserModuleAuth(t *testing.T) {
if ok := CheckUserModuleAuth(3649639319273472); !ok {
t.Fatal("CheckUserModuleAuth error")
}
}
... ...
... ... @@ -31,6 +31,142 @@ var (
)
//登录
func LoginV3(header *protocol.RequestHeader, request *protocol.LoginRequest) (rsp *protocol.LoginResponse, err error) {
var (
user *models.User
userAuth *models.UserAuth
id = request.Uid
getUserRequest *protocol.UCenterServerLoginRequest = &protocol.UCenterServerLoginRequest{
Uid: id,
Token: request.Token,
Type: 2,
}
getUserResponse *protocol.UCenterGetUserResponse
message *protocol.Message
company *models.Company
companys []*models.Company
)
user, err = models.GetUserByUcenterId(id)
if err != nil {
log.Error(err)
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
}
if companys, err = models.GetCompanyByPermission(user.Id); err != nil {
log.Error(err)
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
}
if len(companys) == 0 {
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
}
if !utils.ValidVersion(header.Version, protocol.RequireVersion) {
log.Warn(fmt.Sprintf("版本不足 当前手机版本:%v 需要版本大于:%v", header.Version, protocol.RequireVersion))
err = protocol.NewCustomMessage(2002, "版本不足,请升级app") //账号不存在
return
}
//获取最后一次公司编号给统一用户中心
if u, e := models.GetUserAuthByUserId(user.Id, protocol.DeviceType); e == nil && user.UserCenterId == id {
if company, e = models.GetCompanyById(u.CurrentCompanyId); e == nil {
getUserRequest.CompanyId = company.UserCenterId
}
}
//验证 当前登录的公司是否有模块权限
/************后期移除************/
if ucIds, e := models.GetUserAllCompany(user.Id); e != nil {
log.Error(e)
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
} else {
var hasAuth bool = false
for i := 0; i < len(ucIds); i++ {
hasAuth = agg.CheckUserModuleAuth(ucIds[i].Id)
if hasAuth {
break
}
}
if !hasAuth {
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
}
return
}
/************后期移除************/
//从用户中心获取用户信息
if _, err = agg.RequestUserCenter(protocol.MethodServerLogin, http.MethodPost, getUserRequest, &message); err != nil {
log.Error(err)
return
}
log.Debug(fmt.Sprintf("ucenter_id:%v getuser response:", request.Uid), message.Errno, message.Errmsg)
if message.Errno == 0 && message.Errmsg == "ok" {
if err = message.Unmarshal(&getUserResponse); err != nil {
log.Error(err)
return
}
}
switch message.Errno {
case -1:
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
case 0:
goto Success
case 2002:
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
case 10001:
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
case 10003:
err = protocol.NewErrWithMessage(4140, err) //账号不存在
return
default:
log.Error("error_no:%v msg:%v", message.Errno, message.Errmsg)
err = protocol.NewErrWithMessage(4140, err)
return
}
Success:
{
userAuth, err = models.GetUserAuthByUserId(user.Id, 1)
if err != nil {
if err == orm.ErrNoRows {
err = nil
userAuth = &models.UserAuth{
UserId: user.Id,
DeviceType: 1, //int8(header.DeviceType),
}
models.AddUserAuth(userAuth)
} else {
log.Error(err)
return
}
}
userAuth.AuthCode = uid.NewV1().StringNoDash()
/*更新用户信息*/
user.CsAccount = getUserResponse.CustomerAccount
user.ImToken = getUserResponse.ImToken
user.Icon = getUserResponse.Avatar
user.NickName = getUserResponse.NickName
user.Accid = getUserResponse.Accid
user.UserCenterId = getUserResponse.Id
if err = models.UpdateUsersById(user); err != nil {
log.Error(err)
return
}
userAuth.AuthCodeExp = time.Now().Add(time.Second * protocol.TokenExpire)
if err = models.UpdateUserAuthById(userAuth); err != nil {
return
}
rsp = &protocol.LoginResponse{AuthCode: userAuth.AuthCode}
}
err = protocol.NewSuccessWithMessage("登录成功")
return
}
//登录
func Login(header *protocol.RequestHeader, request *protocol.LoginRequest) (rsp *protocol.LoginResponse, err error) {
var (
user *models.User
... ...
... ... @@ -248,6 +248,10 @@ func SwitchCompany(header *protocol.RequestHeader, request *protocol.SwitchCompa
err = protocol.NewErrWithMessage(4201) //找不到这家公司
return
}
if hasAuth := agg.CheckUserModuleAuth(userCompany.Id); !hasAuth {
err = protocol.NewErrWithMessage(2002) //找不到这家公司
return
}
if auth, err = models.GetUserAuthByUserId(header.Uid, protocol.DeviceType); err != nil {
log.Error(err)
return
... ... @@ -372,6 +376,130 @@ func UserInfo(header *protocol.RequestHeader, request *protocol.UserInfoRequest)
return
}
//用户信息
func UserInfoV3(header *protocol.RequestHeader, request *protocol.UserInfoRequest) (rsp *protocol.UserInfoResponse, err error) {
var (
companyId int64
userCompany *models.UserCompany
userAuth *models.UserAuth
userBaseAgg *protocol.UserBaseInfoAggregation
companys []*models.Company
userCompanys []*models.UserCompany
tmpCompanys []*models.Company = make([]*models.Company, 0)
defaultUserId int64
)
if companys, err = models.GetCompanyByPermission(header.Uid); err != nil {
log.Error(err)
return
}
if userCompanys, err = models.GetUserAllCompany(header.Uid); err != nil {
log.Error(err)
return
}
for i := range userCompanys {
if hasAuth := agg.CheckUserModuleAuth(userCompanys[i].Id); !hasAuth {
log.Debug("检查公司权限:", userCompanys[i].Id, userCompanys[i].CompanyId, "无模块权限")
continue
}
if companyId == 0 { //取默认一个有权限的公司
companyId = userCompanys[i].CompanyId
defaultUserId = userCompanys[i].Id
}
for j := 0; j < len(companys); j++ {
if userCompanys[i].CompanyId == companys[j].Id {
tmpCompanys = append(tmpCompanys, companys[j])
break
}
}
if userCompanys[i].Id == header.UserId && userCompanys[i].CompanyId == header.CompanyId {
companyId = header.CompanyId
break
}
}
//公司列表是所有有权限的公司,企业平台
companys = tmpCompanys
if len(companys) == 0 {
err = protocol.NewErrWithMessage(2002, err) //账号不存在
return
}
if companyId == 0 {
if userCompany, err = models.GetUserCompanysFirst(header.Uid); err != nil {
log.Error(err)
return
}
if userAuth, err = models.GetUserAuthByUserId(header.Uid, protocol.DeviceType); err != nil {
log.Error(err)
return
}
if err = utils.UpdateTableByMap(&models.UserAuth{Id: userAuth.Id}, map[string]interface{}{
"CurrentCompanyId": userCompany.CompanyId, "CurrentUserCompanyId": userCompany.Id}); err != nil {
log.Error(err)
return
}
companyId = int64(userCompany.CompanyId)
header.UserId = userCompany.Id
}
if header.UserId == 0 {
header.UserId = defaultUserId
}
if userBaseAgg, err = agg.GetUserBaseInfoAggregation(header.UserId, companyId); err != nil {
return
}
rsp = &protocol.UserInfoResponse{
User: protocol.User{
UserId: header.UserId,
Name: userBaseAgg.User.NickName,
Phone: userBaseAgg.User.Phone,
Image: protocol.Picture{
Path: userBaseAgg.User.Icon,
H: 0,
W: 0,
},
ImToken: userBaseAgg.User.ImToken,
CompanyId: int(companyId),
Company: protocol.Company{
Id: userBaseAgg.Company.Id,
Name: userBaseAgg.Company.Name,
CId: userBaseAgg.Company.UserCenterId,
},
Departments: make([]protocol.Dep, 0),
Positions: make([]protocol.Job, 0),
},
}
for i := range companys {
rsp.User.Companys = append(rsp.User.Companys, protocol.Company{
Id: companys[i].Id,
Name: companys[i].Name,
CId: companys[i].UserCenterId,
})
}
newDep := func(item *protocol.Department) protocol.Dep {
return protocol.Dep{
Id: item.DepartmentId,
Name: item.Name,
}
}
newPos := func(item *protocol.Position) protocol.Job {
return protocol.Job{
Id: item.PositionId,
Name: item.Name,
}
}
for i := range userBaseAgg.Departments {
rsp.User.Departments = append(rsp.User.Departments, newDep(userBaseAgg.Departments[i]))
}
for i := range userBaseAgg.Positions {
rsp.User.Positions = append(rsp.User.Positions, newPos(userBaseAgg.Positions[i]))
}
if topDep := agg.GetTopDepartment(userBaseAgg.Departments); topDep.DepartmentId != 0 {
rsp.User.Department = newDep(topDep)
}
if topPos := agg.GetTopPosition(userBaseAgg.Positions); topPos.PositionId != 0 {
rsp.User.Position = newPos(topPos)
}
return
}
//用户中心-统计信息
func UserStatistics(header *protocol.RequestHeader, request *protocol.UserStatisticsRequest) (rsp *protocol.UserStatisticsResponse, err error) {
var (
... ...