分页数据修改

唐旭辉
controllers/audit.go
controllers/base.go
protocol/message.go
services/auth/auth.go
services/rbac/permission.go
--- a/controllers/audit.go
查看文件 @1b03ec3
+++ b/controllers/audit.go
查看文件 @1b03ec3
@@ -39,7 +39,7 @@ func (c *AuditController) AuditList() {
 	uid := c.GetUserId()
 	companyId := c.GetCompanyId()
 	list, err := serveaudit.GetAuditList(param, companyId, uid)
- 	msg = protocol.NewReturnResponse(list, err)
+ 	msg = protocol.NewPageDataResponse(list, err)
 	return
 }
 
--- a/controllers/base.go
查看文件 @1b03ec3
+++ b/controllers/base.go
查看文件 @1b03ec3
@@ -8,6 +8,8 @@ import (
 	"oppmg/utils/exceltool"
 	"strconv"
 
+ 	serveauth "oppmg/services/auth"
+ 
 	"github.com/astaxie/beego"
 	"github.com/astaxie/beego/context"
 	"github.com/astaxie/beego/validation"
@@ -28,16 +30,21 @@ func (this *BaseController) Prepare() {
 		this.Ctx.WriteString("")
 		return
 	}
- 	// p := this.Ctx.Input.GetData("RouterPattern")
- 	// userid := this.GetUserId()
- 	// companyid := this.GetCompanyId()
+ 	p := fmt.Sprint(this.Ctx.Input.GetData("RouterPattern"))
+ 	userid := this.GetUserId()
+ 	companyid := this.GetCompanyId()
+ 	ok := serveauth.ValidUserPermission(p, userid, companyid)
+ 	if !ok {
+ 		// msg := protocol.NewMessage("10080")
+ 		// this.ResposeJson(msg)
+ 		return
+ 	}
 	//权限校验
- 
+ 	return
 }
 
 func (this *BaseController) GetAppHead() (appHead protocol.BaseHeader) {
 	appHead.AccessToken = this.Ctx.Input.Header(protocol.HeaderAccessToken)
- 	//appHead.RefreshToken = this.Ctx.Input.Header(protocol.HeaderRefreshToken)
 	return
 
 }
--- a/protocol/message.go
查看文件 @1b03ec3
+++ b/protocol/message.go
查看文件 @1b03ec3
@@ -33,6 +33,7 @@ var errmessge ErrorMap = map[string]string{
 	"10027": "无操作权限",
 	"10028": "验证码错误",
 	"10029": "获取验证码失败",
+ 	"10080": "无操作权限",
 
 	//用户相关
 	"10031": "无效角色",
--- a/services/auth/auth.go
查看文件 @1b03ec3
+++ b/services/auth/auth.go
查看文件 @1b03ec3
@@ -143,30 +143,6 @@ func ChangeLoginToken(userid, companyid int64) (protocol.LoginAuthToken, error) 
 	return logintoken, nil
 }
 
- // func RefreshLoginToken(refreshtoken string) (protocol.LoginAuthToken, error) {
- // 	var (
- // 		logintoken protocol.LoginAuthToken
- // 		mtoken     *MyToken
- // 		err        error
- // 		storetoken redisdata.RedisLoginToken
- // 	)
- // 	mtoken, err = ValidJWTToken(refreshtoken)
- // 	if err != nil {
- // 		log.Debug("token失效 err:%s", err)
- // 		return logintoken, protocol.NewErrWithMessage("10024")
- // 	}
- // 	storetoken, err = redisdata.GetLoginToken(mtoken.UID, mtoken.CompanyID)
- // 	if err != nil {
- // 		log.Error("redis err:%s", err)
- // 		return logintoken, protocol.NewErrWithMessage("10024")
- // 	}
- // 	if storetoken.RefreshToken != refreshtoken {
- // 		return logintoken, protocol.NewErrWithMessage("10024")
- // 	}
- // 	logintoken, _ = GenerateAuthToken(mtoken.UID, mtoken.CompanyID)
- // 	return logintoken, nil
- // }
- 
 func LoginAuthByUCenter(account, password string) (protocol.LoginAuthToken, error) {
 	var (
 		err           error
@@ -392,22 +368,6 @@ func GetUserHasMenu(userid, companyid int64) ([]protocol.ResponseUserHasMenu, er
 	return list, nil
 }
 
- //主管拥有全部的菜单
- // func getAdminHasMenu() ([]protocol.PermissionItem, error) {
- // 	const datasql string = `SELECT id,name,icon,parent_id,senior_status,sort,code
- // 				FROM menu WHERE enabled=1 ORDER BY sort `
- // 	var (
- // 		list = make([]protocol.PermissionItem, 0)
- // 		err  error
- // 	)
- // 	err = utils.ExecuteQueryAll(&list, datasql)
- // 	if err != nil {
- // 		log.Error("EXECUTE SQL err:%s", err)
- // 		return nil, protocol.NewErrWithMessage("1")
- // 	}
- // 	return list, nil
- // }
- 
 func LoginAuthBySmsCode(phone string, code string) (protocol.LoginAuthToken, error) {
 	var (
 		err           error
@@ -532,10 +492,20 @@ func ValidUserPermission(urlPath string, userid int64, companyid int64) bool {
 		ok             bool = false
 		permissionObj  serverbac.PermissionOptionObject
 	)
+ 
 	permissionbase, ok = serverbac.RouterPermission[urlPath]
 	if !ok {
 		return true
 	}
+ 	companyinfo, err := models.GetCompanyById(companyid)
+ 	if err != nil {
+ 		log.Error("获取公司数据失败")
+ 		return false
+ 	}
+ 	if companyinfo.AdminId == userid {
+ 		return true
+ 	}
+ 
 	permissionObj, err = redisdata.GetUserPermission(userid, permissionbase.CodeName)
 	if err != nil {
 		log.Error("未取到权限数据")
--- a/services/rbac/permission.go
查看文件 @1b03ec3
+++ b/services/rbac/permission.go
查看文件 @1b03ec3
@@ -143,3 +143,26 @@ func GetUserPermission(userCompanyid int64) (map[string]PermissionOptionObject, 
 	}
 	return objMap, nil
 }
+ 
+ // func ValidUserPermission(urlPath string, userid int64, companyid int64) bool {
+ // 	var (
+ // 		err            error
+ // 		permissionbase PermissionBase
+ // 		ok             bool = false
+ // 		permissionObj  PermissionOptionObject
+ // 	)
+ // 	permissionbase, ok = RouterPermission[urlPath]
+ // 	if !ok {
+ // 		return true
+ // 	}
+ // 	permissionObj, err = redisdata.GetUserPermission(userid, permissionbase.CodeName)
+ // 	if err != nil {
+ // 		log.Error("未取到权限数据")
+ // 		return false
+ // 	}
+ // 	ok = permissionObj.GetValidFunc(permissionbase.ActionName)
+ // 	if ok {
+ // 		return true
+ // 	}
+ // 	return false
+ // }