权限校验 完成

@@ -30,13 +30,16 @@ func (this *BaseController) Prepare() {
 		this.Ctx.WriteString("")
 		return
 	}
+	if beego.BConfig.RunMode == "dev" {
+		return
+	}
 	p := fmt.Sprint(this.Ctx.Input.GetData("RouterPattern"))
 	userid := this.GetUserId()
 	companyid := this.GetCompanyId()
 	ok := serveauth.ValidUserPermission(p, userid, companyid)
 	if !ok {
-		// msg := protocol.NewMessage("10080")
-		// this.ResposeJson(msg)
+		msg := protocol.NewMessage("10080")
+		this.ResposeJson(msg)
 		return
 	}
 	//权限校验

@@ -215,7 +215,7 @@ func LoginAuthByUCenter(account, password string) (protocol.LoginAuthToken, erro
 		log.Error("更新用户数据失败：%s", err)
 	}
 
-	InitPermission(usercompanyid)
+	InitPermission(usercompanyid, userdata.Id)
 	return logintoken, err
 }
 
@@ -437,7 +437,7 @@ func LoginAuthBySmsCode(phone string, code string) (protocol.LoginAuthToken, err
 	if err != nil {
 		log.Error("更新用户数据失败：%s", err)
 	}
-	InitPermission(usercompanyid)
+	InitPermission(usercompanyid, userdata.Id)
 	return logintoken, err
 }
 
@@ -468,7 +468,7 @@ func SmsCodeCheck(phone string, code string) error {
 }
 
 //InitPermission  登录时权限初始化
-func InitPermission(usercompanyid int64) error {
+func InitPermission(usercompanyid int64, usercompamyid int64) error {
 	var (
 		err           error
 		permissionMap map[string]serverbac.PermissionOptionObject
@@ -478,7 +478,8 @@ func InitPermission(usercompanyid int64) error {
 		log.Error("获取用户的权限失败")
 		return err
 	}
-	err = redisdata.SetUserPermission(permissionMap, usercompanyid)
+
+	err = redisdata.SetUserPermission(permissionMap, usercompamyid)
 	if err != nil {
 		log.Error("缓存用户权限失败:%s", err)
 	}
@@ -492,7 +493,6 @@ func ValidUserPermission(urlPath string, userid int64, companyid int64) bool {
 		ok             bool = false
 		permissionObj  serverbac.PermissionOptionObject
 	)
-
 	permissionbase, ok = serverbac.RouterPermission[urlPath]
 	if !ok {
 		return true
@@ -508,7 +508,7 @@ func ValidUserPermission(urlPath string, userid int64, companyid int64) bool {
 
 	permissionObj, err = redisdata.GetUserPermission(userid, permissionbase.CodeName)
 	if err != nil {
-		log.Error("未取到权限数据")
+		log.Error("未取到权限数据 err:%s", err)
 		return false
 	}
 	ok = permissionObj.GetValidFunc(permissionbase.ActionName)

@@ -53,9 +53,9 @@ var RouterPermission = map[string]PermissionBase{
 	"/v1/rbac/role_group/add":        PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
 	"/v1/rbac/role_group/edit":       PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
 	"/v1/rbac/role_group/delete":     PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
+	"/v1/rbac/role/menu":             PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
 	"/v1/rbac/menu/list":             PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
-	"/v1/rbac/menu":                  PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
-	"/v1/rbac/menu/edit":             PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
+	"/v1/rbac/role/menu/edit":        PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
 	"/v1/rbac/menu/opportunity":      PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
 	"/v1/rbac/menu/opportunity/edit": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
 	"/v1/user/list":                  PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE, ActionName: "default"},
@@ -84,6 +84,9 @@ var RouterPermission = map[string]PermissionBase{
 	"/v1/template/deleteCategory":    PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY_TEMPLATE, ActionName: "default"},
 	"/v1/config/score":               PermissionBase{CodeName: M_SYSTEM_RATING, ActionName: "default"},
 	"/v1/config/score/get":           PermissionBase{CodeName: M_SYSTEM_RATING, ActionName: "default"},
+	"/v1/audit/list":                 PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY, ActionName: "check"},
+	"/v1/audit/info":                 PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY, ActionName: "check"},
+	"/v1/audit/allow_forbid":         PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY, ActionName: "close_chance"},
 }
 
 type CodeToObject func() PermissionOptionObject

@@ -134,8 +134,17 @@ func NewOptionOpportunity() PermissionOptionObject {
 //GetValidFunc   PermissionOptionBase 接口实现
 func (p *OptionOpportunity) GetValidFunc(k string) bool {
 	m := map[string]func() bool{
-		"check": p.ValidCheck,
-	}
+		"check":              p.ValidCheck,
+		"edit_sorce":         p.ValidEditSorce,
+		"close_chance":       p.ValidCloseChance,
+		"edit_public_status": p.ValidEditPublicStatus,
+	}
+	/*
+		EditSorce        int         `json:"edit_sorce"`
+		EditPublicStatus int         `json:"edit_public_status"`
+		CloseChance      int         `json:"close_chance"`
+		EditChance       int         `json:"edit_chance"`
+	*/
 	if fn, ok := m[k]; ok {
 		b := fn()
 		return b
@@ -217,6 +226,13 @@ func (p *OptionOpportunity) ValidEditPublicStatus() bool {
 	return false
 }
 
+func (p *OptionOpportunity) ValidCloseChance() bool {
+	if p.CloseChance > 0 {
+		return true
+	}
+	return false
+}
+
 // //StringUnmarshal  PermissionOptionBase 接口实现
 // func (p *OptionOpportunity) StringUnmarshal(s string) error {
 // 	err := json.Unmarshal([]byte(s), p)

@@ -100,8 +100,8 @@ func GetCaptchAuth(phone string) (string, error) {
 	return r, err
 }
 
-func SetUserPermission(objMap map[string]rbac.PermissionOptionObject, usercompanyid int64) error {
-	key := GetKeyUserPermission(usercompanyid)
+func SetUserPermission(objMap map[string]rbac.PermissionOptionObject, userid int64) error {
+	key := GetKeyUserPermission(userid)
 	client := redis.GetRedis()
 	for k := range objMap {
 		s, err := json.Marshal(objMap[k])