mmm-go / oppmg · 提交

转到一个项目

作者 唐旭辉
提交 d80e8ccb98f82e2746316c6c3c76c2df61b0e6df 1 个父辈 c12c22ad

权限校验 完成

内嵌 并排对比
正在显示 5 个修改的文件 包含 36 行增加14 行删除
@@ -30,13 +30,16 @@ func (this *BaseController) Prepare() { @@ -30,13 +30,16 @@ func (this *BaseController) Prepare() {
30 this.Ctx.WriteString("") 30 this.Ctx.WriteString("")
31 return 31 return
32 } 32 }
  33 + if beego.BConfig.RunMode == "dev" {
  34 + return
  35 + }
33 p := fmt.Sprint(this.Ctx.Input.GetData("RouterPattern")) 36 p := fmt.Sprint(this.Ctx.Input.GetData("RouterPattern"))
34 userid := this.GetUserId() 37 userid := this.GetUserId()
35 companyid := this.GetCompanyId() 38 companyid := this.GetCompanyId()
36 ok := serveauth.ValidUserPermission(p, userid, companyid) 39 ok := serveauth.ValidUserPermission(p, userid, companyid)
37 if !ok { 40 if !ok {
38 - // msg := protocol.NewMessage("10080")  
39 - // this.ResposeJson(msg) 41 + msg := protocol.NewMessage("10080")
  42 + this.ResposeJson(msg)
40 return 43 return
41 } 44 }
42 //权限校验 45 //权限校验
@@ -215,7 +215,7 @@ func LoginAuthByUCenter(account, password string) (protocol.LoginAuthToken, erro @@ -215,7 +215,7 @@ func LoginAuthByUCenter(account, password string) (protocol.LoginAuthToken, erro
215 log.Error("更新用户数据失败:%s", err) 215 log.Error("更新用户数据失败:%s", err)
216 } 216 }
217 217
218 - InitPermission(usercompanyid) 218 + InitPermission(usercompanyid, userdata.Id)
219 return logintoken, err 219 return logintoken, err
220 } 220 }
221 221
@@ -437,7 +437,7 @@ func LoginAuthBySmsCode(phone string, code string) (protocol.LoginAuthToken, err @@ -437,7 +437,7 @@ func LoginAuthBySmsCode(phone string, code string) (protocol.LoginAuthToken, err
437 if err != nil { 437 if err != nil {
438 log.Error("更新用户数据失败:%s", err) 438 log.Error("更新用户数据失败:%s", err)
439 } 439 }
440 - InitPermission(usercompanyid) 440 + InitPermission(usercompanyid, userdata.Id)
441 return logintoken, err 441 return logintoken, err
442 } 442 }
443 443
@@ -468,7 +468,7 @@ func SmsCodeCheck(phone string, code string) error { @@ -468,7 +468,7 @@ func SmsCodeCheck(phone string, code string) error {
468 } 468 }
469 469
470 //InitPermission 登录时权限初始化 470 //InitPermission 登录时权限初始化
471 -func InitPermission(usercompanyid int64) error { 471 +func InitPermission(usercompanyid int64, usercompamyid int64) error {
472 var ( 472 var (
473 err error 473 err error
474 permissionMap map[string]serverbac.PermissionOptionObject 474 permissionMap map[string]serverbac.PermissionOptionObject
@@ -478,7 +478,8 @@ func InitPermission(usercompanyid int64) error { @@ -478,7 +478,8 @@ func InitPermission(usercompanyid int64) error {
478 log.Error("获取用户的权限失败") 478 log.Error("获取用户的权限失败")
479 return err 479 return err
480 } 480 }
481 - err = redisdata.SetUserPermission(permissionMap, usercompanyid) 481 +
  482 + err = redisdata.SetUserPermission(permissionMap, usercompamyid)
482 if err != nil { 483 if err != nil {
483 log.Error("缓存用户权限失败:%s", err) 484 log.Error("缓存用户权限失败:%s", err)
484 } 485 }
@@ -492,7 +493,6 @@ func ValidUserPermission(urlPath string, userid int64, companyid int64) bool { @@ -492,7 +493,6 @@ func ValidUserPermission(urlPath string, userid int64, companyid int64) bool {
492 ok bool = false 493 ok bool = false
493 permissionObj serverbac.PermissionOptionObject 494 permissionObj serverbac.PermissionOptionObject
494 ) 495 )
495 -  
496 permissionbase, ok = serverbac.RouterPermission[urlPath] 496 permissionbase, ok = serverbac.RouterPermission[urlPath]
497 if !ok { 497 if !ok {
498 return true 498 return true
@@ -508,7 +508,7 @@ func ValidUserPermission(urlPath string, userid int64, companyid int64) bool { @@ -508,7 +508,7 @@ func ValidUserPermission(urlPath string, userid int64, companyid int64) bool {
508 508
509 permissionObj, err = redisdata.GetUserPermission(userid, permissionbase.CodeName) 509 permissionObj, err = redisdata.GetUserPermission(userid, permissionbase.CodeName)
510 if err != nil { 510 if err != nil {
511 - log.Error("未取到权限数据") 511 + log.Error("未取到权限数据 err:%s", err)
512 return false 512 return false
513 } 513 }
514 ok = permissionObj.GetValidFunc(permissionbase.ActionName) 514 ok = permissionObj.GetValidFunc(permissionbase.ActionName)
@@ -53,9 +53,9 @@ var RouterPermission = map[string]PermissionBase{ @@ -53,9 +53,9 @@ var RouterPermission = map[string]PermissionBase{
53 "/v1/rbac/role_group/add": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"}, 53 "/v1/rbac/role_group/add": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
54 "/v1/rbac/role_group/edit": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"}, 54 "/v1/rbac/role_group/edit": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
55 "/v1/rbac/role_group/delete": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"}, 55 "/v1/rbac/role_group/delete": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
  56 + "/v1/rbac/role/menu": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
56 "/v1/rbac/menu/list": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"}, 57 "/v1/rbac/menu/list": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
57 - "/v1/rbac/menu": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},  
58 - "/v1/rbac/menu/edit": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"}, 58 + "/v1/rbac/role/menu/edit": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
59 "/v1/rbac/menu/opportunity": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"}, 59 "/v1/rbac/menu/opportunity": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
60 "/v1/rbac/menu/opportunity/edit": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"}, 60 "/v1/rbac/menu/opportunity/edit": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE_ROLE, ActionName: "default"},
61 "/v1/user/list": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE, ActionName: "default"}, 61 "/v1/user/list": PermissionBase{CodeName: M_ENTERPRISE_EMPLOYEE, ActionName: "default"},
@@ -84,6 +84,9 @@ var RouterPermission = map[string]PermissionBase{ @@ -84,6 +84,9 @@ var RouterPermission = map[string]PermissionBase{
84 "/v1/template/deleteCategory": PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY_TEMPLATE, ActionName: "default"}, 84 "/v1/template/deleteCategory": PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY_TEMPLATE, ActionName: "default"},
85 "/v1/config/score": PermissionBase{CodeName: M_SYSTEM_RATING, ActionName: "default"}, 85 "/v1/config/score": PermissionBase{CodeName: M_SYSTEM_RATING, ActionName: "default"},
86 "/v1/config/score/get": PermissionBase{CodeName: M_SYSTEM_RATING, ActionName: "default"}, 86 "/v1/config/score/get": PermissionBase{CodeName: M_SYSTEM_RATING, ActionName: "default"},
  87 + "/v1/audit/list": PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY, ActionName: "check"},
  88 + "/v1/audit/info": PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY, ActionName: "check"},
  89 + "/v1/audit/allow_forbid": PermissionBase{CodeName: M_SYSTEM_OPPORTUNITY, ActionName: "close_chance"},
87 } 90 }
88 91
89 type CodeToObject func() PermissionOptionObject 92 type CodeToObject func() PermissionOptionObject
@@ -134,8 +134,17 @@ func NewOptionOpportunity() PermissionOptionObject { @@ -134,8 +134,17 @@ func NewOptionOpportunity() PermissionOptionObject {
134 //GetValidFunc PermissionOptionBase 接口实现 134 //GetValidFunc PermissionOptionBase 接口实现
135 func (p *OptionOpportunity) GetValidFunc(k string) bool { 135 func (p *OptionOpportunity) GetValidFunc(k string) bool {
136 m := map[string]func() bool{ 136 m := map[string]func() bool{
137 - "check": p.ValidCheck,  
138 - } 137 + "check": p.ValidCheck,
  138 + "edit_sorce": p.ValidEditSorce,
  139 + "close_chance": p.ValidCloseChance,
  140 + "edit_public_status": p.ValidEditPublicStatus,
  141 + }
  142 + /*
  143 + EditSorce int `json:"edit_sorce"`
  144 + EditPublicStatus int `json:"edit_public_status"`
  145 + CloseChance int `json:"close_chance"`
  146 + EditChance int `json:"edit_chance"`
  147 + */
139 if fn, ok := m[k]; ok { 148 if fn, ok := m[k]; ok {
140 b := fn() 149 b := fn()
141 return b 150 return b
@@ -217,6 +226,13 @@ func (p *OptionOpportunity) ValidEditPublicStatus() bool { @@ -217,6 +226,13 @@ func (p *OptionOpportunity) ValidEditPublicStatus() bool {
217 return false 226 return false
218 } 227 }
219 228
  229 +func (p *OptionOpportunity) ValidCloseChance() bool {
  230 + if p.CloseChance > 0 {
  231 + return true
  232 + }
  233 + return false
  234 +}
  235 +
220 // //StringUnmarshal PermissionOptionBase 接口实现 236 // //StringUnmarshal PermissionOptionBase 接口实现
221 // func (p *OptionOpportunity) StringUnmarshal(s string) error { 237 // func (p *OptionOpportunity) StringUnmarshal(s string) error {
222 // err := json.Unmarshal([]byte(s), p) 238 // err := json.Unmarshal([]byte(s), p)
@@ -100,8 +100,8 @@ func GetCaptchAuth(phone string) (string, error) { @@ -100,8 +100,8 @@ func GetCaptchAuth(phone string) (string, error) {
100 return r, err 100 return r, err
101 } 101 }
102 102
103 -func SetUserPermission(objMap map[string]rbac.PermissionOptionObject, usercompanyid int64) error {  
104 - key := GetKeyUserPermission(usercompanyid) 103 +func SetUserPermission(objMap map[string]rbac.PermissionOptionObject, userid int64) error {
  104 + key := GetKeyUserPermission(userid)
105 client := redis.GetRedis() 105 client := redis.GetRedis()
106 for k := range objMap { 106 for k := range objMap {
107 s, err := json.Marshal(objMap[k]) 107 s, err := json.Marshal(objMap[k])