提交

@@ -6,6 +6,7 @@ import (
 	"oppmg/common/log"
 	"oppmg/common/log"
 	"oppmg/models"
 	"oppmg/models"
 	"oppmg/protocol"
 	"oppmg/protocol"
+	"oppmg/utils/signature"
 	"strconv"
 	"strconv"
 
 
 	"github.com/astaxie/beego"
 	"github.com/astaxie/beego"
@@ -62,6 +63,11 @@ func (c *OpenApiController) GetChangeMedia() {
 		msg = protocol.BadRequestParam("1")
 		msg = protocol.BadRequestParam("1")
 		return
 		return
 	}
 	}
+	if ok := signature.CheckSignaString(param.ChanceId, param.CheckSum); !ok {
+		log.Error("签名check_sum比对失败")
+		msg = protocol.BadRequestParam("1")
+		return
+	}
 	chanceId, _ := strconv.ParseInt(param.ChanceId, 10, 64)
 	chanceId, _ := strconv.ParseInt(param.ChanceId, 10, 64)
 	var (
 	var (
 		err          error
 		err          error

@@ -3,10 +3,12 @@ package audit
 import (
 import (
 	"encoding/json"
 	"encoding/json"
 	"fmt"
 	"fmt"
+	myconfig "oppmg/common/config"
 	"oppmg/common/log"
 	"oppmg/common/log"
 	"oppmg/models"
 	"oppmg/models"
 	"oppmg/protocol"
 	"oppmg/protocol"
 	"oppmg/utils/exceltool"
 	"oppmg/utils/exceltool"
+	"oppmg/utils/signature"
 	"strconv"
 	"strconv"
 	"strings"
 	"strings"
 
 
@@ -116,7 +118,14 @@ func GetAuditListForExcel(param protocol.RequestAuditList, companyid int64, user
 			}
 			}
 		}
 		}
 		soureData[i]["soure_content"] = soureContentText.String()
 		soureData[i]["soure_content"] = soureContentText.String()
-		soureData[i]["media"] = fmt.Sprintf("chance_id=%v&check_sum=%s", soureData[i]["id"], "xx")
+		signString := signature.SignaString(fmt.Sprint(soureData[i]["id"]))
+		var frontHost string
+		if "prod" == myconfig.MConfig.ConfigName {
+			frontHost = "https://web-open.fjmaimaimai.com/#/ability/opportunity/export-detail"
+		} else {
+			frontHost = "https://mmm-web-open-test.fjmaimaimai.com//#/ability/opportunity/export-detail"
+		}
+		soureData[i]["media"] = fmt.Sprintf("%s?chance_id=%v&check_sum=%s", frontHost, soureData[i]["id"], signString)
 
 
 	}
 	}
 	excelhead := []exceltool.ExcelHead{
 	excelhead := []exceltool.ExcelHead{

@@ -22,6 +22,7 @@ const (
 	M_SYSTEM_ACHIEVEMENT          string = "SYSTEM_ACHIEVEMENT"          //成果管理
 	M_SYSTEM_ACHIEVEMENT          string = "SYSTEM_ACHIEVEMENT"          //成果管理
 	M_SYSTEM_RANK                 string = "SYSTEM_RANK"                 //排行榜配置管理
 	M_SYSTEM_RANK                 string = "SYSTEM_RANK"                 //排行榜配置管理
 	M_SYSTEM_CHECK_RESULT         string = "SYSTEM_CHECK_RESULT"         //机会筛选结果
 	M_SYSTEM_CHECK_RESULT         string = "SYSTEM_CHECK_RESULT"         //机会筛选结果
+	M_SYSTEM_RESERVE_TYPE         string = "SYSTEM_RESERVE_TYPE"         //储备池分类
 )
 )
 
 
 type PermissionOptionObject interface {
 type PermissionOptionObject interface {

 package signature
 package signature
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"strings"
+)
+
+const (
+	mixtureBegin string = "v!(MmM"
+	mixtureEnd   string = "MmM)i^"
+)
+
+func SignaString(s string) string {
+	toSign := mixtureBegin + s + mixtureEnd
+	sha256 := sha256.New()
+	sha256.Write([]byte(toSign))
+	signHex := hex.EncodeToString(sha256.Sum(nil))
+	return signHex
+}
+
+func CheckSignaString(s string, compared string) bool {
+	signHex := SignaString(s)
+	if strings.Compare(signHex, compared) == 0 {
+		return true
+	}
+	return false
+}