williamet/cas_tt_cloud_backend
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
cas_tt_cloud_backend/app/api/manage/controller/tenant/auth.go

108 lines
3.1 KiB
Go
Raw Normal View History

feat:完善项目
2021-09-28 11:47:19 +08:00
package tenant
import (
feat:完善信息
2021-10-15 15:06:02 +08:00
"SciencesServer/app/api/manage/controller"
model3 "SciencesServer/app/api/manage/model"
feat:完善项目
2021-09-28 11:47:19 +08:00
model2 "SciencesServer/app/common/model"
"SciencesServer/app/service"
"SciencesServer/serve/logger"
"SciencesServer/serve/orm"
"SciencesServer/utils"
"errors"
"gorm.io/gorm"
)
type Auth struct{ *controller.Platform }
type AuthHandle func(session *service.Session) *Auth
// delete 删除所有权限
func (c *Auth) delete(tenantID uint64, tenantKey string, tx *gorm.DB) error {
feat:完善信息
2021-10-15 15:06:02 +08:00
mSysRoleAuth := model3.NewSysRoleAuth()
feat:完善项目
2021-09-28 11:47:19 +08:00
err := model2.DeleteWhere(mSysRoleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhere("tenant_id", tenantID)}, tx)
if err != nil {
return err
}
go utils.TryCatch(func() {
permission := service.NewPermission(nil)(tenantKey, "")
if succ, err := permission.RemoveFilteredGroupingPolicy(); err != nil {
logger.ErrorF("删除租户【%s】权限信息错误%v", tenantKey, err)
} else if !succ {
logger.ErrorF("删除租户【%s】权限信息失败", tenantKey)
}
})
return nil
}
// revoke 撤销某些权限
func (c *Auth) revoke(tenantID uint64, tenantKey string, authIDs []uint64, tx *gorm.DB) error {
// 查询该租户下不含有的权限信息
feat:完善信息
2021-10-15 15:06:02 +08:00
mSysRuleAuth := model3.NewSysRoleAuth()
feat:完善项目
2021-09-28 11:47:19 +08:00
out, err := mSysRuleAuth.Auths(model2.NewWhere("r.tenant_id", tenantID), model2.NewWhereNotIn("r_a.auth_id", authIDs))
if err != nil {
return err
}
if len(out) <= 0 {
return nil
}
roleAuthIDs := make([]uint64, 0)
roleIDs := make([]string, 0)
auths := make([]*service.AuthRequest, 0)
for _, v := range out {
roleAuthIDs = append(roleAuthIDs, v.ID)
roleIDs = append(roleIDs, utils.UintToString(v.RoleID))
auths = append(auths, &service.AuthRequest{Url: v.Auth, Method: "*"})
}
if err = model2.DeleteWhere(mSysRuleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhereIn("id", roleAuthIDs)}); err != nil {
return err
}
go utils.TryCatch(func() {
permission := service.NewPermission(roleIDs, auths...)(c.TenantKey, "")
// 删除角色权限
if _, err = permission.RemoveNamedGroupingPolicies(); err != nil {
logger.ErrorF("删除租户【%s】下角色权限错误%v", tenantKey, err)
return
}
})
return nil
}
// Bind 绑定权限
func (c *Auth) Bind(tenantID uint64, authIDs []uint64) error {
feat:完善信息
2021-10-15 15:06:02 +08:00
mSysTenant := model3.NewSysTenant()
feat:完善项目
2021-09-28 11:47:19 +08:00
mSysTenant.ID = tenantID
isExist, err := model2.FirstField(mSysTenant.SysTenant, []string{"id", "key"})
if err != nil {
return err
} else if !isExist {
return errors.New("租户/公司信息不存在或已被删除")
}
return orm.GetDB().Transaction(func(tx *gorm.DB) error {
feat:完善信息
2021-10-15 15:06:02 +08:00
mSysTenantAuth := model3.NewSysTenantAuth()
feat:完善项目
2021-09-28 11:47:19 +08:00
if err = model2.DeleteWhere(mSysTenantAuth.SysTenantAuth, []*model2.ModelWhere{model2.NewWhere("tenant_id", mSysTenant.ID)}, tx); err != nil {
return err
}
if len(authIDs) <= 0 {
// 删除租户下所有角色的权限
return c.delete(mSysTenant.ID, mSysTenant.Key, tx)
}
return c.revoke(mSysTenant.ID, mSysTenant.Key, authIDs, tx)
})
}
func NewAuth() AuthHandle {
return func(session *service.Session) *Auth {
return &Auth{Platform: &controller.Platform{Session: session}}
}
}
Reference in New Issue Copy Permalink