2021-09-28 11:47:19 +08:00
|
|
|
|
package role
|
|
|
|
|
|
|
|
|
|
import (
|
2021-10-15 15:06:02 +08:00
|
|
|
|
"SciencesServer/app/api/manage/controller"
|
|
|
|
|
auth2 "SciencesServer/app/api/manage/controller/auth"
|
|
|
|
|
model3 "SciencesServer/app/api/manage/model"
|
2021-09-28 11:47:19 +08:00
|
|
|
|
model2 "SciencesServer/app/common/model"
|
|
|
|
|
"SciencesServer/app/service"
|
|
|
|
|
"SciencesServer/serve/logger"
|
|
|
|
|
"SciencesServer/serve/orm"
|
|
|
|
|
"SciencesServer/utils"
|
|
|
|
|
|
|
|
|
|
"gorm.io/gorm"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Auth struct{ *controller.Platform }
|
|
|
|
|
|
|
|
|
|
type AuthHandle func(session *service.Session) *Auth
|
|
|
|
|
|
|
|
|
|
// List 角色权限列表
|
2021-09-28 11:51:15 +08:00
|
|
|
|
func (c *Auth) List(roleID uint64) ([]*auth2.TreeChecked, error) {
|
2021-10-15 15:06:02 +08:00
|
|
|
|
mSysAuth := model3.NewSysAuth()
|
2021-09-28 11:47:19 +08:00
|
|
|
|
|
|
|
|
|
out, err := mSysAuth.RoleAuth(c.TenantID, roleID)
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2021-09-28 11:51:15 +08:00
|
|
|
|
return auth2.TreeCheckedFunc(out, 0), nil
|
2021-09-28 11:47:19 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Bind 角色权限绑定
|
|
|
|
|
func (c *Auth) Bind(roleID uint64, authIDs []uint64) error {
|
|
|
|
|
return orm.GetDB().Transaction(func(tx *gorm.DB) error {
|
2021-10-15 15:06:02 +08:00
|
|
|
|
mSysRoleAuth := model3.NewSysRoleAuth()
|
2021-09-28 11:47:19 +08:00
|
|
|
|
|
|
|
|
|
err := model2.DeleteWhere(mSysRoleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhere("role_id", roleID)}, tx)
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
// 查询权限信息
|
2021-10-15 15:06:02 +08:00
|
|
|
|
mSysAuth := model3.NewSysAuth()
|
2021-09-28 11:47:19 +08:00
|
|
|
|
|
|
|
|
|
auths := make([]*model2.SysAuth, 0)
|
|
|
|
|
|
|
|
|
|
if err = model2.Find(mSysAuth.SysAuth, &auths, &model2.ModelWhereOrder{Where: model2.NewWhereIn("id", authIDs)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
authRequests := make([]*service.AuthRequest, 0)
|
|
|
|
|
|
|
|
|
|
roles := make([]*model2.SysRoleAuth, 0)
|
|
|
|
|
|
|
|
|
|
for _, v := range auths {
|
|
|
|
|
roles = append(roles, &model2.SysRoleAuth{
|
|
|
|
|
ModelTenant: model2.ModelTenant{TenantID: c.TenantID}, RoleID: roleID, AuthID: v.ID,
|
|
|
|
|
})
|
|
|
|
|
if v.Auth == "" {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
authRequests = append(authRequests, &service.AuthRequest{Url: v.Auth, Method: "*"})
|
|
|
|
|
}
|
|
|
|
|
if err = model2.Creates(mSysRoleAuth.SysRoleAuth, roles, tx); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
go utils.TryCatch(func() {
|
|
|
|
|
permission := service.NewPermission([]string{utils.UintToString(roleID)}, authRequests...)(c.TenantKey, "")
|
|
|
|
|
// 删除角色权限
|
|
|
|
|
if _, err = permission.RemoveRolePolicy(); err != nil {
|
|
|
|
|
logger.ErrorF("删除角色【%d】规则信息错误:%v", roleID, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if len(authRequests) > 0 {
|
|
|
|
|
if _, err = permission.AddPolicies(); err != nil {
|
|
|
|
|
logger.ErrorF("创建角色【%d】规则信息错误:%v", roleID, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
return nil
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewAuth() AuthHandle {
|
|
|
|
|
return func(session *service.Session) *Auth {
|
|
|
|
|
return &Auth{Platform: &controller.Platform{Session: session}}
|
|
|
|
|
}
|
|
|
|
|
}
|