feat:完善项目信息

This commit is contained in:
henry
2022-01-07 17:24:39 +08:00
parent 2bf3c01702
commit 119857bfdb
12 changed files with 295 additions and 175 deletions

View File

@ -8,20 +8,14 @@ import (
type (
// Tree 权限信息
Tree struct {
ID string `json:"id"`
*model2.SysAuth
KindTitle string `json:"kind_title"`
Children []*Tree `json:"children"`
}
// TreeRole 角色权限信息
TreeRole struct {
*model2.SysAuth
KindTitle string `json:"kind_title"`
Checked bool `json:"checked"`
Children []*TreeRole `json:"children"`
Children []*Tree `json:"children"`
}
// TreeChecked 角色选中状态
TreeChecked struct {
*model2.SysAuth
ID string `json:"id"`
*model.SysAuthScene
Checked bool `json:"checked"`
Children []*TreeChecked `json:"children"`
}
@ -34,9 +28,9 @@ func tree(src []*model2.SysAuth, parentID uint64) []*Tree {
for _, v := range src {
if v.ParentID == parentID {
out = append(out, &Tree{
SysAuth: v,
KindTitle: v.KindTitle(),
Children: tree(src, v.ID),
ID: v.GetEncodeID(),
SysAuth: v,
Children: tree(src, v.ID),
})
}
}
@ -50,9 +44,10 @@ func TreeCheckedFunc(src []*model.SysAuthScene, parentID uint64) []*TreeChecked
for _, v := range src {
if v.ParentID == parentID {
out = append(out, &TreeChecked{
SysAuth: v.SysAuth,
Checked: v.SceneID > 0,
Children: TreeCheckedFunc(src, v.ID),
ID: v.GetEncodeID(),
SysAuthScene: v,
Checked: v.SceneID > 0,
Children: TreeCheckedFunc(src, v.ID),
})
}
}

View File

@ -1,13 +1,14 @@
package role
import (
auth2 "SciencesServer/app/api/admin/controller/auth"
model3 "SciencesServer/app/api/admin/model"
"SciencesServer/app/api/admin/controller/auth"
"SciencesServer/app/api/admin/model"
model2 "SciencesServer/app/common/model"
"SciencesServer/app/service"
"SciencesServer/app/session"
"SciencesServer/serve/orm"
"SciencesServer/utils"
"errors"
"fmt"
"gorm.io/gorm"
)
@ -16,67 +17,86 @@ type Auth struct{ *session.Admin }
type AuthHandle func(session *session.Admin) *Auth
// Index 角色权限列表
func (c *Auth) Index(roleID uint64) ([]*auth2.TreeChecked, error) {
mSysAuth := model3.NewSysAuth()
// Instance 角色权限列表
func (c *Auth) Instance(roleID uint64) ([]*auth.TreeChecked, error) {
mSysAuth := model.NewSysAuth()
out, err := mSysAuth.RoleAuth(c.TenantID, roleID)
if err != nil {
return nil, err
}
return auth2.TreeCheckedFunc(out, 0), nil
return auth.TreeCheckedFunc(out, 0), nil
}
// Bind 角色权限绑定
func (c *Auth) Bind(roleID uint64, authIDs []uint64) error {
return orm.GetDB().Transaction(func(tx *gorm.DB) error {
mSysRoleAuth := model3.NewSysRoleAuth()
if c.TenantID > 0 {
// 查询该租户下绑定的菜单信息
mSysTenantAuth := model.NewSysTenantAuth()
var count int64
if err := model2.Count(mSysTenantAuth.SysTenantAuth, &count, model2.NewWhere("tenant_id", c.TenantID),
model2.NewWhereNotIn("auth_id", authIDs)); err != nil {
return err
} else if count > 0 {
return errors.New("操作异常,菜单权限异常")
}
}
mSysRoleAuth := model.NewSysRoleAuth()
return orm.GetDB().Transaction(func(tx *gorm.DB) error {
err := model2.DeleteWhere(mSysRoleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhere("role_id", roleID)}, tx)
if err != nil {
return err
}
permission := service.NewPermission(
service.WithAuthTenant(fmt.Sprintf("%d", c.TenantID)),
service.WithAuthRoles([]string{fmt.Sprintf("%d", roleID)}),
)
if len(authIDs) <= 0 {
_, err = permission.RemoveSingleRolePolicy()
return err
}
// 查询权限信息
mSysAuth := model3.NewSysAuth()
mSysAuth := model.NewSysAuth()
auths := make([]*model2.SysAuth, 0)
if err = model2.Find(mSysAuth.SysAuth, &auths, &model2.ModelWhereOrder{Where: model2.NewWhereIn("id", authIDs)}); err != nil {
if err = model2.ScanFields(mSysAuth.SysAuth, &auths, []string{"id", "kind", "auth"}, &model2.ModelWhereOrder{
Where: model2.NewWhereIn("id", authIDs),
}); err != nil {
return err
}
authRequests := make([]*service.AuthRequest, 0)
data := make([]*model2.SysRoleAuth, 0)
roles := make([]*model2.SysRoleAuth, 0)
request := make([]*service.AuthRequest, 0)
for _, v := range auths {
roles = append(roles, &model2.SysRoleAuth{
ModelTenant: model2.ModelTenant{TenantID: c.TenantID}, RoleID: roleID, AuthID: v.ID,
data = append(data, &model2.SysRoleAuth{
RoleID: roleID,
AuthID: v.ID,
})
if v.Auth == "" {
if v.Kind == model2.SysAuthKindForModule || v.Auth == "" {
continue
}
authRequests = append(authRequests, &service.AuthRequest{Url: v.Auth, Method: "*"})
mSysAuth.Auth = v.Auth
request = append(request, &service.AuthRequest{
Url: mSysAuth.FilterAuth(),
Method: "*",
})
}
if err = model2.Creates(mSysRoleAuth.SysRoleAuth, roles, tx); err != nil {
if err = model2.Creates(mSysRoleAuth.SysRoleAuth, data); err != nil {
return err
}
go utils.TryCatch(func() {
//permission := service.NewPermission([]string{utils.UintToString(roleID)}, authRequests...)(c.TenantKey, "")
//// 删除角色权限
//if _, err = permission.RemoveRolePolicy(); err != nil {
// logger.ErrorF("删除角色【%d】规则信息错误%v", roleID, err)
// return
//}
//if len(authRequests) > 0 {
// if _, err = permission.AddPolicies(); err != nil {
// logger.ErrorF("创建角色【%d】规则信息错误%v", roleID, err)
// return
// }
//}
})
return nil
permission.AddRequest(request)
_, err = permission.AddPolicies()
return err
})
}

View File

@ -1,11 +1,14 @@
package role
import (
menu2 "SciencesServer/app/api/admin/controller/menu"
"SciencesServer/app/api/admin/controller/menu"
"SciencesServer/app/api/admin/model"
model2 "SciencesServer/app/common/model"
"SciencesServer/app/service"
"SciencesServer/app/session"
"SciencesServer/serve/orm"
"errors"
"fmt"
"gorm.io/gorm"
)
@ -14,15 +17,25 @@ type Menu struct{ *session.Admin }
type MenuHandle func(session *session.Admin) *Menu
// Index 菜单列表
func (c *Menu) Index(roleID uint64) ([]*menu2.TreeChecked, error) {
func (c *Menu) Index(roleID uint64) ([]*menu.TreeChecked, error) {
mSysMenu := model.NewSysMenu()
return menu2.MenuForRoleChecked(mSysMenu, c.TenantID, roleID)
return menu.MenuForRoleChecked(mSysMenu, c.TenantID, roleID)
}
// Bind 绑定菜单
func (c *Menu) Bind(roleID uint64, menuIDs []uint64) error {
if len(menuIDs) > 0 {
if c.TenantID > 0 {
// 查询该租户下绑定的菜单信息
mSysTenantMenu := model.NewSysTenantMenu()
var count int64
if err := model2.Count(mSysTenantMenu.SysTenantMenu, &count, model2.NewWhere("tenant_id", c.TenantID),
model2.NewWhereNotIn("menu_id", menuIDs)); err != nil {
return err
} else if count > 0 {
return errors.New("操作异常,菜单权限异常")
}
}
mSysRoleMenu := model.NewSysRoleMenu()
@ -32,24 +45,51 @@ func (c *Menu) Bind(roleID uint64, menuIDs []uint64) error {
if err != nil {
return err
}
permission := service.NewPermission(
service.WithAuthTenant(fmt.Sprintf("%d", c.TenantID)),
service.WithAuthRoles([]string{fmt.Sprintf("%d", roleID)}),
)
if len(menuIDs) <= 0 {
return nil
}
menus := make([]*model2.SysRoleMenu, 0)
mark := make(map[uint64]uint64, 0)
for _, v := range menuIDs {
if _, has := mark[v]; has {
continue
}
menus = append(menus, &model2.SysRoleMenu{RoleID: roleID, MenuID: v})
mark[v] = v
}
if err = model2.Creates(mSysRoleMenu.SysRoleMenu, menus, tx); err != nil {
_, err = permission.RemoveSingleRolePolicy()
return err
}
return nil
// 查询菜单信息
mSysMenu := model.NewSysMenu()
menus := make([]*model2.SysMenu, 0)
if err = model2.ScanFields(mSysMenu.SysMenu, &menus, []string{"id", "kind", "auth"}, &model2.ModelWhereOrder{
Where: model2.NewWhereIn("id", menuIDs),
}); err != nil {
return err
}
data := make([]*model2.SysRoleMenu, 0)
request := make([]*service.AuthRequest, 0)
for _, v := range menus {
data = append(data, &model2.SysRoleMenu{
RoleID: roleID,
MenuID: v.ID,
})
if v.Kind == model2.SysMenuKindForCatalogue || v.Auth == "" {
continue
}
mSysMenu.Auth = v.Auth
request = append(request, &service.AuthRequest{
Url: mSysMenu.FilterAuth(),
Method: "*",
})
}
if err = model2.Creates(mSysRoleMenu.SysRoleMenu, data, tx); err != nil {
return err
}
permission.AddRequest(request)
_, err = permission.AddPolicies()
return err
})
}

View File

@ -1,14 +1,13 @@
package tenant
import (
model3 "SciencesServer/app/api/admin/model"
"SciencesServer/app/api/admin/controller/auth"
"SciencesServer/app/api/admin/model"
model2 "SciencesServer/app/common/model"
"SciencesServer/app/service"
"SciencesServer/app/session"
"SciencesServer/serve/logger"
"SciencesServer/serve/orm"
"SciencesServer/utils"
"errors"
"fmt"
"gorm.io/gorm"
)
@ -17,86 +16,133 @@ type Auth struct{ *session.Admin }
type AuthHandle func(session *session.Admin) *Auth
// delete 删除所有权限
func (c *Auth) delete(tenantID uint64, tenantKey string, tx *gorm.DB) error {
mSysRoleAuth := model3.NewSysRoleAuth()
err := model2.DeleteWhere(mSysRoleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhere("tenant_id", tenantID)}, tx)
if err != nil {
return err
}
go utils.TryCatch(func() {
permission := service.NewPermission(service.WithAuthTenant(tenantKey))
if succ, err := permission.RemoveFilteredGroupingPolicy(); err != nil {
logger.ErrorF("删除租户【%s】权限信息错误%v", tenantKey, err)
} else if !succ {
logger.ErrorF("删除租户【%s】权限信息失败", tenantKey)
}
})
return nil
func (c *Auth) revoke(tenantID string, roleIDs []string, request []*service.AuthRequest) error {
permission := service.NewPermission(
service.WithAuthTenant(tenantID),
service.WithAuthRoles(roleIDs),
service.WithAuthRequest(request),
)
_, err := permission.RemoveRolePolicies()
return err
}
// revoke 撤销某些权限
func (c *Auth) revoke(tenantID uint64, tenantKey string, authIDs []uint64, tx *gorm.DB) error {
// 查询该租户下不含有的权限信息
mSysRuleAuth := model3.NewSysRoleAuth()
// Instance 租户权限信息
func (c *Auth) Instance(tenantID uint64) ([]*auth.TreeChecked, error) {
mSysAuth := model.NewSysAuth()
out, err := mSysRuleAuth.Auths(model2.NewWhere("r.tenant_id", tenantID), model2.NewWhereNotIn("r_a.auth_id", authIDs))
out, err := mSysAuth.TenantAuth(tenantID)
if err != nil {
return err
return nil, err
}
if len(out) <= 0 {
return nil
}
roleAuthIDs := make([]uint64, 0)
roleIDs := make([]string, 0)
auths := make([]*service.AuthRequest, 0)
for _, v := range out {
roleAuthIDs = append(roleAuthIDs, v.ID)
roleIDs = append(roleIDs, utils.UintToString(v.RoleID))
auths = append(auths, &service.AuthRequest{Url: v.Auth, Method: "*"})
}
if err = model2.DeleteWhere(mSysRuleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhereIn("id", roleAuthIDs)}); err != nil {
return err
}
go utils.TryCatch(func() {
//permission := service.NewPermission(roleIDs, auths...)(c.TenantKey, "")
//// 删除角色权限
//if _, err = permission.RemoveNamedGroupingPolicies(); err != nil {
// logger.ErrorF("删除租户【%s】下角色权限错误%v", tenantKey, err)
// return
//}
})
return nil
return auth.TreeCheckedFunc(out, 0), nil
}
// Bind 绑定权限
func (c *Auth) Bind(tenantID uint64, authIDs []uint64) error {
mSysTenant := model3.NewSysTenant()
mSysTenant.ID = tenantID
mSysTenantAuth := model.NewSysTenantAuth()
// 查询用户所有的权限信息
out := make([]*model2.SysTenantAuth, 0)
isExist, err := model2.FirstField(mSysTenant.SysTenant, []string{"id", "key"})
err := model2.ScanFields(mSysTenantAuth.SysTenantAuth, &out, []string{"id", "auth_id"},
&model2.ModelWhereOrder{Where: model2.NewWhere("tenant_id", tenantID)})
if err != nil {
return err
} else if !isExist {
return errors.New("租户/公司信息不存在或已被删除")
}
_auths := make(map[uint64]uint64, 0)
// 应保存的菜单
insertAuths := make([]*model2.SysTenantAuth, 0)
// 应删除的菜单
deleteAuthIDs := make([]uint64, 0)
for _, v := range authIDs {
_auths[v] = v
}
return orm.GetDB().Transaction(func(tx *gorm.DB) error {
mSysTenantAuth := model3.NewSysTenantAuth()
// 无菜单信息
if len(_auths) <= 0 {
for _, v := range out {
deleteAuthIDs = append(deleteAuthIDs, v.AuthID)
}
goto NEXT
}
// 租户原本含有菜单信息
for _, v := range out {
_, has := _auths[v.AuthID]
if err = model2.DeleteWhere(mSysTenantAuth.SysTenantAuth, []*model2.ModelWhere{model2.NewWhere("tenant_id", mSysTenant.ID)}, tx); err != nil {
if !has {
deleteAuthIDs = append(deleteAuthIDs, v.AuthID)
continue
}
delete(_auths, v.AuthID)
}
if len(_auths) > 0 {
for k := range _auths {
insertAuths = append(insertAuths, &model2.SysTenantAuth{
ModelTenant: model2.ModelTenant{TenantID: tenantID},
AuthID: k,
})
}
if err = model2.Creates(mSysTenantAuth.SysTenantAuth, insertAuths); err != nil {
return err
}
}
NEXT:
// 删除操作
if len(deleteAuthIDs) <= 0 {
return nil
}
// 删除租户的权限信息
if err = model2.DeleteWhere(mSysTenantAuth.SysTenantAuth, []*model2.ModelWhere{model2.NewWhere("tenant_id", tenantID),
model2.NewWhereIn("auth_id", deleteAuthIDs)}, tx); err != nil {
return err
}
if len(authIDs) <= 0 {
// 删除租户下所有角色的权限
return c.delete(mSysTenant.ID, mSysTenant.Key, tx)
// 查询租户下所有角色信息
mSysRole := model.NewSysRole()
roleIDs := make([]uint64, 0)
if err = model2.Pluck(mSysRole.SysRole, "id", &roleIDs, model2.NewWhere("tenant_id", tenantID)); err != nil {
return err
}
return c.revoke(mSysTenant.ID, mSysTenant.Key, authIDs, tx)
// 删除租户下角色的权限
mSysRoleAuth := model.NewSysRoleAuth()
if err = model2.DeleteWhere(mSysRoleAuth.SysRoleAuth, []*model2.ModelWhere{
model2.NewWhereIn("role_id", roleIDs), model2.NewWhereIn("auth_id", deleteAuthIDs),
}, tx); err != nil {
return err
}
// 查询菜单信息,关闭角色的权限信息
mSysAuth := model.NewSysAuth()
auths := make([]*model2.SysAuth, 0)
if err = model2.ScanFields(mSysAuth.SysAuth, &auths, []string{"kind", "auth"},
&model2.ModelWhereOrder{Where: model2.NewWhereIn("id", deleteAuthIDs)}); err != nil {
return err
}
// 同步权限
_roleIDs := make([]string, 0)
for _, v := range roleIDs {
_roleIDs = append(_roleIDs, fmt.Sprintf("%d", v))
}
request := make([]*service.AuthRequest, 0)
for _, v := range auths {
if v.Kind == model2.SysAuthKindForModule || v.Auth == "" {
continue
}
mSysAuth.Auth = v.Auth
request = append(request, &service.AuthRequest{
Url: mSysAuth.FilterAuth(),
Method: "*",
})
}
return c.revoke(fmt.Sprintf("%d", tenantID), _roleIDs, request)
})
}

View File

@ -15,7 +15,7 @@ type Menu struct{ *session.Admin }
type MenuHandle func(session *session.Admin) *Menu
func (c *Menu) auth(tenantID string, roleIDs []string, request []*service.AuthRequest) error {
func (c *Menu) revokeAuth(tenantID string, roleIDs []string, request []*service.AuthRequest) error {
permission := service.NewPermission(
service.WithAuthTenant(tenantID),
service.WithAuthRoles(roleIDs),
@ -25,8 +25,8 @@ func (c *Menu) auth(tenantID string, roleIDs []string, request []*service.AuthRe
return err
}
// List 菜单列表
func (c *Menu) List(tenantID uint64) ([]*menu.TreeChecked, error) {
// Instance 菜单列表
func (c *Menu) Instance(tenantID uint64) ([]*menu.TreeChecked, error) {
mSysMenu := model.NewSysMenu()
return menu.MenuForTenantChecked(mSysMenu, tenantID)
}
@ -38,7 +38,8 @@ func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error {
// 当前租户的信息
out := make([]*model2.SysTenantMenu, 0)
err := model2.ScanFields(mSysTenantMenu.SysTenantMenu, &out, []string{"id", "menu_id"})
err := model2.ScanFields(mSysTenantMenu.SysTenantMenu, &out, []string{"id", "menu_id"},
&model2.ModelWhereOrder{Where: model2.NewWhere("tenant_id", tenantID)})
if err != nil {
return err
@ -70,13 +71,13 @@ func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error {
}
delete(_menus, v.MenuID)
}
for k := range _menus {
insertMenus = append(insertMenus, &model2.SysTenantMenu{
ModelTenant: model2.ModelTenant{TenantID: tenantID},
MenuID: k,
})
}
if len(insertMenus) > 0 {
if len(_menus) > 0 {
for k := range _menus {
insertMenus = append(insertMenus, &model2.SysTenantMenu{
ModelTenant: model2.ModelTenant{TenantID: tenantID},
MenuID: k,
})
}
if err = model2.Creates(mSysTenantMenu.SysTenantMenu, insertMenus); err != nil {
return err
}
@ -102,13 +103,10 @@ func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error {
// 删除租户下角色的菜单
mSysRoleMenu := model.NewSysRoleMenu()
if len(menuIDs) <= 0 {
if err = model2.DeleteWhere(mSysRoleMenu.SysRoleMenu, []*model2.ModelWhere{
model2.NewWhereIn("role_id", roleIDs), model2.NewWhereIn("menu_id", deleteMenuIDs),
}, tx); err != nil {
return err
}
return nil
if err = model2.DeleteWhere(mSysRoleMenu.SysRoleMenu, []*model2.ModelWhere{
model2.NewWhereIn("role_id", roleIDs), model2.NewWhereIn("menu_id", deleteMenuIDs),
}, tx); err != nil {
return err
}
// 查询菜单信息,关闭角色的权限信息
mSysMenu := model.NewSysMenu()
@ -138,7 +136,7 @@ func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error {
Method: "*",
})
}
return c.auth(fmt.Sprintf("%d", tenantID), _roleIDs, request)
return c.revokeAuth(fmt.Sprintf("%d", tenantID), _roleIDs, request)
})
}