feat：完善项目信息

2022-01-07 17:24:39 +08:00
parent 2bf3c01702
commit 119857bfdb
12 changed files with 295 additions and 175 deletions
--- a/app/api/admin/controller/tenant/auth.go
+++ b/app/api/admin/controller/tenant/auth.go
@ -1,14 +1,13 @@
 package tenant

 import (
-	model3 "SciencesServer/app/api/admin/model"
+	"SciencesServer/app/api/admin/controller/auth"
+	"SciencesServer/app/api/admin/model"
 	model2 "SciencesServer/app/common/model"
 	"SciencesServer/app/service"
 	"SciencesServer/app/session"
-	"SciencesServer/serve/logger"
 	"SciencesServer/serve/orm"
-	"SciencesServer/utils"
-	"errors"
+	"fmt"

 	"gorm.io/gorm"
 )
@ -17,86 +16,133 @@ type Auth struct{ *session.Admin }

 type AuthHandle func(session *session.Admin) *Auth

-// delete 删除所有权限
-func (c *Auth) delete(tenantID uint64, tenantKey string, tx *gorm.DB) error {
-	mSysRoleAuth := model3.NewSysRoleAuth()
-
-	err := model2.DeleteWhere(mSysRoleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhere("tenant_id", tenantID)}, tx)
-
-	if err != nil {
-		return err
-	}
-	go utils.TryCatch(func() {
-		permission := service.NewPermission(service.WithAuthTenant(tenantKey))
-
-		if succ, err := permission.RemoveFilteredGroupingPolicy(); err != nil {
-			logger.ErrorF("删除租户【%s】权限信息错误：%v", tenantKey, err)
-		} else if !succ {
-			logger.ErrorF("删除租户【%s】权限信息失败", tenantKey)
-		}
-	})
-	return nil
+func (c *Auth) revoke(tenantID string, roleIDs []string, request []*service.AuthRequest) error {
+	permission := service.NewPermission(
+		service.WithAuthTenant(tenantID),
+		service.WithAuthRoles(roleIDs),
+		service.WithAuthRequest(request),
+	)
+	_, err := permission.RemoveRolePolicies()
+	return err
 }

-// revoke 撤销某些权限
-func (c *Auth) revoke(tenantID uint64, tenantKey string, authIDs []uint64, tx *gorm.DB) error {
-	// 查询该租户下不含有的权限信息
-	mSysRuleAuth := model3.NewSysRoleAuth()
+// Instance 租户权限信息
+func (c *Auth) Instance(tenantID uint64) ([]*auth.TreeChecked, error) {
+	mSysAuth := model.NewSysAuth()

-	out, err := mSysRuleAuth.Auths(model2.NewWhere("r.tenant_id", tenantID), model2.NewWhereNotIn("r_a.auth_id", authIDs))
+	out, err := mSysAuth.TenantAuth(tenantID)

 	if err != nil {
-		return err
+		return nil, err
 	}
-	if len(out) <= 0 {
-		return nil
-	}
-	roleAuthIDs := make([]uint64, 0)
-	roleIDs := make([]string, 0)
-	auths := make([]*service.AuthRequest, 0)
-
-	for _, v := range out {
-		roleAuthIDs = append(roleAuthIDs, v.ID)
-		roleIDs = append(roleIDs, utils.UintToString(v.RoleID))
-		auths = append(auths, &service.AuthRequest{Url: v.Auth, Method: "*"})
-	}
-	if err = model2.DeleteWhere(mSysRuleAuth.SysRoleAuth, []*model2.ModelWhere{model2.NewWhereIn("id", roleAuthIDs)}); err != nil {
-		return err
-	}
-	go utils.TryCatch(func() {
-		//permission := service.NewPermission(roleIDs, auths...)(c.TenantKey, "")
-		//// 删除角色权限
-		//if _, err = permission.RemoveNamedGroupingPolicies(); err != nil {
-		//	logger.ErrorF("删除租户【%s】下角色权限错误：%v", tenantKey, err)
-		//	return
-		//}
-	})
-	return nil
+	return auth.TreeCheckedFunc(out, 0), nil
 }

 // Bind 绑定权限
 func (c *Auth) Bind(tenantID uint64, authIDs []uint64) error {
-	mSysTenant := model3.NewSysTenant()
-	mSysTenant.ID = tenantID
+	mSysTenantAuth := model.NewSysTenantAuth()
+	// 查询用户所有的权限信息
+	out := make([]*model2.SysTenantAuth, 0)

-	isExist, err := model2.FirstField(mSysTenant.SysTenant, []string{"id", "key"})
+	err := model2.ScanFields(mSysTenantAuth.SysTenantAuth, &out, []string{"id", "auth_id"},
+		&model2.ModelWhereOrder{Where: model2.NewWhere("tenant_id", tenantID)})

 	if err != nil {
 		return err
-	} else if !isExist {
-		return errors.New("租户/公司信息不存在或已被删除")
+	}
+	_auths := make(map[uint64]uint64, 0)
+	// 应保存的菜单
+	insertAuths := make([]*model2.SysTenantAuth, 0)
+	// 应删除的菜单
+	deleteAuthIDs := make([]uint64, 0)
+
+	for _, v := range authIDs {
+		_auths[v] = v
 	}
 	return orm.GetDB().Transaction(func(tx *gorm.DB) error {
-		mSysTenantAuth := model3.NewSysTenantAuth()
+		// 无菜单信息
+		if len(_auths) <= 0 {
+			for _, v := range out {
+				deleteAuthIDs = append(deleteAuthIDs, v.AuthID)
+			}
+			goto NEXT
+		}
+		// 租户原本含有菜单信息
+		for _, v := range out {
+			_, has := _auths[v.AuthID]

-		if err = model2.DeleteWhere(mSysTenantAuth.SysTenantAuth, []*model2.ModelWhere{model2.NewWhere("tenant_id", mSysTenant.ID)}, tx); err != nil {
+			if !has {
+				deleteAuthIDs = append(deleteAuthIDs, v.AuthID)
+				continue
+			}
+			delete(_auths, v.AuthID)
+		}
+		if len(_auths) > 0 {
+			for k := range _auths {
+				insertAuths = append(insertAuths, &model2.SysTenantAuth{
+					ModelTenant: model2.ModelTenant{TenantID: tenantID},
+					AuthID:      k,
+				})
+			}
+			if err = model2.Creates(mSysTenantAuth.SysTenantAuth, insertAuths); err != nil {
+				return err
+			}
+		}
+	NEXT:
+		// 删除操作
+		if len(deleteAuthIDs) <= 0 {
+			return nil
+		}
+		// 删除租户的权限信息
+		if err = model2.DeleteWhere(mSysTenantAuth.SysTenantAuth, []*model2.ModelWhere{model2.NewWhere("tenant_id", tenantID),
+			model2.NewWhereIn("auth_id", deleteAuthIDs)}, tx); err != nil {
 			return err
 		}
-		if len(authIDs) <= 0 {
-			// 删除租户下所有角色的权限
-			return c.delete(mSysTenant.ID, mSysTenant.Key, tx)
+		// 查询租户下所有角色信息
+		mSysRole := model.NewSysRole()
+
+		roleIDs := make([]uint64, 0)
+
+		if err = model2.Pluck(mSysRole.SysRole, "id", &roleIDs, model2.NewWhere("tenant_id", tenantID)); err != nil {
+			return err
 		}
-		return c.revoke(mSysTenant.ID, mSysTenant.Key, authIDs, tx)
+		// 删除租户下角色的权限
+		mSysRoleAuth := model.NewSysRoleAuth()
+
+		if err = model2.DeleteWhere(mSysRoleAuth.SysRoleAuth, []*model2.ModelWhere{
+			model2.NewWhereIn("role_id", roleIDs), model2.NewWhereIn("auth_id", deleteAuthIDs),
+		}, tx); err != nil {
+			return err
+		}
+		// 查询菜单信息，关闭角色的权限信息
+		mSysAuth := model.NewSysAuth()
+
+		auths := make([]*model2.SysAuth, 0)
+
+		if err = model2.ScanFields(mSysAuth.SysAuth, &auths, []string{"kind", "auth"},
+			&model2.ModelWhereOrder{Where: model2.NewWhereIn("id", deleteAuthIDs)}); err != nil {
+			return err
+		}
+		// 同步权限
+		_roleIDs := make([]string, 0)
+
+		for _, v := range roleIDs {
+			_roleIDs = append(_roleIDs, fmt.Sprintf("%d", v))
+		}
+		request := make([]*service.AuthRequest, 0)
+
+		for _, v := range auths {
+			if v.Kind == model2.SysAuthKindForModule || v.Auth == "" {
+				continue
+			}
+			mSysAuth.Auth = v.Auth
+
+			request = append(request, &service.AuthRequest{
+				Url:    mSysAuth.FilterAuth(),
+				Method: "*",
+			})
+		}
+		return c.revoke(fmt.Sprintf("%d", tenantID), _roleIDs, request)
 	})
 }

--- a/app/api/admin/controller/tenant/menu.go
+++ b/app/api/admin/controller/tenant/menu.go
@ -15,7 +15,7 @@ type Menu struct{ *session.Admin }

 type MenuHandle func(session *session.Admin) *Menu

-func (c *Menu) auth(tenantID string, roleIDs []string, request []*service.AuthRequest) error {
+func (c *Menu) revokeAuth(tenantID string, roleIDs []string, request []*service.AuthRequest) error {
 	permission := service.NewPermission(
 		service.WithAuthTenant(tenantID),
 		service.WithAuthRoles(roleIDs),
@ -25,8 +25,8 @@ func (c *Menu) auth(tenantID string, roleIDs []string, request []*service.AuthRe
 	return err
 }

-// List 菜单列表
-func (c *Menu) List(tenantID uint64) ([]*menu.TreeChecked, error) {
+// Instance 菜单列表
+func (c *Menu) Instance(tenantID uint64) ([]*menu.TreeChecked, error) {
 	mSysMenu := model.NewSysMenu()
 	return menu.MenuForTenantChecked(mSysMenu, tenantID)
 }
@ -38,7 +38,8 @@ func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error {
 	// 当前租户的信息
 	out := make([]*model2.SysTenantMenu, 0)

-	err := model2.ScanFields(mSysTenantMenu.SysTenantMenu, &out, []string{"id", "menu_id"})
+	err := model2.ScanFields(mSysTenantMenu.SysTenantMenu, &out, []string{"id", "menu_id"},
+		&model2.ModelWhereOrder{Where: model2.NewWhere("tenant_id", tenantID)})

 	if err != nil {
 		return err
@ -70,13 +71,13 @@ func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error {
 			}
 			delete(_menus, v.MenuID)
 		}
-		for k := range _menus {
-			insertMenus = append(insertMenus, &model2.SysTenantMenu{
-				ModelTenant: model2.ModelTenant{TenantID: tenantID},
-				MenuID:      k,
-			})
-		}
-		if len(insertMenus) > 0 {
+		if len(_menus) > 0 {
+			for k := range _menus {
+				insertMenus = append(insertMenus, &model2.SysTenantMenu{
+					ModelTenant: model2.ModelTenant{TenantID: tenantID},
+					MenuID:      k,
+				})
+			}
 			if err = model2.Creates(mSysTenantMenu.SysTenantMenu, insertMenus); err != nil {
 				return err
 			}
@ -102,13 +103,10 @@ func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error {
 		// 删除租户下角色的菜单
 		mSysRoleMenu := model.NewSysRoleMenu()

-		if len(menuIDs) <= 0 {
-			if err = model2.DeleteWhere(mSysRoleMenu.SysRoleMenu, []*model2.ModelWhere{
-				model2.NewWhereIn("role_id", roleIDs), model2.NewWhereIn("menu_id", deleteMenuIDs),
-			}, tx); err != nil {
-				return err
-			}
-			return nil
+		if err = model2.DeleteWhere(mSysRoleMenu.SysRoleMenu, []*model2.ModelWhere{
+			model2.NewWhereIn("role_id", roleIDs), model2.NewWhereIn("menu_id", deleteMenuIDs),
+		}, tx); err != nil {
+			return err
 		}
 		// 查询菜单信息，关闭角色的权限信息
 		mSysMenu := model.NewSysMenu()
@ -138,7 +136,7 @@ func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error {
 				Method: "*",
 			})
 		}
-		return c.auth(fmt.Sprintf("%d", tenantID), _roleIDs, request)
+		return c.revokeAuth(fmt.Sprintf("%d", tenantID), _roleIDs, request)
 	})
 }