package tenant import ( "SciencesServer/app/api/admin/controller/menu" "SciencesServer/app/api/admin/model" model2 "SciencesServer/app/common/model" "SciencesServer/app/service" "SciencesServer/app/session" "SciencesServer/serve/orm" "fmt" "gorm.io/gorm" ) type Menu struct{ *session.Admin } type MenuHandle func(session *session.Admin) *Menu func (c *Menu) auth(tenantID string, roleIDs []string, request []*service.AuthRequest) error { permission := service.NewPermission( service.WithAuthTenant(tenantID), service.WithAuthRoles(roleIDs), service.WithAuthRequest(request), ) _, err := permission.RemoveRolePolicies() return err } // List 菜单列表 func (c *Menu) List(tenantID uint64) ([]*menu.TreeChecked, error) { mSysMenu := model.NewSysMenu() return menu.MenuForTenantChecked(mSysMenu, tenantID) } // Bind 绑定菜单 func (c *Menu) Bind(tenantID uint64, menuIDs []uint64) error { // 查询菜单信息 mSysTenantMenu := model.NewSysTenantMenu() // 当前租户的信息 out := make([]*model2.SysTenantMenu, 0) err := model2.ScanFields(mSysTenantMenu.SysTenantMenu, &out, []string{"id", "menu_id"}) if err != nil { return err } _menus := make(map[uint64]uint64, 0) // 应保存的菜单 insertMenus := make([]*model2.SysTenantMenu, 0) // 应删除的菜单 deleteMenuIDs := make([]uint64, 0) for _, v := range menuIDs { _menus[v] = v } return orm.GetDB().Transaction(func(tx *gorm.DB) error { // 无菜单信息 if len(_menus) <= 0 { for _, v := range out { deleteMenuIDs = append(deleteMenuIDs, v.MenuID) } goto NEXT } // 租户原本含有菜单信息 for _, v := range out { _, has := _menus[v.MenuID] if !has { deleteMenuIDs = append(deleteMenuIDs, v.MenuID) continue } delete(_menus, v.MenuID) } for k := range _menus { insertMenus = append(insertMenus, &model2.SysTenantMenu{ ModelTenant: model2.ModelTenant{TenantID: tenantID}, MenuID: k, }) } if len(insertMenus) > 0 { if err = model2.Creates(mSysTenantMenu.SysTenantMenu, insertMenus); err != nil { return err } } NEXT: // 删除操作 if len(deleteMenuIDs) <= 0 { return nil } // 删除租户的菜单信息 if err = model2.DeleteWhere(mSysTenantMenu.SysTenantMenu, []*model2.ModelWhere{model2.NewWhere("tenant_id", tenantID), model2.NewWhereIn("menu_id", deleteMenuIDs)}, tx); err != nil { return err } // 查询租户下所有角色信息 mSysRole := model.NewSysRole() roleIDs := make([]uint64, 0) if err = model2.Pluck(mSysRole.SysRole, "id", &roleIDs, model2.NewWhere("tenant_id", tenantID)); err != nil { return err } // 删除租户下角色的菜单 mSysRoleMenu := model.NewSysRoleMenu() if len(menuIDs) <= 0 { if err = model2.DeleteWhere(mSysRoleMenu.SysRoleMenu, []*model2.ModelWhere{ model2.NewWhereIn("role_id", roleIDs), model2.NewWhereIn("menu_id", deleteMenuIDs), }, tx); err != nil { return err } return nil } // 查询菜单信息,关闭角色的权限信息 mSysMenu := model.NewSysMenu() menus := make([]*model2.SysMenu, 0) if err = model2.ScanFields(mSysMenu.SysMenu, &menus, []string{"kind", "auth"}, &model2.ModelWhereOrder{Where: model2.NewWhereIn("id", deleteMenuIDs)}); err != nil { return err } // 同步权限 _roleIDs := make([]string, 0) for _, v := range roleIDs { _roleIDs = append(_roleIDs, fmt.Sprintf("%d", v)) } request := make([]*service.AuthRequest, 0) for _, v := range menus { if v.Kind == model2.SysMenuKindForCatalogue || v.Auth == "" { continue } mSysMenu.Auth = v.Auth request = append(request, &service.AuthRequest{ Url: mSysMenu.FilterAuth(), Method: "*", }) } return c.auth(fmt.Sprintf("%d", tenantID), _roleIDs, request) }) } func NewMenu() MenuHandle { return func(session *session.Admin) *Menu { return &Menu{Admin: session} } }