101 lines
2.5 KiB
Go
101 lines
2.5 KiB
Go
package role
|
|
|
|
import (
|
|
"SciencesServer/app/api/admin/controller/menu"
|
|
"SciencesServer/app/api/admin/model"
|
|
model2 "SciencesServer/app/common/model"
|
|
"SciencesServer/app/service"
|
|
"SciencesServer/app/session"
|
|
"SciencesServer/serve/orm"
|
|
"errors"
|
|
"fmt"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
type Menu struct{ *session.Admin }
|
|
|
|
type MenuHandle func(session *session.Admin) *Menu
|
|
|
|
// Index 菜单列表
|
|
func (c *Menu) Index(roleID uint64) ([]*menu.TreeChecked, error) {
|
|
mSysMenu := model.NewSysMenu()
|
|
return menu.MenuForRoleChecked(mSysMenu, c.TenantID, roleID)
|
|
}
|
|
|
|
// Bind 绑定菜单
|
|
func (c *Menu) Bind(roleID uint64, menuIDs []uint64) error {
|
|
if c.TenantID > 0 {
|
|
// 查询该租户下绑定的菜单信息
|
|
mSysTenantMenu := model.NewSysTenantMenu()
|
|
|
|
var count int64
|
|
|
|
if err := model2.Count(mSysTenantMenu.SysTenantMenu, &count, model2.NewWhere("tenant_id", c.TenantID),
|
|
model2.NewWhereNotIn("menu_id", menuIDs)); err != nil {
|
|
return err
|
|
} else if count > 0 {
|
|
return errors.New("操作异常,菜单权限异常")
|
|
}
|
|
}
|
|
mSysRoleMenu := model.NewSysRoleMenu()
|
|
|
|
return orm.GetDB().Transaction(func(tx *gorm.DB) error {
|
|
err := model2.DeleteWhere(mSysRoleMenu.SysRoleMenu, []*model2.ModelWhere{model2.NewWhere("role_id", roleID)}, tx)
|
|
|
|
if err != nil {
|
|
return err
|
|
}
|
|
permission := service.NewPermission(
|
|
service.WithAuthTenant(fmt.Sprintf("%d", c.TenantID)),
|
|
service.WithAuthRoles([]string{fmt.Sprintf("%d", roleID)}),
|
|
)
|
|
if len(menuIDs) <= 0 {
|
|
_, err = permission.RemoveSingleRolePolicy()
|
|
return err
|
|
}
|
|
// 查询菜单信息
|
|
mSysMenu := model.NewSysMenu()
|
|
|
|
menus := make([]*model2.SysMenu, 0)
|
|
|
|
if err = model2.ScanFields(mSysMenu.SysMenu, &menus, []string{"id", "kind", "auth"}, &model2.ModelWhereOrder{
|
|
Where: model2.NewWhereIn("id", menuIDs),
|
|
}); err != nil {
|
|
return err
|
|
}
|
|
data := make([]*model2.SysRoleMenu, 0)
|
|
|
|
request := make([]*service.AuthRequest, 0)
|
|
|
|
for _, v := range menus {
|
|
data = append(data, &model2.SysRoleMenu{
|
|
RoleID: roleID,
|
|
MenuID: v.ID,
|
|
})
|
|
if v.Kind == model2.SysMenuKindForCatalogue || v.Auth == "" {
|
|
continue
|
|
}
|
|
mSysMenu.Auth = v.Auth
|
|
|
|
request = append(request, &service.AuthRequest{
|
|
Url: mSysMenu.FilterAuth(),
|
|
Method: "*",
|
|
})
|
|
}
|
|
if err = model2.Creates(mSysRoleMenu.SysRoleMenu, data, tx); err != nil {
|
|
return err
|
|
}
|
|
permission.AddRequest(request)
|
|
|
|
_, err = permission.AddPolicies()
|
|
|
|
return err
|
|
})
|
|
}
|
|
|
|
func NewMenu() MenuHandle {
|
|
return func(session *session.Admin) *Menu {
|
|
return &Menu{Admin: session}
|
|
}
|
|
}
|