From f7336ceaec8a840576fde8ff467870ce6d9dec1d Mon Sep 17 00:00:00 2001 From: TsMask <340112800@qq.com> Date: Tue, 29 Aug 2023 16:15:29 +0800 Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=BD=95=E7=94=A8=E6=88=B7=E8=B7=AF?= =?UTF-8?q?=E7=94=B1=E4=BF=A1=E6=81=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- features/security/account.go | 32 ++++++++++- features/security/service/service_account.go | 56 ++++++++++++++++++++ 2 files changed, 86 insertions(+), 2 deletions(-) create mode 100644 features/security/service/service_account.go diff --git a/features/security/account.go b/features/security/account.go index a9475074..261759d4 100644 --- a/features/security/account.go +++ b/features/security/account.go @@ -2,9 +2,15 @@ package security import ( "encoding/json" + "fmt" "io" "net/http" + "ems.agt/features/security/service" + "ems.agt/lib/core/account" + "ems.agt/lib/core/conf" + "ems.agt/lib/core/utils/ctx" + "ems.agt/lib/core/vo/result" "ems.agt/lib/dborm" "ems.agt/lib/global" "ems.agt/lib/log" @@ -19,6 +25,10 @@ var ( CustomUriOauthToken = config.UriPrefix + "/securityManagement/{apiVersion}/{elementTypeValue}/token" CustomUriOauthHandshake = config.UriPrefix + "/securityManagement/{apiVersion}/{elementTypeValue}/handshake" + + // 登录用户路由信息 + UriRouters = config.DefaultUriPrefix + "/securityManagement/{apiVersion}/getRouters" + CustomUriRouters = config.UriPrefix + "/securityManagement/{apiVersion}/getRouters" ) func LoginFromOMC(w http.ResponseWriter, r *http.Request) { @@ -102,7 +112,13 @@ func LoginFromOMC(w http.ResponseWriter, r *http.Request) { return } - services.ResponseStatusOK200Login(w, token, user) + // 缓存用户信息 + account.CacheLoginUser(user) + // 角色权限集合,管理员拥有所有权限 + userId := fmt.Sprint(user.Id) + isAdmin := conf.IsAdmin(userId) + roles, perms := service.NewServiceAccount.RoleAndMenuPerms(userId, isAdmin) + services.ResponseStatusOK200LoginWhitRP(w, token, user, roles, perms) } func LogoutFromOMC(w http.ResponseWriter, r *http.Request) { @@ -136,12 +152,14 @@ func LogoutFromOMC(w http.ResponseWriter, r *http.Request) { // return // } - _, err = dborm.XormLogoutUpdateSession(token) + se, err := dborm.XormLogoutUpdateSession(token) if err != nil { log.Error("Uri is invalid") services.ResponseNotFound404UriNotExist(w, r) return } + // 清除缓存用户信息 + account.ClearLoginUser(se.AccountId) services.ResponseStatusOK200Null(w) return } @@ -181,3 +199,13 @@ func HandshakeFromOMC(w http.ResponseWriter, r *http.Request) { services.ResponseStatusOK200Null(w) return } + +// 登录用户路由信息 +func Routers(w http.ResponseWriter, r *http.Request) { + userID := ctx.LoginUserToUserID(r) + + // 前端路由,管理员拥有所有 + isAdmin := conf.IsAdmin(userID) + buildMenus := service.NewServiceAccount.RouteMenus(userID, isAdmin) + ctx.JSON(w, 200, result.OkData(buildMenus)) +} diff --git a/features/security/service/service_account.go b/features/security/service/service_account.go new file mode 100644 index 00000000..ace6d825 --- /dev/null +++ b/features/security/service/service_account.go @@ -0,0 +1,56 @@ +package service + +import ( + menuService "ems.agt/features/sys_menu/service" + roleService "ems.agt/features/sys_role/service" + userService "ems.agt/features/sys_user/service" + "ems.agt/lib/core/utils/parse" + "ems.agt/lib/core/vo" +) + +// 实例化服务层 ServiceAccount 结构体 +var NewServiceAccount = &ServiceAccount{ + sysUserService: userService.NewServiceSysUser, + sysRoleService: roleService.NewServiceSysRole, + sysMenuService: menuService.NewServiceSysMenu, +} + +// 账号身份操作服务 服务层处理 +type ServiceAccount struct { + // 用户信息服务 + sysUserService *userService.ServiceSysUser + // 角色服务 + sysRoleService *roleService.ServiceSysRole + // 菜单服务 + sysMenuService *menuService.ServiceSysMenu +} + +// RoleAndMenuPerms 角色和菜单数据权限 +func (s *ServiceAccount) RoleAndMenuPerms(userId string, isAdmin bool) ([]string, []string) { + if isAdmin { + return []string{"admin"}, []string{"*:*:*"} + } else { + // 角色key + roleGroup := []string{} + roles := s.sysRoleService.SelectRoleListByUserId(userId) + for _, role := range roles { + roleGroup = append(roleGroup, role.RoleKey) + } + // 菜单权限key + perms := s.sysMenuService.SelectMenuPermsByUserId(userId) + return parse.RemoveDuplicates(roleGroup), parse.RemoveDuplicates(perms) + } +} + +// RouteMenus 前端路由所需要的菜单 +func (s *ServiceAccount) RouteMenus(userId string, isAdmin bool) []vo.Router { + var buildMenus []vo.Router + if isAdmin { + menus := s.sysMenuService.SelectMenuTreeByUserId("*") + buildMenus = s.sysMenuService.BuildRouteMenus(menus, "") + } else { + menus := s.sysMenuService.SelectMenuTreeByUserId(userId) + buildMenus = s.sysMenuService.BuildRouteMenus(menus, "") + } + return buildMenus +}