Merge branch 'master' of http://git.shengws.com/csx/XT_New

controllers/mobile_api_controllers/mobile_api_base_controller.go

@@ -66,64 +66,66 @@ func (this *MobileBaseAPIAuthController) Prepare() {
 	//		this.StopRun()
 	//	}
 	//}
+	if !adminUserInfo.AdminUser.IsSuperAdmin || adminUserInfo.AdminUser.Id != adminUserInfo.Org.Creator {
 
-	if this.Ctx.Request.Header.Get("Permission") == "1" {
-		isPermission := false
-		adminUserInfo := this.GetMobileAdminUserInfo()
-		//该机构下该用户有多少个
-		role, _ := service.GetUserAllRole(adminUserInfo.Org.Id, adminUserInfo.AdminUser.Id)
-		var roles []string
-		if len(role.RoleIds) <= 0 { //该用户没有设置角色
+		if this.Ctx.Request.Header.Get("Permission") == "1" {
+			isPermission := false
+			adminUserInfo := this.GetMobileAdminUserInfo()
+			//该机构下该用户有多少个
+			role, _ := service.GetUserAllRole(adminUserInfo.Org.Id, adminUserInfo.AdminUser.Id)
+			var roles []string
+			if len(role.RoleIds) <= 0 { //该用户没有设置角色
 
-		} else {
-			roles = strings.Split(role.RoleIds, ",")
-		}
-		fmt.Println(roles)
-
-		//获取该用户下所有角色的权限总集
-		var userRolePurviews string
-		var userRolePurviewsArr []string
-		for _, item := range roles {
-			role_id, _ := strconv.ParseInt(item, 10, 64)
-			purviews, _ := service.GetRoleFuncPurviewIds(role_id)
-			if len(userRolePurviews) == 0 {
-				userRolePurviews = purviews
 			} else {
-				userRolePurviews = userRolePurviews + "," + purviews
+				roles = strings.Split(role.RoleIds, ",")
 			}
-		}
-		//该用户所拥有角色的权限的总集
-		userRolePurviewsArr = RemoveRepeatedPurviewElement(strings.Split(userRolePurviews, ","))
-		fmt.Println(userRolePurviewsArr)
-		//系统所记录的权限列表
-		allPermission, _ := service.GetAllFunctionPurview()
-
-		for _, item := range allPermission {
-			fmt.Println(strings.Split(item.Urlfor, ",")[0])
-			fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
-
-			//判断当前路由是否在权限路由列表里面
-			if strings.Split(item.Urlfor, ",")[0] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") {
-
-				//获取该角色的所有权限
-				for _, items := range userRolePurviewsArr {
-					id, _ := strconv.ParseInt(items, 10, 64)
-					fmt.Println(id)
-					fmt.Println(item.ID)
-
-					if id == item.ID {
-						isPermission = true
-					}
+			fmt.Println(roles)
+
+			//获取该用户下所有角色的权限总集
+			var userRolePurviews string
+			var userRolePurviewsArr []string
+			for _, item := range roles {
+				role_id, _ := strconv.ParseInt(item, 10, 64)
+				purviews, _ := service.GetRoleFuncPurviewIds(role_id)
+				if len(userRolePurviews) == 0 {
+					userRolePurviews = purviews
+				} else {
+					userRolePurviews = userRolePurviews + "," + purviews
 				}
-				if !isPermission {
-					msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
-					json := make(map[string]interface{})
-					json["msg"] = msg
-					json["code"] = 0
-					json["state"] = 0
-					this.Data["json"] = json
-					this.ServeJSON()
-					this.StopRun()
+			}
+			//该用户所拥有角色的权限的总集
+			userRolePurviewsArr = RemoveRepeatedPurviewElement(strings.Split(userRolePurviews, ","))
+			fmt.Println(userRolePurviewsArr)
+			//系统所记录的权限列表
+			allPermission, _ := service.GetAllFunctionPurview()
+
+			for _, item := range allPermission {
+				fmt.Println(strings.Split(item.Urlfor, ",")[0])
+				fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
+
+				//判断当前路由是否在权限路由列表里面
+				if strings.Split(item.Urlfor, ",")[0] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") {
+
+					//获取该角色的所有权限
+					for _, items := range userRolePurviewsArr {
+						id, _ := strconv.ParseInt(items, 10, 64)
+						fmt.Println(id)
+						fmt.Println(item.ID)
+
+						if id == item.ID {
+							isPermission = true
+						}
+					}
+					if !isPermission {
+						msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
+						json := make(map[string]interface{})
+						json["msg"] = msg
+						json["code"] = 0
+						json["state"] = 0
+						this.Data["json"] = json
+						this.ServeJSON()
+						this.StopRun()
+					}
 				}
 			}
 		}

controllers/verify_login_controller.go

@@ -6,11 +6,10 @@ import (
 	"XT_New/service"
 	"XT_New/utils"
 	"fmt"
+	"github.com/astaxie/beego"
 	"net/url"
 	"strconv"
 	"strings"
-
-	"github.com/astaxie/beego"
 )
 
 func VerifyUserLoginControllerRegistRouters() {
@@ -194,27 +193,36 @@ func (this *VerifyUserLoginAPIController) VerifyToken() {
 			curAppUrlfors := adminUserInfo.AppUrlfors[adminUserInfo.CurrentAppId]
 
 			if len(curAppUrlfors) == 0 {
-				appRole, _ := service.FindAdminUserIDA(appRole.Id)
-				role_arr := strings.Split(appRole.RoleIds, ",")
-				var ids string
-				for _, role_id := range role_arr {
-					id, _ := strconv.ParseInt(role_id, 10, 64)
-					purview_ids, _ := service.GetRolePurviewIds(id)
-					if len(ids) == 0 {
-						ids = purview_ids
-					} else {
-						ids = ids + "," + purview_ids
+				if adminUser.Id == curOrg.Creator {
+
+					urlfors, _, _ := service.GetSuperAdminUsersPurviewTreeAndUrlfors(3)
+					curAppUrlfors = urlfors
+
+				} else {
+					appRole, _ := service.FindAdminUserIDA(appRole.Id)
+					role_arr := strings.Split(appRole.RoleIds, ",")
+					var ids string
+					for _, role_id := range role_arr {
+						id, _ := strconv.ParseInt(role_id, 10, 64)
+						purview_ids, _ := service.GetRolePurviewIds(id)
+						if len(ids) == 0 {
+							ids = purview_ids
+						} else {
+							ids = ids + "," + purview_ids
+						}
 					}
-				}
 
-				pruviews, _ := service.GetPurviewById(ids)
+					pruviews, _ := service.GetPurviewById(ids)
 
-				for _, item := range pruviews {
-					if item.Module == 3 && item.Parentid > 0 {
-						fmt.Println(item.Urlfor)
-						curAppUrlfors = append(curAppUrlfors, item.Urlfor)
+					for _, item := range pruviews {
+						if item.Module == 3 && item.Parentid > 0 {
+							fmt.Println(item.Urlfor)
+							curAppUrlfors = append(curAppUrlfors, item.Urlfor)
+						}
 					}
+
 				}
+
 			}
 
 			//subscibe := adminUserInfo.Subscibes[adminUserInfo.CurrentOrgId]

service/role_service.go

@@ -496,7 +496,7 @@ func GetAllAdminUsersAndRole(orgID int64, appID int64, page int, count int) ([]*
 	var viewModels []*NewAdminUserModel = make([]*NewAdminUserModel, 0)
 	var rows *sql.Rows
 	var err error
-	rows, err = readUserDb.Raw("SELECT u_a_r.id, u_a_r.admin_user_id, u_a_r.user_name,  u_a_r.user_title, u_a_r.status,u_a_r.avatar,u_a_r.role_ids FROM sgj_user_admin_role AS u_a_r  WHERE org_id = ? AND app_id = ?  ORDER BY ctime DESC", orgID, appID).Rows()
+	rows, err = readUserDb.Raw("SELECT u_a_r.id, u_a_r.admin_user_id, u_a_r.user_name,  u_a_r.user_title, u_a_r.status,u_a_r.avatar,u_a_r.role_ids FROM sgj_user_admin_role AS u_a_r  WHERE org_id = ? AND app_id = ? AND user_type <> 1 ORDER BY ctime DESC", orgID, appID).Rows()
 	defer rows.Close()
 	if err != nil {
 		if err == gorm.ErrRecordNotFound {

service/verify_login_token_service.go

@@ -2,6 +2,7 @@ package service
 
 import (
 	"encoding/json"
+	"github.com/jinzhu/gorm"
 	"io/ioutil"
 	"net/http"
 	"net/url"
@@ -394,3 +395,57 @@ func FindAdminUserIDA(id int64) (role models.App_Role, err error) {
 	err = readUserDb.Model(&models.App_Role{}).Where("id = ?", id).First(&role).Error
 	return
 }
+
+func GetSuperAdminUsersPurviewTreeAndUrlfors(appType int) ([]string, []*models.Purview, error) {
+	originPurviews, getPurviewErr := getAllOriginPurviews(appType)
+	if getPurviewErr != nil {
+		return nil, nil, getPurviewErr
+	}
+	urlfors, processedPurviews := getUrlforsAndProcessPurviews2Tree(originPurviews)
+	return urlfors, processedPurviews, nil
+}
+
+// 加工这些规则：树形化；以及从中取出不为空的 urlfor
+// 正确结果的前提是 originPurviews 以 parentid asc 排好序了的
+func getUrlforsAndProcessPurviews2Tree(originPurviews []*models.Purview) ([]string, []*models.Purview) {
+	processedPurviews := make([]*models.Purview, 0)
+	pid_childs := make(map[int][]*models.Purview)
+	urlfors := make([]string, 0, len(originPurviews))
+	for _, purview := range originPurviews {
+		if len(purview.Urlfor) != 0 {
+			urlfors = append(urlfors, purview.Urlfor)
+		}
+
+		// warning：下面这个算法只适用最多两层树形结构的菜单，对于两层以上的会丢失掉第三层及其以下的节点
+		// 因为取出 originPurviews 的时候已经排过序了，所以顶级节点肯定最先处理，不需要担心子节点比父节点先处理
+		if purview.Parentid == 0 {
+			processedPurviews = append(processedPurviews, purview)
+		} else {
+			childs := pid_childs[int(purview.Parentid)]
+			if pid_childs[int(purview.Parentid)] == nil {
+				childs = make([]*models.Purview, 0)
+			}
+			childs = append(childs, purview)
+			pid_childs[int(purview.Parentid)] = childs
+		}
+	}
+
+	for _, proPurview := range processedPurviews {
+		proPurview.Childs = pid_childs[int(proPurview.Id)]
+	}
+
+	return urlfors, processedPurviews
+}
+
+func getAllOriginPurviews(appType int) ([]*models.Purview, error) {
+	var purviews []*models.Purview
+	getPurviewErr := readUserDb.Model(models.Purview{}).Where("module = ? AND status = 1", appType).Order("listorder asc").Order("id asc").Find(&purviews).Error
+	if getPurviewErr != nil {
+		if getPurviewErr == gorm.ErrRecordNotFound {
+			return nil, nil
+		} else {
+			return nil, getPurviewErr
+		}
+	}
+	return purviews, nil
+}