package controllers import ( "XT_New/enums" //"XT_New/models" //"XT_New/models" "XT_New/service" "fmt" "strconv" "strings" ) type BaseAPIController struct { BaseController } // func (this *BaseAPIController) Prepare() { // this.BaseController.Prepare() // beego.Trace("============================================================") // beego.Trace("session ID: %v", this.Ctx.Input.Cookie("beegosessionID")) // beego.Trace("session : %v", this.GetSession("info")) // this.SetSession("info", time.Now().Format("2006/01/02 15:04:05")) // beego.Trace("============================================================") // } // 输出数据格式化 /* success json: { "state": 1, "code": 0, "data": json, } fail json: { "state": 0, "code": int, "msg": string, } */ func (this *BaseAPIController) ServeSuccessJSON(data map[string]interface{}) { this.Data["json"] = enums.MakeSuccessResponseJSON(data) this.ServeJSON() } func (this *BaseAPIController) ServeFailJSONWithSGJErrorCode(code int) { this.Data["json"] = enums.MakeFailResponseJSONWithSGJErrorCode(code) this.ServeJSON() } func (this *BaseAPIController) ServeFailJSONWithSGJError(err *enums.SGJError) { this.Data["json"] = enums.MakeFailResponseJSONWithSGJError(err) this.ServeJSON() } func (this *BaseAPIController) ServeFailJsonSend(code int, msg string) { this.Data["json"] = enums.MakeFailResponseJSON(msg, code) this.ServeJSON() } type BaseAuthAPIController struct { BaseAPIController } func (this *BaseAuthAPIController) Prepare() { this.BaseAPIController.Prepare() if this.GetAdminUserInfo() == nil { //var userAdmin models.AdminUser //userAdmin.Id = 400 //userAdmin.Mobile = "13535547901" //// //////userAdmin.Id = 597 //////userAdmin.Mobile = "19874122664" //userAdmin.IsSuperAdmin = false //userAdmin.Status = 1 //userAdmin.CreateTime = 1530786071 //userAdmin.ModifyTime = 1530786071 //var subscibe models.ServeSubscibe //subscibe.ID = 1 //subscibe.OrgId = 12 //subscibe.PeriodStart = 1538035409 //subscibe.PeriodEnd = 1569571409 //subscibe.State = 1 //subscibe.Status = 1 //subscibe.CreatedTime = 1538035409 //subscibe.UpdatedTime = 1538035409 //subscibes := make(map[int64]*models.ServeSubscibe, 0) //subscibes[4] = &subscibe //var adminUserInfo service.AdminUserInfo //adminUserInfo.CurrentOrgId = 12 //adminUserInfo.CurrentAppId = 18 //adminUserInfo.AdminUser = &userAdmin //adminUserInfo.Subscibes = subscibes //this.SetSession("admin_user_info", &adminUserInfo) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin) this.StopRun() } adminUserInfo := this.GetAdminUserInfo() if this.Ctx.Request.Header.Get("Permission") == "2" { org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) if adminUserInfo.AdminUser.Id != org.Creator { //超级管理员不受此限制 isPermission := false adminUserInfo := this.GetAdminUserInfo() //该机构下该用户有多少个 role, _ := service.GetUserAllRole(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id) var roles []string if len(role.RoleIds) <= 0 { //该用户没有设置角色 } else { roles = strings.Split(role.RoleIds, ",") } fmt.Println(roles) //获取该用户下所有角色的权限总集 var userRolePurviews string var userRolePurviewsArr []string for _, item := range roles { role_id, _ := strconv.ParseInt(item, 10, 64) purviews, _ := service.GetRoleFuncPurviewIds(role_id) if len(userRolePurviews) == 0 { userRolePurviews = purviews } else { userRolePurviews = userRolePurviews + "," + purviews } } //该用户所拥有角色的权限的总集 userRolePurviewsArr = RemoveRepeatedPurviewElement2(strings.Split(userRolePurviews, ",")) fmt.Println(userRolePurviewsArr) //系统所记录的权限列表 allPermission, _ := service.GetAllFunctionPurview() for _, item := range allPermission { // fmt.Println(len(strings.Split(item.Urlfor, ","))) // fmt.Println(strings.Split(item.Urlfor, ",")) //fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode")) //判断当前路由是否在权限路由列表里面 if strings.Split(item.Urlfor, ",")[1] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") { //获取该角色的所有权限 for _, items := range userRolePurviewsArr { id, _ := strconv.ParseInt(items, 10, 64) if id == item.ID { isPermission = true } } if !isPermission { msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode")) json := make(map[string]interface{}) json["msg"] = msg json["code"] = 0 json["state"] = 0 this.Data["json"] = json this.ServeJSON() this.StopRun() } } } } } if this.Ctx.Request.Header.Get("Permission") == "3" { org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) if adminUserInfo.AdminUser.Id != org.Creator { //超级管理员不受此限制 isPermission := false adminUserInfo := this.GetAdminUserInfo() //该机构下该用户有多少个 role, _ := service.GetUserAllRole(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id) var roles []string if len(role.RoleIds) <= 0 { //该用户没有设置角色 } else { roles = strings.Split(role.RoleIds, ",") } fmt.Println(roles) //获取该用户下所有角色的权限总集 var userRolePurviews string var userRolePurviewsArr []string for _, item := range roles { role_id, _ := strconv.ParseInt(item, 10, 64) purviews, _ := service.GetRoleFuncPurviewIds(role_id) if len(userRolePurviews) == 0 { userRolePurviews = purviews } else { userRolePurviews = userRolePurviews + "," + purviews } } //该用户所拥有角色的权限的总集 userRolePurviewsArr = RemoveRepeatedPurviewElement2(strings.Split(userRolePurviews, ",")) fmt.Println(userRolePurviewsArr) //系统所记录的权限列表 allPermission, _ := service.GetAllFunctionPurview() for _, item := range allPermission { // fmt.Println(strings.Split(item.Urlfor, ",")[2]) // fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode")) //判断当前路由是否在权限路由列表里面 if strings.Split(item.Urlfor, ",")[2] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") { //获取该角色的所有权限 for _, items := range userRolePurviewsArr { id, _ := strconv.ParseInt(items, 10, 64) if id == item.ID { isPermission = true } } if !isPermission { msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode")) json := make(map[string]interface{}) json["msg"] = msg json["code"] = 0 json["state"] = 0 this.Data["json"] = json this.ServeJSON() this.StopRun() } } } } } //if this.Ctx.Request.Method != "GET" { // adminUserInfo := this.GetAdminUserInfo() // // err := service.GetOrgSubscibeState(adminUserInfo.Subscibes[adminUserInfo.CurrentOrgId]) // if err != nil || adminUserInfo.Subscibes[adminUserInfo.CurrentOrgId].State == 3 { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotSubscibe) // this.StopRun() // } //} //if this.Ctx.Request.Header.Get("Permission") == "1" { // isPermission := false // // //adminUserInfo := this.GetAdminUserInfo() // // //service.GetUserAllRole(adminUserInfo.CurrentOrgId) // // // // // roles := []int64{1,2} //模拟该用户有多少角色 // var targetRole models.RolePurview // var userRolePurview []string // // //用户角色1对应的权限 // role1 := models.RolePurview{PurviewIds:"11,12,13"} // // //用户角色2对应的权限 // role2 := models.RolePurview{PurviewIds:"11,15,16"} // // // //模拟角色2 // //判断该用户有多少个角色,合并最大角色权限 // if len(roles) == 1{ //单个 // targetRole = role1 // userRolePurview = strings.Split(targetRole.PurviewIds, ",") // // }else{ //多个 // targetRole = role1 // targetRole.PurviewIds = targetRole.PurviewIds + "," + role2.PurviewIds // userRolePurview = strings.Split(targetRole.PurviewIds, ",") // } // // userRolePurview = RemoveRepeatedElement2(userRolePurview) // // fmt.Println(userRolePurview) // //所有权限列表 // allPermission := []models.Purview{{Id:10,Urlfor:"/m/api/dialysis/dialysisPrescription-/api/dialysis/prescription"}, // {Id:11,Urlfor:"/m/api/dialysis/dialysisPrescription1-/api/dialysis/prescription1"}, // {Id:12,Urlfor:"/m/api/dialysis/dialysisPrescription2-/api/dialysis/prescription2"}, // {Id:13,Urlfor:"/m/api/dialysis/dialysisPrescription3-/api/dialysis/prescription3"}, // {Id:14,Urlfor:"/m/api/dialysis/dialysisPrescription4-/api/dialysis/prescription4"}, // {Id:15,Urlfor:"/m/api/dialysis/dialysisPrescription5-/api/dialysis/prescription5"}, // {Id:16,Urlfor:"/m/api/dialysis/dialysisPrescription6-/api/dialysis/prescription6"}} // for _, item := range allPermission { // //判断当前路由是否在权限路由列表里面 // if strings.Split(item.Urlfor, "-")[1] == strings.Split(this.Ctx.Request.RequestURI , "?")[0]{ // fmt.Println(strings.Split(this.Ctx.Request.RequestURI , "?")[0]) // // //获取该角色的所有权限 // for _, items := range userRolePurview{ // id, _ := strconv.ParseInt(items, 10, 64) // if id == item.Id{ // isPermission = true // } // } // if !isPermission{ // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePreExist) // this.StopRun() // } // } // // } //} } type BaseServeAPIController struct { BaseAPIController } func (this *BaseServeAPIController) Prepare() { this.BaseAPIController.Prepare() if this.GetAdminUserInfo() == nil { //var userAdmin models.AdminUser //userAdmin.Id = 400 //userAdmin.Mobile = "13535547901" ////userAdmin.Id = 597 ////userAdmin.Mobile = "19874122664" //userAdmin.IsSuperAdmin = false //userAdmin.Status = 1 //userAdmin.CreateTime = 1530786071 //userAdmin.ModifyTime = 1530786071 //var subscibe models.ServeSubscibe //subscibe.ID = 1 //subscibe.OrgId = 12 //subscibe.PeriodStart = 1538035409 //subscibe.PeriodEnd = 1569571409 //subscibe.State = 1 //subscibe.Status = 1 //subscibe.CreatedTime = 1538035409 //subscibe.UpdatedTime = 1538035409 //subscibes := make(map[int64]*models.ServeSubscibe, 0) //subscibes[4] = &subscibe //var adminUserInfo service.AdminUserInfo //adminUserInfo.CurrentOrgId = 12 //adminUserInfo.CurrentAppId = 18 //adminUserInfo.AdminUser = &userAdmin //adminUserInfo.Subscibes = subscibes //this.SetSession("admin_user_info", &adminUserInfo) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin) this.StopRun() } //if adminUserInfo.AppRole != nil { // if adminUserInfo.AppRole.Id > 0 { // app_role, _ := service.FindAppRoleById(adminUserInfo.AppRole.Id) // if app_role != nil { // if app_role.Status != 1 { // this.DelSession("mobile_admin_user_info") // this.Ctx.SetCookie("token_cookie", "") // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeForbidden) // this.StopRun() // } // } // } // //} //fmt.Println("222222222") } func RemoveRepeatedPurviewElement2(arr []string) (newArr []string) { newArr = make([]string, 0) for i := 0; i < len(arr); i++ { repeat := false for j := i + 1; j < len(arr); j++ { if arr[i] == arr[j] { repeat = true break } } if !repeat { newArr = append(newArr, arr[i]) } } return }