csx
/
XT_New


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168
							package mobile_api_controllers

import (
	"XT_New/controllers"
	"XT_New/enums"
	"XT_New/models"
	"XT_New/service"
	"fmt"
	"strconv"
	"strings"
)

type MobileBaseAPIController struct {
	controllers.BaseAPIController
}

func (this *MobileBaseAPIController) Prepare() {
	this.BaseAPIController.Prepare()
	// beego.Trace("============================================================")
	// beego.Trace("session ID: %v", this.Ctx.Input.Cookie("beegosessionID"))
	// beego.Trace("session : %v", this.GetSession("info"))
	// this.SetSession("info", time.Now().Format("2006/01/02 15:04:05"))
	// beego.Trace("============================================================")
}

func (this *MobileBaseAPIController) GetMobileAdminUserInfo() *MobileAdminUserInfo {
	userInfo := this.GetSession("mobile_admin_user_info")
	if userInfo == nil {
		return nil
	} else {
		return userInfo.(*MobileAdminUserInfo)
	}
}

type MobileAdminUserInfo struct {
	AdminUser    *models.AdminUser
	Org          *models.Org
	App          *models.OrgApp
	AppRole      *models.App_Role
	Subscibe     *models.ServeSubscibe
	TemplateInfo *models.GobalTemplate
}

type MobileBaseAPIAuthController struct {
	MobileBaseAPIController
}

func (this *MobileBaseAPIAuthController) Prepare() {
	token := this.Ctx.GetCookie("token_cookie")
	//if len(token) == 0{
	//	this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin)
	//	this.StopRun()
	//}
	this.MobileBaseAPIController.Prepare()
	adminUserInfo := this.GetMobileAdminUserInfo()

	if adminUserInfo == nil || len(token) == 0 {
		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin)
		this.StopRun()
	}

	//if this.Ctx.Request.Method != "GET" {
	//	err := service.GetOrgSubscibeState(adminUserInfo.Subscibe)
	//	if err != nil || adminUserInfo.Subscibe.State == 3 {
	//		this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotSubscibe)
	//		this.StopRun()
	//	}
	//}

	if adminUserInfo.AppRole != nil {
		if adminUserInfo.AppRole.Id > 0 {
			app_role, _ := service.FindAppRoleById(adminUserInfo.AppRole.Id)
			if app_role != nil {
				if app_role.Status != 1 {
					this.DelSession("mobile_admin_user_info")
					this.Ctx.SetCookie("token_cookie", "")
					this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeForbidden)
					this.StopRun()
				}
			}
		}

	}

	if this.Ctx.Request.Header.Get("Permission") == "1" {
		if adminUserInfo.AdminUser.Id != adminUserInfo.Org.Creator { //超级管理员不受此限制

			isPermission := false
			adminUserInfo := this.GetMobileAdminUserInfo()
			//该机构下该用户有多少个
			role, _ := service.GetUserAllRole(adminUserInfo.Org.Id, adminUserInfo.AdminUser.Id)
			var roles []string
			if len(role.RoleIds) <= 0 { //该用户没有设置角色

			} else {
				roles = strings.Split(role.RoleIds, ",")
			}
			fmt.Println(roles)

			//获取该用户下所有角色的权限总集
			var userRolePurviews string
			var userRolePurviewsArr []string
			for _, item := range roles {
				role_id, _ := strconv.ParseInt(item, 10, 64)
				purviews, _ := service.GetRoleFuncPurviewIds(role_id)
				if len(userRolePurviews) == 0 {
					userRolePurviews = purviews
				} else {
					userRolePurviews = userRolePurviews + "," + purviews
				}
			}
			//该用户所拥有角色的权限的总集
			userRolePurviewsArr = RemoveRepeatedPurviewElement(strings.Split(userRolePurviews, ","))
			fmt.Println(userRolePurviewsArr)
			//系统所记录的权限列表
			allPermission, _ := service.GetAllFunctionPurview()

			for _, item := range allPermission {
				fmt.Println(strings.Split(item.Urlfor, ",")[0])
				fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))

				//判断当前路由是否在权限路由列表里面
				if strings.Split(item.Urlfor, ",")[0] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") {

					//获取该角色的所有权限
					for _, items := range userRolePurviewsArr {
						id, _ := strconv.ParseInt(items, 10, 64)
						fmt.Println(id)
						fmt.Println(item.ID)

						if id == item.ID {
							isPermission = true
						}
					}
					if !isPermission {
						msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
						json := make(map[string]interface{})
						json["msg"] = msg
						json["code"] = 0
						json["state"] = 0
						this.Data["json"] = json
						this.ServeJSON()
						this.StopRun()
					}
				}
			}
		}
	}

}

func RemoveRepeatedPurviewElement(arr []string) (newArr []string) {
	newArr = make([]string, 0)
	for i := 0; i < len(arr); i++ {
		repeat := false
		for j := i + 1; j < len(arr); j++ {
			if arr[i] == arr[j] {
				repeat = true
				break
			}
		}
		if !repeat {
			newArr = append(newArr, arr[i])
		}
	}
	return
}