base_api_controller.go 12KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384
  1. package controllers
  2. import (
  3. "XT_New/enums"
  4. //"XT_New/models"
  5. "XT_New/service"
  6. "fmt"
  7. "strconv"
  8. "strings"
  9. )
  10. type BaseAPIController struct {
  11. BaseController
  12. }
  13. // func (this *BaseAPIController) Prepare() {
  14. // this.BaseController.Prepare()
  15. // beego.Trace("============================================================")
  16. // beego.Trace("session ID: %v", this.Ctx.Input.Cookie("beegosessionID"))
  17. // beego.Trace("session : %v", this.GetSession("info"))
  18. // this.SetSession("info", time.Now().Format("2006/01/02 15:04:05"))
  19. // beego.Trace("============================================================")
  20. // }
  21. // 输出数据格式化
  22. /*
  23. success json:
  24. {
  25. "state": 1,
  26. "code": 0,
  27. "data": json,
  28. }
  29. fail json:
  30. {
  31. "state": 0,
  32. "code": int,
  33. "msg": string,
  34. }
  35. */
  36. func (this *BaseAPIController) ServeSuccessJSON(data map[string]interface{}) {
  37. this.Data["json"] = enums.MakeSuccessResponseJSON(data)
  38. this.ServeJSON()
  39. }
  40. func (this *BaseAPIController) ServeFailJSONWithSGJErrorCode(code int) {
  41. this.Data["json"] = enums.MakeFailResponseJSONWithSGJErrorCode(code)
  42. this.ServeJSON()
  43. }
  44. func (this *BaseAPIController) ServeFailJSONWithSGJError(err *enums.SGJError) {
  45. this.Data["json"] = enums.MakeFailResponseJSONWithSGJError(err)
  46. this.ServeJSON()
  47. }
  48. func (this *BaseAPIController) ServeFailJsonSend(code int, msg string) {
  49. this.Data["json"] = enums.MakeFailResponseJSON(msg, code)
  50. this.ServeJSON()
  51. }
  52. type BaseAuthAPIController struct {
  53. BaseAPIController
  54. }
  55. func (this *BaseAuthAPIController) Prepare() {
  56. this.BaseAPIController.Prepare()
  57. if this.GetAdminUserInfo() == nil {
  58. //var userAdmin models.AdminUser
  59. //userAdmin.Id = 400
  60. //userAdmin.Mobile = "13535547901"
  61. //
  62. //userAdmin.Id = 597
  63. //userAdmin.Mobile = "19874122664"
  64. //userAdmin.IsSuperAdmin = false
  65. //userAdmin.Status = 1
  66. //userAdmin.CreateTime = 1530786071
  67. //userAdmin.ModifyTime = 1530786071
  68. //var subscibe models.ServeSubscibe
  69. //subscibe.ID = 1
  70. //subscibe.OrgId = 12
  71. //subscibe.PeriodStart = 1538035409
  72. //subscibe.PeriodEnd = 1569571409
  73. //subscibe.State = 1
  74. //subscibe.Status = 1
  75. //subscibe.CreatedTime = 1538035409
  76. //subscibe.UpdatedTime = 1538035409
  77. //subscibes := make(map[int64]*models.ServeSubscibe, 0)
  78. //subscibes[4] = &subscibe
  79. //var adminUserInfo service.AdminUserInfo
  80. //adminUserInfo.CurrentOrgId = 12
  81. //adminUserInfo.CurrentAppId = 18
  82. //adminUserInfo.AdminUser = &userAdmin
  83. //adminUserInfo.Subscibes = subscibes
  84. //this.SetSession("admin_user_info", &adminUserInfo)
  85. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin)
  86. this.StopRun()
  87. }
  88. adminUserInfo := this.GetAdminUserInfo()
  89. if this.Ctx.Request.Header.Get("Permission") == "2" {
  90. org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
  91. if adminUserInfo.AdminUser.Id != org.Creator { //超级管理员不受此限制
  92. isPermission := false
  93. adminUserInfo := this.GetAdminUserInfo()
  94. //该机构下该用户有多少个
  95. role, _ := service.GetUserAllRole(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id)
  96. var roles []string
  97. if len(role.RoleIds) <= 0 { //该用户没有设置角色
  98. } else {
  99. roles = strings.Split(role.RoleIds, ",")
  100. }
  101. fmt.Println(roles)
  102. //获取该用户下所有角色的权限总集
  103. var userRolePurviews string
  104. var userRolePurviewsArr []string
  105. for _, item := range roles {
  106. role_id, _ := strconv.ParseInt(item, 10, 64)
  107. purviews, _ := service.GetRoleFuncPurviewIds(role_id)
  108. if len(userRolePurviews) == 0 {
  109. userRolePurviews = purviews
  110. } else {
  111. userRolePurviews = userRolePurviews + "," + purviews
  112. }
  113. }
  114. //该用户所拥有角色的权限的总集
  115. userRolePurviewsArr = RemoveRepeatedPurviewElement2(strings.Split(userRolePurviews, ","))
  116. fmt.Println(userRolePurviewsArr)
  117. //系统所记录的权限列表
  118. allPermission, _ := service.GetAllFunctionPurview()
  119. for _, item := range allPermission {
  120. fmt.Println(len(strings.Split(item.Urlfor, ",")))
  121. fmt.Println(strings.Split(item.Urlfor, ","))
  122. //fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
  123. //判断当前路由是否在权限路由列表里面
  124. if strings.Split(item.Urlfor, ",")[1] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") {
  125. //获取该角色的所有权限
  126. for _, items := range userRolePurviewsArr {
  127. id, _ := strconv.ParseInt(items, 10, 64)
  128. fmt.Println(id)
  129. fmt.Println(item.ID)
  130. if id == item.ID {
  131. isPermission = true
  132. }
  133. }
  134. if !isPermission {
  135. msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
  136. json := make(map[string]interface{})
  137. json["msg"] = msg
  138. json["code"] = 0
  139. json["state"] = 0
  140. this.Data["json"] = json
  141. this.ServeJSON()
  142. this.StopRun()
  143. }
  144. }
  145. }
  146. }
  147. }
  148. if this.Ctx.Request.Header.Get("Permission") == "3" {
  149. org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId)
  150. if adminUserInfo.AdminUser.Id != org.Creator { //超级管理员不受此限制
  151. isPermission := false
  152. adminUserInfo := this.GetAdminUserInfo()
  153. //该机构下该用户有多少个
  154. role, _ := service.GetUserAllRole(adminUserInfo.CurrentOrgId, adminUserInfo.AdminUser.Id)
  155. var roles []string
  156. if len(role.RoleIds) <= 0 { //该用户没有设置角色
  157. } else {
  158. roles = strings.Split(role.RoleIds, ",")
  159. }
  160. fmt.Println(roles)
  161. //获取该用户下所有角色的权限总集
  162. var userRolePurviews string
  163. var userRolePurviewsArr []string
  164. for _, item := range roles {
  165. role_id, _ := strconv.ParseInt(item, 10, 64)
  166. purviews, _ := service.GetRoleFuncPurviewIds(role_id)
  167. if len(userRolePurviews) == 0 {
  168. userRolePurviews = purviews
  169. } else {
  170. userRolePurviews = userRolePurviews + "," + purviews
  171. }
  172. }
  173. //该用户所拥有角色的权限的总集
  174. userRolePurviewsArr = RemoveRepeatedPurviewElement2(strings.Split(userRolePurviews, ","))
  175. fmt.Println(userRolePurviewsArr)
  176. //系统所记录的权限列表
  177. allPermission, _ := service.GetAllFunctionPurview()
  178. for _, item := range allPermission {
  179. fmt.Println(strings.Split(item.Urlfor, ",")[2])
  180. fmt.Println(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
  181. //判断当前路由是否在权限路由列表里面
  182. if strings.Split(item.Urlfor, ",")[2] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") {
  183. //获取该角色的所有权限
  184. for _, items := range userRolePurviewsArr {
  185. id, _ := strconv.ParseInt(items, 10, 64)
  186. fmt.Println(id)
  187. fmt.Println(item.ID)
  188. if id == item.ID {
  189. isPermission = true
  190. }
  191. }
  192. if !isPermission {
  193. msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
  194. json := make(map[string]interface{})
  195. json["msg"] = msg
  196. json["code"] = 0
  197. json["state"] = 0
  198. this.Data["json"] = json
  199. this.ServeJSON()
  200. this.StopRun()
  201. }
  202. }
  203. }
  204. }
  205. }
  206. //if this.Ctx.Request.Method != "GET" {
  207. // adminUserInfo := this.GetAdminUserInfo()
  208. //
  209. // err := service.GetOrgSubscibeState(adminUserInfo.Subscibes[adminUserInfo.CurrentOrgId])
  210. // if err != nil || adminUserInfo.Subscibes[adminUserInfo.CurrentOrgId].State == 3 {
  211. // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotSubscibe)
  212. // this.StopRun()
  213. // }
  214. //}
  215. //if this.Ctx.Request.Header.Get("Permission") == "1" {
  216. // isPermission := false
  217. //
  218. // //adminUserInfo := this.GetAdminUserInfo()
  219. //
  220. // //service.GetUserAllRole(adminUserInfo.CurrentOrgId)
  221. //
  222. //
  223. //
  224. //
  225. // roles := []int64{1,2} //模拟该用户有多少角色
  226. // var targetRole models.RolePurview
  227. // var userRolePurview []string
  228. //
  229. // //用户角色1对应的权限
  230. // role1 := models.RolePurview{PurviewIds:"11,12,13"}
  231. //
  232. // //用户角色2对应的权限
  233. // role2 := models.RolePurview{PurviewIds:"11,15,16"}
  234. //
  235. //
  236. // //模拟角色2
  237. // //判断该用户有多少个角色,合并最大角色权限
  238. // if len(roles) == 1{ //单个
  239. // targetRole = role1
  240. // userRolePurview = strings.Split(targetRole.PurviewIds, ",")
  241. //
  242. // }else{ //多个
  243. // targetRole = role1
  244. // targetRole.PurviewIds = targetRole.PurviewIds + "," + role2.PurviewIds
  245. // userRolePurview = strings.Split(targetRole.PurviewIds, ",")
  246. // }
  247. //
  248. // userRolePurview = RemoveRepeatedElement2(userRolePurview)
  249. //
  250. // fmt.Println(userRolePurview)
  251. // //所有权限列表
  252. // allPermission := []models.Purview{{Id:10,Urlfor:"/m/api/dialysis/dialysisPrescription-/api/dialysis/prescription"},
  253. // {Id:11,Urlfor:"/m/api/dialysis/dialysisPrescription1-/api/dialysis/prescription1"},
  254. // {Id:12,Urlfor:"/m/api/dialysis/dialysisPrescription2-/api/dialysis/prescription2"},
  255. // {Id:13,Urlfor:"/m/api/dialysis/dialysisPrescription3-/api/dialysis/prescription3"},
  256. // {Id:14,Urlfor:"/m/api/dialysis/dialysisPrescription4-/api/dialysis/prescription4"},
  257. // {Id:15,Urlfor:"/m/api/dialysis/dialysisPrescription5-/api/dialysis/prescription5"},
  258. // {Id:16,Urlfor:"/m/api/dialysis/dialysisPrescription6-/api/dialysis/prescription6"}}
  259. // for _, item := range allPermission {
  260. // //判断当前路由是否在权限路由列表里面
  261. // if strings.Split(item.Urlfor, "-")[1] == strings.Split(this.Ctx.Request.RequestURI , "?")[0]{
  262. // fmt.Println(strings.Split(this.Ctx.Request.RequestURI , "?")[0])
  263. //
  264. // //获取该角色的所有权限
  265. // for _, items := range userRolePurview{
  266. // id, _ := strconv.ParseInt(items, 10, 64)
  267. // if id == item.Id{
  268. // isPermission = true
  269. // }
  270. // }
  271. // if !isPermission{
  272. // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePreExist)
  273. // this.StopRun()
  274. // }
  275. // }
  276. //
  277. // }
  278. //}
  279. }
  280. type BaseServeAPIController struct {
  281. BaseAPIController
  282. }
  283. func (this *BaseServeAPIController) Prepare() {
  284. this.BaseAPIController.Prepare()
  285. if this.GetAdminUserInfo() == nil {
  286. //var userAdmin models.AdminUser
  287. //userAdmin.Id = 400
  288. //userAdmin.Mobile = "13535547901"
  289. //userAdmin.Id = 597
  290. //userAdmin.Mobile = "19874122664"
  291. //userAdmin.IsSuperAdmin = false
  292. //userAdmin.Status = 1
  293. //userAdmin.CreateTime = 1530786071
  294. //userAdmin.ModifyTime = 1530786071
  295. //var subscibe models.ServeSubscibe
  296. //subscibe.ID = 1
  297. //subscibe.OrgId = 12
  298. //subscibe.PeriodStart = 1538035409
  299. //subscibe.PeriodEnd = 1569571409
  300. //subscibe.State = 1
  301. //subscibe.Status = 1
  302. //subscibe.CreatedTime = 1538035409
  303. //subscibe.UpdatedTime = 1538035409
  304. //subscibes := make(map[int64]*models.ServeSubscibe, 0)
  305. //subscibes[4] = &subscibe
  306. //var adminUserInfo service.AdminUserInfo
  307. //adminUserInfo.CurrentOrgId = 12
  308. //adminUserInfo.CurrentAppId = 18
  309. //adminUserInfo.AdminUser = &userAdmin
  310. //adminUserInfo.Subscibes = subscibes
  311. //this.SetSession("admin_user_info", &adminUserInfo)
  312. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin)
  313. this.StopRun()
  314. }
  315. //if adminUserInfo.AppRole != nil {
  316. // if adminUserInfo.AppRole.Id > 0 {
  317. // app_role, _ := service.FindAppRoleById(adminUserInfo.AppRole.Id)
  318. // if app_role != nil {
  319. // if app_role.Status != 1 {
  320. // this.DelSession("mobile_admin_user_info")
  321. // this.Ctx.SetCookie("token_cookie", "")
  322. // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeForbidden)
  323. // this.StopRun()
  324. // }
  325. // }
  326. // }
  327. //
  328. //}
  329. //fmt.Println("222222222")
  330. }
  331. func RemoveRepeatedPurviewElement2(arr []string) (newArr []string) {
  332. newArr = make([]string, 0)
  333. for i := 0; i < len(arr); i++ {
  334. repeat := false
  335. for j := i + 1; j < len(arr); j++ {
  336. if arr[i] == arr[j] {
  337. repeat = true
  338. break
  339. }
  340. }
  341. if !repeat {
  342. newArr = append(newArr, arr[i])
  343. }
  344. }
  345. return
  346. }