mobile_api_base_controller.go 6.6KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228
  1. package mobile_api_controllers
  2. import (
  3. "Xcx_New/controllers"
  4. "Xcx_New/enums"
  5. "Xcx_New/models"
  6. "Xcx_New/service"
  7. "encoding/json"
  8. "fmt"
  9. "strconv"
  10. "strings"
  11. "time"
  12. )
  13. type MobileBaseAPIController struct {
  14. controllers.BaseAPIController
  15. }
  16. func (this *MobileBaseAPIController) Prepare() {
  17. this.BaseAPIController.Prepare()
  18. // beego.Trace("============================================================")
  19. // beego.Trace("session ID: %v", this.Ctx.Input.Cookie("beegosessionID"))
  20. // beego.Trace("session : %v", this.GetSession("info"))
  21. // this.SetSession("info", time.Now().Format("2006/01/02 15:04:05"))
  22. // beego.Trace("============================================================")
  23. }
  24. //
  25. func (this *MobileBaseAPIController) GetMobileAdminUserInfo() *MobileAdminUserInfo {
  26. userInfo := this.GetSession("mobile_admin_user_info")
  27. if userInfo == nil {
  28. return nil
  29. } else {
  30. return userInfo.(*MobileAdminUserInfo)
  31. }
  32. }
  33. type MobileAdminUserInfo struct {
  34. AdminUser *models.AdminUser
  35. Org *models.Org
  36. App *models.OrgApp
  37. AppRole *models.App_Role
  38. Subscibe *models.ServeSubscibe
  39. TemplateInfo *models.GobalTemplate
  40. }
  41. type MobileBaseAPIAuthController struct {
  42. MobileBaseAPIController
  43. }
  44. func (this *MobileBaseAPIAuthController) Prepare() {
  45. token := this.Ctx.GetCookie("token_cookie")
  46. logout_cookie := this.Ctx.GetCookie("logout_cookie")
  47. //if len(token) == 0{
  48. // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin)
  49. // this.StopRun()
  50. //}
  51. this.MobileBaseAPIController.Prepare()
  52. adminUserInfo := this.GetMobileAdminUserInfo()
  53. fmt.Println(token)
  54. if len(token) == 0 {
  55. this.DelSession("mobile_admin_user_info")
  56. fmt.Println(logout_cookie)
  57. if len(logout_cookie) == 1 {
  58. this.Ctx.SetCookie("logout_cookie", "2")
  59. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeLogOut)
  60. this.StopRun()
  61. } else {
  62. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeLoginTimeout)
  63. this.StopRun()
  64. }
  65. } else {
  66. if adminUserInfo == nil {
  67. this.DelSession("mobile_admin_user_info")
  68. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotLogin)
  69. this.StopRun()
  70. }
  71. }
  72. //if this.Ctx.Request.Method != "GET" {
  73. // err := service.GetOrgSubscibeState(adminUserInfo.Subscibe)
  74. // if err != nil || adminUserInfo.Subscibe.State == 3 {
  75. // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNotSubscibe)
  76. // this.StopRun()
  77. // }
  78. //}
  79. if adminUserInfo.AppRole != nil {
  80. if adminUserInfo.AppRole.Id > 0 {
  81. app_role, _ := service.FindAppRoleById(adminUserInfo.AppRole.Id)
  82. if app_role != nil {
  83. if app_role.Status != 1 {
  84. this.DelSession("mobile_admin_user_info")
  85. this.Ctx.SetCookie("token_cookie", "")
  86. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeForbidden)
  87. this.StopRun()
  88. }
  89. }
  90. }
  91. }
  92. if this.Ctx.Request.Header.Get("Permission") == "1" {
  93. if adminUserInfo.AdminUser.Id != adminUserInfo.Org.Creator { //超级管理员不受此限制
  94. isPermission := false
  95. adminUserInfo := this.GetMobileAdminUserInfo()
  96. //该机构下该用户有多少个
  97. role, _ := service.GetUserAllRole(adminUserInfo.Org.Id, adminUserInfo.AdminUser.Id)
  98. var roles []string
  99. if len(role.RoleIds) <= 0 { //该用户没有设置角色
  100. } else {
  101. roles = strings.Split(role.RoleIds, ",")
  102. }
  103. //redis相关处理逻辑
  104. redis := service.RedisClient()
  105. defer redis.Close()
  106. //redis key值
  107. key := "purviews_" + strconv.FormatInt(adminUserInfo.Org.Id, 10) + strconv.FormatInt(adminUserInfo.AdminUser.Id, 10)
  108. purviews_json_str, _ := redis.Get(key).Result()
  109. //获取该用户下所有角色的权限总集
  110. var userRolePurviews string
  111. var userRolePurviewsArr []string
  112. fmt.Println("----redis 开始----")
  113. fmt.Println(purviews_json_str)
  114. fmt.Println("----redis 结束----")
  115. if len(purviews_json_str) == 0 {
  116. for _, item := range roles {
  117. role_id, _ := strconv.ParseInt(item, 10, 64)
  118. purviews, _ := service.GetRoleFuncPurviewIds(role_id)
  119. if len(userRolePurviews) == 0 {
  120. userRolePurviews = purviews
  121. } else {
  122. userRolePurviews = userRolePurviews + "," + purviews
  123. }
  124. }
  125. //该用户所拥有角色的权限的总集
  126. userRolePurviewsArr = RemoveRepeatedPurviewElement(strings.Split(userRolePurviews, ","))
  127. //缓存数据
  128. purview_json, err := json.Marshal(userRolePurviewsArr)
  129. if err == nil {
  130. redis.Set(key, purview_json, time.Minute*60*60*24)
  131. }
  132. } else {
  133. var dat []string
  134. if err := json.Unmarshal([]byte(purviews_json_str), &dat); err == nil {
  135. } else {
  136. }
  137. userRolePurviewsArr = dat
  138. }
  139. fmt.Println(userRolePurviewsArr)
  140. //系统所记录的权限列表
  141. allPermission, _ := service.GetAllFunctionPurview()
  142. for _, item := range allPermission {
  143. //判断当前路由是否在权限路由列表里面
  144. if strings.Split(item.Urlfor, ",")[0] == strings.Split(this.Ctx.Request.RequestURI, "?")[0]+"?"+"mode="+this.GetString("mode") {
  145. //获取该角色的所有权限
  146. for _, items := range userRolePurviewsArr {
  147. id, _ := strconv.ParseInt(items, 10, 64)
  148. if id == item.ID {
  149. isPermission = true
  150. }
  151. }
  152. if !isPermission {
  153. msg, _ := service.FindErrorMsgByStr(strings.Split(this.Ctx.Request.RequestURI, "?")[0] + "?" + "mode=" + this.GetString("mode"))
  154. json := make(map[string]interface{})
  155. json["msg"] = msg
  156. json["code"] = 0
  157. json["state"] = 0
  158. this.Data["json"] = json
  159. this.ServeJSON()
  160. this.StopRun()
  161. }
  162. }
  163. }
  164. }
  165. }
  166. }
  167. func RemoveRepeatedPurviewElement(arr []string) (newArr []string) {
  168. newArr = make([]string, 0)
  169. for i := 0; i < len(arr); i++ {
  170. repeat := false
  171. for j := i + 1; j < len(arr); j++ {
  172. if arr[i] == arr[j] {
  173. repeat = true
  174. break
  175. }
  176. }
  177. if !repeat {
  178. newArr = append(newArr, arr[i])
  179. }
  180. }
  181. return
  182. }
  183. type AdminUserInfo struct {
  184. AdminUser *models.AdminUser `json:"user"`
  185. CurrentOrgId int64 `json:"current_org_id"`
  186. CurrentAppId int64 `json:"current_app_id"`
  187. OrgIds []int64 `json:"org_ids"`
  188. Orgs map[int64]*models.Org `json:"orgs"`
  189. OrgAppIds map[int64][]int64 `json:"org_app_ids"`
  190. OrgApps map[int64](map[int64]*models.OrgApp) `json:"org_apps"`
  191. App2OrgIds map[int64]int64 `json:"app_to_org_ids"`
  192. AppRoles map[int64]*models.App_Role `json:"app_roles"`
  193. AppPurviews map[int64][]*models.Purview `json:"app_purviews"`
  194. AppUrlfors map[int64][]string `json:"app_urlfors"`
  195. Subscibes map[int64]*models.ServeSubscibe `json:"org_subscibes"`
  196. }