third/APIPark
1
0
Fork 0
mirror of https://github.com/APIParkLab/APIPark.git synced 2026-06-04 10:13:53 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
693b76ee186df6edfc0a7c6fa5ef8980459a9d59
APIPark/middleware/permit/permit.go
T
Liujian 693b76ee18 前端代码更新
2024-08-15 18:28:46 +08:00

100 lines
2.3 KiB
Go
Raw Blame History

package permit_middleware
import (
"net/http"
"reflect"
permit_identity "github.com/APIParkLab/APIPark/middleware/permit/identity"
"github.com/eolinker/eosc/log"
"github.com/eolinker/go-common/autowire"
"github.com/eolinker/go-common/permit"
"github.com/eolinker/go-common/pm3"
"github.com/eolinker/go-common/utils"
"github.com/gin-gonic/gin"
)
var (
checkSort = []string{permit_identity.TeamGroup, permit_identity.SystemGroup}
)
type IPermitMiddleware interface {
pm3.IMiddleware
}
func init() {
autowire.Auto[IPermitMiddleware](func() reflect.Value {
return reflect.ValueOf(new(PermitMiddleware))
})
}
var (
_ IPermitMiddleware = (*PermitMiddleware)(nil)
)
type PermitMiddleware struct {
permitService permit.IPermit `autowired:""`
}
func (p *PermitMiddleware) Sort() int {
return 99
}
func (p *PermitMiddleware) Check(method string, path string) (bool, []gin.HandlerFunc) {
// 当前路径是否有配置权限
accessRules, has := permit.GetPathRule(method, path)
if !has || len(accessRules) == 0 {
return false, nil
}
return true, []gin.HandlerFunc{
func(ginCtx *gin.Context) {
userId := utils.UserId(ginCtx)
if userId == "" {
// 未开启游客模式
ginCtx.AbortWithStatusJSON(http.StatusForbidden, gin.H{"code": http.StatusForbidden, "msg": "not login", "success": "fail"})
ginCtx.Abort()
return
}
//if userId == "admin" {
// // 超级管理员不校验
// return
//}
for _, group := range checkSort {
accessList, has := accessRules[group]
if !has {
// 当前分组没有配置权限
continue
}
domainHandler, has := permit.SelectDomain(group)
if !has {
// 当前分组没有配置身份handler
continue
}
_, myAccess, ok := domainHandler(ginCtx)
if !ok {
continue
}
accessMap := utils.SliceToMapO(myAccess, func(s string) (string, struct{}) {
return s, struct{}{}
})
for _, acc := range accessList {
if _, ok := accessMap[acc]; ok {
return
}
}
}
//所有group都校验不通过
log.DebugF("no permission:%s", ginCtx.FullPath())
ginCtx.AbortWithStatusJSON(http.StatusForbidden, gin.H{"code": http.StatusForbidden, "msg": "no permission", "success": "fail"})
},
}
}
func (p *PermitMiddleware) Name() string {
return "permit"
}
Reference in New Issue View Git Blame Copy Permalink