bigdata
/
dsMin
6
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9add86c28a'
${ noResults }
dsMin/dsBaseWeb/Handler/CheckHandler/LimitRoleId.go

155 lines
3.7 KiB
Raw Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

package CheckHandler
import (
"context"
"dsBaseWeb/Business/BaseRolePerson/BaseRolePersonProto"
"dsBaseWeb/Utils/GRpcUtil"
"github.com/gin-gonic/gin"
"strings"
"time"
)
/**
功能:检查当前人员是不是在限定的角色+数据域范围内
作者:黄海
时间2020-03-17
*/
func roleIdLimitIsLegal(c *gin.Context, interName string, n int) (bool, ResultStruct) {
//1、调用通用检查器
success, resultStruct, httpType, arr := commonIsLegal(c, interName, n)
if !success {
return success, resultStruct
}
//准备用于rpc检查的对象
var arg BaseRolePersonProto.CheckDataPrivilegeArg
//操作人员ID
actionPersonId, _ := c.Cookie("person_id")
arg.ActionPersonId = actionPersonId
//角色数组
var RoleIds []string
//区域数组
var areaCodes []string
//部门+单位+学校数组
var orgIds []string
//班级数组
var classIds []string
//人员数组
var personIds []string
if len(arr) == 0 {
return true, resultStruct
}
//如果通过了常规检查,那么进行业务专用检查
for i := 0; i < len(arr); i++ {
paraStruct := arr[i]
RoleIds = append(RoleIds, paraStruct.parameterName)
}
//两种方式
var httpTypes = []string{"get", "post"}
//添加areaCode
for i := range httpTypes {
areaCode := getInputParameter(c, httpTypes[i], "areaCode")
if len(areaCode) > 0 {
areaCodes = append(areaCodes, areaCode)
break
}
}
for i := range httpTypes {
areaCode := getInputParameter(c, httpTypes[i], "areaCodes")
if len(areaCode) > 0 {
areaCodes = strings.Split(areaCode, ",")
break
}
}
//添加orgId
for i := range httpTypes {
orgId := getInputParameter(c, httpTypes[i], "orgId")
if len(orgId) > 0 {
orgIds = append(orgIds, orgId)
break
}
}
for i := range httpTypes {
orgId := getInputParameter(c, httpTypes[i], "orgIds")
if len(orgId) > 0 {
orgIds = strings.Split(orgId, ",")
break
}
}
//添加classId
for i := range httpTypes {
classId := getInputParameter(c, httpTypes[i], "classId")
if len(classId) > 0 {
classIds = append(classIds, classId)
break
}
}
for i := range httpTypes {
classId := getInputParameter(c, httpTypes[i], "classIds")
if len(classId) > 0 {
classIds = strings.Split(classId, ",")
break
}
}
//添加personId
for i := range httpTypes {
personId := getInputParameter(c, httpTypes[i], "personId")
if len(personId) > 0 {
personIds = append(personIds, personId)
break
}
}
for i := range httpTypes {
personId := getInputParameter(c, httpTypes[i], "personIds")
if len(personId) > 0 {
personIds = strings.Split(personId, ",")
break
}
}
//向rpc参数赋值
arg.AreaCode = areaCodes
arg.OrgId = orgIds
arg.ClassId = classIds
arg.PersonId = personIds
arg.RoleId = RoleIds
//调用rpc层代码进行权限检查
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
conn := GRpcUtil.GetConnection()
if conn == nil {
resultStruct.HttpType = httpType
resultStruct.Message = "RPC服务未启动"
return false, resultStruct
}
//2、业务传参
c1 := BaseRolePersonProto.NewBaseRolePersonManageClient(conn)
Reply, err := c1.CheckDataPrivilege(ctx, &arg)
if err != nil {
resultStruct.HttpType = httpType
resultStruct.Message = "调用RPC层检查数据权限时失败"
return false, resultStruct
}
//如果没有权限
if !Reply.Success {
resultStruct.HttpType = httpType
resultStruct.Message = Reply.Message
//清cookie
//c.SetCookie("person_id", "", -1, "/", "", false, true)
//c.SetCookie("identity_id", "", -1, "/", "", false, true)
//c.SetCookie("token", "", -1, "/", "", false, true)
//c.SetCookie("ds_access_token", "", -1, "/", "", false, true)
return false, resultStruct
}
return true, resultStruct
}
Reference in new issue View Git Blame Copy Permalink