package routers

import (
	"Cold_Api/conf"
	"Cold_Api/controllers/lib"
	"Cold_Api/models/Account"
	"github.com/beego/beego/v2/server/web/context"
	"strings"
)

var (
	version                    = conf.Version
	filterExcludeURLMap        = make(map[string]int)
	filterOnlyLoginCheckURLMap = make(map[string]int)
)

var InitSetFilterUrl = func() {
	excludeUrl := conf.FilterExcludeURL
	if len(excludeUrl) > 0 {
		excludeUrlSlice := strings.Split(excludeUrl, ",")
		if len(excludeUrlSlice) > 0 {
			for _, v := range excludeUrlSlice {
				filterExcludeURLMap[version+v] = 1
			}
		}
	}
	checkLoginUrl := conf.FilterOnlyLoginCheckURL
	if len(checkLoginUrl) > 0 {
		checkLoginUrlSlice := strings.Split(checkLoginUrl, ",")
		if len(checkLoginUrlSlice) > 0 {
			for _, v := range checkLoginUrlSlice {
				filterOnlyLoginCheckURLMap[version+v] = 1
			}
		}
	}
}

func FilterRBAC(ctx *context.Context) {
	//判断URL是否排除
	if _, ok := filterExcludeURLMap[ctx.Request.URL.Path]; ok {
		return
	}

	b_, admin := lib.Verification(ctx.GetCookie("User_tokey"), ctx.Input.Query("User_tokey"))
	if !b_ {
		ctx.Output.JSON(lib.JSONS{Code: 201, Msg: "请重新登陆!"}, true, false)

	}
	//判断是否只验证登录的URL
	if _, ok := filterOnlyLoginCheckURLMap[ctx.Request.URL.Path]; b_ && ok {
		return
	}

	power, _ := Account.Read_Power_ById(admin.T_power)

	if power.T_Menu_Bind == "*" {
		return
	}

	api := Account.Read_API_List_ByPower_Id(power.Id, power.T_Menu_Bind)
	flag := false
	for _, v := range api {
		if version+v.T_uri == ctx.Request.URL.Path {
			flag = true
			break
		}
	}
	if !flag {
		data := lib.JSONS{Code: 201, Msg: "无权访问!"}
		ctx.Output.JSON(data, true, false)
	}

}