package routers

import (
	"Cold_GoodsOrder/Nats/NatsServer"
	"Cold_GoodsOrder/lib"
	"Cold_GoodsOrder/models/Account"
	"github.com/beego/beego/v2/server/web/context"
	"log"
	"strings"
)

func RBACFilter(ctx *context.Context) {
	//过滤/v3/Order/GetDeviceData接口不验证登录
	log.Println(ctx.Request.URL.String())
	if strings.Contains(ctx.Request.URL.String(), "/v3/Order/GetDeviceDataNot") || strings.Contains(ctx.Request.URL.String(), "/Cold_GoodsOrder/v3/Order/Test") {
		return
	}
	b_, User_r, T_pid := NatsServer.Verification(ctx.GetCookie("User_tokey"), ctx.Input.Query("User_tokey"))
	if !b_ {
		ctx.Output.JSON(lib.JSONS{Code: 201, Msg: "请重新登陆!"}, true, false)
		return
	}

	Account.User_r = &User_r
	Account.T_pid = &T_pid
	index := strings.Index(ctx.Request.URL.Path, "/v3")
	if index == -1 {
		data := lib.JSONS{Code: 202, Msg: "无权访问!"}
		ctx.Output.JSON(data, true, false)
	}
	flag := NatsServer.CheckUserPermissions(Account.User_r.T_power, ctx.Request.URL.Path[index:])

	if !flag {
		data := lib.JSONS{Code: 202, Msg: "无权访问!"}
		ctx.Output.JSON(data, true, false)
		return
	}

}