| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- package routers
- import (
- "Cold_GoodsOrder/Nats/NatsServer"
- "Cold_GoodsOrder/lib"
- "Cold_GoodsOrder/models/Account"
- "github.com/beego/beego/v2/server/web/context"
- "log"
- "strings"
- )
- func RBACFilter(ctx *context.Context) {
- //过滤/v3/Order/GetDeviceData接口不验证登录
- log.Println(ctx.Request.URL.String())
- if strings.Contains(ctx.Request.URL.String(), "/v3/Order/GetDeviceDataNot") || strings.Contains(ctx.Request.URL.String(), "/Cold_GoodsOrder/v3/Order/Test") {
- return
- }
- err, User_r, T_pid := NatsServer.Verification(ctx.Input.Query("User_tokey"), ctx.GetCookie("User_tokey"))
- if err != nil {
- if err.Error() == "请重新登录!" {
- ctx.Output.JSON(lib.JSONS{Code: 201, Msg: err.Error()}, true, false)
- } else {
- ctx.Output.JSON(lib.JSONS{Code: 202, Msg: err.Error()}, true, false)
- }
- return
- }
- Account.User_r = &User_r
- Account.T_pid = &User_r.T_pid
- if T_pid > 0 {
- Account.T_pid = &T_pid
- }
- index := strings.Index(ctx.Request.URL.Path, "/v3")
- if index == -1 {
- data := lib.JSONS{Code: 202, Msg: "无权访问!"}
- ctx.Output.JSON(data, true, false)
- }
- flag := NatsServer.CheckUserPermissions(Account.User_r.T_power, ctx.Request.URL.Path[index:])
- if !flag {
- data := lib.JSONS{Code: 202, Msg: "无权访问!"}
- ctx.Output.JSON(data, true, false)
- return
- }
- }
|
