123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 |
- package routers
- import (
- "ERP_salary/Nats/NatsServer"
- "ERP_salary/conf"
- "ERP_salary/logs"
- "ERP_salary/models/Account"
- powerlibs "git.baozhida.cn/ERP_libs/Power"
- "git.baozhida.cn/ERP_libs/lib"
- "github.com/beego/beego/v2/adapter/orm"
- "github.com/beego/beego/v2/server/web/context"
- "strings"
- )
- var (
- filterExcludeURLMap = make(map[string]int) // 不鉴权的URL
- filterOnlyLoginCheckURLMap = make(map[string]int) // 只鉴权登录的URL
- )
- func init() {
- //初始化配置 不鉴权的URL和只鉴权登录的URL
- logs.Println("=========== 初始化路由筛选信息 =========")
- excludeUrl := conf.FilterExcludeURL
- if len(excludeUrl) > 0 {
- excludeUrlSlice := strings.Split(excludeUrl, ",")
- if len(excludeUrlSlice) > 0 {
- for _, v := range excludeUrlSlice {
- filterExcludeURLMap[v] = 1
- }
- }
- }
- checkLoginUrl := conf.FilterOnlyLoginCheckURL
- if len(checkLoginUrl) > 0 {
- checkLoginUrlSlice := strings.Split(checkLoginUrl, ",")
- if len(checkLoginUrlSlice) > 0 {
- for _, v := range checkLoginUrlSlice {
- filterOnlyLoginCheckURLMap[v] = 1
- }
- }
- }
- }
- func RBACFilter(ctx *context.Context) {
- //判断URL是否排除
- if _, ok := filterExcludeURLMap[ctx.Request.URL.Path]; ok {
- return
- }
- user_r, err := NatsServer.Verification(ctx.GetCookie("User_tokey"), ctx.Input.Query("User_tokey"))
- if err != nil {
- ctx.Output.JSON(lib.JSONS{Code: 201, Msg: "请重新登陆!"}, true, false)
- return
- }
- Account.User_r = &user_r
- //判断是否只验证登录的URL
- if _, ok := filterOnlyLoginCheckURLMap[ctx.Request.URL.Path]; ok {
- return
- }
- o := orm.NewOrm()
- powerDao := powerlibs.NewPower(o)
- power, err := powerDao.Read_Power_ByT_id(user_r.T_power)
- if err != nil {
- data := lib.JSONS{Code: 202, Msg: "获取权限失败!"}
- ctx.Output.JSON(data, true, false)
- return
- }
- if power.T_menu == "*" {
- return
- }
- api := Account.Read_API_List_ByPower(power.T_id, power.T_menu)
- flag := false
- for _, v := range api {
- if v.T_uri == ctx.Request.URL.Path {
- flag = true
- break
- }
- }
- if !flag {
- data := lib.JSONS{Code: 202, Msg: "无权访问!"}
- ctx.Output.JSON(data, true, false)
- return
- }
- }
|