Home Explore Help
Sign In
duyong
/
dy-admin-temp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: a723c30f41
Branches Tags
dy-admin-temp
/
internal
/
pcmserver
/
bus
/
service
/
bus_permission.go

bus_permission.go 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. package service
    2. 

  2. 

  3. import (
    4. 

  4. 	"dy-admin/internal/pcmserver/global"
    5. 

  5. 	"dy-admin/internal/pcmserver/pkg/code"
    6. 

  6. 	"dy-admin/internal/pcmserver/sys/model"
    7. 

  7. 	"dy-admin/internal/pcmserver/sys/service"
    8. 

  8. 

  9. 	"dy-admin/pkg/rescode"
    10. 

  10. 	"github.com/gin-gonic/gin"
    11. 

  11. 	"gorm.io/gorm"
    12. 

  12. 	"strconv"
    13. 

  13. )
    14. 

  14. 

  15. // BusPermission 业务上的数据权限
    16. 

  16. // 只针对这个柜子系统。柜子系统业务表上都有部门id。根据部门id来判断数据权限
    17. 

  17. type BusPermission struct {
    18. 

  18. 	DataScope int
    19. 

  19. 	DeptIDs   []int
    20. 

  20. 	UserID    int
    21. 

  21. }
    22. 

  22. 

  23. func NewBusPermission(c *gin.Context) (*BusPermission, error) {
    24. 

  24. 	// 获取用户信息
    25. 

  25. 	userInfo := global.JWT.GetUserInfo(c)
    26. 

  26. 	// 找到角色对应的数据权限
    27. 

  27. 

  28. 	var roles []model.Role
    29. 

  29. 	err := global.DB.Where("role_id in (?)", userInfo.RoleIDs).Find(&roles).Error
    30. 

  30. 	if err != nil {
    31. 

  31. 		return nil, rescode.RegisterErrorWithCause(err, code.ErrCodeMap[code.ErrDatabaseCode])
    32. 

  32. 	}
    33. 

  33. 	bp := &BusPermission{DataScope: 5, DeptIDs: make([]int, 0)}
    34. 

  34. 	for _, role := range roles {
    35. 

  35. 		roleDataScope, err := strconv.Atoi(role.DataScope)
    36. 

  36. 		if err != nil {
    37. 

  37. 			return nil, err
    38. 

  38. 		}
    39. 

  39. 		if roleDataScope >= bp.DataScope {
    40. 

  40. 			// 数值越大,权限越小。按权限比较大的为准
    41. 

  41. 			continue
    42. 

  42. 		}
    43. 

  43. 		bp.DataScope = roleDataScope
    44. 

  44. 

  45. 		switch role.DataScope {
    46. 

  46. 		case "1":
    47. 

  47. 			// 全部权限
    48. 

  48. 		case "2":
    49. 

  49. 			// 自定义数据权限
    50. 

  50. 			deptIds, err := service.ServicesGroupApp.RoleService.GetRoleDeptIDs(role.RoleID)
    51. 

  51. 			if err != nil {
    52. 

  52. 				return bp, err
    53. 

  53. 			}
    54. 

  54. 			bp.DeptIDs = append(bp.DeptIDs, deptIds...)
    55. 

  55. 		case "3":
    56. 

  56. 			// 本部门数据权限
    57. 

  57. 			bp.DeptIDs = append(bp.DeptIDs, userInfo.DeptID)
    58. 

  58. 		case "4":
    59. 

  59. 			// 本部门及以下数据权限
    60. 

  60. 			sons, err := service.ServicesGroupApp.DeptService.GetSonDeptIds(userInfo.DeptID)
    61. 

  61. 			if err != nil {
    62. 

  62. 				return bp, err
    63. 

  63. 			}
    64. 

  64. 			bp.DeptIDs = append(bp.DeptIDs, sons...)
    65. 

  65. 		case "5":
    66. 

  66. 			// 仅本人数据权限
    67. 

  67. 			bp.UserID = userInfo.UserID
    68. 

  68. 		default:
    69. 

  69. 			return nil, rescode.RegisterErrorWithCause(err, code.ErrCodeMap[code.ErrDataPermissionCode])
    70. 

  70. 		}
    71. 

  71. 	}
    72. 

  72. 	return bp, nil
    73. 

  73. }
    74. 

  74. 

  75. func Permission(tableName string, p *BusPermission) func(db *gorm.DB) *gorm.DB {
    76. 

  76. 	return func(db *gorm.DB) *gorm.DB {
    77. 

  77. 		switch p.DataScope {
    78. 

  78. 		case 2, 3, 4:
    79. 

  79. 			return db.Where(tableName+".department_id in (?)", p.DeptIDs)
    80. 

  80. 		case 5:
    81. 

  81. 			return db.Where(tableName+".create_by = ?", p.UserID)
    82. 

  82. 		default:
    83. 

  83. 			return db
    84. 

  84. 		}
    85. 

  85. 	}
    86. 

  86. }
    87.