1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 |
- package service
- import (
- "dy-admin/internal/pcmserver/global"
- "dy-admin/internal/pcmserver/pkg/code"
- "dy-admin/internal/pcmserver/sys/model"
- "dy-admin/internal/pcmserver/sys/service"
- "dy-admin/pkg/rescode"
- "github.com/gin-gonic/gin"
- "gorm.io/gorm"
- "strconv"
- )
- // BusPermission 业务上的数据权限
- // 只针对这个柜子系统。柜子系统业务表上都有部门id。根据部门id来判断数据权限
- type BusPermission struct {
- DataScope int
- DeptIDs []int
- UserID int
- }
- func NewBusPermission(c *gin.Context) (*BusPermission, error) {
- // 获取用户信息
- userInfo := global.JWT.GetUserInfo(c)
- // 找到角色对应的数据权限
- var roles []model.Role
- err := global.DB.Where("role_id in (?)", userInfo.RoleIDs).Find(&roles).Error
- if err != nil {
- return nil, rescode.RegisterErrorWithCause(err, code.ErrCodeMap[code.ErrDatabaseCode])
- }
- bp := &BusPermission{DataScope: 5, DeptIDs: make([]int, 0)}
- for _, role := range roles {
- roleDataScope, err := strconv.Atoi(role.DataScope)
- if err != nil {
- return nil, err
- }
- if roleDataScope >= bp.DataScope {
- // 数值越大,权限越小。按权限比较大的为准
- continue
- }
- bp.DataScope = roleDataScope
- switch role.DataScope {
- case "1":
- // 全部权限
- case "2":
- // 自定义数据权限
- deptIds, err := service.ServicesGroupApp.RoleService.GetRoleDeptIDs(role.RoleID)
- if err != nil {
- return bp, err
- }
- bp.DeptIDs = append(bp.DeptIDs, deptIds...)
- case "3":
- // 本部门数据权限
- bp.DeptIDs = append(bp.DeptIDs, userInfo.DeptID)
- case "4":
- // 本部门及以下数据权限
- sons, err := service.ServicesGroupApp.DeptService.GetSonDeptIds(userInfo.DeptID)
- if err != nil {
- return bp, err
- }
- bp.DeptIDs = append(bp.DeptIDs, sons...)
- case "5":
- // 仅本人数据权限
- bp.UserID = userInfo.UserID
- default:
- return nil, rescode.RegisterErrorWithCause(err, code.ErrCodeMap[code.ErrDataPermissionCode])
- }
- }
- return bp, nil
- }
- func Permission(tableName string, p *BusPermission) func(db *gorm.DB) *gorm.DB {
- return func(db *gorm.DB) *gorm.DB {
- switch p.DataScope {
- case 2, 3, 4:
- return db.Where(tableName+".department_id in (?)", p.DeptIDs)
- case 5:
- return db.Where(tableName+".create_by = ?", p.UserID)
- default:
- return db
- }
- }
- }
|