- 重构authz结构
- 角色管理初版完成
This commit is contained in:
gazebo
@@ -1,5 +1,37 @@
|
||||
package authz
|
||||
|
||||
import (
|
||||
"strings"
|
||||
|
||||
"git.rosy.net.cn/baseapi/utils"
|
||||
)
|
||||
|
||||
const (
|
||||
StoreRoleBoss = "StoreBoss"
|
||||
|
||||
RoleNameSep = "/"
|
||||
RolePrefix = "Role"
|
||||
StoreRolePrefix = "Store"
|
||||
)
|
||||
|
||||
type RoleInfo struct {
|
||||
Name string `json:"name"`
|
||||
Description string `json:"description"`
|
||||
StoreID int `json:"storeID,omitempty"` // 如果这个值非0,表示门店角色
|
||||
}
|
||||
|
||||
var (
|
||||
StoreRoleDescriptionMap = map[string]string{
|
||||
StoreRoleBoss: "门店老板",
|
||||
}
|
||||
StoreRoleList = []*RoleInfo{
|
||||
&RoleInfo{
|
||||
Name: StoreRoleBoss,
|
||||
Description: StoreRoleDescriptionMap[StoreRoleBoss],
|
||||
},
|
||||
}
|
||||
)
|
||||
|
||||
type IAuthz interface {
|
||||
AddRole4User(userID string, r *RoleInfo) (err error)
|
||||
DeleteRole4User(userID string, r *RoleInfo) (err error)
|
||||
@@ -7,3 +39,15 @@ type IAuthz interface {
|
||||
GetRoleUserList(r *RoleInfo) (userIDList []string, err error)
|
||||
// GetAllRoleList() (roleList []*RoleInfo)
|
||||
}
|
||||
|
||||
func (r *RoleInfo) GetFullName() (fullRoleName string) {
|
||||
strList := []string{
|
||||
RolePrefix,
|
||||
r.Name,
|
||||
}
|
||||
if r.StoreID > 0 {
|
||||
strList = append(strList, StoreRolePrefix, utils.Int2Str(r.StoreID))
|
||||
}
|
||||
fullRoleName = strings.Join(strList, RoleNameSep)
|
||||
return fullRoleName
|
||||
}
|
||||
|
||||
@@ -1,43 +1,18 @@
|
||||
package authz
|
||||
package autils
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"git.rosy.net.cn/baseapi/utils"
|
||||
"git.rosy.net.cn/jx-callback/business/authz"
|
||||
"git.rosy.net.cn/jx-callback/business/model"
|
||||
"git.rosy.net.cn/jx-callback/business/model/dao"
|
||||
)
|
||||
|
||||
const (
|
||||
StoreRoleBoss = "StoreBoss"
|
||||
|
||||
RoleNameSep = "/"
|
||||
RolePrefix = "Role"
|
||||
StoreRolePrefix = "Store"
|
||||
)
|
||||
|
||||
type RoleInfo struct {
|
||||
Name string `json:"name"`
|
||||
Description string `json:"description"`
|
||||
StoreID int `json:"storeID,omitempty"` // 如果这个值非0,表示门店角色
|
||||
}
|
||||
|
||||
var (
|
||||
storeRoleDescriptionMap = map[string]string{
|
||||
StoreRoleBoss: "门店老板",
|
||||
}
|
||||
StoreRoleList = []*RoleInfo{
|
||||
&RoleInfo{
|
||||
Name: StoreRoleBoss,
|
||||
Description: storeRoleDescriptionMap[StoreRoleBoss],
|
||||
},
|
||||
}
|
||||
)
|
||||
|
||||
func GetRoleDescription(name string, storeID int) (description string) {
|
||||
if storeID != 0 {
|
||||
description = storeRoleDescriptionMap[name]
|
||||
description = authz.StoreRoleDescriptionMap[name]
|
||||
} else {
|
||||
if confList, err := dao.QueryConfigs(dao.GetDB(), name, model.ConfigTypeRole, ""); err == nil && len(confList) > 0 {
|
||||
description = confList[0].Value
|
||||
@@ -53,8 +28,8 @@ func ValidateRole(name string, storeID int) (err error) {
|
||||
return err
|
||||
}
|
||||
|
||||
func NewRole(name string, storeID int) (r *RoleInfo) {
|
||||
r = &RoleInfo{
|
||||
func NewRole(name string, storeID int) (r *authz.RoleInfo) {
|
||||
r = &authz.RoleInfo{
|
||||
Name: name,
|
||||
StoreID: storeID,
|
||||
Description: GetRoleDescription(name, storeID),
|
||||
@@ -62,15 +37,15 @@ func NewRole(name string, storeID int) (r *RoleInfo) {
|
||||
return r
|
||||
}
|
||||
|
||||
func NewRoleByModel(conf *model.NewConfig) (r *RoleInfo) {
|
||||
func NewRoleByModel(conf *model.NewConfig) (r *authz.RoleInfo) {
|
||||
if conf.Type != model.ConfigTypeRole {
|
||||
r = NewRole(conf.Key, 0)
|
||||
}
|
||||
return r
|
||||
}
|
||||
|
||||
func NewRoleByFullName(fullRoleName string) (r *RoleInfo) {
|
||||
strList := strings.Split(fullRoleName, RoleNameSep)
|
||||
func NewRoleByFullName(fullRoleName string) (r *authz.RoleInfo) {
|
||||
strList := strings.Split(fullRoleName, authz.RoleNameSep)
|
||||
if len(strList) == 2 {
|
||||
r = NewRole(strList[1], 0)
|
||||
} else if len(strList) == 4 {
|
||||
@@ -79,34 +54,22 @@ func NewRoleByFullName(fullRoleName string) (r *RoleInfo) {
|
||||
return r
|
||||
}
|
||||
|
||||
func (r *RoleInfo) GetFullName() (fullRoleName string) {
|
||||
strList := []string{
|
||||
RolePrefix,
|
||||
r.Name,
|
||||
}
|
||||
if r.StoreID > 0 {
|
||||
strList = append(strList, StoreRolePrefix, utils.Int2Str(r.StoreID))
|
||||
}
|
||||
fullRoleName = strings.Join(strList, RoleNameSep)
|
||||
return fullRoleName
|
||||
}
|
||||
|
||||
func RoleName2StoreID(roleName string) (storeID int) {
|
||||
if list := strings.Split(roleName, RoleNameSep); len(list) == 4 {
|
||||
if list := strings.Split(roleName, authz.RoleNameSep); len(list) == 4 {
|
||||
storeID = int(utils.Str2Int64(list[2]))
|
||||
}
|
||||
return storeID
|
||||
}
|
||||
|
||||
func GetStoreIDFromRole(roleName string) (storeID int) {
|
||||
list := strings.Split(roleName, RoleNameSep)
|
||||
list := strings.Split(roleName, authz.RoleNameSep)
|
||||
if len(list) == 3 {
|
||||
storeID = int(utils.Str2Int64WithDefault(list[2], 0))
|
||||
}
|
||||
return storeID
|
||||
}
|
||||
|
||||
func RoleList2StoreIDList(roleList []*RoleInfo) (storeIDs []int) {
|
||||
func RoleList2StoreIDList(roleList []*authz.RoleInfo) (storeIDs []int) {
|
||||
for _, v := range roleList {
|
||||
if v.StoreID > 0 {
|
||||
storeIDs = append(storeIDs, v.StoreID)
|
||||
@@ -115,9 +78,9 @@ func RoleList2StoreIDList(roleList []*RoleInfo) (storeIDs []int) {
|
||||
return storeIDs
|
||||
}
|
||||
|
||||
func FullRoleName2RoleList(fullRoleNameList []string) (roleList []*RoleInfo) {
|
||||
func FullRoleName2RoleList(fullRoleNameList []string) (roleList []*authz.RoleInfo) {
|
||||
if len(fullRoleNameList) > 0 {
|
||||
roleList = make([]*RoleInfo, len(fullRoleNameList))
|
||||
roleList = make([]*authz.RoleInfo, len(fullRoleNameList))
|
||||
for k, v := range fullRoleNameList {
|
||||
roleList[k] = NewRoleByFullName(v)
|
||||
}
|
||||
@@ -125,8 +88,8 @@ func FullRoleName2RoleList(fullRoleNameList []string) (roleList []*RoleInfo) {
|
||||
return roleList
|
||||
}
|
||||
|
||||
func RoleList2Map(roleList []*RoleInfo) (roleMap map[string]*RoleInfo) {
|
||||
roleMap = make(map[string]*RoleInfo)
|
||||
func RoleList2Map(roleList []*authz.RoleInfo) (roleMap map[string]*authz.RoleInfo) {
|
||||
roleMap = make(map[string]*authz.RoleInfo)
|
||||
for _, v := range roleList {
|
||||
roleMap[v.Name] = v
|
||||
}
|
||||
@@ -1,30 +1,16 @@
|
||||
package casbinauth
|
||||
|
||||
import (
|
||||
jxmodel "git.rosy.net.cn/jx-callback/business/model"
|
||||
"git.rosy.net.cn/jx-callback/globals"
|
||||
"github.com/astaxie/beego/orm"
|
||||
"github.com/casbin/casbin/model"
|
||||
"github.com/casbin/casbin/persist"
|
||||
)
|
||||
|
||||
type CasbinRule struct {
|
||||
ID int `orm:"column(id)" json:"id"`
|
||||
PType string
|
||||
V0 string
|
||||
V1 string
|
||||
V2 string
|
||||
V3 string
|
||||
V4 string
|
||||
V5 string
|
||||
}
|
||||
|
||||
type Adapter struct {
|
||||
}
|
||||
|
||||
func RegisterModel() {
|
||||
orm.RegisterModel(new(CasbinRule))
|
||||
}
|
||||
|
||||
// finalizer is the destructor for Adapter.
|
||||
func finalizer(a *Adapter) {
|
||||
}
|
||||
@@ -33,7 +19,7 @@ func NewAdapter() *Adapter {
|
||||
return &Adapter{}
|
||||
}
|
||||
|
||||
func loadPolicyLine(line CasbinRule, model model.Model) {
|
||||
func loadPolicyLine(line jxmodel.CasbinRule, model model.Model) {
|
||||
lineText := line.PType
|
||||
if line.V0 != "" {
|
||||
lineText += ", " + line.V0
|
||||
@@ -58,7 +44,7 @@ func loadPolicyLine(line CasbinRule, model model.Model) {
|
||||
}
|
||||
|
||||
func (a *Adapter) LoadPolicy(model model.Model) error {
|
||||
var lines []CasbinRule
|
||||
var lines []jxmodel.CasbinRule
|
||||
o := orm.NewOrm()
|
||||
_, err := o.QueryTable("casbin_rule").Limit(-1).All(&lines)
|
||||
if err != nil {
|
||||
@@ -71,8 +57,8 @@ func (a *Adapter) LoadPolicy(model model.Model) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func savePolicyLine(ptype string, rule []string) CasbinRule {
|
||||
line := CasbinRule{}
|
||||
func savePolicyLine(ptype string, rule []string) jxmodel.CasbinRule {
|
||||
line := jxmodel.CasbinRule{}
|
||||
|
||||
line.PType = ptype
|
||||
if len(rule) > 0 {
|
||||
@@ -111,7 +97,7 @@ func (a *Adapter) SavePolicy(model model.Model) error {
|
||||
o := orm.NewOrm()
|
||||
|
||||
a.clearAll(o)
|
||||
var lines []CasbinRule
|
||||
var lines []jxmodel.CasbinRule
|
||||
|
||||
for ptype, ast := range model["p"] {
|
||||
for _, rule := range ast.Policy {
|
||||
@@ -149,7 +135,7 @@ func (a *Adapter) RemovePolicy(sec string, ptype string, rule []string) error {
|
||||
|
||||
// RemoveFilteredPolicy removes policy rules that match the filter from the storage.
|
||||
func (a *Adapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error {
|
||||
line := CasbinRule{}
|
||||
line := jxmodel.CasbinRule{}
|
||||
|
||||
line.PType = ptype
|
||||
filter := []string{}
|
||||
|
||||
@@ -2,6 +2,7 @@ package casbinauth
|
||||
|
||||
import (
|
||||
"git.rosy.net.cn/jx-callback/business/authz"
|
||||
"git.rosy.net.cn/jx-callback/business/authz/autils"
|
||||
"git.rosy.net.cn/jx-callback/globals"
|
||||
"github.com/casbin/casbin"
|
||||
)
|
||||
@@ -29,7 +30,7 @@ func (c *CasbinAuthz) DeleteRole4User(userID string, r *authz.RoleInfo) (err err
|
||||
func (c *CasbinAuthz) GetUserRoleList(userID string) (roleList []*authz.RoleInfo, err error) {
|
||||
roleNameList, err := c.enforcer.GetRolesForUser(userID)
|
||||
if err == nil && len(roleNameList) > 0 {
|
||||
roleList = authz.FullRoleName2RoleList(roleNameList)
|
||||
roleList = autils.FullRoleName2RoleList(roleNameList)
|
||||
}
|
||||
return roleList, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user