Merge branch 'feature/rbac' into 'master'

Feature/rbac See merge request !40

Merge branch 'feature/rbac' into 'master'
17c9266f · shajiaiming · 64bb4b38 · 5c302b62 · 64bb4b38 · 17c9266f
Commit 17c9266f authored Apr 21, 2021 by shajiaiming
Showing with 53 additions and 40 deletions

Auth.go middleware/auth/Auth.go +0 -39

auth.go middleware/auth/auth.go +43 -0

rbac.go pkg/e/rbac.go +6 -0

errno.go pkg/errno/errno.go +2 -0

router.go routers/router.go +2 -1

No files found.
--- a/middleware/auth/Auth.go
+++ b/middleware/auth/Auth.go
-package auth
-
-import (
-	"github.com/gin-gonic/gin"
-	"bwallet/pkg/e"
-	"bwallet/models"
-	"net/http"
-)
-
-func AUTH() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		var code int
-		var data interface{}
-
-		code = e.SUCCESS
-		token := c.Request.Header.Get("Token")
-		if token == "" {
-			code = e.INVALID_PARAMS
-		} else {
-			_, err := models.CheckToken(token)
-			if err != nil {
-				code = e.ERROR_AUTH_CHECK_TOKEN_FAIL
-			}
-		}
-
-		if code != e.SUCCESS {
-			c.JSON(http.StatusUnauthorized, gin.H{
-				"code": code,
-				"msg":  e.GetMsg(code),
-				"data": data,
-			})
-
-			c.Abort()
-			return
-		}
-
-		c.Next()
-	}
-}
--- a/middleware/auth/auth.go
+++ b/middleware/auth/auth.go
+package auth
+
+import (
+	"bwallet/pkg/errno"
+	"bwallet/pkg/handler"
+	"bwallet/pkg/util"
+	"github.com/gin-gonic/gin"
+	"strings"
+)
+
+func AUTH(handlerTableName map[string]string) gin.HandlerFunc {
+	return func(ctx *gin.Context) {
+
+		token := ctx.Request.Header.Get("Token")
+		user, _ := util.ParseToken(token)
+
+		if 81 == user.UserInfo.Uid {
+			handler.SendResponse(ctx, errno.PermissionDenied, nil)
+			ctx.Abort()
+			return
+		}
+
+		if 81 != user.UserInfo.Uid {
+			ctx.Next()
+		}
+
+		handlerName := strings.Split(ctx.HandlerName(), ".")[1]
+		if _, ok := handlerTableName[handlerName]; !ok {
+			ctx.Next()
+		}
+
+		handleAlowed := []string{"GetWallets", "GetWalletCoinRelationCoinRelations", "GetCoins"}
+		_, handle := util.Contains(handleAlowed, handlerName)
+
+		if !handle {
+			handler.SendResponse(ctx, errno.PermissionDenied, nil)
+			ctx.Abort()
+			return
+		}
+
+		ctx.Next()
+	}
+}
--- a/pkg/e/rbac.go
+++ b/pkg/e/rbac.go
+package e
+
+type HandleAllowedDesc map[int32][]string
+var HandleAllowed = HandleAllowedDesc{
+
+}
--- a/pkg/errno/errno.go
+++ b/pkg/errno/errno.go
@@ -69,6 +69,8 @@ var (
 	ErrSn         = &Errno{Code: 20004, Message: "Sn error."}
 	ErrAk         = &Errno{Code: 20005, Message: "Ak error."}

+	PermissionDenied = &Errno{Code:403, Message:"Permission Denied"}
+
 	// coin errors
 	ErrCoinNotFound = &Errno{Code: 20101, Message: "The coin was not found."}
 	ErrCountCoin    = &Errno{Code: 20102, Message: "The coins statistic error."}

--- a/routers/router.go
+++ b/routers/router.go
 package routers

 import (
+	"bwallet/middleware/auth"
 	"bwallet/middleware/jwt"
 	"bwallet/middleware/log"
 	"bwallet/pkg/e"
@@ -52,8 +53,8 @@ func InitRouter() *gin.Engine {

 	api := r.Group("/api")

-	//api.Use(auth.AUTH())
 	api.Use(jwt.JWT())
+	api.Use(auth.AUTH(e.HandleTableName))
 	api.POST("/log", backend.AddOperationLog)
 	api.GET("/logs", backend.GetOperationLogs)
 	api.Use(log.LogMiddleware(e.HandleTableName))