fix

95462a31 · shajiaiming · e3c4a144 · 95462a31 · 95462a31 · 95462a31
Commit 95462a31 authored May 07, 2021 by shajiaiming
8 changed files
--- a/main.go
+++ b/main.go
 package main

 import (
-	"bwallet/pkg/casbin"
 	"fmt"
 	"log"
 	"net/http"
-
+	"bwallet/pkg/rbac"
 	"bwallet/models"
 	"bwallet/pkg/cron"
 	"bwallet/pkg/gredis"
@@ -19,7 +18,7 @@ import (
 func init() {
 	setting.Setup()
 	models.Setup()
-	casbin.Setup()
+	rbac.Setup()
 	logging.Setup()
 	gredis.Setup()
 	util.Setup()

--- a/middleware/auth/casbin.go
+++ b/middleware/auth/casbin.go
 package auth

 import (
-	"bwallet/pkg/casbin"
 	"bwallet/pkg/errno"
 	"bwallet/pkg/handler"
+	"bwallet/pkg/rbac"
 	"bwallet/pkg/util"
+	"fmt"
 	"github.com/gin-gonic/gin"
 	_ "github.com/go-sql-driver/mysql"
 )
@@ -31,16 +32,18 @@ func Casbin() gin.HandlerFunc {
 		//obj := "data1" // the resource that is going to be accessed.
 		//act := "read"  // the operation that the user performs on the resource.
 		//added, err := e.AddPolicy("alice", "data1", "read")
+		//added, err := rbac.Ef.AddPolicy(username, path, method)

-		//added,err := e.AddGroupingPolicy("alice", "admin")
+		//added,err := rbac.Ef.AddGroupingPolicy("alice", "admin")
 		//fmt.Println(added)
+		//c.Next()
 		//if err != nil {
 		//	fmt.Println("添加权限错误，错误内容：", err)
 		//}
 		//ok, err := e.Enforce(sub, obj, act)

-		ok, err := casbin.Enforcer.Enforce(username, path, method)
-
+		ok, err := rbac.Ef.Enforce(username, path, method)
+		fmt.Println(err)
 		if err != nil {
 			handler.SendResponse(c, errno.InternalServerError, nil)
 			c.Abort()

--- a/models/casbin_rule.go
+++ b/models/casbin_rule.go
 package models

 import (
-	"bwallet/pkg/casbin"
+	"bwallet/pkg/rbac"
+	"fmt"
+	"reflect"
 )

-func AddPolicy(params ...interface{}) error {
-	_, err := casbin.Enforcer.AddPolicy(params)
+func AddPolicy(params map[string]interface{}) error {
+	fmt.Println(params["v0"])
+	fmt.Println(params["v2"])
+	fmt.Println(reflect.TypeOf(params["v2"]))
+
+
+	return nil
+	bool, err := rbac.Ef.AddPolicy(params["v0"], params["v1"], params["v2"])
 	if err != nil {
 		return err
 	}

+	if !bool {
+		fmt.Println(bool)
+	}
+
 	return nil
 }

-func AddGroupingPolicy(params ...interface{}) error {
-	_, err := casbin.Enforcer.AddGroupingPolicy(params)
+func AddGroupingPolicy(params map[string]interface{}) error {
+	_, err := rbac.Ef.AddGroupingPolicy(params["v0"], params["v1"])
 	if err != nil {
 		return err
 	}

--- a/pkg/casbin/casbin.go
+++ b/pkg/casbin/casbin.go
-package casbin
+package rbac

 import (
 	"fmt"
@@ -7,12 +7,12 @@ import (
 	"log"
 )

-var Enforcer *casbin.Enforcer
+var Ef *casbin.Enforcer

 func Setup() {
 	var err error
 	a, _ := gormadapter.NewAdapter("mysql", "root:fVkWkJZoOQcpunqC@tcp(172.16.101.45:3306)/pc_manage", true)
-	Enforcer, err = casbin.NewEnforcer("./conf/model.conf", a)
+	Ef, err = casbin.NewEnforcer("./conf/model.conf", a)
 	if err != nil {
 		fmt.Println("casbin.Setup, fail to parse 'conf/model.conf': %v", err)
 		log.Fatalf("casbin.Setup, fail to parse 'conf/model.conf': %v", err)
@@ -20,5 +20,5 @@ func Setup() {

 	fmt.Println("casbin ok")
 	// 日志记录
-	Enforcer.EnableLog(true)
+	Ef.EnableLog(true)
 }
--- a/routers/api/backend/admin_role.go
+++ b/routers/api/backend/admin_role.go
@@ -6,8 +6,11 @@ import (
 	"bwallet/pkg/util"
 	"bwallet/service/casbin_service"
 	"bwallet/validate_service"
+	"fmt"
 	"github.com/gin-gonic/gin"
+	"io/ioutil"
 	"strings"
+	"encoding/json"
 )

 func GetAdminRoles(c *gin.Context) {
@@ -51,11 +54,10 @@ func SetRole(c *gin.Context) {
 	user, _ := util.ParseToken(token)
 	group := user.UserInfo.Group

-	if ("administrator" != group || "admin" != group) {
+	if group != "administrator" {
 		handler.SendResponse(c, errno.ErrUserAuthIncorrect, nil)
 		return
 	}
-
 	role := validate_service.SetRole{}
 	c.ShouldBindJSON(&role)
 	if ok, errors := validate_service.ValidateInputs(role); !ok {
@@ -66,11 +68,10 @@ func SetRole(c *gin.Context) {
 	}

 	casbin_service := casbin_service.CasbinRole{
-		Ptype: role.Type,
 		V0: role.Value,
 		V1: role.AllowRole,
 	}
-	if err := casbin_service.AddPolicy(); err != nil {
+	if err := casbin_service.AddGroupingPolicy(); err != nil {
 		handler.SendResponse(c, errno.ErrAddCoin, nil)
 		return
 	}
@@ -82,31 +83,33 @@ func SetPermission(c *gin.Context) {
 	token := c.Request.Header.Get("Token")
 	user, _ := util.ParseToken(token)
 	group := user.UserInfo.Group
-
-	if ("administrator" != group || "admin" != group) {
+	fmt.Println(group)
+	if group != "administrator" {
 		handler.SendResponse(c, errno.ErrUserAuthIncorrect, nil)
 		return
 	}
-
-	permission := validate_service.SetPermission{}
-	c.ShouldBindJSON(&permission)
-	if ok, errors := validate_service.ValidateInputs(permission); !ok {
-		for _, err := range errors {
-			handler.SendResponse(c, errno.ErrBind, strings.Join(err, " "))
-			return
-		}
-	}
-
-	casbin_service := casbin_service.CasbinRole{
-		Ptype: permission.Type,
-		V0:    permission.Value,
-		//V1:    permission.Permission,
-	}
-
-	if err := casbin_service.AddGroupingPolicy(); err != nil {
-		handler.SendResponse(c, errno.ErrAddCoin, nil)
-		return
-	}
+	var resp map[string]interface{}
+	body, _ := ioutil.ReadAll(c.Request.Body)
+	json.Unmarshal(body, &resp)
+	fmt.Println(resp)
+	//permission := validate_service.SetPermission{}
+	//c.ShouldBindJSON(&permission)
+	//if ok, errors := validate_service.ValidateInputs(permission); !ok {
+	//	for _, err := range errors {
+	//		handler.SendResponse(c, errno.ErrBind, strings.Join(err, " "))
+	//		return
+	//	}
+	//}
+	//
+	//casbin_service := casbin_service.CasbinRole{
+	//	V0: permission.Value,
+	//	V2: permission.AllowPermission,
+	//}
+	//
+	//if err := casbin_service.AddPolicy(); err != nil {
+	//	handler.SendResponse(c, errno.ErrAddCoin, nil)
+	//	return
+	//}

 	handler.SendResponse(c, nil, nil)
 }
--- a/routers/api/backend/api_module.go
+++ b/routers/api/backend/api_module.go
@@ -3,19 +3,18 @@ package backend
 import (
 	"bwallet/pkg/errno"
 	"bwallet/pkg/handler"
-	"bwallet/pkg/util"
 	"bwallet/service/api_module_service"
 	"github.com/gin-gonic/gin"
 )

 func GetApiModules(c *gin.Context) {
-	token := c.Request.Header.Get("Token")
-	user, _ := util.ParseToken(token)
-
-	if ("administrator" != user.UserInfo.Group) {
-		handler.SendResponse(c, errno.ErrUserAuthIncorrect, nil)
-		return
-	}
+	//token := c.Request.Header.Get("Token")
+	//user, _ := util.ParseToken(token)
+	//
+	//if ("administrator" != user.UserInfo.Group) {
+	//	handler.SendResponse(c, errno.ErrUserAuthIncorrect, nil)
+	//	return
+	//}

 	apiModuleService := api_module_service.ApiModule{}
 	moudles, err := apiModuleService.GetAll()

--- a/service/casbin_service/casbin_rule.go
+++ b/service/casbin_service/casbin_rule.go
@@ -2,6 +2,7 @@ package casbin_service

 import (
 	"bwallet/models"
+	"encoding/json"
 )

 type CasbinRole struct {
@@ -9,7 +10,7 @@ type CasbinRole struct {
 	Ptype string
 	V0    string
 	V1    string
-	V2    string
+	V2    json.RawMessage
 	V3    string
 	V4    string
 	V5    string
@@ -26,9 +27,8 @@ func (r *CasbinRole) GetAllRolesRelation() ([]*models.Role, error) {

 func (r *CasbinRole) AddPolicy() error {
 	role := map[string]interface{}{
-		"ptype": r.Ptype,
 		"v0": r.V0,
-		"v1":    r.V1,
+		"v2": r.V2,
 	}

 	if err := models.AddPolicy(role); err != nil {
@@ -39,14 +39,12 @@ func (r *CasbinRole) AddPolicy() error {
 }

 func (r *CasbinRole) AddGroupingPolicy() error {
-	permission := map[string]interface{}{
-		"ptype": r.Ptype,
+	role := map[string]interface{}{
 		"v0": r.V0,
 		"v1": r.V1,
-		"v2":    r.V2,
 	}

-	if err := models.AddGroupingPolicy(permission); err != nil {
+	if err := models.AddGroupingPolicy(role); err != nil {
 		return err
 	}

@@ -68,9 +66,5 @@ func (r *CasbinRole) getMaps() (map[string]interface{}) {
 		maps["v0"] = r.V0
 	}

-	if r.V1 != "" {
-		maps["v1"] = r.V1
-	}
-
 	return maps
 }
--- a/validate_service/admin_role.go
+++ b/validate_service/admin_role.go
 package validate_service

+import "encoding/json"
+
 type AdminRole struct {
 	Uid    uint8 `json:"uid" validate:"required"`
 	RoleId uint8 `json:"role_id" validate:"required"`
 }

 type SetRole struct {
-	Type      string `json:"type" validate:"required"`
 	Value     string `json:"value" validate:"required"`
 	AllowRole string `json:"allow_role" validate:"required"`
 }

 type SetPermission struct {
-	Type       string `json:"type" validate:"required"`
 	Value           string          `json:"value" validate:"required"`
-	Permission struct {
-		Path   string `json:"path" validate:"required"`
-		Method string `json:"method" validate:"required"`
-	} `json:"permission" validate:"required"`
+	AllowPermission json.RawMessage `json:"allow_permission" validate:"required"`
 }