From 0024d0ff4a0eb732356841344d5d12dc2c26972c Mon Sep 17 00:00:00 2001
From: taoshihan1991 <630892807@qq.com>
Date: Fri, 11 Sep 2020 13:51:28 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E5=88=A0=E9=99=A4=E9=BB=91?=
 =?UTF-8?q?=E5=90=8D=E5=8D=95IP=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 controller/ip.go   | 15 +++++++++++++++
 middleware/rbac.go |  7 ++++---
 models/ipblacks.go |  3 +++
 router/api.go      |  3 ++-
 4 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/controller/ip.go b/controller/ip.go
index 7173c6b..1246f52 100644
--- a/controller/ip.go
+++ b/controller/ip.go
@@ -23,6 +23,21 @@ func PostIpblack(c *gin.Context) {
 		"msg":  "添加黑名单成功!",
 	})
 }
+func DelIpblack(c *gin.Context) {
+	ip := c.Query("ip")
+	if ip==""{
+		c.JSON(200, gin.H{
+			"code": 400,
+			"msg":  "请输入IP!",
+		})
+		return
+	}
+	models.DeleteIpblackById(ip)
+	c.JSON(200, gin.H{
+		"code": 200,
+		"msg":  "删除黑名单成功!",
+	})
+}
 func GetIpblacks(c *gin.Context) {
 	page,_:=strconv.Atoi(c.Query("page"))
 	count:=models.CountIps(nil,nil)
diff --git a/middleware/rbac.go b/middleware/rbac.go
index 24eda70..7ec382b 100644
--- a/middleware/rbac.go
+++ b/middleware/rbac.go
@@ -10,6 +10,7 @@ func RbacAuth(c *gin.Context){
 	roleId, _ :=c.Get("role_id")
 	role:=models.FindRole(roleId)
 	var methodFlag bool
+	rPaths:=strings.Split(c.Request.RequestURI,"?")
 	if role.Method!="*"{
 		methods:=strings.Split(role.Method,",")
 		for _,m:=range methods{
@@ -21,7 +22,7 @@ func RbacAuth(c *gin.Context){
 		if !methodFlag{
 			c.JSON(200, gin.H{
 				"code": 403,
-				"msg":  "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
+				"msg":  "没有权限:"+c.Request.Method+","+rPaths[0],
 			})
 			c.Abort()
 			return
@@ -31,7 +32,7 @@ func RbacAuth(c *gin.Context){
 	if role.Path!="*"{
 		paths:=strings.Split(role.Path,",")
 		for _,p:=range paths{
-			if c.Request.RequestURI==p{
+			if rPaths[0]==p{
 				flag=true
 				break
 			}
@@ -39,7 +40,7 @@ func RbacAuth(c *gin.Context){
 		if !flag{
 			c.JSON(200, gin.H{
 				"code": 403,
-				"msg":  "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
+				"msg":  "没有权限:"+rPaths[0],
 			})
 			c.Abort()
 			return
diff --git a/models/ipblacks.go b/models/ipblacks.go
index 54f2f77..6a577b6 100644
--- a/models/ipblacks.go
+++ b/models/ipblacks.go
@@ -17,6 +17,9 @@ func CreateIpblack(ip string,kefuId string)uint{
 	DB.Create(black)
 	return black.ID
 }
+func DeleteIpblackById(id string){
+	DB.Where("id = ?",id).Delete(Ipblack{})
+}
 func FindIp(ip string)Ipblack{
 	var ipblack Ipblack
 	DB.Where("ip = ?", ip).First(&ipblack)
diff --git a/router/api.go b/router/api.go
index d7294a7..017b01b 100644
--- a/router/api.go
+++ b/router/api.go
@@ -50,5 +50,6 @@ func InitApiRouter(engine *gin.Engine){
 	engine.DELETE("/notice",middleware.JwtApiMiddleware, controller.DelNotice)
 	engine.GET("/notices",middleware.JwtApiMiddleware, controller.GetNotices)
 	engine.POST("/ipblack",middleware.JwtApiMiddleware,controller.PostIpblack)
-	engine.POST("/ipblacks_all",middleware.JwtApiMiddleware,controller.GetIpblacks)
+	engine.DELETE("/ipblack",middleware.JwtApiMiddleware,controller.DelIpblack)
+	engine.GET("/ipblacks_all",middleware.JwtApiMiddleware,controller.GetIpblacks)
 }
\ No newline at end of file