rbac判断部分

pull/30/head
taoshihan1991 4 years ago
parent d5c9abe763
commit 39b67080f7

@ -9,30 +9,41 @@ import (
func RbacAuth(c *gin.Context){
roleId, _ :=c.Get("role_id")
role:=models.FindRole(roleId)
var methodFlag bool
if role.Method!="*"{
methods:=strings.Split(role.Method,",")
for _,m:=range methods{
if c.Request.Method!=m{
c.JSON(200, gin.H{
"code": 403,
"msg": "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
})
c.Abort()
return
if c.Request.Method==m{
methodFlag=true
break
}
}
if !methodFlag{
c.JSON(200, gin.H{
"code": 403,
"msg": "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
})
c.Abort()
return
}
}
var flag bool
if role.Path!="*"{
paths:=strings.Split(role.Path,",")
for _,p:=range paths{
if c.Request.RequestURI!=p{
c.JSON(200, gin.H{
"code": 403,
"msg": "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
})
c.Abort()
if c.Request.RequestURI==p{
flag=true
break
}
}
if !flag{
c.JSON(200, gin.H{
"code": 403,
"msg": "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
})
c.Abort()
return
}
}
}

Loading…
Cancel
Save