|
|
|
@ -9,10 +9,16 @@ import (
|
|
|
|
func RbacAuth(c *gin.Context){
|
|
|
|
func RbacAuth(c *gin.Context){
|
|
|
|
roleId, _ :=c.Get("role_id")
|
|
|
|
roleId, _ :=c.Get("role_id")
|
|
|
|
role:=models.FindRole(roleId)
|
|
|
|
role:=models.FindRole(roleId)
|
|
|
|
|
|
|
|
var methodFlag bool
|
|
|
|
if role.Method!="*"{
|
|
|
|
if role.Method!="*"{
|
|
|
|
methods:=strings.Split(role.Method,",")
|
|
|
|
methods:=strings.Split(role.Method,",")
|
|
|
|
for _,m:=range methods{
|
|
|
|
for _,m:=range methods{
|
|
|
|
if c.Request.Method!=m{
|
|
|
|
if c.Request.Method==m{
|
|
|
|
|
|
|
|
methodFlag=true
|
|
|
|
|
|
|
|
break
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if !methodFlag{
|
|
|
|
c.JSON(200, gin.H{
|
|
|
|
c.JSON(200, gin.H{
|
|
|
|
"code": 403,
|
|
|
|
"code": 403,
|
|
|
|
"msg": "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
|
|
|
|
"msg": "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
|
|
|
|
@ -21,17 +27,22 @@ func RbacAuth(c *gin.Context){
|
|
|
|
return
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
var flag bool
|
|
|
|
if role.Path!="*"{
|
|
|
|
if role.Path!="*"{
|
|
|
|
paths:=strings.Split(role.Path,",")
|
|
|
|
paths:=strings.Split(role.Path,",")
|
|
|
|
for _,p:=range paths{
|
|
|
|
for _,p:=range paths{
|
|
|
|
if c.Request.RequestURI!=p{
|
|
|
|
if c.Request.RequestURI==p{
|
|
|
|
|
|
|
|
flag=true
|
|
|
|
|
|
|
|
break
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if !flag{
|
|
|
|
c.JSON(200, gin.H{
|
|
|
|
c.JSON(200, gin.H{
|
|
|
|
"code": 403,
|
|
|
|
"code": 403,
|
|
|
|
"msg": "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
|
|
|
|
"msg": "没有权限:"+c.Request.Method+","+c.Request.RequestURI,
|
|
|
|
})
|
|
|
|
})
|
|
|
|
c.Abort()
|
|
|
|
c.Abort()
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
taoshihan1991
4 years ago