From 708058956816d6e57216c137dd11e61a5d00032b Mon Sep 17 00:00:00 2001 From: taoshihan1991 <630892807@qq.com> Date: Tue, 23 Jun 2020 15:08:46 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0casbin=E6=9D=83=E9=99=90?= =?UTF-8?q?=E9=AA=8C=E8=AF=81=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/config/policy.csv | 2 -- config/policy.csv | 2 ++ middleware/casbin.go | 23 ++++++++++++++++++++++- middleware/jwt.go | 1 + readme.md | 16 ++++++++-------- server.go | 4 ++-- 6 files changed, 35 insertions(+), 13 deletions(-) delete mode 100644 config/config/policy.csv create mode 100644 config/policy.csv diff --git a/config/config/policy.csv b/config/config/policy.csv deleted file mode 100644 index 57aaa97..0000000 --- a/config/config/policy.csv +++ /dev/null @@ -1,2 +0,0 @@ -p, alice, data1, read -p, bob, data2, write \ No newline at end of file diff --git a/config/policy.csv b/config/policy.csv new file mode 100644 index 0000000..b03254c --- /dev/null +++ b/config/policy.csv @@ -0,0 +1,2 @@ +p, admin, /mysql, GET +p, admin, /mysql, POST \ No newline at end of file diff --git a/middleware/casbin.go b/middleware/casbin.go index da7aa2d..a162c92 100644 --- a/middleware/casbin.go +++ b/middleware/casbin.go @@ -1,9 +1,30 @@ package middleware import ( + "fmt" "github.com/casbin/casbin/v2" "github.com/gin-gonic/gin" + "log" ) func CasbinACL(c *gin.Context){ - _, _ := casbin.NewEnforcer("config/model.conf", "config/policy.csv") + sub, _ :=c.Get("user") + obj:=c.Request.RequestURI + act:=c.Request.Method + e, err := casbin.NewEnforcer("config/model.conf", "config/policy.csv") + log.Println(sub,obj,act,err) + ok,err:=e.Enforce(sub,obj,act) + if err!=nil{ + c.JSON(200, gin.H{ + "code": 403, + "msg": "没有权限:"+err.Error(), + }) + c.Abort() + } + if !ok{ + c.JSON(200, gin.H{ + "code": 403, + "msg": fmt.Sprintf("没有权限:%s,%s,%s",sub,obj,act), + }) + c.Abort() + } } diff --git a/middleware/jwt.go b/middleware/jwt.go index 2c9ee91..58d53f0 100644 --- a/middleware/jwt.go +++ b/middleware/jwt.go @@ -34,4 +34,5 @@ func JwtApiMiddleware(c *gin.Context){ }) c.Abort() } + c.Set("user",userinfo["name"]) } diff --git a/readme.md b/readme.md index 6266f0c..b3a1657 100644 --- a/readme.md +++ b/readme.md @@ -1,17 +1,17 @@ -# go-imap -邮箱imap网页版客户端工具,基于GO语言实现。 +# go-fly +基于GO语言实现的即时通讯与管理系统工具集。 -1.使用第三方类库go-imap解析imap协议 +1.使用gin http框架实现restful风格的API -2.使用http包 ,template包,实现http服务下的网页展示 +2.使用jwt-go实现无状态的jwt登陆认证 -3.使用goroutine在主界面并发请求左右栏的数据 +3.使用casbin实现权限控制 -4.使用text/net包下的encoding和transform等配合解决乱码问题 +4.使用gin以及template包的模板语法进行展示界面 5.使用go modoule解决依赖问题 -6.充分实践了struct,interface,map,slice,for range等基础知识 +6.充分实践了struct,interface,map,slice,for range,groutine等基础知识 ### 项目预览 @@ -24,7 +24,7 @@ ### 安装使用 -1.在$GOPATH的src/github.com下, git clone https://github.com/taoshihan1991/imaptool.git +1.在go get github.com/taoshihan1991/go-fly ,进入$GOPATH/src/github.com/taoshihan1991/go-fly 目录 2.源码运行 go run server.go diff --git a/server.go b/server.go index 396c4ce..0451931 100644 --- a/server.go +++ b/server.go @@ -35,8 +35,8 @@ func main() { engine.GET("/setting", tmpl.PageSetting) //设置mysql engine.GET("/setting_mysql", tmpl.PageSettingMysql) - engine.GET("/mysql",middleware.JwtApiMiddleware, controller.MysqlGetConf) - engine.POST("/mysql",middleware.JwtApiMiddleware, controller.MysqlSetConf) + engine.GET("/mysql",middleware.JwtApiMiddleware,middleware.CasbinACL, controller.MysqlGetConf) + engine.POST("/mysql",middleware.JwtApiMiddleware,middleware.CasbinACL, controller.MysqlSetConf) //------------------old code----------------------------- mux := &http.ServeMux{} //根路径