package casbin import ( "encoding/json" // "fmt" "strconv" "strings" "dashoo.cn/backend/api/business/role" . "dashoo.cn/backend/api/controllers" "dashoo.cn/business2/district" "dashoo.cn/business2/module" "dashoo.cn/business2/organize" "dashoo.cn/business2/permission" "dashoo.cn/business2/userRole" "dashoo.cn/utils" "github.com/astaxie/beego" ) type RoleController struct { BaseController } type RolePowerAjaxModel struct { Module []module.ModuleSimplify Selectemodule []module.ModuleSimplify } type RolePerAjaxModel struct { Operation []permission.Base_Permissionstrtree Selecteoperation []permission.Base_Permissionstrtree } type OrganizeAjaxModel struct { Organize []organize.Base_Organizetree SelectedOrganize []organize.Base_Organizetree } type DistrictAjaxModel struct { District []district.Base_Districttree SelectedDistrict []district.Base_Districttree } // @Title 角色列表 // @Description 获取角色列表 // @Success 200 {object} controllers.Request // @router /list [get] func (this *RoleController) RoleList() { svc := role.GetRoleService(utils.DBE) var roles []userRole.Base_Role page := this.GetPageInfoForm() searchkey := this.GetString("keyword") where := "IsVisible=1" if searchkey != "" { where = where + " and Realname like '%" + searchkey + "%'" } total := svc.GetRoleList(page.CurrentPage, page.Size, "CreateOn", utils.ToStr(this.User.Id), &roles, where) var datainfo DataInfo datainfo.Items = roles datainfo.CurrentItemCount = total this.Data["json"] = &datainfo this.ServeJSON() } // @Title 创建角色 // @Description 创建角色 // @Success 200 {object} controllers.Request // @router / [post] func (this *RoleController) RoleAddPost() { var roleentity userRole.Base_Role var jsonblob = this.Ctx.Input.RequestBody json.Unmarshal(jsonblob, &roleentity) roleentity.CreateUserId, _ = utils.StrTo(this.User.Id).Int() roleentity.CreateBy = this.User.Realname svc := userRole.GetRoleService(utils.DBE) err := svc.AddRole(&roleentity) var errinfo ErrorInfo if err == nil { errinfo.Message = utils.AlertProcess("创建角色成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("创建角色失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } // @Title 编辑角色 // @Description 编辑角色 // @Success 200 {object} controllers.Request // @router /:id [put] func (this *RoleController) RoleEditPost() { id := this.Ctx.Input.Param(":id") var roleentity userRole.Base_Role var jsonblob = this.Ctx.Input.RequestBody json.Unmarshal(jsonblob, &roleentity) roleentity.ModifiedUserId, _ = utils.StrTo(this.User.Id).Int() roleentity.ModifiedBy = this.User.Realname svc := userRole.GetRoleService(utils.DBE) var cols []string = []string{"Realname", "Category", "Description", "ModifiedUserId", "ModifiedBy"} _, err := svc.UpdateEntityByIdCols(id, &roleentity, cols) var errinfo ErrorInfo if err == nil { errinfo.Message = utils.AlertProcess("编辑角色成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("编辑角色失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } // @Title 删除角色 // @Description 删除角色 // @Success 200 {object} controllers.Request // @router /:id [delete] func (this *RoleController) RoleDelete() { id := this.Ctx.Input.Param(":id") svc := userRole.GetRoleService(utils.DBE) err := svc.DeleteRole(id) var errinfo ErrorInfo if err == nil { errinfo.Message = utils.AlertProcess("删除角色成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("删除角色失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } // @Title 权限 // @Description 获取菜单操作权限 // @Success 200 {object} controllers.Request // @router /getpower [get] func (this *RoleController) GetRolePowerAjax() { id := this.GetString("id") svc := permission.GetPermissionService(utils.DBE) currentuser := this.User userid := utils.ToStr(currentuser.Id) ztreecurrentusernodesmodu := svc.GetModuleAll(userid, "30") ztreeselectedusernodesmodu := svc.GetModuleTreeAllByRole(id, "30") rest := RolePowerAjaxModel{ztreecurrentusernodesmodu, ztreeselectedusernodesmodu} this.Data["json"] = &rest this.ServeJSON() } // @Title 保存权限 // @Description 保存权限--菜单权限 // @Success 200 {object} controllers.Request // @router /savepower [put] func (this *RoleController) RolePowerPost() { roleid := this.GetString("id") var errinfo ErrorInfo if roleid == "" { errinfo.Message = utils.AlertProcess("操作失败!请求信息不完整!") errinfo.Code = -2 this.Data["json"] = &errinfo this.ServeJSON() } moduleids := strings.Split(this.GetString("moduleids"), ",") utils.RBAC.RemoveFilteredNamedGroupingPolicy("g2", 0, "rid_"+roleid, utils.DOMAIN) if this.GetString("moduleids") != "" { for j := 0; j < len(moduleids); j++ { moduleid := utils.ToStr(moduleids[j]) utils.RBAC.AddNamedGroupingPolicy("g2", "rid_"+roleid, utils.DOMAIN, "mid_"+moduleid) } } errinfo.Message = utils.AlertProcess("权限保存成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } // @Title 操作权限 // @Description 获取角色操作权限列表 // @Success 200 {object} controllers.Request // @router /getItemPower [get] func (this *RoleController) GetRoleItemPowerAjax() { id := this.GetString("id") svc := permission.GetPermissionService(utils.DBE) currentuser := this.User userid := utils.ToStr(currentuser.Id) ztreecurrentusernodesope := svc.GetPermissionItemsByUserV2(userid, "0") ztreeselectedusernodesope := svc.GetPermissionItemsByRoleV2(id, "0") rest := RolePerAjaxModel{ztreecurrentusernodesope, ztreeselectedusernodesope} this.Data["json"] = &rest this.ServeJSON() } // @Title 保存操作权限 // @Description 保存权限 // @Success 200 {object} controllers.Request // @router /saveOperationPower [put] func (this *RoleController) RoleOperationPowerPost() { //svc := permission.GetPermissionService(utils.DBE) roleid := this.GetString("id") var errinfo ErrorInfo if roleid == "" { errinfo.Message = utils.AlertProcess("操作失败!请求信息不完整!") errinfo.Code = -2 this.Data["json"] = &errinfo this.ServeJSON() return } //utils.RBAC.DeletePermissionsForUser("rid_" + roleid) //撤销角色的操作访问权限 utils.RBAC.RemoveFilteredNamedPolicy("p", 0, "rid_"+roleid, utils.DOMAIN) operationids := strings.Split(this.GetString("operids"), ",") if this.GetString("operids") != "" { for i := 0; i < len(operationids); i++ { if strings.HasPrefix(operationids[i], "self_") { _operationid := []byte(operationids[i])[5:] operationid, _ := utils.StrTo(_operationid).Int() ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, utils.DOMAIN, "pid_"+strconv.Itoa(operationid)) if ret == false { beego.Debug("insert error:", ret) continue } } else { operationid, _ := utils.StrTo(operationids[i]).Int() ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, utils.DOMAIN, "pid_"+strconv.Itoa(operationid)) if ret == false { beego.Debug("insert error:", ret) continue } } } } errinfo.Message = utils.AlertProcess("权限保存成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } // @Title 获取角色容器权限 // @Description 获取角色容器权限 // @Success 200 {object} controllers.Request // @router /getroleequidpower [get] func (this *RoleController) GetRoleEquidPowerAjax() { id := this.GetString("id") svc := permission.GetPermissionService(utils.DBE) eids := svc.GetEquipmentIdByByRole(id) this.Data["json"] = &eids this.ServeJSON() } // @Title 保存容器权限 // @Description 保存容器权限 // @Success 200 {object} controllers.Request // @router /saveequpipower [put] func (this *RoleController) SaveequpiPower() { roleid := this.GetString("id") var errinfo ErrorInfo if roleid == "" { errinfo.Message = utils.AlertProcess("操作失败!请求信息不完整!") errinfo.Code = -2 this.Data["json"] = &errinfo this.ServeJSON() } selectedids := strings.Split(this.GetString("selectedids"), ",") utils.RBAC.RemoveFilteredNamedGroupingPolicy("g5", 0, "rid_"+roleid, utils.DOMAIN) if this.GetString("selectedids") != "" { for j := 0; j < len(selectedids); j++ { selectedid := utils.ToStr(selectedids[j]) utils.RBAC.AddNamedGroupingPolicy("g5", "rid_"+roleid, utils.DOMAIN, "eid_"+selectedid) } } errinfo.Message = utils.AlertProcess("权限保存成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } // @Title 获取该角色下用户列表 // @Description 获取该角色下用户列表 // @Success 200 {object} controllers.Request // @router /getusersforrole/:rid [get] func (this *RoleController) GetUsersForRole() { page := this.GetPageInfoForm() keyword := this.GetString("keyword") roleid := this.Ctx.Input.Param(":rid") svc := permission.GetPermissionService(utils.DBE) var users []userRole.Base_User where := "IsVisible=1" if keyword != "" { where = where + " and Realname like '%" + keyword + "%'" } total, users := svc.GetUserListForRole(page.CurrentPage, page.Size, roleid, "Id", where) var datainfo DataInfo datainfo.Items = users datainfo.CurrentItemCount = total this.Data["json"] = &datainfo this.ServeJSON() } // @Title 用户角色设置 // @Description 用户角色设置 // @Success 200 {object} controllers.Request // @router /setuserrole/:id [put] func (this *RoleController) UserRoleAddUser() { inputstr := this.Ctx.Input.Param(":id") serial := strings.Split(inputstr, "_") userids := strings.Split(serial[0], ",") var errinfo ErrorInfo roleid := serial[1] var err error = nil for i := 0; i < len(userids); i++ { if userids[i] != "0" && userids[i] != "" { //err = svc.AddUserToRole(userid, roleids[i], entity[0]) utils.RBAC.DeleteRolesForUser("uid_" + userids[i]) utils.RBAC.AddRoleForUserInDomain("uid_"+userids[i], "rid_"+roleid, utils.DOMAIN) } } if err == nil { errinfo.Message = utils.AlertProcess("用户角色调整成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("用户角色调整失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } // @Description 删除用户 // @Success 200 {object} controllers.Request // @router /deleteuser/:id [delete] func (this *RoleController) UserDelete() { inputstr := this.Ctx.Input.Param(":id") serial := strings.Split(inputstr, "_") id := serial[0] roleid := serial[1] utils.RBAC.DeleteRoleForUserInDomain("uid_"+id, "rid_"+roleid, utils.DOMAIN) var errinfo ErrorInfo var err error = nil if err == nil { errinfo.Message = utils.AlertProcess("删除用户成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("删除用户失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } // @Description 删除所有用户 // @Success 200 {object} controllers.Request // @router /deletealluser/:id [delete] func (this *RoleController) DeleteUserAll() { roleid := this.Ctx.Input.Param(":id") svc := permission.GetPermissionService(utils.DBE) var users []userRole.Base_User where := "IsVisible=1" _, users = svc.GetUserListForRole(0, 0, roleid, "Id", where) for i := 0; i < len(users); i++ { utils.RBAC.DeleteRoleForUserInDomain("uid_"+utils.ToStr(users[i].Id), "rid_"+roleid, utils.DOMAIN) } var errinfo ErrorInfo var err error = nil if err == nil { errinfo.Message = utils.AlertProcess("删除用户成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("删除用户失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } //@Description 删除角色 //@Success 200 {object} controllers.Request //@router /deleterole/:id [delete] func (this *RoleController) DeleteRole() { id := this.Ctx.Input.Param(":id") svc := userRole.GetRoleService(utils.DBE) err := svc.DeleteRole(id) var errinfo ErrorInfo if err == nil { errinfo.Message = utils.AlertProcess("删除角色成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("删除角色失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } }