package casbin import ( "dashoo.cn/backend/api/business/role" "strconv" "strings" . "dashoo.cn/backend/api/controllers" "dashoo.cn/business2/district" "dashoo.cn/business2/module" "dashoo.cn/business2/organize" "dashoo.cn/business2/permission" "dashoo.cn/business2/userRole" "dashoo.cn/utils" "github.com/astaxie/beego" ) type RoleController struct { BaseController } type RolePowerAjaxModel struct { Module []module.ModuleSimplify Selectemodule []module.ModuleSimplify } type RolePerAjaxModel struct { Operation []permission.Base_Permissionstrtree Selecteoperation []permission.Base_Permissionstrtree } type OrganizeAjaxModel struct { Organize []organize.Base_Organizetree SelecteOrganize []organize.Base_Organizetree } type DistrictAjaxModel struct { District []district.Base_Districttree SelectedDistrict []district.Base_Districttree } // @Title 角色列表 // @Description 获取角色列表 // @Success 200 {object} controllers.Request // @router /list [get] func (this *RoleController) RoleList() { svc := role.GetRoleService(utils.DBE) var roles []userRole.Base_Role page := this.GetPageInfoForm() searchkey := this.GetString("keyword") where := "IsVisible=1" if searchkey != "" { where = where + " and Realname like '%" + searchkey + "%'" } total := svc.GetRoleList(page.CurrentPage, page.Size, "CreateOn", utils.ToStr(this.User.Id), &roles, where) var datainfo DataInfo datainfo.Items = roles datainfo.CurrentItemCount = total this.Data["json"] = &datainfo this.ServeJSON() } // @Title 权限 // @Description 获取菜单操作权限 // @Success 200 {object} controllers.Request // @router /getpower [get] func (this *RoleController) GetRolePowerAjax() { id := this.GetString("id") svc := permission.GetPermissionService(utils.DBE) currentuser := this.User userid := utils.ToStr(currentuser.Id) ztreecurrentusernodesmodu := svc.GetModuleAll(userid, "30") ztreeselectedusernodesmodu := svc.GetModuleTreeAllByRole(id, "30") rest := RolePowerAjaxModel{ztreecurrentusernodesmodu, ztreeselectedusernodesmodu} this.Data["json"] = &rest this.ServeJSON() } // @Title 获得部门 // @Description 获得部门 // @Success 200 {object} controllers.Request // @router /getdepartment [get] func (this *RoleController) DepartmentListGet() { id := this.GetString("id") //roleid svc := permission.GetPermissionService(utils.DBE) currentuser := this.User userid := utils.ToStr(currentuser.Id) organizemodu := svc.GetOrganizeTree(userid) organizeselectedmodu := svc.GetOrganizeTreeByRole(id) rest := OrganizeAjaxModel{organizemodu, organizeselectedmodu} this.Data["json"] = &rest this.ServeJSON() } // @Title 获得区域 // @Description 获得区域 // @Success 200 {object} controllers.Request // @router /getdistrict [get] func (this *RoleController) DistrictListGet() { id := this.GetString("id") //roleid svc := permission.GetPermissionService(utils.DBE) currentuser := this.User userid := utils.ToStr(currentuser.Id) districtmodu := svc.GetDistrictTree(userid) districtselectedmodu := svc.GetDistrictTreeByRole(id) rest := DistrictAjaxModel{districtmodu, districtselectedmodu} this.Data["json"] = &rest this.ServeJSON() } // @Title 保存操作权限 // @Description 保存权限 // @Success 200 {object} controllers.Request // @router /saveOperationPower [put] func (this *RoleController) RoleOperationPowerPost() { //svc := permission.GetPermissionService(utils.DBE) roleid := this.GetString("id") var errinfo ErrorInfo if roleid == "" { errinfo.Message = utils.AlertProcess("操作失败!请求信息不完整!") errinfo.Code = -2 this.Data["json"] = &errinfo this.ServeJSON() return } //utils.RBAC.DeletePermissionsForUser("rid_" + roleid) //撤销角色的操作访问权限 operationids := strings.Split(this.GetString("operids"), ",") if this.GetString("operids") != "" { for i := 0; i < len(operationids); i++ { if strings.HasPrefix(operationids[i], "self_") { _operationid := []byte(operationids[i])[5:] operationid, _ := utils.StrTo(_operationid).Int() //err := svc.GrantRoleRolePermission(roleid, roleid, operationid, userRole.Base_User{Id: uid, Realname: this.User.Realname}) ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "pid_"+strconv.Itoa(operationid)) if ret == false { beego.Debug("insert error:", ret) continue } } else { operationid, _ := utils.StrTo(operationids[i]).Int() ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "pid_"+strconv.Itoa(operationid)) if ret == false { beego.Debug("insert error:", ret) continue } } } } errinfo.Message = utils.AlertProcess("权限保存成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } // @Title 保存资源权限 ---部门 // @Description 保存权限 // @Success 200 {object} controllers.Request // @router /savedepartmentmessageview [put] func (this *RoleController) OrganizePost() { roleid := this.GetString("id") var errinfo ErrorInfo if roleid == "" { errinfo.Message = utils.AlertProcess("操作失败!请求信息不完整!") errinfo.Code = -2 this.Data["json"] = &errinfo this.ServeJSON() return } organizeids := strings.Split(this.GetString("organizeids"), ",") if this.GetString("organizeids") != "" { for i := 0; i < len(organizeids); i++ { if strings.HasPrefix(organizeids[i], "self_") { _organizeids := []byte(organizeids[i])[5:] organizeids, _ := utils.StrTo(_organizeids).Int() ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "oid_"+strconv.Itoa(organizeids)) if ret == false { beego.Debug("insert error:", ret) continue } } else { organizeids, _ := utils.StrTo(organizeids[i]).Int() ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "oid_"+strconv.Itoa(organizeids)) if ret == false { beego.Debug("insert error:", ret) continue } } } } errinfo.Message = utils.AlertProcess("权限保存成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } // @Title 保存资源权限 ---区域 // @Description 保存权限 // @Success 200 {object} controllers.Request // @router /savedistrict [put] func (this *RoleController) DistrictPost() { roleid := this.GetString("id") var errinfo ErrorInfo if roleid == "" { errinfo.Message = utils.AlertProcess("操作失败!请求信息不完整!") errinfo.Code = -2 this.Data["json"] = &errinfo this.ServeJSON() return } districtids := strings.Split(this.GetString("districtids"), ",") if this.GetString("districtids") != "" { for i := 0; i < len(districtids); i++ { if strings.HasPrefix(districtids[i], "self_") { _districtids := []byte(districtids[i])[5:] districtids, _ := utils.StrTo(_districtids).Int() ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "did_"+strconv.Itoa(districtids)) if ret == false { beego.Debug("insert error:", ret) continue } } else { districtids, _ := utils.StrTo(districtids[i]).Int() ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "did_"+strconv.Itoa(districtids)) if ret == false { beego.Debug("insert error:", ret) continue } } } } errinfo.Message = utils.AlertProcess("权限保存成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } // @Title 权限 // @Description 获取角色操作权限列表 // @Success 200 {object} controllers.Request // @router /getItemPower [get] func (this *RoleController) GetRoleItemPowerAjax() { id := this.GetString("id") svc := permission.GetPermissionService(utils.DBE) currentuser := this.User userid := utils.ToStr(currentuser.Id) ztreecurrentusernodesope := svc.GetPermissionItemsByUserV2(userid, "0") ztreeselectedusernodesope := svc.GetPermissionItemsByRoleV2(id, "0") rest := RolePerAjaxModel{ztreecurrentusernodesope, ztreeselectedusernodesope} this.Data["json"] = &rest this.ServeJSON() } // @Title 保存权限 // @Description 保存权限--菜单权限 // @Success 200 {object} controllers.Request // @router /savepower [put] func (this *RoleController) RolePowerPost() { //svc := casbin.GetPermissionService(utils.DBE) roleid := this.GetString("id") var errinfo ErrorInfo if roleid == "" { errinfo.Message = utils.AlertProcess("操作失败!请求信息不完整!") errinfo.Code = -2 this.Data["json"] = &errinfo this.ServeJSON() } //svc.RevokeRolePermission(roleid) //撤销角色的操作权限 //svc.RevokeRoleModulePermission(roleid) //撤销角色的模块访问权限 // operationids := strings.Split(this.GetString("operids"), ",") moduleids := strings.Split(this.GetString("moduleids"), ",") //uid, _ := utils.StrTo(this.User.Id).Int() // if this.GetString("operids") != "" { // for i := 0; i < len(operationids); i++ { // operationid, _ := utils.StrTo(operationids[i]).Int() // svc.GrantRolePermission(roleid, operationid, userRole.Base_User{Id: uid, Realname: this.User.Realname}) // } // } if this.GetString("moduleids") != "" { for j := 0; j < len(moduleids); j++ { moduleid := utils.ToStr(moduleids[j]) utils.RBAC.AddPermissionForUser("rid_"+roleid, "mid_"+moduleid) //svc.GrantRoleModulePermission(roleid, moduleid, userRole.Base_User{Id: uid, Realname: this.User.Realname}) } } errinfo.Message = utils.AlertProcess("权限保存成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } // @Title 权限 // @Description 获取角色操作列表 // @Success 200 {object} controllers.Request // @router /getusersforrole/:rid [get] func (this *RoleController) GetUsersForRole() { page := this.GetPageInfoForm() keyword := this.GetString("keyword") roleid := this.Ctx.Input.Param(":rid") svc := permission.GetPermissionService(utils.DBE) var users []userRole.Base_User where := "IsVisible=1" if keyword != "" { where = where + " and Realname like '%" + keyword + "%'" } total, users := svc.GetUserListForRole(page.CurrentPage, page.Size, roleid, "Id", where) var datainfo DataInfo datainfo.Items = users datainfo.CurrentItemCount = total this.Data["json"] = &datainfo this.ServeJSON() } // @Title 用户角色设置 // @Description 用户角色设置 // @Success 200 {object} controllers.Request // @router /setuserrole/:id [put] func (this *RoleController) UserRoleAddUser() { inputstr := this.Ctx.Input.Param(":id") serial := strings.Split(inputstr, "_") userids := strings.Split(serial[0], ",") var errinfo ErrorInfo roleid := serial[1] var err error = nil for i := 0; i < len(userids); i++ { if userids[i] != "0" && userids[i] != "" { //err = svc.AddUserToRole(userid, roleids[i], entity[0]) utils.RBAC.DeleteRolesForUser("uid_" + userids[i]) utils.RBAC.AddRoleForUser("uid_"+userids[i], "rid_"+roleid) } } if err == nil { errinfo.Message = utils.AlertProcess("用户角色调整成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("用户角色调整失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } // @Description 删除用户 // @Success 200 {object} controllers.Request // @router /deleteuser/:id [delete] func (this *RoleController) UserDelete() { inputstr := this.Ctx.Input.Param(":id") serial := strings.Split(inputstr, "_") id := serial[0] roleid := serial[1] utils.RBAC.DeleteRoleForUser("uid_"+id, "rid_"+roleid) var errinfo ErrorInfo var err error = nil if err == nil { errinfo.Message = utils.AlertProcess("删除用户成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("删除用户失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } // @Description 删除所有用户 // @Success 200 {object} controllers.Request // @router /deletealluser/:id [delete] func (this *RoleController) DeleteUserAll() { roleid := this.Ctx.Input.Param(":id") svc := permission.GetPermissionService(utils.DBE) var users []userRole.Base_User where := "IsVisible=1" _, users = svc.GetUserListForRole(0, 0, roleid, "Id", where) for i := 0; i < len(users); i++ { utils.RBAC.DeleteRoleForUser("uid_"+utils.ToStr(users[i].Id), "rid_"+roleid) } var errinfo ErrorInfo var err error = nil if err == nil { errinfo.Message = utils.AlertProcess("删除用户成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("删除用户失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } } //@Description 删除角色 //@Success 200 {object} controllers.Request //@router /deleterole/:id [delete] func (this *RoleController) DeleteRole() { roleid := this.Ctx.Input.Param(":id") utils.RBAC.DeleteRole("rid_" + roleid) var errinfo ErrorInfo var err error = nil if err == nil { errinfo.Message = utils.AlertProcess("删除角色成功!") errinfo.Code = 0 this.Data["json"] = &errinfo this.ServeJSON() } else { errinfo.Message = utils.AlertProcess("删除角色失败!" + err.Error()) errinfo.Code = -1 this.Data["json"] = &errinfo this.ServeJSON() } }