biobank/src/dashoo.cn/backend/api/controllers/casbin/role.go

package casbin

import (
	"encoding/json"
	//	"fmt"
	"strconv"
	"strings"

	"dashoo.cn/backend/api/business/role"

	. "dashoo.cn/backend/api/controllers"
	"dashoo.cn/business2/district"
	"dashoo.cn/business2/module"
	"dashoo.cn/business2/organize"
	"dashoo.cn/business2/permission"
	"dashoo.cn/business2/userRole"
	"dashoo.cn/utils"
	"github.com/astaxie/beego"
)

type RoleController struct {
	BaseController
}

type RolePowerAjaxModel struct {
	Module        []module.ModuleSimplify
	Selectemodule []module.ModuleSimplify
}

type RolePerAjaxModel struct {
	Operation        []permission.Base_Permissionstrtree
	Selecteoperation []permission.Base_Permissionstrtree
}
type OrganizeAjaxModel struct {
	Organize         []organize.Base_Organizetree
	SelectedOrganize []organize.Base_Organizetree
}
type DistrictAjaxModel struct {
	District         []district.Base_Districttree
	SelectedDistrict []district.Base_Districttree
}

// @Title 角色列表
// @Description 获取角色列表
// @Success 200 {object} controllers.Request
// @router /list [get]
func (this *RoleController) RoleList() {
	svc := role.GetRoleService(utils.DBE)
	var roles []userRole.Base_Role
	page := this.GetPageInfoForm()
	searchkey := this.GetString("keyword")
	where := "IsVisible=1"
	if searchkey != "" {
		where = where + " and Realname like '%" + searchkey + "%'"
	}
	total := svc.GetRoleList(page.CurrentPage, page.Size, "CreateOn", utils.ToStr(this.User.Id), &roles, where)
	var datainfo DataInfo
	datainfo.Items = roles
	datainfo.CurrentItemCount = total
	this.Data["json"] = &datainfo
	this.ServeJSON()
}

// @Title 创建角色
// @Description 创建角色
// @Success	200	{object} controllers.Request
// @router / [post]
func (this *RoleController) RoleAddPost() {
	var roleentity userRole.Base_Role
	var jsonblob = this.Ctx.Input.RequestBody
	json.Unmarshal(jsonblob, &roleentity)
	roleentity.CreateUserId, _ = utils.StrTo(this.User.Id).Int()
	roleentity.CreateBy = this.User.Realname
	svc := userRole.GetRoleService(utils.DBE)
	err := svc.AddRole(&roleentity)
	var errinfo ErrorInfo
	if err == nil {
		errinfo.Message = utils.AlertProcess("创建角色成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("创建角色失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Title 编辑角色
// @Description 编辑角色
// @Success	200	{object} controllers.Request
// @router /:id [put]
func (this *RoleController) RoleEditPost() {
	id := this.Ctx.Input.Param(":id")
	var roleentity userRole.Base_Role
	var jsonblob = this.Ctx.Input.RequestBody
	json.Unmarshal(jsonblob, &roleentity)
	roleentity.ModifiedUserId, _ = utils.StrTo(this.User.Id).Int()
	roleentity.ModifiedBy = this.User.Realname
	svc := userRole.GetRoleService(utils.DBE)
	var cols []string = []string{"Realname", "Category", "Description", "ModifiedUserId", "ModifiedBy"}
	_, err := svc.UpdateEntityByIdCols(id, &roleentity, cols)
	var errinfo ErrorInfo
	if err == nil {
		errinfo.Message = utils.AlertProcess("编辑角色成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("编辑角色失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Title 删除角色
// @Description 删除角色
// @Success 200 {object} controllers.Request
// @router /:id [delete]
func (this *RoleController) RoleDelete() {
	id := this.Ctx.Input.Param(":id")
	svc := userRole.GetRoleService(utils.DBE)
	err := svc.DeleteRole(id)
	var errinfo ErrorInfo
	if err == nil {
		errinfo.Message = utils.AlertProcess("删除角色成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("删除角色失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Title 权限
// @Description 获取菜单操作权限
// @Success 200 {object} controllers.Request
// @router /getpower [get]
func (this *RoleController) GetRolePowerAjax() {
	id := this.GetString("id")
	svc := permission.GetPermissionService(utils.DBE)
	currentuser := this.User
	userid := utils.ToStr(currentuser.Id)

	ztreecurrentusernodesmodu := svc.GetModuleAll(userid, "30")
	ztreeselectedusernodesmodu := svc.GetModuleTreeAllByRole(id, "30")
	rest := RolePowerAjaxModel{ztreecurrentusernodesmodu, ztreeselectedusernodesmodu}
	this.Data["json"] = &rest
	this.ServeJSON()
}

// @Title 保存权限
// @Description 保存权限--菜单权限
// @Success	200	{object} controllers.Request
// @router /savepower [put]
func (this *RoleController) RolePowerPost() {
	roleid := this.GetString("id")
	var errinfo ErrorInfo
	if roleid == "" {
		errinfo.Message = utils.AlertProcess("操作失败！请求信息不完整！")
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
	moduleids := strings.Split(this.GetString("moduleids"), ",")
	utils.RBAC.RemoveFilteredNamedGroupingPolicy("g2", 0, "rid_"+roleid, utils.DOMAIN)
	if this.GetString("moduleids") != "" {
		for j := 0; j < len(moduleids); j++ {
			moduleid := utils.ToStr(moduleids[j])
			utils.RBAC.AddNamedGroupingPolicy("g2", "rid_"+roleid, utils.DOMAIN, "mid_"+moduleid)
		}
	}
	errinfo.Message = utils.AlertProcess("权限保存成功！")
	errinfo.Code = 0
	this.Data["json"] = &errinfo
	this.ServeJSON()
}

// @Title 操作权限
// @Description 获取角色操作权限列表
// @Success 200 {object} controllers.Request
// @router /getItemPower [get]
func (this *RoleController) GetRoleItemPowerAjax() {
	id := this.GetString("id")
	svc := permission.GetPermissionService(utils.DBE)
	currentuser := this.User
	userid := utils.ToStr(currentuser.Id)
	ztreecurrentusernodesope := svc.GetPermissionItemsByUserV2(userid, "0")
	ztreeselectedusernodesope := svc.GetPermissionItemsByRoleV2(id, "0")

	rest := RolePerAjaxModel{ztreecurrentusernodesope, ztreeselectedusernodesope}
	this.Data["json"] = &rest
	this.ServeJSON()
}

// @Title 保存操作权限
// @Description 保存权限
// @Success	200	{object} controllers.Request
// @router /saveOperationPower [put]
func (this *RoleController) RoleOperationPowerPost() {
	//svc := permission.GetPermissionService(utils.DBE)
	roleid := this.GetString("id")
	var errinfo ErrorInfo
	if roleid == "" {
		errinfo.Message = utils.AlertProcess("操作失败！请求信息不完整！")
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}

	//utils.RBAC.DeletePermissionsForUser("rid_" + roleid) //撤销角色的操作访问权限
	utils.RBAC.RemoveFilteredNamedPolicy("p", 0, "rid_"+roleid, utils.DOMAIN)
	operationids := strings.Split(this.GetString("operids"), ",")
	if this.GetString("operids") != "" {
		for i := 0; i < len(operationids); i++ {
			if strings.HasPrefix(operationids[i], "self_") {
				_operationid := []byte(operationids[i])[5:]
				operationid, _ := utils.StrTo(_operationid).Int()
				ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, utils.DOMAIN, "pid_"+strconv.Itoa(operationid))
				if ret == false {
					beego.Debug("insert error:", ret)
					continue
				}
			} else {
				operationid, _ := utils.StrTo(operationids[i]).Int()
				ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, utils.DOMAIN, "pid_"+strconv.Itoa(operationid))
				if ret == false {
					beego.Debug("insert error:", ret)
					continue
				}
			}
		}
	}
	errinfo.Message = utils.AlertProcess("权限保存成功！")
	errinfo.Code = 0
	this.Data["json"] = &errinfo
	this.ServeJSON()
}

// @Title 获取角色容器权限
// @Description 获取角色容器权限
// @Success 200 {object} controllers.Request
// @router /getroleequidpower [get]
func (this *RoleController) GetRoleEquidPowerAjax() {
	id := this.GetString("id")
	svc := permission.GetPermissionService(utils.DBE)
	eids := svc.GetEquipmentIdByByRole(id)
	this.Data["json"] = &eids
	this.ServeJSON()
}

// @Title 保存容器权限
// @Description 保存容器权限
// @Success	200	{object} controllers.Request
// @router /saveequpipower [put]
func (this *RoleController) SaveequpiPower() {
	roleid := this.GetString("id")
	var errinfo ErrorInfo
	if roleid == "" {
		errinfo.Message = utils.AlertProcess("操作失败！请求信息不完整！")
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
	selectedids := strings.Split(this.GetString("selectedids"), ",")

	utils.RBAC.RemoveFilteredNamedGroupingPolicy("g5", 0, "rid_"+roleid, utils.DOMAIN)
	if this.GetString("selectedids") != "" {
		for j := 0; j < len(selectedids); j++ {
			selectedid := utils.ToStr(selectedids[j])
			utils.RBAC.AddNamedGroupingPolicy("g5", "rid_"+roleid, utils.DOMAIN, "eid_"+selectedid)
		}
	}
	errinfo.Message = utils.AlertProcess("权限保存成功！")
	errinfo.Code = 0
	this.Data["json"] = &errinfo
	this.ServeJSON()
}

// @Title 获取该角色下用户列表
// @Description 获取该角色下用户列表
// @Success 200 {object} controllers.Request
// @router /getusersforrole/:rid [get]
func (this *RoleController) GetUsersForRole() {

	page := this.GetPageInfoForm()
	keyword := this.GetString("keyword")
	roleid := this.Ctx.Input.Param(":rid")
	svc := permission.GetPermissionService(utils.DBE)
	var users []userRole.Base_User

	where := "IsVisible=1"
	if keyword != "" {
		where = where + " and Realname like '%" + keyword + "%'"
	}
	total, users := svc.GetUserListForRole(page.CurrentPage, page.Size, roleid, "Id", where)

	var datainfo DataInfo
	datainfo.Items = users
	datainfo.CurrentItemCount = total
	this.Data["json"] = &datainfo
	this.ServeJSON()
}

// @Title 用户角色设置
// @Description 用户角色设置
// @Success	200	{object} controllers.Request
// @router /setuserrole/:id [put]
func (this *RoleController) UserRoleAddUser() {
	inputstr := this.Ctx.Input.Param(":id")
	serial := strings.Split(inputstr, "_")
	userids := strings.Split(serial[0], ",")
	var errinfo ErrorInfo
	roleid := serial[1]
	var err error = nil
	for i := 0; i < len(userids); i++ {
		if userids[i] != "0" && userids[i] != "" {
			//err = svc.AddUserToRole(userid, roleids[i], entity[0])
			utils.RBAC.DeleteRolesForUser("uid_" + userids[i])
			utils.RBAC.AddRoleForUserInDomain("uid_"+userids[i], "rid_"+roleid, utils.DOMAIN)
		}
	}
	if err == nil {
		errinfo.Message = utils.AlertProcess("用户角色调整成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("用户角色调整失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Description 删除用户
// @Success 200 {object} controllers.Request
// @router /deleteuser/:id [delete]
func (this *RoleController) UserDelete() {
	inputstr := this.Ctx.Input.Param(":id")
	serial := strings.Split(inputstr, "_")
	id := serial[0]
	roleid := serial[1]
	utils.RBAC.DeleteRoleForUserInDomain("uid_"+id, "rid_"+roleid, utils.DOMAIN)
	var errinfo ErrorInfo
	var err error = nil
	if err == nil {
		errinfo.Message = utils.AlertProcess("删除用户成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("删除用户失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Description 删除所有用户
// @Success 200 {object} controllers.Request
// @router /deletealluser/:id [delete]
func (this *RoleController) DeleteUserAll() {
	roleid := this.Ctx.Input.Param(":id")
	svc := permission.GetPermissionService(utils.DBE)
	var users []userRole.Base_User
	where := "IsVisible=1"
	_, users = svc.GetUserListForRole(0, 0, roleid, "Id", where)
	for i := 0; i < len(users); i++ {
		utils.RBAC.DeleteRoleForUserInDomain("uid_"+utils.ToStr(users[i].Id), "rid_"+roleid, utils.DOMAIN)
	}
	var errinfo ErrorInfo
	var err error = nil
	if err == nil {
		errinfo.Message = utils.AlertProcess("删除用户成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("删除用户失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

//@Description 删除角色
//@Success 200 {object} controllers.Request
//@router /deleterole/:id [delete]
func (this *RoleController) DeleteRole() {
	id := this.Ctx.Input.Param(":id")
	svc := userRole.GetRoleService(utils.DBE)
	err := svc.DeleteRole(id)
	var errinfo ErrorInfo
	if err == nil {
		errinfo.Message = utils.AlertProcess("删除角色成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("删除角色失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}