dashoo
/
biobank
forked from dashoo/labsop_base


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532
							package casbin

import (
	"encoding/json"
	"strconv"
	"strings"

	"dashoo.cn/backend/api/business/role"

	. "dashoo.cn/backend/api/controllers"
	"dashoo.cn/business2/district"
	"dashoo.cn/business2/module"
	"dashoo.cn/business2/organize"
	"dashoo.cn/business2/permission"
	"dashoo.cn/business2/userRole"
	"dashoo.cn/utils"
	"github.com/astaxie/beego"
)

type RoleController struct {
	BaseController
}

type RolePowerAjaxModel struct {
	Module        []module.ModuleSimplify
	Selectemodule []module.ModuleSimplify
}

type RolePerAjaxModel struct {
	Operation        []permission.Base_Permissionstrtree
	Selecteoperation []permission.Base_Permissionstrtree
}
type OrganizeAjaxModel struct {
	Organize         []organize.Base_Organizetree
	SelectedOrganize []organize.Base_Organizetree
}
type DistrictAjaxModel struct {
	District         []district.Base_Districttree
	SelectedDistrict []district.Base_Districttree
}

// @Title 角色列表
// @Description 获取角色列表
// @Success 200 {object} controllers.Request
// @router /list [get]
func (this *RoleController) RoleList() {
	svc := role.GetRoleService(utils.DBE)
	var roles []userRole.Base_Role
	page := this.GetPageInfoForm()
	searchkey := this.GetString("keyword")
	where := "IsVisible=1"
	if searchkey != "" {
		where = where + " and Realname like '%" + searchkey + "%'"
	}
	total := svc.GetRoleList(page.CurrentPage, page.Size, "CreateOn", utils.ToStr(this.User.Id), &roles, where)
	var datainfo DataInfo
	datainfo.Items = roles
	datainfo.CurrentItemCount = total
	this.Data["json"] = &datainfo
	this.ServeJSON()
}

// @Title 权限
// @Description 获取菜单操作权限
// @Success 200 {object} controllers.Request
// @router /getpower [get]
func (this *RoleController) GetRolePowerAjax() {
	id := this.GetString("id")
	svc := permission.GetPermissionService(utils.DBE)
	currentuser := this.User
	userid := utils.ToStr(currentuser.Id)

	ztreecurrentusernodesmodu := svc.GetModuleAll(userid, "30")
	ztreeselectedusernodesmodu := svc.GetModuleTreeAllByRole(id, "30")
	rest := RolePowerAjaxModel{ztreecurrentusernodesmodu, ztreeselectedusernodesmodu}
	this.Data["json"] = &rest
	this.ServeJSON()
}

// @Title 获得部门
// @Description 获得部门
// @Success	200	{object} controllers.Request
// @router /getdepartment [get]
func (this *RoleController) DepartmentListGet() {
	id := this.GetString("id") //roleid
	svc := permission.GetPermissionService(utils.DBE)
	currentuser := this.User
	userid := utils.ToStr(currentuser.Id)
	organizemodu := svc.GetOrganizeTree(userid)
	organizeselectedmodu := svc.GetOrganizeTreeByRole(id)
	rest := OrganizeAjaxModel{organizemodu, organizeselectedmodu}
	this.Data["json"] = &rest
	this.ServeJSON()
}

// @Title 获得区域
// @Description 获得区域
// @Success	200	{object} controllers.Request
// @router /getdistrict [get]
func (this *RoleController) DistrictListGet() {
	id := this.GetString("id") //roleid
	svc := permission.GetPermissionService(utils.DBE)
	currentuser := this.User
	userid := utils.ToStr(currentuser.Id)
	districtmodu := svc.GetDistrictTree(userid)
	districtselectedmodu := svc.GetDistrictTreeByRole(id)
	rest := DistrictAjaxModel{districtmodu, districtselectedmodu}
	this.Data["json"] = &rest
	this.ServeJSON()
}

// @Title 保存操作权限
// @Description 保存权限
// @Success	200	{object} controllers.Request
// @router /saveOperationPower [put]
func (this *RoleController) RoleOperationPowerPost() {
	//svc := permission.GetPermissionService(utils.DBE)
	roleid := this.GetString("id")
	var errinfo ErrorInfo
	if roleid == "" {
		errinfo.Message = utils.AlertProcess("操作失败！请求信息不完整！")
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}

	//utils.RBAC.DeletePermissionsForUser("rid_" + roleid) //撤销角色的操作访问权限
	utils.RBAC.RemoveFilteredNamedPolicy("p", 0, "rid_"+roleid, utils.DOMAIN)
	operationids := strings.Split(this.GetString("operids"), ",")
	if this.GetString("operids") != "" {
		for i := 0; i < len(operationids); i++ {
			if strings.HasPrefix(operationids[i], "self_") {
				_operationid := []byte(operationids[i])[5:]
				operationid, _ := utils.StrTo(_operationid).Int()
				ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, utils.DOMAIN, "pid_"+strconv.Itoa(operationid))
				if ret == false {
					beego.Debug("insert error:", ret)
					continue
				}
			} else {
				operationid, _ := utils.StrTo(operationids[i]).Int()
				ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, utils.DOMAIN, "pid_"+strconv.Itoa(operationid))
				if ret == false {
					beego.Debug("insert error:", ret)
					continue
				}
			}
		}
	}
	errinfo.Message = utils.AlertProcess("权限保存成功！")
	errinfo.Code = 0
	this.Data["json"] = &errinfo
	this.ServeJSON()
}

// @Title 保存资源权限 ---部门
// @Description 保存权限
// @Success	200	{object} controllers.Request
// @router /savedepartmentmessageview [put]
func (this *RoleController) OrganizePost() {
	roleid := this.GetString("id")
	var errinfo ErrorInfo
	if roleid == "" {
		errinfo.Message = utils.AlertProcess("操作失败！请求信息不完整！")
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}
	organizeids := strings.Split(this.GetString("organizeids"), ",")
	utils.RBAC.RemoveFilteredNamedGroupingPolicy("g3", 0, "rid_"+roleid, utils.DOMAIN)
	if this.GetString("organizeids") != "" {
		for j := 0; j < len(organizeids); j++ {
			organizeids := utils.ToStr(organizeids[j])
			utils.RBAC.AddNamedGroupingPolicy("g3", "rid_"+roleid, utils.DOMAIN, "oid_"+organizeids)
		}
	}
	//if this.GetString("organizeids") != "" {
	//	for i := 0; i < len(organizeids); i++ {
	//		if strings.HasPrefix(organizeids[i], "self_") {
	//			_organizeids := []byte(organizeids[i])[5:]
	//			organizeids, _ := utils.StrTo(_organizeids).Int()
	//			ret := utils.RBAC.AddNamedGroupingPolicy("g3", "rid_"+roleid, utils.DOMAIN, "oid_"+strconv.Itoa(organizeids))
	//			if ret == false {
	//				beego.Debug("insert error:", ret)
	//				continue
	//			}
	//		} else {
	//			organizeids, _ := utils.StrTo(organizeids[i]).Int()
	//			ret := utils.RBAC.AddNamedGroupingPolicy("g3", "rid_"+roleid, utils.DOMAIN, "oid_"+strconv.Itoa(organizeids))
	//			if ret == false {
	//				beego.Debug("insert error:", ret)
	//				continue
	//			}
	//		}
	//	}
	//}
	errinfo.Message = utils.AlertProcess("权限保存成功！")
	errinfo.Code = 0
	this.Data["json"] = &errinfo
	this.ServeJSON()
}

// @Title 保存资源权限 ---区域
// @Description 保存权限
// @Success	200	{object} controllers.Request
// @router /savedistrict [put]
func (this *RoleController) DistrictPost() {
	roleid := this.GetString("id")
	var errinfo ErrorInfo
	if roleid == "" {
		errinfo.Message = utils.AlertProcess("操作失败！请求信息不完整！")
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}
	districtids := strings.Split(this.GetString("districtids"), ",")
	utils.RBAC.RemoveFilteredNamedGroupingPolicy("g4", 0, "rid_"+roleid, utils.DOMAIN)
	if this.GetString("districtids") != "" {
		for j := 0; j < len(districtids); j++ {
			districtids := utils.ToStr(districtids[j])
			utils.RBAC.AddNamedGroupingPolicy("g4", "rid_"+roleid, utils.DOMAIN, "did_"+districtids)
		}
	}
	//if this.GetString("districtids") != "" {
	//	for i := 0; i < len(districtids); i++ {
	//		if strings.HasPrefix(districtids[i], "self_") {
	//			_districtids := []byte(districtids[i])[5:]
	//			districtids, _ := utils.StrTo(_districtids).Int()
	//			ret := utils.RBAC.AddNamedGroupingPolicy("g4", "rid_"+roleid, utils.DOMAIN,"did_"+strconv.Itoa(districtids))
	//			if ret == false {
	//				beego.Debug("insert error:", ret)
	//				continue
	//			}
	//		} else {
	//			districtids, _ := utils.StrTo(districtids[i]).Int()
	//			ret := utils.RBAC.AddNamedGroupingPolicy("g4", "rid_"+roleid, utils.DOMAIN,"did_"+strconv.Itoa(districtids))
	//			if ret == false {
	//				beego.Debug("insert error:", ret)
	//				continue
	//			}
	//		}
	//	}
	//}
	errinfo.Message = utils.AlertProcess("权限保存成功！")
	errinfo.Code = 0
	this.Data["json"] = &errinfo
	this.ServeJSON()
}

// @Title 权限
// @Description 获取角色操作权限列表
// @Success 200 {object} controllers.Request
// @router /getItemPower [get]
func (this *RoleController) GetRoleItemPowerAjax() {
	id := this.GetString("id")
	svc := permission.GetPermissionService(utils.DBE)
	currentuser := this.User
	userid := utils.ToStr(currentuser.Id)
	ztreecurrentusernodesope := svc.GetPermissionItemsByUserV2(userid, "0")
	ztreeselectedusernodesope := svc.GetPermissionItemsByRoleV2(id, "0")

	rest := RolePerAjaxModel{ztreecurrentusernodesope, ztreeselectedusernodesope}
	this.Data["json"] = &rest
	this.ServeJSON()
}

// @Title 保存权限
// @Description 保存权限--菜单权限
// @Success	200	{object} controllers.Request
// @router /savepower [put]
func (this *RoleController) RolePowerPost() {
	//svc := casbin.GetPermissionService(utils.DBE)
	roleid := this.GetString("id")
	var errinfo ErrorInfo
	if roleid == "" {
		errinfo.Message = utils.AlertProcess("操作失败！请求信息不完整！")
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}

	//svc.RevokeRolePermission(roleid)       //撤销角色的操作权限
	//svc.RevokeRoleModulePermission(roleid) //撤销角色的模块访问权限
	//	operationids := strings.Split(this.GetString("operids"), ",")
	moduleids := strings.Split(this.GetString("moduleids"), ",")
	//uid, _ := utils.StrTo(this.User.Id).Int()
	//	if this.GetString("operids") != "" {
	//		for i := 0; i < len(operationids); i++ {
	//			operationid, _ := utils.StrTo(operationids[i]).Int()
	//			svc.GrantRolePermission(roleid, operationid, userRole.Base_User{Id: uid, Realname: this.User.Realname})
	//		}
	//	}
	utils.RBAC.RemoveFilteredNamedGroupingPolicy("g2", 0, "rid_"+roleid, utils.DOMAIN)
	//utils.RBAC.RemovePolicy("g2", "rid_"+roleid, "", utils.DOMAIN)
	if this.GetString("moduleids") != "" {
		for j := 0; j < len(moduleids); j++ {
			moduleid := utils.ToStr(moduleids[j])
			//utils.RBAC.DeletePermissionForUser("rid_"+roleid, "mid_"+moduleid)
			utils.RBAC.AddNamedGroupingPolicy("g2", "rid_"+roleid, utils.DOMAIN, "mid_"+moduleid)
			//utils.RBAC.AddPermissionForUser("rid_"+roleid, "mid_"+moduleid)
			//svc.GrantRoleModulePermission(roleid, moduleid, userRole.Base_User{Id: uid, Realname: this.User.Realname})
		}
	}
	errinfo.Message = utils.AlertProcess("权限保存成功！")
	errinfo.Code = 0
	this.Data["json"] = &errinfo
	this.ServeJSON()
}

// @Title 获取角色容器权限
// @Description 获取角色容器权限
// @Success 200 {object} controllers.Request
// @router /getroleequidpower [get]
func (this *RoleController) GetRoleEquidPowerAjax() {
	id := this.GetString("id")
	svc := permission.GetPermissionService(utils.DBE)
	eids := svc.GetEquipmentIdByByRole(id)
	this.Data["json"] = &eids
	this.ServeJSON()
}

// @Title 保存容器权限
// @Description 保存容器权限
// @Success	200	{object} controllers.Request
// @router /saveequpipower [put]
func (this *RoleController) SaveequpiPower() {
	roleid := this.GetString("id")
	var errinfo ErrorInfo
	if roleid == "" {
		errinfo.Message = utils.AlertProcess("操作失败！请求信息不完整！")
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
	selectedids := strings.Split(this.GetString("selectedids"), ",")
	utils.RBAC.RemoveFilteredNamedGroupingPolicy("g5", 0, "rid_"+roleid, utils.DOMAIN)
	if this.GetString("selectedids") != "" {
		for j := 0; j < len(selectedids); j++ {
			selectedid := utils.ToStr(selectedids[j])
			utils.RBAC.AddNamedGroupingPolicy("g5", "rid_"+roleid, utils.DOMAIN, "eid_"+selectedid)
		}
	}
	errinfo.Message = utils.AlertProcess("权限保存成功！")
	errinfo.Code = 0
	this.Data["json"] = &errinfo
	this.ServeJSON()
}

// @Title 权限
// @Description 获取角色操作列表
// @Success 200 {object} controllers.Request
// @router /getusersforrole/:rid [get]
func (this *RoleController) GetUsersForRole() {

	page := this.GetPageInfoForm()
	keyword := this.GetString("keyword")
	roleid := this.Ctx.Input.Param(":rid")
	svc := permission.GetPermissionService(utils.DBE)
	var users []userRole.Base_User

	where := "IsVisible=1"
	if keyword != "" {
		where = where + " and Realname like '%" + keyword + "%'"
	}
	total, users := svc.GetUserListForRole(page.CurrentPage, page.Size, roleid, "Id", where)

	var datainfo DataInfo
	datainfo.Items = users
	datainfo.CurrentItemCount = total
	this.Data["json"] = &datainfo
	this.ServeJSON()
}

// @Title 用户角色设置
// @Description 用户角色设置
// @Success	200	{object} controllers.Request
// @router /setuserrole/:id [put]
func (this *RoleController) UserRoleAddUser() {
	inputstr := this.Ctx.Input.Param(":id")
	serial := strings.Split(inputstr, "_")
	userids := strings.Split(serial[0], ",")
	var errinfo ErrorInfo
	roleid := serial[1]
	var err error = nil
	for i := 0; i < len(userids); i++ {
		if userids[i] != "0" && userids[i] != "" {
			//err = svc.AddUserToRole(userid, roleids[i], entity[0])
			utils.RBAC.DeleteRoleForUserInDomain("uid_"+userids[i], "rid_"+roleid, utils.DOMAIN)
			utils.RBAC.AddRoleForUserInDomain("uid_"+userids[i], "rid_"+roleid, utils.DOMAIN)
		}
	}
	if err == nil {
		errinfo.Message = utils.AlertProcess("用户角色调整成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("用户角色调整失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Description 删除用户
// @Success 200 {object} controllers.Request
// @router /deleteuser/:id [delete]
func (this *RoleController) UserDelete() {
	inputstr := this.Ctx.Input.Param(":id")
	serial := strings.Split(inputstr, "_")
	id := serial[0]
	roleid := serial[1]
	utils.RBAC.DeleteRoleForUserInDomain("uid_"+id, "rid_"+roleid, utils.DOMAIN)
	var errinfo ErrorInfo
	var err error = nil
	if err == nil {
		errinfo.Message = utils.AlertProcess("删除用户成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("删除用户失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Description 删除所有用户
// @Success 200 {object} controllers.Request
// @router /deletealluser/:id [delete]
func (this *RoleController) DeleteUserAll() {
	roleid := this.Ctx.Input.Param(":id")
	svc := permission.GetPermissionService(utils.DBE)
	var users []userRole.Base_User
	where := "IsVisible=1"
	_, users = svc.GetUserListForRole(0, 0, roleid, "Id", where)
	for i := 0; i < len(users); i++ {
		utils.RBAC.DeleteRoleForUserInDomain("uid_"+utils.ToStr(users[i].Id), "rid_"+roleid, utils.DOMAIN)
	}
	var errinfo ErrorInfo
	var err error = nil
	if err == nil {
		errinfo.Message = utils.AlertProcess("删除用户成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("删除用户失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

//@Description 删除角色
//@Success 200 {object} controllers.Request
//@router /deleterole/:id [delete]
func (this *RoleController) DeleteRole() {
	id := this.Ctx.Input.Param(":id")
	svc := userRole.GetRoleService(utils.DBE)
	err := svc.DeleteRole(id)
	var errinfo ErrorInfo
	if err == nil {
		errinfo.Message = utils.AlertProcess("删除角色成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("删除角色失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Title 创建角色
// @Description 创建角色
// @Success	200	{object} controllers.Request
// @router / [post]
func (this *RoleController) RoleAddPost() {
	var roleentity userRole.Base_Role
	var jsonblob = this.Ctx.Input.RequestBody
	json.Unmarshal(jsonblob, &roleentity)
	roleentity.CreateUserId, _ = utils.StrTo(this.User.Id).Int()
	roleentity.CreateBy = this.User.Realname
	svc := userRole.GetRoleService(utils.DBE)
	err := svc.AddRole(&roleentity)
	var errinfo ErrorInfo
	if err == nil {
		errinfo.Message = utils.AlertProcess("创建角色成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("创建角色失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Title 编辑角色
// @Description 编辑角色
// @Success	200	{object} controllers.Request
// @router /:id [put]
func (this *RoleController) RoleEditPost() {
	id := this.Ctx.Input.Param(":id")
	var roleentity userRole.Base_Role
	var jsonblob = this.Ctx.Input.RequestBody
	json.Unmarshal(jsonblob, &roleentity)
	roleentity.ModifiedUserId, _ = utils.StrTo(this.User.Id).Int()
	roleentity.ModifiedBy = this.User.Realname
	svc := userRole.GetRoleService(utils.DBE)
	var cols []string = []string{"Realname", "Category", "Description", "ModifiedUserId", "ModifiedBy"}
	_, err := svc.UpdateEntityByIdCols(id, &roleentity, cols)
	var errinfo ErrorInfo
	if err == nil {
		errinfo.Message = utils.AlertProcess("编辑角色成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("编辑角色失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}