|
|
@@ -130,6 +130,7 @@ func (this *RoleController) RoleOperationPowerPost() {
|
|
|
_operationid := []byte(operationids[i])[5:]
|
|
|
operationid, _ := utils.StrTo(_operationid).Int()
|
|
|
//err := svc.GrantRoleRolePermission(roleid, roleid, operationid, userRole.Base_User{Id: uid, Realname: this.User.Realname})
|
|
|
+ utils.RBAC.DeletePermissionForUser("rid_"+roleid, "pid_"+strconv.Itoa(operationid))
|
|
|
ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "pid_"+strconv.Itoa(operationid))
|
|
|
if ret == false {
|
|
|
beego.Debug("insert error:", ret)
|
|
|
@@ -137,6 +138,7 @@ func (this *RoleController) RoleOperationPowerPost() {
|
|
|
}
|
|
|
} else {
|
|
|
operationid, _ := utils.StrTo(operationids[i]).Int()
|
|
|
+ utils.RBAC.DeletePermissionForUser("rid_"+roleid, "pid_"+strconv.Itoa(operationid))
|
|
|
ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "pid_"+strconv.Itoa(operationid))
|
|
|
if ret == false {
|
|
|
beego.Debug("insert error:", ret)
|
|
|
@@ -171,14 +173,16 @@ func (this *RoleController) OrganizePost() {
|
|
|
if strings.HasPrefix(organizeids[i], "self_") {
|
|
|
_organizeids := []byte(organizeids[i])[5:]
|
|
|
organizeids, _ := utils.StrTo(_organizeids).Int()
|
|
|
- ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "oid_"+strconv.Itoa(organizeids))
|
|
|
+ ret := utils.RBAC.AddNamedGroupingPolicy("g3", "rid_"+roleid, "oid_"+strconv.Itoa(organizeids), utils.DOMAIN)
|
|
|
+ //utils.RBAC.DeletePermissionForUser("rid_"+roleid, "oid_"+strconv.Itoa(organizeids))
|
|
|
+ //ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "oid_"+strconv.Itoa(organizeids))
|
|
|
if ret == false {
|
|
|
beego.Debug("insert error:", ret)
|
|
|
continue
|
|
|
}
|
|
|
} else {
|
|
|
organizeids, _ := utils.StrTo(organizeids[i]).Int()
|
|
|
- ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "oid_"+strconv.Itoa(organizeids))
|
|
|
+ ret := utils.RBAC.AddNamedGroupingPolicy("g3", "rid_"+roleid, "oid_"+strconv.Itoa(organizeids), utils.DOMAIN)
|
|
|
if ret == false {
|
|
|
beego.Debug("insert error:", ret)
|
|
|
continue
|
|
|
@@ -212,14 +216,16 @@ func (this *RoleController) DistrictPost() {
|
|
|
if strings.HasPrefix(districtids[i], "self_") {
|
|
|
_districtids := []byte(districtids[i])[5:]
|
|
|
districtids, _ := utils.StrTo(_districtids).Int()
|
|
|
- ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "did_"+strconv.Itoa(districtids))
|
|
|
+ ret := utils.RBAC.AddNamedGroupingPolicy("g4", "rid_"+roleid,"did_"+strconv.Itoa(districtids), utils.DOMAIN)
|
|
|
+ //utils.RBAC.DeletePermissionForUser("rid_"+roleid,"did_"+strconv.Itoa(districtids))
|
|
|
+ //ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "did_"+strconv.Itoa(districtids))
|
|
|
if ret == false {
|
|
|
beego.Debug("insert error:", ret)
|
|
|
continue
|
|
|
}
|
|
|
} else {
|
|
|
districtids, _ := utils.StrTo(districtids[i]).Int()
|
|
|
- ret := utils.RBAC.AddPermissionForUser("rid_"+roleid, "did_"+strconv.Itoa(districtids))
|
|
|
+ ret := utils.RBAC.AddNamedGroupingPolicy("g4", "rid_"+roleid,"did_"+strconv.Itoa(districtids), utils.DOMAIN)
|
|
|
if ret == false {
|
|
|
beego.Debug("insert error:", ret)
|
|
|
continue
|
|
|
@@ -279,7 +285,9 @@ func (this *RoleController) RolePowerPost() {
|
|
|
if this.GetString("moduleids") != "" {
|
|
|
for j := 0; j < len(moduleids); j++ {
|
|
|
moduleid := utils.ToStr(moduleids[j])
|
|
|
- utils.RBAC.AddPermissionForUser("rid_"+roleid, "mid_"+moduleid)
|
|
|
+ //utils.RBAC.DeletePermissionForUser("rid_"+roleid, "mid_"+moduleid)
|
|
|
+ utils.RBAC.AddNamedGroupingPolicy("g2", "rid_"+roleid, "mid_"+moduleid, utils.DOMAIN)
|
|
|
+ //utils.RBAC.AddPermissionForUser("rid_"+roleid, "mid_"+moduleid)
|
|
|
//svc.GrantRoleModulePermission(roleid, moduleid, userRole.Base_User{Id: uid, Realname: this.User.Realname})
|
|
|
}
|
|
|
}
|
huahaiyan