opms_backend/opms_admin/app/service/context.go

package service

import (
	"context"
	"dashoo.cn/micro/app/dao"
	"dashoo.cn/micro/app/model"
	"dashoo.cn/opms_libary/micro_srv"
	"dashoo.cn/opms_libary/request"
	"fmt"
	"github.com/gogf/gf/container/gset"
	"github.com/gogf/gf/database/gdb"
	"github.com/gogf/gf/errors/gerror"
	"github.com/gogf/gf/frame/g"
	"github.com/gogf/gf/os/glog"
	"github.com/gogf/gf/util/gconv"
	"reflect"
)

// Context 上下文管理服务
type contextService struct {
	Tenant  string            `json:"tenant"`
	Table   string            `json:"table"`
	CxtUser *request.UserInfo `json:"cxtUser"`
}

// Init 初始化上下文对象指针到上下文对象中，以便后续的请求流程中可以修改。
func (c *contextService) Init(ctx context.Context) (*contextService, error) {
	c = new(contextService)
	// 获取租户码
	tenant, err := micro_srv.GetTenant(ctx)
	if err != nil {
		return nil, err
	}
	reqMethod, _ := micro_srv.GetReqMethod(ctx)
	glog.Info("Received " + reqMethod + " request @ " + tenant)
	c.Tenant = tenant
	c.CxtUser = nil
	if !micro_srv.IsAuthExclude(ctx) {
		userInfo, err := micro_srv.GetUserInfo(ctx)
		if err != nil {
			return nil, err
		}
		c.CxtUser = &userInfo
	}
	return c, nil
}

// checkDataScopeWhere 检查结构体是否存在创建人字段
func (c *contextService) checkDataScopeWhere(entity interface{}) error {
	t := reflect.TypeOf(entity)
	if t.Kind() == reflect.Ptr {
		t = t.Elem()
	}
	if _, ok := t.FieldByName("CreatedBy"); !ok {
		return gerror.New("结构体不存在创建人字段")
	}
	return nil
}

// SetDataScopeWhere 设置数据权限
func (c *contextService) SetDataScopeWhere(M *gdb.Model) (*gdb.Model, error) {
	where, err := c.GetDataScopeWhere()
	if err != nil {
		return nil, err
	}
	if where == nil {
		return M, nil
	}
	M = M.LeftJoin(dao.SysUser.Table, "user", fmt.Sprintf("%v.created_by=`user`.id", c.Table)).Where(where)
	return M, nil
}

// GetDataScopeWhere 获取数据权限判断条件
func (c *contextService) GetDataScopeWhere() (where g.Map, err error) {
	userSrv := &userService{
		contextService: c,
		Dao:            dao.NewSysUserDao(c.Tenant),
	}
	roleSrv := &roleService{
		contextService: c,
		Dao:            dao.NewSysRoleDao(c.Tenant),
	}
	deptSrv := &deptService{
		contextService: c,
		Dao:            dao.NewSysDeptDao(c.Tenant),
	}
	userInfo := c.CxtUser
	whereJustMe := g.Map{} //本人数据权限
	//若存在用户id的字段，则生成判断数据权限的条件
	//1、获取当前用户所属角色
	roles, err := userSrv.GetRolesByUserId(userInfo.Id)
	if err != nil {
		return nil, err
	}
	//2获取角色对应数据权限
	deptIdArr := gset.New()
	for _, role := range roles {
		switch role.DataScope {
		case "10": //全部数据权限
			return nil, nil
		case "20": //自定数据权限
			deptIds, err := roleSrv.GetRoleDeptTreeselect(gconv.Int64(role.Id))
			if err != nil {
				return nil, err
			}
			deptIdArr.Add(gconv.Interfaces(deptIds)...)
		case "30": //本部门数据权限
			deptIdArr.Add(gconv.Int64(userInfo.DeptId))
		case "40": //本部门及以下数据权限
			deptIdArr.Add(gconv.Int64(userInfo.DeptId))
			//获取正常状态部门数据
			depts, err := deptSrv.GetList(&model.SysDeptSearchParams{Status: "10"})
			if err != nil {
				return nil, err
			}
			childrenList := deptSrv.FindSonByParentId(depts, userInfo.DeptId)
			for _, children := range childrenList {
				deptIdArr.Add(gconv.Int64(children.Id))
			}
		case "50": //仅本人数据权限
			whereJustMe = g.Map{"`user`.id": userInfo.Id}
		}
	}
	if deptIdArr.Size() > 0 {
		where = g.Map{"`user`.dept_id": deptIdArr.Slice()}
	} else if len(whereJustMe) > 0 {
		where = whereJustMe
	}
	return
}

func (c *contextService) GetCxtUserId() int {
	if c.CxtUser == nil {
		return -1
	}
	return c.CxtUser.Id
}

func (c *contextService) GetCxtUserUuid() string {
	if c.CxtUser == nil {
		return "-1"
	}
	return c.CxtUser.Uuid
}

func (c *contextService) GetCxtUserName() string {
	if c.CxtUser == nil {
		return "-1"
	}
	return c.CxtUser.UserName
}

func (c *contextService) GetCxtUserDeptId() int {
	if c.CxtUser == nil {
		return -1
	}
	return c.CxtUser.DeptId
}