hxd/zky_mandate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix 修复角色操作权限

Browse Source
This commit is contained in:
yxh 2023-05-04 12:01:08 +08:00
parent dfb50e4ca2
commit b0393ee76a
3 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
api/v1/system/sys_role.go
View File

@ -45,6 +45,7 @@ type RoleAddReq struct {
ListOrder uint `p:"listOrder" ` ListOrder uint `p:"listOrder" `
Remark string `p:"remark" ` Remark string `p:"remark" `
MenuIds []uint `p:"menuIds"` MenuIds []uint `p:"menuIds"`
CreatedBy uint64
} }
type RoleAddRes struct { type RoleAddRes struct {

16
internal/app/system/logic/sysRole/sys_role.go
View File

@ -127,6 +127,7 @@ func (s *sSysRole) DelRoleRule(ctx context.Context, roleId int64) (err error) {
func (s *sSysRole) AddRole(ctx context.Context, req *system.RoleAddReq) (err error) { func (s *sSysRole) AddRole(ctx context.Context, req *system.RoleAddReq) (err error) {
err = g.DB().Transaction(ctx, func(ctx context.Context, tx gdb.TX) error { err = g.DB().Transaction(ctx, func(ctx context.Context, tx gdb.TX) error {
err = g.Try(ctx, func(ctx context.Context) { err = g.Try(ctx, func(ctx context.Context) {
req.CreatedBy = service.Context().GetUserId(ctx)
roleId, e := dao.SysRole.Ctx(ctx).TX(tx).InsertAndGetId(req) roleId, e := dao.SysRole.Ctx(ctx).TX(tx).InsertAndGetId(req)
liberr.ErrIsNil(ctx, e, "添加角色失败") liberr.ErrIsNil(ctx, e, "添加角色失败")
//过滤ruleIds 把没有权限的过滤掉 //过滤ruleIds 把没有权限的过滤掉
@ -170,12 +171,25 @@ func (s *sSysRole) GetFilteredNamedPolicy(ctx context.Context, id uint) (gpSlice
} }
func (s *sSysRole) hasManageAccess(ctx context.Context, roleId uint) bool { func (s *sSysRole) hasManageAccess(ctx context.Context, roleId uint) bool {
if !service.SysUser().IsSupperAdmin(ctx, service.Context().GetUserId(ctx)) { currentUserId:=service.Context().GetUserId(ctx)
if !service.SysUser().IsSupperAdmin(ctx, currentUserId) {
var ( var (
roleIds []uint roleIds []uint
hasAccess bool hasAccess bool
err error err error
list []*entity.SysRole
) )
list,err = s.GetRoleList(ctx)
if err != nil {
g.Log().Error(ctx, err)
return false
}
for _,v:=range list{
//判断是否当前用户所建角色
if roleId==v.Id && v.CreatedBy==currentUserId{
return true
}
}
roleIds, err = service.SysUser().GetAdminRoleIds(ctx, service.Context().GetUserId(ctx)) roleIds, err = service.SysUser().GetAdminRoleIds(ctx, service.Context().GetUserId(ctx))
if err != nil { if err != nil {
g.Log().Error(ctx, err) g.Log().Error(ctx, err)

5
internal/app/system/logic/sysUser/sys_user.go
View File

@ -522,8 +522,11 @@ func (s *sSysUser) Add(ctx context.Context, req *system.UserAddReq) (err error)
IsAdmin: req.IsAdmin, IsAdmin: req.IsAdmin,
}) })
liberr.ErrIsNil(ctx, e, "添加用户失败") liberr.ErrIsNil(ctx, e, "添加用户失败")
//不是超管过滤提交角色数据
if !service.SysUser().IsSupperAdmin(ctx,service.Context().GetUserId(ctx)){
req.RoleIds, err = s.filterRoleIds(ctx, req.RoleIds, service.Context().GetUserId(ctx)) req.RoleIds, err = s.filterRoleIds(ctx, req.RoleIds, service.Context().GetUserId(ctx))
liberr.ErrIsNil(ctx, err) liberr.ErrIsNil(ctx, err)
}
e = s.addUserRole(ctx, req.RoleIds, userId) e = s.addUserRole(ctx, req.RoleIds, userId)
liberr.ErrIsNil(ctx, e, "设置用户权限失败") liberr.ErrIsNil(ctx, e, "设置用户权限失败")
e = s.AddUserPost(ctx, tx, req.PostIds, userId) e = s.AddUserPost(ctx, tx, req.PostIds, userId)
@ -552,8 +555,10 @@ func (s *sSysUser) Edit(ctx context.Context, req *system.UserEditReq) (err error
IsAdmin: req.IsAdmin, IsAdmin: req.IsAdmin,
}) })
liberr.ErrIsNil(ctx, err, "修改用户信息失败") liberr.ErrIsNil(ctx, err, "修改用户信息失败")
if !service.SysUser().IsSupperAdmin(ctx,service.Context().GetUserId(ctx)){
req.RoleIds, err = s.filterRoleIds(ctx, req.RoleIds, service.Context().GetUserId(ctx)) req.RoleIds, err = s.filterRoleIds(ctx, req.RoleIds, service.Context().GetUserId(ctx))
liberr.ErrIsNil(ctx, err) liberr.ErrIsNil(ctx, err)
}
//设置用户所属角色信息 //设置用户所属角色信息
err = s.EditUserRole(ctx, req.RoleIds, req.UserId) err = s.EditUserRole(ctx, req.RoleIds, req.UserId)
liberr.ErrIsNil(ctx, err, "设置用户权限失败") liberr.ErrIsNil(ctx, err, "设置用户权限失败")