修改授权认证

3 years ago · 29fb45807f
3 changed files with 109 additions and 7 deletions
--- a/api/base/loginVerify/work_js_sdk.go
+++ b/api/base/loginVerify/work_js_sdk.go
@ -6,11 +6,13 @@ import (
 	"key_performance_indicators/middleware/grocerystore"
 	"key_performance_indicators/middleware/wechatapp/wechatstatice"
 	"key_performance_indicators/models/modelshr"
+	"key_performance_indicators/models/modelssystempermission"
 	"key_performance_indicators/overall"
 	"key_performance_indicators/overall/publicmethod"
 	"net/http"
 	"net/url"
 	"strconv"
+	"strings"
 	"time"

 	"github.com/flipped-aurora/gin-vue-admin/server/model/common/response"
@ -299,7 +301,11 @@ func SetUpUserLogin(openId string) (userCont modelshr.ManCont, sendMap map[strin
 	sha1Str := userKeyCode + userCont.Number + userCont.Password + md5Token
 	sha1Token := publicmethod.Sha1Encryption(sha1Str)
 	//身份识别数据
-	menuoper, jurisdiction := getRoleSeat(userCont.Role)
+	// menuoper, jurisdiction := getRoleSeat(userCont.Role)
+
+	//获取身份权限
+	menuoper, jurisdiction := GetRoleAndPostPower("kpi", userCont.Role, userCont.AdminOrg, userCont.Position)
+
 	writeRedisData := map[string]interface{}{
 		"userkey":      userKeyCode,
 		"key":          userCont.Key,
@ -569,3 +575,96 @@ func (a *ApiMethod) ScanQrCodeCallBackAuthUser(c *gin.Context) {
 	// publicmethod.Result(1, callBackLoginUrl, c, "未能查询到您的信息！企业微信授权失败！5")
 	c.Redirect(http.StatusMovedPermanently, callBackLoginUrl)
 }
+
+/*
+*
+@ 作者: 秦东
+@ 时间: 2022-11-23 15:02:11
+@ 功能: 获取新权限
+@ 参数
+
+	#systemName					系统
+	#roleId						角色Id
+	#orgId						行政组织ID
+	#postId						岗位ID
+
+@ 返回值
+
+	#menuPower					菜单权限
+	#operationPower             操作权限
+
+@ 方法原型
+
+	#GetRoleAndPostPower(systemName , roleId string, orgId, postId int64) (menuPower, operationPower string)
+*/
+func GetRoleAndPostPower(systemName, roleId string, orgId, postId int64) (menuPower, operationPower string) {
+	var menuAry []string
+	var operationAry []string
+
+	if roleId != "" {
+		roleIdAry := strings.Split(roleId, ",")
+		if len(roleIdAry) > 0 {
+			var roleContList []modelssystempermission.RoleEmpower
+			// err := roleCont.GetCont(map[string]interface{}{"`system`": systemName, "`role_id`": roleId}, "`point_id`", "`operation`")
+
+			err := overall.CONSTANT_DB_System_Permission.Model(&modelssystempermission.RoleEmpower{}).Select("`point_id`,`operation`,`level`").Where("`system` = ? AND `role_id` IN ?", systemName, roleIdAry).Find(&roleContList).Error
+
+			if err == nil && len(roleContList) > 0 {
+				for _, rev := range roleContList {
+					menuList := strings.Split(rev.PointId, ",")
+					for _, mv := range menuList { //菜单权限
+						if publicmethod.IsInTrue[string](mv, menuAry) == false {
+							menuAry = append(menuAry, mv)
+						}
+					}
+					operList := strings.Split(rev.Operation, ",")
+					for _, ov := range operList { //操作权限
+						if publicmethod.IsInTrue[string](ov, operationAry) == false {
+							operationAry = append(operationAry, ov)
+						}
+					}
+				}
+			}
+		}
+
+	}
+	if orgId != 0 && postId != 0 {
+		var postCont modelssystempermission.Empower
+		err := postCont.GetCont(map[string]interface{}{"`system`": systemName, "`organization`": orgId, "`post_id`": postId}, "`point_id`", "`operation`")
+		if err == nil {
+			if postCont.PointId != "" {
+				if len(menuAry) < 1 {
+					menuAry = strings.Split(postCont.PointId, ",")
+				} else {
+					guoduPostAry := strings.Split(postCont.PointId, ",")
+					for _, v := range guoduPostAry {
+						if publicmethod.IsInTrue[string](v, menuAry) == false {
+							menuAry = append(menuAry, v)
+						}
+					}
+				}
+
+			}
+			if postCont.Operation != "" {
+				if len(operationAry) < 1 {
+					operationAry = strings.Split(postCont.Operation, ",")
+				} else {
+					guoduPostAryOp := strings.Split(postCont.Operation, ",")
+					for _, v := range guoduPostAryOp {
+						if publicmethod.IsInTrue[string](v, operationAry) == false {
+							operationAry = append(operationAry, v)
+						}
+					}
+				}
+
+			}
+		}
+	}
+	if len(menuAry) > 1 {
+		menuPower = strings.Join(menuAry, ",")
+	}
+	if len(operationAry) > 1 {
+		operationPower = strings.Join(operationAry, ",")
+	}
+	return
+}
--- a/api/version1/empower/system_license.go
+++ b/api/version1/empower/system_license.go
@ -26,7 +26,8 @@ func (a *ApiMethod) ObtainAuthorization(c *gin.Context) {
 	}
 	// jsonStr, _ := json.Marshal(context)
 	// fmt.Printf("jsonStr------>%v\n", string(jsonStr))
-	menuIdAry, menuUrl, err := publicmethod.GetPostPower(context.AdminOrg, context.Position, receivedValue.System)
+	// menuIdAry, menuUrl, err := publicmethod.GetPostPower(context.AdminOrg, context.Position, receivedValue.System)
+	_, pointId, operation, _ := publicmethod.GetNewAccredit(receivedValue.System, context.Role, context.Key, context.AdminOrg, context.Position)

 	// var systemPermission modelssystempermission.Empower
 	// err = systemPermission.GetCont(map[string]interface{}{"`state`": 1, "`ordid`": context.AdminOrg, "`post_id`": context.Position, "`system`": receivedValue.System}, "`point_id`")
@ -41,7 +42,8 @@ func (a *ApiMethod) ObtainAuthorization(c *gin.Context) {
 	// 	return
 	// }
 	sendData := publicmethod.MapOut[string]()
-	sendData["powerid"] = menuIdAry
-	sendData["powerurl"] = menuUrl
+	sendData["powerid"] = pointId
+	sendData["poweroperationid"] = operation
+	sendData["powerurl"] = ""
 	publicmethod.Result(0, sendData, c)
 }
--- a/overall/publicmethod/technique.go
+++ b/overall/publicmethod/technique.go
@ -1234,10 +1234,11 @@ func GetPostOfUsEmpowerCont(orgId, postId int64, systemName string) (sysPowerCon
 	#GetNewAccredit(systemName, roleId string, orgId, postId int64) (roleName, pointId, operation string, level int)
 */
 func GetNewAccredit(systemName, roleId string, userKey, orgId, postId int64) (roleName, pointId, operation string, level int) {
-
+	fmt.Printf("jsonStr------>%v---->%v---->%v---->%v---->%v\n", systemName, roleId, userKey, orgId, postId)
 	redisFileKey := fmt.Sprintf("Licence:PowerLoginApi_%v_%v_%v_%v", systemName, userKey, orgId, postId)
 	redisClient := grocerystore.RunRedis(overall.CONSTANT_REDIS3)
 	userRedisToken, isTrue := redisClient.HashGetAll(redisFileKey)
+	fmt.Printf("jsonStr------>%v---->%v---->%v---->%v---->%v---->%v\n", systemName, roleId, userKey, orgId, postId, userRedisToken)
 	if isTrue == false {

 		var pointIdAry []string
@ -1247,7 +1248,7 @@ func GetNewAccredit(systemName, roleId string, userKey, orgId, postId int64) (ro
 			var roleCont []modelssystempermission.SystemRole
 			if len(roleIdAry) > 0 {
 				//获取角色名称
-				err := overall.CONSTANT_DB_System_Permission.Model(&modelssystempermission.SystemRole{}).Select("`name`").Where("`id` IN ?", roleCont).Find(&roleCont).Error
+				err := overall.CONSTANT_DB_System_Permission.Model(&modelssystempermission.SystemRole{}).Select("`name`").Where("`id` IN ?", roleIdAry).Find(&roleCont).Error
 				if err == nil && len(roleCont) > 0 {
 					var roleNameAry []string
 					for _, rnv := range roleCont {
@ -1259,7 +1260,7 @@ func GetNewAccredit(systemName, roleId string, userKey, orgId, postId int64) (ro
 				}
 				//获取配置的所有角色权限
 				var roleEmpowerCont []modelssystempermission.RoleEmpower
-				err = overall.CONSTANT_DB_System_Permission.Model(&modelssystempermission.RoleEmpower{}).Select("`point_id`,`operation`,`level`").Where("`system` = ? AND `role_id` IN ?", systemName, roleCont).Find(&roleEmpowerCont).Error
+				err = overall.CONSTANT_DB_System_Permission.Model(&modelssystempermission.RoleEmpower{}).Select("`point_id`,`operation`,`level`").Where("`system` = ? AND `role_id` IN ?", systemName, roleIdAry).Find(&roleEmpowerCont).Error
 				if err == nil && len(roleEmpowerCont) > 0 {
 					for _, rev := range roleEmpowerCont {
 						menuList := strings.Split(rev.PointId, ",")