chenlin/telco_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62d101c2bc
telco_server/common/middleware/permission.go

62 lines
1.7 KiB
Go
Raw Normal View History

Initial commit
2025-03-13 07:49:59 +00:00
package middleware
import (
"github.com/casbin/casbin/v2/util"
"net/http"
"github.com/gin-gonic/gin"
"github.com/go-admin-team/go-admin-core/sdk"
"github.com/go-admin-team/go-admin-core/sdk/api"
"github.com/go-admin-team/go-admin-core/sdk/pkg/jwtauth"
"github.com/go-admin-team/go-admin-core/sdk/pkg/response"
)
// AuthCheckRole 权限检查中间件
func AuthCheckRole() gin.HandlerFunc {
return func(c *gin.Context) {
log := api.GetRequestLogger(c)
data, _ := c.Get(jwtauth.JwtPayloadKey)
v := data.(jwtauth.MapClaims)
e := sdk.Runtime.GetCasbinKey(c.Request.Host)
var res, casbinExclude bool
var err error
//检查权限
if v["rolekey"] == "admin" {
res = true
c.Next()
return
}
for _, i := range CasbinExclude {
if util.KeyMatch2(c.Request.URL.Path, i.Url) && c.Request.Method == i.Method {
casbinExclude = true
break
}
}
if casbinExclude {
log.Infof("Casbin exclusion, no validation method:%s path:%s", c.Request.Method, c.Request.URL.Path)
c.Next()
return
}
res, err = e.Enforce(v["rolekey"], c.Request.URL.Path, c.Request.Method)
if err != nil {
log.Errorf("AuthCheckRole error:%s method:%s path:%s", err, c.Request.Method, c.Request.URL.Path)
response.Error(c, 500, err, "")
return
}
if res {
log.Infof("isTrue: %v role: %s method: %s path: %s", res, v["rolekey"], c.Request.Method, c.Request.URL.Path)
c.Next()
} else {
log.Warnf("isTrue: %v role: %s method: %s path: %s message: %s", res, v["rolekey"], c.Request.Method, c.Request.URL.Path, "当前request无权限请管理员确认")
c.JSON(http.StatusOK, gin.H{
"code": 403,
"msg": "对不起,您没有该接口访问权限,请联系管理员",
})
c.Abort()
return
}
}
}
Reference in New Issue Copy Permalink