package interceptor import ( "net/http" "bindbox-game/internal/pkg/core" "bindbox-game/internal/repository/mysql/dao" ) func (i *interceptor) RequireAdminRole() core.HandlerFunc { return func(ctx core.Context) { if ctx.SessionUserInfo().IsSuper == 1 { return } uid := int32(ctx.SessionUserInfo().Id) cnt, err := dao.Use(i.db.GetDbR()).RoleUsers.WithContext(ctx.RequestContext()).Where(dao.Use(i.db.GetDbR()).RoleUsers.AdminID.Eq(uid)).Count() if err != nil { ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足")) return } if cnt == 0 { ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足")) return } } } func (i *interceptor) RequireAdminAction(mark string) core.HandlerFunc { return func(ctx core.Context) { if ctx.SessionUserInfo().IsSuper == 1 { return } uid := int32(ctx.SessionUserInfo().Id) roles, err := dao.Use(i.db.GetDbR()).RoleUsers.WithContext(ctx.RequestContext()).Where(dao.Use(i.db.GetDbR()).RoleUsers.AdminID.Eq(uid)).Find() if err != nil || len(roles) == 0 { ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足")) return } actions, err := dao.Use(i.db.GetDbR()).MenuActions.WithContext(ctx.RequestContext()).Where(dao.Use(i.db.GetDbR()).MenuActions.ActionMark.Eq(mark), dao.Use(i.db.GetDbR()).MenuActions.Status.Is(true)).Find() if err != nil || len(actions) == 0 { ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足")) return } roleIDs := make([]int64, len(roles)) for i := range roles { roleIDs[i] = roles[i].RoleID } actionIDs := make([]int64, len(actions)) for i := range actions { actionIDs[i] = actions[i].ID } cnt, err := dao.Use(i.db.GetDbR()).RoleActions.WithContext(ctx.RequestContext()).Where(dao.Use(i.db.GetDbR()).RoleActions.RoleID.In(roleIDs...), dao.Use(i.db.GetDbR()).RoleActions.ActionID.In(actionIDs...)).Count() if err != nil || cnt == 0 { ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足")) return } } }