zfc/bindbox-game
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bindbox-game/internal/router/interceptor/admin_rbac.go
邹方成 2a89a1ab9d
Some checks failed
Build docker and publish / linux (1.24.5) (push) Failing after 39s
Details
feat(admin): 更新前端资源文件及修复相关功能 
refactor(service): 修改banner和guild删除逻辑为软删除
fix(service): 修复删除操作使用软删除而非物理删除

build: 添加SQLite测试仓库实现
docs: 新增奖励管理字段拆分和批量抽奖UI改造文档

ci: 更新CI忽略文件
style: 清理无用资源文件
2025-11-19 01:35:55 +08:00

58 lines
2.3 KiB
Go
Raw Blame History

package interceptor
import (
"net/http"
"bindbox-game/internal/pkg/core"
"bindbox-game/internal/repository/mysql/dao"
)
func (i *interceptor) RequireAdminRole() core.HandlerFunc {
return func(ctx core.Context) {
if ctx.SessionUserInfo().IsSuper == 1 {
return
}
uid := int32(ctx.SessionUserInfo().Id)
cnt, err := dao.Use(i.db.GetDbR()).RoleUsers.WithContext(ctx.RequestContext()).Where(dao.Use(i.db.GetDbR()).RoleUsers.AdminID.Eq(uid)).Count()
if err != nil {
ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足"))
return
}
if cnt == 0 {
ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足"))
return
}
}
}
func (i *interceptor) RequireAdminAction(mark string) core.HandlerFunc {
return func(ctx core.Context) {
if ctx.SessionUserInfo().IsSuper == 1 {
return
}
uid := int32(ctx.SessionUserInfo().Id)
roles, err := dao.Use(i.db.GetDbR()).RoleUsers.WithContext(ctx.RequestContext()).Where(dao.Use(i.db.GetDbR()).RoleUsers.AdminID.Eq(uid)).Find()
if err != nil || len(roles) == 0 {
ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足"))
return
}
actions, err := dao.Use(i.db.GetDbR()).MenuActions.WithContext(ctx.RequestContext()).Where(dao.Use(i.db.GetDbR()).MenuActions.ActionMark.Eq(mark), dao.Use(i.db.GetDbR()).MenuActions.Status.Is(true)).Find()
if err != nil || len(actions) == 0 {
ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足"))
return
}
roleIDs := make([]int64, len(roles))
for i := range roles {
roleIDs[i] = roles[i].RoleID
}
actionIDs := make([]int64, len(actions))
for i := range actions {
actionIDs[i] = actions[i].ID
}
cnt, err := dao.Use(i.db.GetDbR()).RoleActions.WithContext(ctx.RequestContext()).Where(dao.Use(i.db.GetDbR()).RoleActions.RoleID.In(roleIDs...), dao.Use(i.db.GetDbR()).RoleActions.ActionID.In(actionIDs...)).Count()
if err != nil || cnt == 0 {
ctx.AbortWithError(core.Error(http.StatusForbidden, 10103, "权限不足"))
return
}
}
}
Reference in New Issue View Git Blame Copy Permalink