feat(ui): 后端加权限验证

2025-11-08 10:13:44 +08:00 · 2024-03-14 15:39:12 +08:00
parent a64df5cf0c
commit af5afd7700
16 changed files with 135 additions and 7 deletions
--- a/api/utils/permission.go
+++ b/api/utils/permission.go
@@ -0,0 +1,40 @@
+package utils
+
+import (
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"fmt"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+	"net/url"
+	"strings"
+)
+
+// CheckPermission Todo: 放在缓存
+// CheckPermission 检查权限
+func CheckPermission(c *gin.Context, db *gorm.DB) error {
+	u, err := url.Parse(c.Request.RequestURI)
+	if err != nil {
+		panic(err)
+	}
+	slug := strings.Replace(u.Path, "/", "_", -1)[1:]
+
+	// 用户名
+	userName, _ := c.Get(types.LoginUserID)
+
+	var manager model.AdminUser
+	db.Table("chatgpt_admin_users").Select("chatgpt_admin_users.id").Where("username = ?", userName).First(&manager)
+
+	// 超级管理员不判断
+	if manager.Id == 1 {
+		return nil
+	}
+	var roleIds []int
+	var count int64
+	db.Raw("SELECT `chatgpt_admin_user_roles`.role_id FROM `chatgpt_admin_users` LEFT JOIN `chatgpt_admin_user_roles` ON ( `chatgpt_admin_users`.id = `chatgpt_admin_user_roles`.admin_id ) WHERE `chatgpt_admin_users`.id = ?", manager.Id).Find(&roleIds)
+	db.Raw("SELECT `chatgpt_admin_permissions`.slug FROM `chatgpt_admin_permissions` LEFT JOIN `chatgpt_admin_role_permissions` ON (`chatgpt_admin_permissions`.id = `chatgpt_admin_role_permissions`.permission_id) WHERE `chatgpt_admin_role_permissions`.role_id IN ? and `chatgpt_admin_permissions`.slug = ? ", roleIds, slug).Count(&count)
+	if count > 0 {
+		return nil
+	}
+	return fmt.Errorf("没有权限")
+}