github_mirrors/hotgo
1
0
Fork 0
mirror of https://github.com/bufanyun/hotgo.git synced 2025-01-23 10:50:24 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

修复部权限更新sql错误,修复后台用户时增加角色部门验证

Browse Source
This commit is contained in:
孟帅 2023-07-27 18:13:20 +08:00
parent 465e48d7bc
commit e941e52d3e
3 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
server/internal/library/hgorm/handler/filter_auth.go
View File

@ -63,17 +63,23 @@ func FilterAuthWithField(filterField string) func(m *gdb.Model) *gdb.Model {
g.Log().Panic(ctx, "failed to role information roleModel == nil") g.Log().Panic(ctx, "failed to role information roleModel == nil")
} }
sq := g.Model("admin_member").Fields("id") getDeptIds := func(in interface{}) []gdb.Value {
ds, err := g.Model("admin_member").Fields("id").Where("dept_id", in).Array()
if err != nil {
g.Log().Panic(ctx, "failed to get member dept data")
}
return ds
}
switch role.DataScope { switch role.DataScope {
case consts.RoleDataAll: // 全部权限 case consts.RoleDataAll: // 全部权限
// ... // ...
case consts.RoleDataNowDept: // 当前部门 case consts.RoleDataNowDept: // 当前部门
m = m.WhereIn(filterField, sq.Where("dept_id", co.User.DeptId)) m = m.WhereIn(filterField, getDeptIds(co.User.DeptId))
case consts.RoleDataDeptAndSub: // 当前部门及以下部门 case consts.RoleDataDeptAndSub: // 当前部门及以下部门ds
m = m.WhereIn(filterField, sq.WhereIn("dept_id", GetDeptAndSub(co.User.DeptId))) m = m.WhereIn(filterField, getDeptIds(GetDeptAndSub(co.User.DeptId)))
case consts.RoleDataDeptCustom: // 自定义部门 case consts.RoleDataDeptCustom: // 自定义部门
m = m.WhereIn(filterField, sq.WhereIn("dept_id", role.CustomDept.Var().Ints())) m = m.WhereIn(filterField, getDeptIds(role.CustomDept.Var().Ints()))
case consts.RoleDataSelf: // 仅自己 case consts.RoleDataSelf: // 仅自己
m = m.Where(filterField, co.User.Id) m = m.Where(filterField, co.User.Id)
case consts.RoleDataSelfAndSub: // 自己和直属下级 case consts.RoleDataSelfAndSub: // 自己和直属下级

2
server/internal/logic/admin/dept.go
View File

@ -351,7 +351,7 @@ func (s *sAdminDept) VerifyDeptId(ctx context.Context, id int64) (err error) {
// 非超管只获取下级 // 非超管只获取下级
if !service.AdminMember().VerifySuperId(ctx, mb.Id) { if !service.AdminMember().VerifySuperId(ctx, mb.Id) {
pid = mb.DeptId pid = mb.DeptId
mod = mod.WhereLike(dao.AdminDept.Columns().Tree, "%"+tree.GetIdLabel(pid)+"%") mod = mod.WhereNot(dao.AdminDept.Columns().Id, pid).WhereLike(dao.AdminDept.Columns().Tree, "%"+tree.GetIdLabel(pid)+"%")
} }
columns, err := mod.Array() columns, err := mod.Array()

2
server/internal/logic/admin/role.go
View File

@ -327,7 +327,7 @@ func (s *sAdminRole) VerifyRoleId(ctx context.Context, id int64) (err error) {
// 非超管只获取下级 // 非超管只获取下级
if !service.AdminMember().VerifySuperId(ctx, mb.Id) { if !service.AdminMember().VerifySuperId(ctx, mb.Id) {
pid = mb.RoleId pid = mb.RoleId
mod = mod.WhereLike(dao.AdminRole.Columns().Tree, "%"+tree.GetIdLabel(pid)+"%") mod = mod.WhereNot(dao.AdminRole.Columns().Id, pid).WhereLike(dao.AdminRole.Columns().Tree, "%"+tree.GetIdLabel(pid)+"%")
} }
columns, err := mod.Array() columns, err := mod.Array()