2020-07-13 20:33:20 +08:00
|
|
|
package middleware
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
mycasbin "ferry/pkg/casbin"
|
|
|
|
|
"ferry/pkg/jwtauth"
|
|
|
|
|
_ "ferry/pkg/jwtauth"
|
2020-08-15 23:34:37 +08:00
|
|
|
"ferry/pkg/logger"
|
2020-07-13 20:33:20 +08:00
|
|
|
"ferry/tools"
|
2020-09-08 23:01:53 +08:00
|
|
|
"fmt"
|
2020-07-13 20:33:20 +08:00
|
|
|
"net/http"
|
|
|
|
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
//权限检查中间件
|
|
|
|
|
func AuthCheckRole() gin.HandlerFunc {
|
|
|
|
|
return func(c *gin.Context) {
|
|
|
|
|
data, _ := c.Get("JWT_PAYLOAD")
|
|
|
|
|
v := data.(jwtauth.MapClaims)
|
|
|
|
|
e, err := mycasbin.Casbin()
|
|
|
|
|
tools.HasError(err, "", 500)
|
|
|
|
|
//检查权限
|
|
|
|
|
res, err := e.Enforce(v["rolekey"], c.Request.URL.Path, c.Request.Method)
|
2020-08-15 23:34:37 +08:00
|
|
|
logger.Info(v["rolekey"], c.Request.URL.Path, c.Request.Method)
|
2020-09-08 23:01:53 +08:00
|
|
|
tools.HasError(err, "", 500)
|
|
|
|
|
|
2020-07-13 20:33:20 +08:00
|
|
|
if res {
|
|
|
|
|
c.Next()
|
|
|
|
|
} else {
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
|
|
|
"code": 403,
|
2020-09-08 23:18:45 +08:00
|
|
|
"msg": fmt.Sprintf("对不起,您没有 <%v-%v> 访问权限,请联系管理员", c.Request.URL.Path, c.Request.Method),
|
2020-07-13 20:33:20 +08:00
|
|
|
})
|
|
|
|
|
c.Abort()
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
