60 lines
1.3 KiB
Go
60 lines
1.3 KiB
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"management/internal/erpserver/model/dto"
|
|
v1 "management/internal/erpserver/service/v1"
|
|
"management/internal/pkg/know"
|
|
"management/internal/pkg/session"
|
|
)
|
|
|
|
var publicRoutes = map[string]bool{
|
|
"/home.html": true,
|
|
"/dashboard": true,
|
|
"/system/menus": true,
|
|
"/upload/img": true,
|
|
"/upload/file": true,
|
|
"/upload/multi_files": true,
|
|
"/pear.json": true,
|
|
}
|
|
|
|
func Authorize(
|
|
sess session.Manager,
|
|
menuService v1.MenuService,
|
|
) func(http.Handler) http.Handler {
|
|
return func(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
ctx := r.Context()
|
|
path := r.URL.Path
|
|
|
|
// 登陆检查
|
|
user, err := sess.GetUser(ctx, know.StoreName)
|
|
if err != nil || user.ID == 0 {
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
return
|
|
}
|
|
|
|
// 公共路由放行
|
|
if publicRoutes[path] {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
|
|
// 权限检查
|
|
menus, err := menuService.ListByRoleIDToMap(ctx, user.RoleID)
|
|
if err != nil || !hasPermission(menus, path) {
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
}
|
|
|
|
func hasPermission(menus map[string]*dto.OwnerMenuDto, path string) bool {
|
|
_, ok := menus[path]
|
|
return ok
|
|
}
|