07.RBAC管理模块

# 01.RBAC表结构

# 1.0 表结构图

# 1.1 models\manager.go

package models
import (
	_ "github.com/jinzhu/gorm"
)

type Manager struct {
	Id       int
	Username string
	Password string
	Mobile   string
	Email    string
	Status   int
	RoleId   int
	AddTime  int
	IsSuper  int
	Role     Role `gorm:"foreignkey:Id;association_foreignkey:RoleId"`
}

func (Manager) TableName() string {
	return "manager"
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

# 1.2 models\role.go

package models
import (
	_ "github.com/jinzhu/gorm"
)

type Role struct {
	Id          int
	Title       string
	Description string
	Status      int
	AddTime     int
}

func (Role) TableName() string {
	return "role"
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

# 1.3 models\role_access.go

package models
import (
	_ "github.com/jinzhu/gorm"
)

type RoleAccess struct {
	AccessId int
	RoleId   int
}

func (RoleAccess) TableName() string {
	return "role_access"
}

1
2
3
4
5
6
7
8
9
10
11
12
13

# 1.4 models\access.go

package models
import (
	_ "github.com/jinzhu/gorm"
)

type Access struct {
	Id          int
	ModuleName  string //模块名称
	ActionName  string //操作名称
	Type        int    //节点类型 :  1、表示模块    2、表示菜单     3、操作
	Url         string //路由跳转地址
	ModuleId    int    //此module_id和当前模型的_id关联      module_id= 0 表示模块
	Sort        int
	Description string
	Status      int
	AddTime     int
	AccessItem  []Access `gorm:"foreignkey:ModuleId;association_foreignkey:Id"`
	Checked     bool     `gorm:"-"` // 忽略本字段
}

func (Access) TableName() string {
	return "access"
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

# 02.用户管理

package admin
import (
	"beegoxiaomi/models"
	"fmt"
	"github.com/astaxie/beego"
	"strconv"
	"strings"
)

type ManagerController struct {
	BaseController
}

func (c *ManagerController) Get() {
	manager := []models.Manager{}
	models.DB.Preload("Role").Find(&manager)
	c.Data["managerList"] = manager
	fmt.Println(manager)
	c.TplName = "admin/manager/index.html"
}

func (c *ManagerController) Add() {
	//获取所有的角色
	role := []models.Role{}
	models.DB.Find(&role)
	c.Data["roleList"] = role
	c.TplName = "admin/manager/add.html"
}

func (c *ManagerController) DoAdd() {
	//获取数据
	roleId, err1 := c.GetInt("role_id")
	if err1 != nil {
		c.Error("非法请求", "/manager/add")
		return
	}
	username := strings.Trim(c.GetString("username"), " ")
	password := strings.Trim(c.GetString("password"), " ")
	mobile := strings.Trim(c.GetString("mobile"), " ")
	email := strings.Trim(c.GetString("email"), " ")

	if len(username) < 2 || len(password) < 6 {
		c.Error("用户名或者密码长度不合法", "/manager/add")
		return
	}
	//判断数据库里面有没有当前用户
	managerList := []models.Manager{}
	models.DB.Where("username=?", username).Find(&managerList)
	if len(managerList) > 0 {
		c.Error("用户名已经存在", "/manager/add")
		return
	}
	//增加管理员
	manager := models.Manager{}
	manager.Username = username
	manager.Password = models.Md5(password)
	manager.Mobile = mobile
	manager.Email = email
	manager.Status = 1
	manager.AddTime = int(models.GetUnix())
	manager.RoleId = roleId
	err := models.DB.Create(&manager).Error
	if err != nil {
		c.Error("增加管理员失败", "/manager/add")
		return
	}
	c.Success("增加管理员成功", "/manager")
}

func (c *ManagerController) Edit() {

	//获取管理员信息
	id, err := c.GetInt("id")
	if err != nil {
		c.Error("非法请求", "/manager")
		return
	}
	manager := models.Manager{Id: id}
	models.DB.Find(&manager)
	c.Data["manager"] = manager

	//获取所有的角色
	role := []models.Role{}
	models.DB.Find(&role)
	c.Data["roleList"] = role
	c.TplName = "admin/manager/edit.html"
}

func (c *ManagerController) DoEdit() {

	id, err1 := c.GetInt("id")
	if err1 != nil {
		c.Error("非法请求", "/manager")
		return
	}
	roleId, err2 := c.GetInt("role_id")
	if err2 != nil {
		c.Error("非法请求", "/manager")
		return
	}
	mobile := strings.Trim(c.GetString("mobile"), " ")
	email := strings.Trim(c.GetString("email"), " ")
	password := strings.Trim(c.GetString("password"), " ")

	//获取数据
	manager := models.Manager{Id: id}
	models.DB.Find(&manager)
	manager.RoleId = roleId
	manager.Mobile = mobile
	manager.Email = email
	if password != "" {
		if len(password) < 6 {
			c.Error("密码长度不合法,密码长度不能小于6位", "/manager/edit?id="+strconv.Itoa(id))
			return
		}
		manager.Password = models.Md5(password)
	}
	//执行修改
	err := models.DB.Save(&manager).Error
	if err != nil {
		beego.Info(err)
		c.Error("修改数据失败-检查一下数据是否合法", "/manager/edit?id="+strconv.Itoa(id))
	} else {
		c.Success("修改数据成功", "/manager")
	}
}
func (c *ManagerController) Delete() {
	id, err1 := c.GetInt("id")
	if err1 != nil {
		c.Error("传入参数错误", "/manager")
		return
	}
	manager := models.Manager{Id: id}
	models.DB.Delete(&manager)
	c.Success("删除轮播图成功", "/manager")
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

# 03.角色管理

package admin
import (
	"beegoxiaomi/models"
	"strconv"
	"strings"
)

type RoleController struct {
	BaseController
}

func (c *RoleController) Get() {

	role := []models.Role{}
	models.DB.Find(&role)
	c.Data["roleList"] = role
	c.TplName = "admin/role/index.html"
}

func (c *RoleController) Add() {
	c.TplName = "admin/role/add.html"
}

func (c *RoleController) DoAdd() {
	title := strings.Trim(c.GetString("title"), " ")
	description := strings.Trim(c.GetString("description"), " ")

	if title == "" {
		c.Error("标题不能为空", "/role/add")
		return
	}
	role := models.Role{}
	role.Title = title
	role.Description = description
	role.Status = 1
	role.AddTime = int(models.GetUnix())
	err := models.DB.Create(&role).Error
	if err != nil {
		c.Error("增加角色", "/role/add")
	} else {
		c.Success("增加角色成功", "/role")
	}
}

func (c *RoleController) Edit() {
	id, err := c.GetInt("id")
	if err != nil {
		c.Error("传入参数错误", "/role")
		return
	}

	role := models.Role{Id: id}
	models.DB.Find(&role)
	c.Data["role"] = role
	c.TplName = "admin/role/edit.html"
}

func (c *RoleController) DoEdit() {

	id, err1 := c.GetInt("id")
	if err1 != nil {
		c.Error("传入参数错误", "/role")
		return
	}
	title := strings.Trim(c.GetString("title"), " ")
	description := strings.Trim(c.GetString("description"), " ")
	if title == "" {
		c.Error("标题不能为空", "/role/add")
		return
	}
	//修改
	role := models.Role{Id: id}
	models.DB.Find(&role)
	role.Title = title
	role.Description = description
	err2 := models.DB.Save(&role).Error
	if err2 != nil {
		c.Error("修改数据失败", "/role/edit?id="+strconv.Itoa(id))
	} else {
		c.Success("修改角色成功", "/role")
	}

}

func (c *RoleController) Delete() {
	id, err1 := c.GetInt("id")
	if err1 != nil {
		c.Error("传入参数错误", "/role")
		return
	}
	role := models.Role{Id: id}
	models.DB.Delete(&role)
	c.Success("删除角色成功", "/role")

}

func (c *RoleController) Auth() {

	//1、获取角色id

	roleId, err := c.GetInt("id")
	if err != nil {
		c.Error("传入参数错误", "/role")
		return
	}

	//2、获取全部的权限

	access := []models.Access{}
	models.DB.Preload("AccessItem").Where("module_id=0").Find(&access)

	//3、获取当前角色拥有的权限 ，并把权限id放在一个map对象里面
	roleAccess := []models.RoleAccess{}
	models.DB.Where("role_id=?", roleId).Find(&roleAccess)
	roleAccessMap := make(map[int]int)
	for _, v := range roleAccess {
		roleAccessMap[v.AccessId] = v.AccessId
	}

	//4、循环遍历所有的权限数据，判断当前权限的id是否在角色权限的Map对象中,如果是的话给当前数据加入checked属性
	for i := 0; i < len(access); i++ {
		if _, ok := roleAccessMap[access[i].Id]; ok {
			access[i].Checked = true
		}
		for j := 0; j < len(access[i].AccessItem); j++ {
			if _, ok := roleAccessMap[access[i].AccessItem[j].Id]; ok {
				access[i].AccessItem[j].Checked = true
			}
		}
	}
	//5、渲染权限数据以及角色 Id
	c.Data["accessList"] = access
	c.Data["roleId"] = roleId
	c.TplName = "admin/role/auth.html"

}

func (c *RoleController) DoAuth() {
	//1、获取参数post传过来的角色id 和 权限切片
	roleId, err := c.GetInt("role_id")
	if err != nil {
		c.Error("传入参数错误", "/role")
		return
	}
	accessNode := c.GetStrings("access_node")

	//2、修改角色权限---删除当前角色下面的所有权限

	roleAccess := models.RoleAccess{}
	models.DB.Where("role_id=?", roleId).Delete(&roleAccess)

	//3、执行增加数据

	for _, v := range accessNode {
		accessId, _ := strconv.Atoi(v)
		roleAccess.AccessId = accessId
		roleAccess.RoleId = roleId
		models.DB.Create(&roleAccess)
	}
	c.Success("授权成功", "/role/auth?id="+strconv.Itoa(roleId))
}

# 04.权限管理

package admin

import (
	"beegoxiaomi/models"
	"strconv"
)

type AccessController struct {
	BaseController
}

func (c *AccessController) Get() {
	access := []models.Access{}
	models.DB.Preload("AccessItem").Where("module_id=0").Find(&access)
	c.Data["accessList"] = access
	c.TplName = "admin/access/index.html"
}

func (c *AccessController) Add() {
	//加载顶级模块
	access := []models.Access{}
	models.DB.Where("module_id=0").Find(&access)
	c.Data["accessList"] = access
	c.TplName = "admin/access/add.html"
}

func (c *AccessController) DoAdd() {

	moduleName := c.GetString("module_name")
	iType, err1 := c.GetInt("type")
	actionName := c.GetString("action_name")
	url := c.GetString("url")
	moduleId, err2 := c.GetInt("module_id")
	sort, err3 := c.GetInt("sort")
	description := c.GetString("description")
	status, err4 := c.GetInt("status")
	if err1 != nil || err2 != nil || err3 != nil || err4 != nil {
		c.Error("传入参数错误", "/access/add")
		return
	}
	access := models.Access{
		ModuleName:  moduleName,
		Type:        iType,
		ActionName:  actionName,
		Url:         url,
		ModuleId:    moduleId,
		Sort:        sort,
		Description: description,
		Status:      status,
	}
	err := models.DB.Create(&access).Error
	if err != nil {
		c.Error("增加数据失败", "/access/add")
	} else {
		c.Success("增加数据成功", "/access")
	}

}

func (c *AccessController) Edit() {
	//获取要修改的数据
	id, err1 := c.GetInt("id")
	if err1 != nil {
		c.Error("传入参数错误", "/access")
		return
	}
	access := models.Access{Id: id}
	models.DB.Find(&access)
	c.Data["access"] = access

	//获取顶级模块
	accessList := []models.Access{}
	models.DB.Where("module_id=0").Find(&accessList)
	c.Data["accessList"] = accessList

	c.TplName = "admin/access/edit.html"
}

func (c *AccessController) DoEdit() {
	id, err1 := c.GetInt("id")
	moduleName := c.GetString("module_name")
	iType, err2 := c.GetInt("type")
	actionName := c.GetString("action_name")
	url := c.GetString("url")
	moduleId, err3 := c.GetInt("module_id")
	sort, err4 := c.GetInt("sort")
	description := c.GetString("description")
	status, err5 := c.GetInt("status")
	if err1 != nil || err2 != nil || err3 != nil || err4 != nil || err5 != nil {
		c.Error("传入参数错误", "/access")
		return
	}
	access := models.Access{Id: id}
	models.DB.Find(&access)
	access.ModuleName = moduleName
	access.Type = iType
	access.ActionName = actionName
	access.Url = url
	access.ModuleId = moduleId
	access.Sort = sort
	access.Description = description
	access.Status = status
	err := models.DB.Save(&access).Error
	if err != nil {
		c.Error("修改失败", "/access/edit?id="+strconv.Itoa(id))
		return
	}
	c.Success("修改成功", "/access/")

}

func (c *AccessController) Delete() {

	id, err1 := c.GetInt("id")
	if err1 != nil {
		c.Error("传入参数错误", "/access")
		return
	}
	//获取当前数据
	access1 := models.Access{Id: id}
	models.DB.Find(&access1)
	if access1.ModuleId == 0 { //顶级模块
		access3 := []models.Access{}
		models.DB.Where("module_id=?", access1.Id).Find(&access3)
		if len(access3) > 0 {
			c.Error("当前模块下面还有菜单或者操作，无法删除", "/access")
			return
		}
	}
	access2 := models.Access{Id: id}
	models.DB.Delete(&access2)
	c.Success("删除成功", "/access")

}

上次更新: 2024/3/13 15:35:10

← 06.RBAC实现流程 08.RBAC判断权限→