mirror of https://github.com/veypi/OneAuth.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
67 lines
1.3 KiB
Go
67 lines
1.3 KiB
Go
package auth
|
|
|
|
import (
|
|
"OneAuth/models"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
// 定义oa系统权限
|
|
|
|
type Resource = string
|
|
|
|
const (
|
|
User Resource = "user"
|
|
APP Resource = "app"
|
|
Res Resource = "resource"
|
|
Role Resource = "role"
|
|
Auth Resource = "auth"
|
|
)
|
|
|
|
func BindUserRole(tx *gorm.DB, userID uint, roleID uint) error {
|
|
r := &models.Role{}
|
|
r.ID = roleID
|
|
err := tx.Where(r).First(r).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
ur := &models.UserRole{}
|
|
ur.RoleID = roleID
|
|
if r.IsUnique {
|
|
err = tx.Where(ur).Update("user_id", userID).Error
|
|
} else {
|
|
ur.UserID = userID
|
|
err = tx.Where(ur).FirstOrCreate(ur).Error
|
|
}
|
|
return err
|
|
}
|
|
|
|
func BindUserAuth(tx *gorm.DB, userID uint, resID uint, level models.AuthLevel, ruid string) error {
|
|
return bind(tx, userID, resID, level, ruid, false)
|
|
}
|
|
|
|
func BindRoleAuth(tx *gorm.DB, roleID uint, resID uint, level models.AuthLevel, ruid string) error {
|
|
return bind(tx, roleID, resID, level, ruid, true)
|
|
}
|
|
|
|
func bind(tx *gorm.DB, id uint, resID uint, level models.AuthLevel, ruid string, isRole bool) error {
|
|
r := &models.Resource{}
|
|
r.ID = resID
|
|
err := tx.Where(r).First(r).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
au := &models.Auth{
|
|
AppID: r.AppID,
|
|
ResourceID: resID,
|
|
RID: r.Name,
|
|
RUID: ruid,
|
|
Level: level,
|
|
}
|
|
if isRole {
|
|
au.RoleID = &id
|
|
} else {
|
|
au.UserID = &id
|
|
}
|
|
return tx.Where(au).FirstOrCreate(au).Error
|
|
}
|