You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
OneAuth/models/role.go

106 lines
2.2 KiB
Go

package models
type UserRole struct {
BaseModel
UserID uint `json:"user_id"`
RoleID uint `json:"role_id"`
}
type Role struct {
BaseModel
AppID uint `json:"app_id"`
App *App `json:"app"`
Name string `json:"name"`
// 角色标签
Tag string `json:"tag" gorm:"default:''"`
Users []*User `json:"users" gorm:"many2many:user_roles;"`
// 具体权限
Auths []*Auth `json:"auths" gorm:"foreignkey:RoleID;references:ID"`
IsUnique bool `json:"is_unique" gorm:"default:false"`
}
// AuthLevel 权限等级
// 对于操作类权限
// 0 禁止执行
// 1 允许执行
// 对于资源类权限
// 0 相当于没有
// 1 有限读权限
// 2 读权限
// 3 创建权限
// 4 修改权限
// 5 删除权限
// 6 赋予其余人权限
type AuthLevel uint
const (
AuthNone AuthLevel = 0
AuthDo AuthLevel = 1
// AuthPart TODO: 临时权限
AuthPart AuthLevel = 1
AuthRead AuthLevel = 2
AuthCreate AuthLevel = 3
AuthUpdate AuthLevel = 4
AuthDelete AuthLevel = 5
AuthAll AuthLevel = 6
)
func (a AuthLevel) Upper(b AuthLevel) bool {
return a > b
}
func (a AuthLevel) CanDo() bool {
return a > AuthNone
}
func (a AuthLevel) CanRead() bool {
return a >= AuthRead
}
func (a AuthLevel) CanCreate() bool {
return a >= AuthCreate
}
func (a AuthLevel) CanUpdate() bool {
return a >= AuthUpdate
}
func (a AuthLevel) CanDelete() bool {
return a >= AuthDelete
}
func (a AuthLevel) CanDoAny() bool {
return a >= AuthAll
}
// Auth 资源权限
type Auth struct {
BaseModel
// 该权限作用的应用
AppID uint `json:"app_id"`
App *App `json:"app"`
// 权限绑定只能绑定一个
RoleID *uint `json:"role_id" gorm:""`
Role *Role `json:"role"`
UserID *uint `json:"user_id"`
User *User `json:"user"`
// 资源id
ResourceID uint `json:"resource_id" gorm:"not null"`
Resource *Resource `json:"resource"`
// resource_name 用于其他系统方便区分权限的名字
RID string `json:"rid" gorm:""`
// 具体某个资源的id
RUID string `json:"ruid"`
Level AuthLevel `json:"level"`
}
type Resource struct {
BaseModel
AppID uint `json:"app_id"`
App *App `json:"app"`
Name string `json:"name"`
// 权限标签
Tag string `json:"tag"`
Des string `json:"des"`
}