2022-10-05 19:46:48 +08:00
|
|
|
package casbin
|
2022-10-05 16:02:09 +08:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"github.com/gofiber/fiber/v2"
|
|
|
|
|
"gofiber.study.skcks.cn/common/errorx"
|
|
|
|
|
"gofiber.study.skcks.cn/common/response"
|
|
|
|
|
"gofiber.study.skcks.cn/global"
|
|
|
|
|
)
|
|
|
|
|
|
2022-10-05 19:46:48 +08:00
|
|
|
func RegisterController(app *fiber.App) {
|
|
|
|
|
group := app.Group("/casbin")
|
|
|
|
|
group.Add(fiber.MethodGet, "/test", testCasbin)
|
|
|
|
|
group.Add(fiber.MethodPost, "/reload", reloadCasbin)
|
|
|
|
|
group.Add(fiber.MethodGet, "/getUserRoles", getUserRoles)
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-05 16:02:09 +08:00
|
|
|
// testCasbin casbin 鉴权测试
|
|
|
|
|
//
|
|
|
|
|
// @Summary casbin 鉴权测试
|
|
|
|
|
// @Description casbin 鉴权测试
|
2022-10-05 19:46:48 +08:00
|
|
|
// @Tags CasBin
|
2022-10-05 16:02:09 +08:00
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
2022-10-05 19:46:48 +08:00
|
|
|
// @Param identity query string true "身份"
|
|
|
|
|
// @Param system query string true "系统"
|
2022-10-05 16:02:09 +08:00
|
|
|
// @Param api query string true "api"
|
|
|
|
|
// @Param act query string true "动作"
|
|
|
|
|
// @Success 200 {object} response.Response{data=string}
|
|
|
|
|
// @Failure default {object} errorx.CodeErrorResponse
|
2022-10-05 19:46:48 +08:00
|
|
|
// @Router /casbin/test [get]
|
2022-10-05 16:02:09 +08:00
|
|
|
func testCasbin(ctx *fiber.Ctx) error {
|
|
|
|
|
var identity, system, api, act string
|
|
|
|
|
|
|
|
|
|
identity = ctx.Query("identity")
|
|
|
|
|
system = ctx.Query("system")
|
|
|
|
|
api = ctx.Query("api")
|
|
|
|
|
act = ctx.Query("act")
|
|
|
|
|
|
|
|
|
|
enforce, err := global.Enforcer.Enforce(identity, system, api, act)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ctx.JSON(errorx.NewDefaultError(err.Error()))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !enforce {
|
|
|
|
|
return ctx.JSON(errorx.NewErrorWithCode(fiber.StatusForbidden, "无权访问"))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ctx.JSON(response.NewResponse("授权访问"))
|
|
|
|
|
}
|
2022-10-05 17:55:39 +08:00
|
|
|
|
|
|
|
|
// reloadCasbin 重新加载 casbin 策略
|
|
|
|
|
//
|
|
|
|
|
// @Summary 重新加载 casbin 策略
|
|
|
|
|
// @Description 重新加载 casbin 策略
|
2022-10-05 19:46:48 +08:00
|
|
|
// @Tags CasBin
|
2022-10-05 17:55:39 +08:00
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Success 200 {object} response.Response{data=string}
|
|
|
|
|
// @Failure default {object} errorx.CodeErrorResponse
|
2022-10-05 19:46:48 +08:00
|
|
|
// @Router /casbin/reload [post]
|
2022-10-05 17:55:39 +08:00
|
|
|
func reloadCasbin(ctx *fiber.Ctx) error {
|
|
|
|
|
err := global.Enforcer.LoadPolicy()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ctx.JSON(errorx.NewErrorWithCode(fiber.StatusForbidden, err.Error()))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ctx.JSON(response.NewResponse("重载成功"))
|
|
|
|
|
}
|
2022-10-05 19:46:48 +08:00
|
|
|
|
|
|
|
|
type GetUserRolesQuery struct {
|
|
|
|
|
Account string `json:"account" example:"root"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// getUserRoles 用户所有角色
|
|
|
|
|
//
|
|
|
|
|
// @Summary 用户所有角色
|
|
|
|
|
// @Description 用户所有角色
|
|
|
|
|
// @Tags CasBin
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param account query string true "用户账号" default(root)
|
|
|
|
|
// @Success 200 {object} response.Response{data=[]string}
|
|
|
|
|
// @Failure default {object} errorx.CodeErrorResponse
|
|
|
|
|
// @Router /casbin/getUserRoles [get]
|
|
|
|
|
func getUserRoles(ctx *fiber.Ctx) error {
|
|
|
|
|
query := &GetUserRolesQuery{}
|
|
|
|
|
err := ctx.QueryParser(query)
|
|
|
|
|
roles, err := global.Enforcer.GetRolesForUser("user::" + query.Account)
|
|
|
|
|
if err != nil {
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ctx.JSON(errorx.NewErrorWithCode(fiber.StatusForbidden, err.Error()))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ctx.JSON(response.NewResponse(roles))
|
|
|
|
|
}
|
