fix

controllers/base_auth.go

@@ -185,6 +185,25 @@ func (c *BaseAuthController) Prepare() {
 
 			admin.RoleTypeCode = GetSysUserRoleTypeCode(admin.RoleTypeCode)
 			c.SysUser = admin
+
+			//接口权限校验
+			roleId := admin.RoleId
+			list, e := system.GetMenuButtonsByRoleId(roleId)
+			if e != nil {
+				c.JSON(models.BaseResponse{Ret: 403, Msg: "获取接口权限出错！", ErrMsg: "获取接口权限出错！"}, false, false)
+				c.StopRun()
+				return
+			}
+			var api string
+			for _, v := range list {
+				api += v.Api + ","
+			}
+			api = strings.TrimRight(api,",")
+			if strings.Contains(api,uri) {
+				c.JSON(models.BaseResponse{Ret: 403, Msg: "无权访问！", ErrMsg: "无权访问！"}, false, false)
+				//c.StopRun()
+				//return
+			}
 		} else {
 			c.JSON(models.BaseResponse{Ret: 408, Msg: "请求异常，请联系客服!", ErrMsg: "POST之外的请求，暂不支持"}, false, false)
 			c.StopRun()

models/api_uri.go

@@ -0,0 +1,31 @@
+package models
+
+import "github.com/beego/beego/v2/client/orm"
+
+type ApiUriTest struct {
+	ApiUri         string
+	ParentUri      string
+	Method         string
+	Description    string
+	MenuId         string
+	ParentMenu     string // 一级菜单
+	ChildMenu      string // 二级菜单
+	ButtonName     string // 按钮名称
+	Id             int    `orm:"column(id);pk"`
+	IsPublic       int    // 是否公共api，0否，1是
+	ChildChildMenu string // 三级菜单
+}
+
+func GetApiUriTest() (items []*ApiUriTest, err error) {
+	o := orm.NewOrmUsingDB("weekly")
+	sql := ` SELECT * FROM api_uri_test `
+	_,err = o.Raw(sql).QueryRows(&items)
+	return
+}
+
+func UpdateApiUriTest(api string, menuId int) (err error) {
+	o := orm.NewOrm()
+	sql := ` UPDATE sys_menu SET api = ? where menu_id = ?`
+	_, err = o.Raw(sql, api, menuId).Exec()
+	return
+}

models/system/sys_menu.go

@@ -30,6 +30,7 @@ type SysMenu struct {
 	ButtonCode string    `description:"按钮/菜单唯一标识"`
 	CreateTime time.Time `description:"创建时间"`
 	ModifyTime time.Time `description:"更新时间"`
+	Api        string    `description:"按钮相关api"`
 }
 
 // GetSysMenuItemsByCondition 获取菜单列表

services/api.go

@@ -0,0 +1,51 @@
+package services
+
+import (
+	"eta/eta_api/models"
+	"fmt"
+	"strconv"
+	"strings"
+)
+
+func ApiFix() {
+	//拿到所有的api遍历
+	list, err := models.GetApiUriTest()
+	if err != nil {
+		return
+	}
+
+	apiMap := make(map[int]string, 0)
+
+	for _, v := range list {
+		menuIds := strings.Split(v.MenuId,",")
+		for _, menuIdStr := range menuIds {
+			if menuIdStr != "" {
+				menuId, err := strconv.Atoi(menuIdStr)
+				if err != nil {
+					fmt.Println("strconv err:" + err.Error())
+					return
+				}
+				if apis, ok := apiMap[menuId]; ok {
+					apiMap[menuId] = apis + "&" +v.ApiUri
+				} else {
+					apiMap[menuId] = v.ApiUri
+				}
+			}
+		}
+	}
+
+	fmt.Println(apiMap)
+
+	//修改每一个按钮的值
+	for menuId, api := range apiMap {
+		fmt.Println(menuId, api)
+		err := models.UpdateApiUriTest(api, menuId)
+		if err!= nil {
+			fmt.Println("update err:" + err.Error())
+			return
+		}
+	}
+
+}
+
+