权限校验

middleware/check_base_auth.go

@@ -0,0 +1,31 @@
+package middleware
+
+import (
+	"github.com/gin-gonic/gin"
+	"hongze/hongze_yb/controller/response"
+	"hongze/hongze_yb/services/company"
+	"hongze/hongze_yb/services/user"
+)
+
+// CheckBaseAuth 基本权限校验
+func CheckBaseAuth() gin.HandlerFunc {
+
+	return func(c *gin.Context) {
+
+		userInfo := user.GetInfoByClaims(c)
+
+		ok, checkInfo, _, err := company.CheckBaseFiccPermission(userInfo.CompanyID, int(userInfo.UserID))
+		if err != nil {
+			response.FailMsg("用户权限验证失败", "CheckBaseAuth-用户权限验证失败" + err.Error(), c)
+			c.Abort()
+			return
+		}
+		if !ok {
+			response.AuthError(checkInfo, "暂无权限", c)
+			c.Abort()
+			return
+		}
+
+		c.Next()
+	}
+}

routers/community.go

@@ -7,7 +7,7 @@ import (
 )
 
 func InitCommunity(r *gin.Engine)  {
-	rGroup := r.Group("api/community").Use(middleware.Token())
+	rGroup := r.Group("api/community").Use(middleware.Token(), middleware.CheckBaseAuth())
 	rGroup.GET("/question/list", community.QuestionList)
 	rGroup.GET("/question/detail", community.QuestionDetail)
 	rGroup.POST("/question/ask", community.QuestionAsk)