wanglei/AuthPlatform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

对前端的调用接口增加权限认证代码,权限认证失败返回403

Browse Source
This commit is contained in:
wanglei 2025-11-08 16:10:04 +08:00
parent fa7185d1d1
commit aa65ae0d4b
13 changed files with 396 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/api/system/account.lua
View File

@ -15,32 +15,47 @@ local routes = {
{ {
paths = { "/api/system/accounts" }, paths = { "/api/system/accounts" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::accounts::list"
return true
end,
handler = systemAccount.getSystemAccounts, handler = systemAccount.getSystemAccounts,
metadata = "system::accounts::list",
}, },
{ {
paths = { "/api/system/accounts/:id" }, paths = { "/api/system/accounts/:id" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::accounts::view"
return true
end,
handler = systemAccount.getSystemAccount, handler = systemAccount.getSystemAccount,
metadata = "system::accounts::view",
}, },
{ {
paths = { "/api/system/accounts" }, paths = { "/api/system/accounts" },
methods = { "POST" }, methods = { "POST" },
filter_fun = function(vars)
ngx.ctx.perms = "system::accounts::add"
return true
end,
handler = systemAccount.addSystemAccount, handler = systemAccount.addSystemAccount,
metadata = "system::accounts::add",
}, },
{ {
paths = { "/api/system/accounts/:id" }, paths = { "/api/system/accounts/:id" },
methods = { "DELETE" }, methods = { "DELETE" },
filter_fun = function(vars)
ngx.ctx.perms = "system::accounts::delete"
return true
end,
handler = systemAccount.deleteSystemAccount, handler = systemAccount.deleteSystemAccount,
metadata = "system::accounts::delete",
}, },
{ {
paths = { "/api/system/accounts/:id" }, paths = { "/api/system/accounts/:id" },
methods = { "PUT" }, methods = { "PUT" },
filter_fun = function(vars)
ngx.ctx.perms = "system::accounts::edit"
return true
end,
handler = systemAccount.updateSystemAccount, handler = systemAccount.updateSystemAccount,
metadata = "system::accounts::edit",
}, },
} }

25
src/api/system/application.lua
View File

@ -15,32 +15,47 @@ local routes = {
{ {
paths = { "/api/system/applications" }, paths = { "/api/system/applications" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::applications::list"
return true
end,
handler = systemApplication.getSystemApplications, handler = systemApplication.getSystemApplications,
metadata = "system::applications::list",
}, },
{ {
paths = { "/api/system/applications/:id" }, paths = { "/api/system/applications/:id" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::applications::view"
return true
end,
handler = systemApplication.getSystemApplication, handler = systemApplication.getSystemApplication,
metadata = "system::applications::view",
}, },
{ {
paths = { "/api/system/applications" }, paths = { "/api/system/applications" },
methods = { "POST" }, methods = { "POST" },
filter_fun = function(vars)
ngx.ctx.perms = "system::applications::add"
return true
end,
handler = systemApplication.addSystemApplication, handler = systemApplication.addSystemApplication,
metadata = "system::applications::add",
}, },
{ {
paths = { "/api/system/applications/:id" }, paths = { "/api/system/applications/:id" },
methods = { "DELETE" }, methods = { "DELETE" },
filter_fun = function(vars)
ngx.ctx.perms = "system::applications::delete"
return true
end,
handler = systemApplication.deleteSystemApplication, handler = systemApplication.deleteSystemApplication,
metadata = "system::applications::delete",
}, },
{ {
paths = { "/api/system/applications/:id" }, paths = { "/api/system/applications/:id" },
methods = { "PUT" }, methods = { "PUT" },
filter_fun = function(vars)
ngx.ctx.perms = "system::applications::edit"
return true
end,
handler = systemApplication.updateSystemApplication, handler = systemApplication.updateSystemApplication,
metadata = "system::applications::edit",
}, },
} }

25
src/api/system/department.lua
View File

@ -15,32 +15,47 @@ local routes = {
{ {
paths = { "/api/system/departments" }, paths = { "/api/system/departments" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::departments::list"
return true
end,
handler = systemDepartment.getSystemDepartments, handler = systemDepartment.getSystemDepartments,
metadata = "system::departments::list",
}, },
{ {
paths = { "/api/system/departments/:id" }, paths = { "/api/system/departments/:id" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::departments::view"
return true
end,
handler = systemDepartment.getSystemDepartment, handler = systemDepartment.getSystemDepartment,
metadata = "system::departments::view",
}, },
{ {
paths = { "/api/system/departments" }, paths = { "/api/system/departments" },
methods = { "POST" }, methods = { "POST" },
filter_fun = function(vars)
ngx.ctx.perms = "system::departments::add"
return true
end,
handler = systemDepartment.addSystemDepartment, handler = systemDepartment.addSystemDepartment,
metadata = "system::departments::add",
}, },
{ {
paths = { "/api/system/departments/:id" }, paths = { "/api/system/departments/:id" },
methods = { "DELETE" }, methods = { "DELETE" },
filter_fun = function(vars)
ngx.ctx.perms = "system::departments::delete"
return true
end,
handler = systemDepartment.deleteSystemDepartment, handler = systemDepartment.deleteSystemDepartment,
metadata = "system::departments::delete",
}, },
{ {
paths = { "/api/system/departments/:id" }, paths = { "/api/system/departments/:id" },
methods = { "PUT" }, methods = { "PUT" },
filter_fun = function(vars)
ngx.ctx.perms = "system::departments::edit"
return true
end,
handler = systemDepartment.updateSystemDepartment, handler = systemDepartment.updateSystemDepartment,
metadata = "system::departments::edit",
}, },
} }

25
src/api/system/permission.lua
View File

@ -15,32 +15,47 @@ local routes = {
{ {
paths = { "/api/system/permissions" }, paths = { "/api/system/permissions" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::permissions::list"
return true
end,
handler = systemPermission.getSystemPermissions, handler = systemPermission.getSystemPermissions,
metadata = "system::permissions::list",
}, },
{ {
paths = { "/api/system/permissions/:id" }, paths = { "/api/system/permissions/:id" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::permissions::view"
return true
end,
handler = systemPermission.getSystemPermission, handler = systemPermission.getSystemPermission,
metadata = "system::permissions::view",
}, },
{ {
paths = { "/api/system/permissions" }, paths = { "/api/system/permissions" },
methods = { "POST" }, methods = { "POST" },
filter_fun = function(vars)
ngx.ctx.perms = "system::permissions::add"
return true
end,
handler = systemPermission.addSystemPermission, handler = systemPermission.addSystemPermission,
metadata = "system::permissions::add",
}, },
{ {
paths = { "/api/system/permissions/:id" }, paths = { "/api/system/permissions/:id" },
methods = { "DELETE" }, methods = { "DELETE" },
filter_fun = function(vars)
ngx.ctx.perms = "system::permissions::delete"
return true
end,
handler = systemPermission.deleteSystemPermission, handler = systemPermission.deleteSystemPermission,
metadata = "system::permissions::delete",
}, },
{ {
paths = { "/api/system/permissions/:id" }, paths = { "/api/system/permissions/:id" },
methods = { "PUT" }, methods = { "PUT" },
filter_fun = function(vars)
ngx.ctx.perms = "system::permissions::edit"
return true
end,
handler = systemPermission.updateSystemPermission, handler = systemPermission.updateSystemPermission,
metadata = "system::permissions::edit",
}, },
} }

25
src/api/system/postion.lua
View File

@ -15,32 +15,47 @@ local routes = {
{ {
paths = { "/api/system/positions" }, paths = { "/api/system/positions" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::positions::list"
return true
end,
handler = systemPosition.getSystemPositions, handler = systemPosition.getSystemPositions,
metadata = "system::positions::list",
}, },
{ {
paths = { "/api/system/positions/:id" }, paths = { "/api/system/positions/:id" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::positions::view"
return true
end,
handler = systemPosition.getSystemPosition, handler = systemPosition.getSystemPosition,
metadata = "system::positions::list",
}, },
{ {
paths = { "/api/system/positions" }, paths = { "/api/system/positions" },
methods = { "POST" }, methods = { "POST" },
filter_fun = function(vars)
ngx.ctx.perms = "system::positions::add"
return true
end,
handler = systemPosition.addSystemPosition, handler = systemPosition.addSystemPosition,
metadata = "system::positions::list",
}, },
{ {
paths = { "/api/system/positions/:id" }, paths = { "/api/system/positions/:id" },
methods = { "DELETE" }, methods = { "DELETE" },
filter_fun = function(vars)
ngx.ctx.perms = "system::positions::delete"
return true
end,
handler = systemPosition.deleteSystemPosition, handler = systemPosition.deleteSystemPosition,
metadata = "system::positions::list",
}, },
{ {
paths = { "/api/system/positions/:id" }, paths = { "/api/system/positions/:id" },
methods = { "PUT" }, methods = { "PUT" },
filter_fun = function(vars)
ngx.ctx.perms = "system::positions::edit"
return true
end,
handler = systemPosition.updateSystemPosition, handler = systemPosition.updateSystemPosition,
metadata = "system::positions::list",
}, },
} }

25
src/api/system/role.lua
View File

@ -15,32 +15,47 @@ local routes = {
{ {
paths = { "/api/system/roles" }, paths = { "/api/system/roles" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::roles::list"
return true
end,
handler = systemRole.getSystemRoles, handler = systemRole.getSystemRoles,
metadata = "system::roles::list",
}, },
{ {
paths = { "/api/system/roles/:id" }, paths = { "/api/system/roles/:id" },
methods = { "GET" }, methods = { "GET" },
filter_fun = function(vars)
ngx.ctx.perms = "system::roles::view"
return true
end,
handler = systemRole.getSystemRole, handler = systemRole.getSystemRole,
metadata = "system::roles::view",
}, },
{ {
paths = { "/api/system/roles" }, paths = { "/api/system/roles" },
methods = { "POST" }, methods = { "POST" },
filter_fun = function(vars)
ngx.ctx.perms = "system::roles::add"
return true
end,
handler = systemRole.addSystemRole, handler = systemRole.addSystemRole,
metadata = "system::roles::add",
}, },
{ {
paths = { "/api/system/roles/:id" }, paths = { "/api/system/roles/:id" },
methods = { "DELETE" }, methods = { "DELETE" },
filter_fun = function(vars)
ngx.ctx.perms = "system::roles::delete"
return true
end,
handler = systemRole.deleteSystemRole, handler = systemRole.deleteSystemRole,
metadata = "system::roles::delete",
}, },
{ {
paths = { "/api/system/roles/:id" }, paths = { "/api/system/roles/:id" },
methods = { "PUT" }, methods = { "PUT" },
filter_fun = function(vars)
ngx.ctx.perms = "system::roles::edit"
return true
end,
handler = systemRole.updateSystemRole, handler = systemRole.updateSystemRole,
metadata = "system::roles::edit",
}, },
} }

36
src/service/system/account.lua
View File

@ -7,11 +7,19 @@ local resp = require("util.response")
local accountDao = require("dao.account") local accountDao = require("dao.account")
local validatorJson = require("validator.system.account") local validatorJson = require("validator.system.account")
local cjson = require("cjson.safe") local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")
local _M = {} local _M = {}
--获取所有账户信息 --获取所有账户信息
function _M.getSystemAccounts() function _M.getSystemAccounts()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local pageNum = ngx.var.pagenum or 1 local pageNum = ngx.var.pagenum or 1
local pageSize = ngx.var.pagesize or 10 local pageSize = ngx.var.pagesize or 10
local code,ret = accountDao.getSystemAccounts(pageNum, pageSize) local code,ret = accountDao.getSystemAccounts(pageNum, pageSize)
@ -21,6 +29,13 @@ end
--根据账户id获取账户信息 --根据账户id获取账户信息
function _M.getSystemAccount(m) function _M.getSystemAccount(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local id = m.id local id = m.id
local code,ret = accountDao.getSystemAccount(id) local code,ret = accountDao.getSystemAccount(id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
@ -29,6 +44,13 @@ end
--根据账户id获取账户信息 --根据账户id获取账户信息
function _M.addSystemAccount() function _M.addSystemAccount()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据
@ -49,6 +71,13 @@ end
--根据账户id删除账户信息 --根据账户id删除账户信息
function _M.deleteSystemAccount(m) function _M.deleteSystemAccount(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code, ret = accountDao.deleteSystemAccount(m.id) local code, ret = accountDao.deleteSystemAccount(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -56,6 +85,13 @@ end
--根据账户id删除账户信息 --根据账户id删除账户信息
function _M.updateSystemAccount(m) function _M.updateSystemAccount(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据

50
src/service/system/application.lua
View File

@ -7,11 +7,19 @@ local resp = require("util.response")
local applicationDao = require("dao.application") local applicationDao = require("dao.application")
local validatorJson = require("validator.system.application") local validatorJson = require("validator.system.application")
local cjson = require("cjson.safe") local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")
local _M = {} local _M = {}
--获取所有应用程序信息 --获取所有应用程序信息
function _M.getSystemApplications() function _M.getSystemApplications()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--获取页码和请求的数据量 --获取页码和请求的数据量
local pageNum = ngx.var.pagenum or 1 local pageNum = ngx.var.pagenum or 1
local pageSize = ngx.var.pagesize or 10 local pageSize = ngx.var.pagesize or 10
@ -22,6 +30,13 @@ end
--根据应用id获取应用信息 --根据应用id获取应用信息
function _M.getSystemApplication(m) function _M.getSystemApplication(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code,ret = applicationDao.getSystemApplication(m.id) local code,ret = applicationDao.getSystemApplication(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -29,6 +44,13 @@ end
--根据组织id获取应用信息 --根据组织id获取应用信息
function _M.getOrganizationApplication(m) function _M.getOrganizationApplication(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code,ret = applicationDao.getOrganizationApplication(m.id) local code,ret = applicationDao.getOrganizationApplication(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -36,6 +58,13 @@ end
--根据用户id获取应用的信息 --根据用户id获取应用的信息
function _M.getUserApplication(m) function _M.getUserApplication(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code,ret = applicationDao.getUserApplication(m.id) local code,ret = applicationDao.getUserApplication(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -43,6 +72,13 @@ end
--根据应用id获取应用信息 --根据应用id获取应用信息
function _M.addSystemApplication() function _M.addSystemApplication()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据
@ -63,6 +99,13 @@ end
--根据应用id删除应用信息 --根据应用id删除应用信息
function _M.deleteSystemApplication(m) function _M.deleteSystemApplication(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code, ret = applicationDao.deleteApplication(m.id) local code, ret = applicationDao.deleteApplication(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -70,6 +113,13 @@ end
--根据应用id删除应用信息 --根据应用id删除应用信息
function _M.updateSystemApplication(m) function _M.updateSystemApplication(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据

37
src/service/system/department.lua
View File

@ -7,11 +7,19 @@ local resp = require("util.response")
local departmentDao = require("dao.department") local departmentDao = require("dao.department")
local validatorJson = require("validator.system.department") local validatorJson = require("validator.system.department")
local cjson = require("cjson.safe") local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")
local _M = {} local _M = {}
--获取所有组织架构信息 --获取所有组织架构信息
function _M.getSystemDepartments() function _M.getSystemDepartments()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--获取页码和请求的数据量 --获取页码和请求的数据量
local pageNum = ngx.var.pagenum or 1 local pageNum = ngx.var.pagenum or 1
local pageSize = ngx.var.pagesize or 10 local pageSize = ngx.var.pagesize or 10
@ -22,6 +30,13 @@ end
--根据组织id获取组织架构信息 --根据组织id获取组织架构信息
function _M.getSystemDepartment(m) function _M.getSystemDepartment(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code,ret = departmentDao.getSystemDepartment(m.id) local code,ret = departmentDao.getSystemDepartment(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -29,6 +44,13 @@ end
--根据组织id添加组织架构信息 --根据组织id添加组织架构信息
function _M.addSystemDepartment() function _M.addSystemDepartment()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据
@ -49,6 +71,14 @@ end
--根据组织id删除组织架构信息 --根据组织id删除组织架构信息
function _M.deleteSystemDepartment(m) function _M.deleteSystemDepartment(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--删除部门数据
local code, ret = departmentDao.deleteSystemDepartment(m.id) local code, ret = departmentDao.deleteSystemDepartment(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -56,6 +86,13 @@ end
--根据组织id删除组织架构信息 --根据组织id删除组织架构信息
function _M.updateSystemDepartment(m) function _M.updateSystemDepartment(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据

43
src/service/system/permission.lua
View File

@ -7,11 +7,19 @@ local resp = require("util.response")
local permissionDao = require("dao.permission") local permissionDao = require("dao.permission")
local validatorJson = require("validator.system.permission") local validatorJson = require("validator.system.permission")
local cjson = require("cjson.safe") local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")
local _M = {} local _M = {}
--获取所有权限信息 --获取所有权限信息
function _M.getSystemPermissions() function _M.getSystemPermissions()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--获取页码和请求的数据量 --获取页码和请求的数据量
local pageNum = ngx.var.pagenum or 1 local pageNum = ngx.var.pagenum or 1
local pageSize = ngx.var.pagesize or 10 local pageSize = ngx.var.pagesize or 10
@ -22,6 +30,13 @@ end
--根据权限id获取权限信息 --根据权限id获取权限信息
function _M.get_permission(m) function _M.get_permission(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code,ret = permissionDao.getPermission(m.id) local code,ret = permissionDao.getPermission(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -29,6 +44,13 @@ end
--根据角色id获取使用的权限 --根据角色id获取使用的权限
function _M.getSystemPermissionByRole(m) function _M.getSystemPermissionByRole(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code,ret = dao.getPermissionByRole(m.id) local code,ret = dao.getPermissionByRole(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -36,6 +58,13 @@ end
--根据权限id获取账号信息 --根据权限id获取账号信息
function _M.addSystemPermission() function _M.addSystemPermission()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据
@ -56,6 +85,13 @@ end
--根据账号id删除账号信息 --根据账号id删除账号信息
function _M.deleteSystemPermission(m) function _M.deleteSystemPermission(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code, ret = permissionDao.deleteSystemPermission(m.id) local code, ret = permissionDao.deleteSystemPermission(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -63,6 +99,13 @@ end
--根据账号id删除账号信息 --根据账号id删除账号信息
function _M.updateSystemPermission(m) function _M.updateSystemPermission(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据

36
src/service/system/position.lua
View File

@ -7,11 +7,19 @@ local resp = require("util.response")
local positionDao = require("dao.position") local positionDao = require("dao.position")
local validatorJson = require("validator.system.position") local validatorJson = require("validator.system.position")
local cjson = require("cjson.safe") local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")
local _M = {} local _M = {}
--获取所有岗位信息 --获取所有岗位信息
function _M.getSystemPositions() function _M.getSystemPositions()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--获取页码和请求的数据量 --获取页码和请求的数据量
local pageNum = ngx.var.pagenum or 1 local pageNum = ngx.var.pagenum or 1
local pageSize = ngx.var.pagesize or 10 local pageSize = ngx.var.pagesize or 10
@ -22,6 +30,13 @@ end
--根据岗位id获取岗位信息 --根据岗位id获取岗位信息
function _M.getSystemPosition(m) function _M.getSystemPosition(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code,ret = positionDao.getSystemPosition(m.id) local code,ret = positionDao.getSystemPosition(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -29,6 +44,13 @@ end
--根据岗位id添加岗位信息 --根据岗位id添加岗位信息
function _M.addSystemPosition() function _M.addSystemPosition()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据
@ -49,6 +71,13 @@ end
--根据岗位id删除岗位信息 --根据岗位id删除岗位信息
function _M.deleteSystemPosition(m) function _M.deleteSystemPosition(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code, ret = positionDao.deleteSystemPosition(m.id) local code, ret = positionDao.deleteSystemPosition(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -56,6 +85,13 @@ end
--根据岗位id删除岗位信息 --根据岗位id删除岗位信息
function _M.updateSystemPosition(m) function _M.updateSystemPosition(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据

36
src/service/system/role.lua
View File

@ -7,11 +7,19 @@ local resp = require("util.response")
local roleDao = require("dao.role") local roleDao = require("dao.role")
local validatorJson = require("validator.system.role") local validatorJson = require("validator.system.role")
local cjson = require("cjson.safe") local cjson = require("cjson.safe")
local perm = require("util.permissionfilter")
local _M = {} local _M = {}
--获取所有角色信息 --获取所有角色信息
function _M.getSystemRoles() function _M.getSystemRoles()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--获取页码和请求的数据量 --获取页码和请求的数据量
--local args = ngx.req.get_uri_args() --local args = ngx.req.get_uri_args()
local pageNum = ngx.var.pagenum or 1 local pageNum = ngx.var.pagenum or 1
@ -23,6 +31,13 @@ end
--根据角色id获取角色信息 --根据角色id获取角色信息
function _M.getSystemRole(m) function _M.getSystemRole(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code,ret = roleDao.getSystemRole(m.id) local code,ret = roleDao.getSystemRole(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -30,6 +45,13 @@ end
--根据角色id获取角色信息 --根据角色id获取角色信息
function _M.addSystemRole() function _M.addSystemRole()
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据
@ -50,6 +72,13 @@ end
--根据角色id删除角色信息 --根据角色id删除角色信息
function _M.deleteSystemRole(m) function _M.deleteSystemRole(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code, ret = roleDao.deleteSystemRole(m.id) local code, ret = roleDao.deleteSystemRole(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -57,6 +86,13 @@ end
--根据角色id删除角色信息 --根据角色id删除角色信息
function _M.updateSystemRole(m) function _M.updateSystemRole(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据

45
src/service/system/user.lua
View File

@ -8,6 +8,7 @@ local userDao = require("dao.user")
local validatorJson = require("validator.system.user") local validatorJson = require("validator.system.user")
local cjson = require("cjson.safe") local cjson = require("cjson.safe")
local token = require("util.token") local token = require("util.token")
local perm = require("util.permissionfilter")
local _M = {} local _M = {}
@ -26,17 +27,19 @@ end
--获取所有用户信息 --获取所有用户信息
function _M.getSystemUsers(m) function _M.getSystemUsers(m)
--获取登录的用户信息 --获取登录的用户信息
local userid = ngx.ctx.userid --local userid = ngx.ctx.userid
local username = ngx.ctx.username --local username = ngx.ctx.username
local role = ngx.ctx.role local role = ngx.ctx.role
ngx.log(ngx.INFO, "userid:"..userid.." username:"..username.." role:"..role) --ngx.log(ngx.INFO, "userid:"..userid.." username:"..username.." role:"..role)
--权限数据 --权限数据
local perms = ngx.ctx.perms local perms = ngx.ctx.perms
local method = m._method --local method = m._method
local path = m._path --local path = m._path
ngx.log(ngx.INFO, "path:"..path.." method:"..method) --ngx.log(ngx.INFO, "path:"..path.." method:"..method)
--判断当前接口用户和角色是否有权限 --判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--获取页码和请求的数据量 --获取页码和请求的数据量
--local args = ngx.req.get_uri_args() --local args = ngx.req.get_uri_args()
local pageNum = ngx.var.pagenum or 1 local pageNum = ngx.var.pagenum or 1
@ -48,6 +51,13 @@ end
--根据用户id获取用户信息 --根据用户id获取用户信息
function _M.getSystemUser(m) function _M.getSystemUser(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--获取登录的用户信息 --获取登录的用户信息
local payload = ngx.var.uid local payload = ngx.var.uid
local metadata = m.metadata local metadata = m.metadata
@ -66,6 +76,13 @@ end
--根据用户id获取用户信息 --根据用户id获取用户信息
function _M.addSystemUser(m) function _M.addSystemUser(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
--读取请求体的数据 --读取请求体的数据
ngx.req.read_body() ngx.req.read_body()
--获取请求数据 --获取请求数据
@ -88,6 +105,13 @@ end
--根据用户id删除用户信息 --根据用户id删除用户信息
function _M.deleteSystemUser(m) function _M.deleteSystemUser(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local code, ret = userDao.deleteSystemUser(m.id) local code, ret = userDao.deleteSystemUser(m.id)
local result = resp:json(code, ret) local result = resp:json(code, ret)
resp:send(result) resp:send(result)
@ -95,6 +119,13 @@ end
--根据用户id删除用户信息 --根据用户id删除用户信息
function _M.updateSystemUser(m) function _M.updateSystemUser(m)
local role = ngx.ctx.role
--权限数据
local perms = ngx.ctx.perms
--判断当前接口用户和角色是否有权限
if perm:hasPermission(role, perms) == false then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
local userid = getUserId() local userid = getUserId()
if userid ~= m.id then if userid ~= m.id then
ngx.log(ngx.WARN, "用户与使用token中的用户id不一致") ngx.log(ngx.WARN, "用户与使用token中的用户id不一致")