SmartCost
/
YangHuOperation


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175
							/**
 * 控制器基类
 *
 * @author CaiAoLin
 * @date 2017/6/29
 * @version
 */
import crypto from "crypto";
import Url from "url";
import Moment from 'moment-timezone';
// import menuData from "../../../config/menu";

class BaseController {

    /**
     * 页面title
     *
     * @var string
     */

    /**
     * 构造函数
     *
     * @return {void}
     */
    constructor() {
        /**
         * 使BaseController可以实例化，可作为中间件使用
         */
        /*if (new.target === BaseController) {
            throw new Error('BaseController不能实例化,只能继承使用。');
        }*/
    }

    /**
     * 初始化函数
     *
     * @param {object} request
     * @param {object} response
     * @param {function} next
     * @return {void}
     */
    init(request, response, next) {
        // 获取当前控制器和动作名称
        let urlInfo = Url.parse(request.originalUrl, true);
        let url = urlInfo.pathname.substr(1);
        let actionInfo = url.split('/');
        let controller = 'index';
        let action = 'index';
        switch (actionInfo.length) {
            case 1:
                controller = actionInfo[0];
                break;
            case 2:
                controller = actionInfo[0];
                action = actionInfo[1];
                break;
            default:
                controller = actionInfo[0];
                break;
        }

        try {
            console.log('enterINit');
            // 如果不适超级管理员则判断权限
            let sessionManager = request.session.managerData;
            let MenuPermission = sessionManager.menuData;
            if (sessionManager.superAdmin !== 1) {
                let currentPermission = sessionManager.toolPermission;
                // MenuPermission = sessionManager.menuData;
                // 校验权限 暂时只检测能否使用该controller名称的总权限，不细分
                currentPermission = currentPermission.split(',');
                let withoutPermission = ['login', 'dashboard'];

                // 工具
                let toolAllPermission = sessionManager.toolAllPermission;
                toolAllPermission = toolAllPermission.split(',');
                // let toolAllPermission = ['stdBillsmain', 'rationRepository', 'rpt_tpl', 'stdGljRepository',
                //     'billsGuidance', 'clearJunk', 'billsTemplate', 'mainTreeCol',
                //     'materialReplace', 'projectFeature', 'feeRate', 'calcProgram'];
                let hasToolPermission = true;
                if (toolAllPermission.indexOf(controller) >= 0 && currentPermission.indexOf(controller) < 0) {
                    hasToolPermission = false;
                }

                let currentControllerPermission = '';
                // let currentActionPermission = true;

                if(withoutPermission.indexOf(controller) < 0) {
                    if (MenuPermission.hasOwnProperty(controller)) {
                        currentControllerPermission = MenuPermission[controller];

                    }

                    // if (currentControllerPermission !== '' && action !== 'index') {
                    //     if (currentControllerPermission.children.hasOwnProperty(action)) {
                    //         currentActionPermission = true;
                    //     }
                    // } else if (action === 'index') {
                    //     currentActionPermission = true
                    // }
                }

                if (withoutPermission.indexOf(controller) < 0 &&
                    !(hasToolPermission || currentControllerPermission !== '')) {

                    throw '没有权限';
                }
            }

            // 菜单数据
            response.locals.menu = MenuPermission;
            // 二级菜单数据
            response.locals.secondMenu = MenuPermission[controller] !== undefined && MenuPermission[controller].children !== undefined ?
                MenuPermission[controller].children : {};

            // url相关数据
            response.locals.urlQuery = JSON.stringify(urlInfo.query);
            response.locals.controller = controller;
            response.locals.action = action;

            // 用户session数据
            response.locals.manager = sessionManager;

            // moment工具
            response.locals.moment = Moment;
        } catch (error) {
            console.log('enterAURE');
            console.log(error);
            response.redirect('/dashboard');
            return;
        }

        next();
    }

    /**
     * 验证方法
     *
     * @param {object} request
     * @param {object} response
     * @param {function} next
     * @return {void}
     */
    auth(request, response, next) {
        // 判断session
        let mangerData = request.session.managerData;
        try {
            console.log('enterAuth');
            if (typeof mangerData !== 'object' || Object.keys(mangerData).length < 0) {
                throw 'err data';
            }

            if (mangerData.username === undefined || mangerData.loginTime === undefined) {
                throw 'username empty';
            }
            // 校验session
            let sessionToken = crypto.createHmac('sha1', mangerData.loginTime + '')
                .update(mangerData.username).digest().toString('base64');
            if (sessionToken !== mangerData.sessionToken) {
                throw 'session error';
            }

        } catch (error) {
            console.log('enterAURE');
            response.redirect('/login');
            return;
        }

        next();
    }

}

export default BaseController;