caipin 4 tahun lalu
induk
melakukan
16970c2dfd
3 mengubah file dengan 22 tambahan dan 22 penghapusan
  1. 10 13
      lib/permission.json
  2. 11 8
      web/middleware/accessAuth.go
  3. 1 1
      web/viewmodels/login.go

+ 10 - 13
lib/permission.json

@@ -39,37 +39,34 @@
     },
     "safe": {
         "add": [
-            
-        ],
-        "access": [
-            "/api/safe/detail",
             "/api/safe",
-
             "/api/safe_audit/back",
             "/api/safe_audit/close",
             "/api/safe_audit/pass",
             "/api/safe_audit/start"
-           
+        ],
+        "access": [
+            "/api/safe/detail",
+            "/api/safe"
         ],
         "delete": [
-            
+            "/api/safe"
         ]
     },
     "quality": {
         "add": [
-            
-        ],
-        "access": [
-            "/api/quality/detail",
             "/api/quality",
-
             "/api/quality_audit/back",
             "/api/quality_audit/close",
             "/api/quality_audit/pass",
             "/api/quality_audit/start"
         ],
+        "access": [
+            "/api/quality/detail",
+            "/api/quality"
+        ],
         "delete": [
-            
+            "/api/quality"
         ]
     },
     "projectSetting": []

+ 11 - 8
web/middleware/accessAuth.go

@@ -124,20 +124,24 @@ func AccessAuth(ctx iris.Context) {
 		}
 		// 2-2 不容许访问的权限--比对访问路径
 		requestPath := ctx.Path()
+
+		// 2-3 请求的类型
+		method := ctx.Request().Method
+
 		// 合同权限
-		err = verifyAuth(contractPermission, permissionPath.Contract, requestPath)
+		err = verifyAuth(contractPermission, permissionPath.Contract, requestPath, method)
 		if err != nil {
 			ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
 			return
 		}
 		// 安全权限
-		err = verifyAuth(safePermission, permissionPath.Safe, requestPath)
+		err = verifyAuth(safePermission, permissionPath.Safe, requestPath, method)
 		if err != nil {
 			ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
 			return
 		}
 		// 质量权限
-		err = verifyAuth(qualityPermission, permissionPath.Quality, requestPath)
+		err = verifyAuth(qualityPermission, permissionPath.Quality, requestPath, method)
 		if err != nil {
 			ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
 			return
@@ -156,25 +160,24 @@ func AccessAuth(ctx iris.Context) {
 }
 
 // 验证权限路径
-func verifyAuth(permission permission, pathList path, requestPath string) error {
+func verifyAuth(permission permission, pathList path, requestPath string, method string) error {
 	if permission.Add == 0 {
 		for _, path := range pathList.Add {
-			if path == requestPath {
+			if path == requestPath && method == "POST" {
 				return errors.New("无权访问")
 			}
 		}
 	}
 	if permission.Access == 0 {
-		fmt.Println(requestPath)
 		for _, path := range pathList.Access {
-			if path == requestPath {
+			if path == requestPath && method == "GET" {
 				return errors.New("无权访问")
 			}
 		}
 	}
 	if permission.Delete == 0 {
 		for _, path := range pathList.Delete {
-			if path == requestPath {
+			if path == requestPath && (method == "POST" || method == "DELETE") {
 				return errors.New("无权访问")
 			}
 		}

+ 1 - 1
web/viewmodels/login.go

@@ -19,7 +19,7 @@ func (l Login) Validate() error {
 	return validation.ValidateStruct(&l,
 		// Code cannot be empty, and the length must between 5 and 50
 		validation.Field(&l.Code, validation.Required.Error("项目编号不能为空"), validation.Length(3, 50).Error("项目编号最少要输入 3 个字符")),
-		validation.Field(&l.Account, validation.Required.Error("账号不能为空"), validation.Length(5, 50).Error("账号最少要输入 6 个字符")),
+		validation.Field(&l.Account, validation.Required.Error("账号不能为空"), validation.Length(2, 50).Error("账号最少要输入 3 个字符")),
 		validation.Field(&l.Password, validation.Required.Error("密码不能为空"), validation.Length(6, 50).Error("密码最少要输入 6 个字符")),
 	)
 }