1

conf/redis.go

@@ -0,0 +1,22 @@
+package conf
+
+type RdsConfig struct {
+	Host      string
+	Port      int
+	User      string
+	Pwd       string
+	IsRunning bool // 是否正常运行
+}
+
+// 系统中用到的所有redis缓存资源
+var RdsCacheList = []RdsConfig{
+	{
+		Host:      "127.0.0.1",
+		Port:      6379,
+		User:      "",
+		Pwd:       "",
+		IsRunning: true,
+	},
+}
+
+var RdsCache RdsConfig = RdsCacheList[0]

dao/permission_account_dao.go

@@ -35,6 +35,29 @@ func (d *PermissionAccountDao) GetBidsectionId(bidsectionId int) []models.CmPerm
 	return datalist
 }
 
+// 获得标段下账号权限
+func (d *PermissionAccountDao) GetBidsectionIdAccountId(bidsectionId int, accountId int) *models.CmPermissionAccount {
+	data := &models.CmPermissionAccount{}
+	_, err := d.engine.
+		Where(" bidsection_id= ? and account_id = ? ", bidsectionId, accountId).
+		Get(data)
+	if err == nil {
+		return data
+	} else {
+		data.Id = 0
+		return data
+	}
+}
+
+// 获得项目下账号权限
+func (d *PermissionAccountDao) GetProjectIdAccountId(projectId int, accountId int) []models.CmPermissionAccount {
+	datalist := make([]models.CmPermissionAccount, 0)
+	_ = d.engine.
+		Where(" project_id=? and account_id= ?  ", projectId, accountId).
+		Find(&datalist)
+	return datalist
+}
+
 //更新
 func (d *PermissionAccountDao) Update(data *models.CmPermissionAccount, columns []string) error {
 	//_, err := d.engine.Id(data.Id).MustCols(columns...).Update(data)

datasource/rdshelper.go

@@ -0,0 +1,98 @@
+/*
+ * @description:
+ * @Author: CP
+ * @Date: 2021-01-27 11:00:27
+ * @FilePath: \construction_management\datasource\rdshelper.go
+ */
+package datasource
+
+import (
+	"fmt"
+	"log"
+	"sync"
+	"time"
+
+	"github.com/gomodule/redigo/redis"
+	"go.mod/conf"
+)
+
+var rdsLock sync.Mutex
+var cacheInstance *RedisConn
+
+// 封装成一个redis资源池
+type RedisConn struct {
+	pool      *redis.Pool
+	showDebug bool
+}
+
+// 对外只有一个命令，封装了一个redis的命令
+func (rds *RedisConn) Do(commandName string, args ...interface{}) (reply interface{}, err error) {
+	conn := rds.pool.Get()
+	defer conn.Close()
+
+	t1 := time.Now().UnixNano()
+	reply, err = conn.Do(commandName, args...)
+	if err != nil {
+		e := conn.Err()
+		if e != nil {
+			log.Println("rdshelper Do", err, e)
+		}
+	}
+	t2 := time.Now().UnixNano()
+	if rds.showDebug {
+		fmt.Printf("[redis] [info] [%dus]cmd=%s, err=%s, args=%v, reply=%s\n", (t2-t1)/1000, commandName, err, args, reply)
+	}
+	return reply, err
+}
+
+// 设置是否打印操作日志
+func (rds *RedisConn) ShowDebug(b bool) {
+	rds.showDebug = b
+}
+
+// 得到唯一的redis缓存实例
+func InstanceCache() *RedisConn {
+	if cacheInstance != nil {
+		return cacheInstance
+	}
+	rdsLock.Lock()
+	defer rdsLock.Unlock()
+
+	if cacheInstance != nil {
+		return cacheInstance
+	}
+	return NewCache()
+}
+
+// 重新实例化
+func NewCache() *RedisConn {
+	pool := redis.Pool{
+		Dial: func() (redis.Conn, error) {
+			c, err := redis.Dial("tcp", fmt.Sprintf("%s:%d", conf.RdsCache.Host, conf.RdsCache.Port))
+			if err != nil {
+				log.Fatal("rdshelper.NewCache Dial error ", err)
+				return nil, err
+			}
+			return c, nil
+		},
+		TestOnBorrow: func(c redis.Conn, t time.Time) error {
+			if time.Since(t) < time.Minute {
+				return nil
+			}
+			_, err := c.Do("PING")
+			return err
+		},
+		MaxIdle:         10000,
+		MaxActive:       10000,
+		IdleTimeout:     0,
+		Wait:            false,
+		MaxConnLifetime: 0,
+	}
+	instance := &RedisConn{
+		pool: &pool,
+	}
+	cacheInstance = instance
+	cacheInstance.ShowDebug(true)
+	//cacheInstance.ShowDebug(false)
+	return cacheInstance
+}

go.mod

@@ -16,6 +16,7 @@ require (
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/go-xorm/xorm v0.7.9
 	github.com/golang/protobuf v1.4.3
+	github.com/gomodule/redigo v1.8.2
 	github.com/iris-contrib/middleware/csrf v0.0.0-20200913183508-5d1bed0e6ea4
 	github.com/iris-contrib/middleware/jwt v0.0.0-20200913183508-5d1bed0e6ea4
 	github.com/iris-contrib/swagger/v12 v12.2.0-alpha

go.sum

@@ -165,6 +165,7 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/tools v0.0.0-20201208062317-e652b2f42cc7 h1:Nx7C57v74HoP8EJbHe5BF8fodbEBlfeJwFIjqKNRndI=
+github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k=
 github.com/gomodule/redigo v1.8.2/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=

lib/redis.go

@@ -0,0 +1,53 @@
+/*
+ * @description: redis 操作相关
+ * @Author: CP
+ * @Date: 2021-01-27 11:35:58
+ * @FilePath: \construction_management\lib\redis.go
+ */
+package lib
+
+import (
+	"log"
+	"strconv"
+
+	"go.mod/comm"
+	"go.mod/datasource"
+)
+
+type Redis struct {
+}
+
+func NewRedis() *Redis {
+	return &Redis{}
+}
+
+// 从redis获得标段ID
+func (s *Redis) GetBidsectionIdByCache(key string) int {
+	rds := datasource.InstanceCache()
+	// 读取缓存
+	rs, err := rds.Do("GET", key)
+	if err != nil {
+		log.Println("redis.GetBidsectionId GET key=", key, ", error=", err)
+		return 0
+	}
+
+	str := comm.GetString(rs, "")
+	num, err := strconv.Atoi(str)
+	if err != nil {
+		return 0
+	} else {
+		return int(num)
+	}
+}
+
+// 设置标段ID的redis
+func (s *Redis) SetBidsectionIdByCache(key string, value interface{}) {
+	// 集群模式，redis缓存
+	rds := datasource.InstanceCache()
+	// 更新缓存
+	_, err := rds.Do("SET", key, value)
+	if err != nil {
+		log.Println("redis.SetBidsectionId SET key=", key,
+			", value=", value, ", error=", err)
+	}
+}

services/tree_service.go

@@ -27,9 +27,11 @@ import (
 type TreeService interface {
 	//ValidManager(code string, account string, password string) error
 	ValidRule(ctx iris.Context) (viewmodels.Tree, error)
+	ValidRuleBidsectionType(ctx iris.Context) (viewmodels.Permission, error)
+
 	Create(data viewmodels.Tree) error
 	GetAllProject(projectId int) *viewmodels.Tree
-	GetAllContract(projectId int, projectAccountId int) *viewmodels.FolderContract
+	GetAllContract(projectId int, account *models.CmProjectAccount, bidsectionType int) *viewmodels.FolderContract
 	Rename(treevm viewmodels.Tree, projectId int) error
 	GetFolderAndBid(id int, projectId int) ([]models.CmTree, error)
 	DeleteFolderAndBid(id int, projectId int) error
@@ -38,13 +40,15 @@ type TreeService interface {
 
 //返回service操作类
 type treeService struct {
-	dao *dao.TreeDao
+	dao                  *dao.TreeDao
+	permissionAccountDao *dao.PermissionAccountDao
 }
 
 //创建项目service
 func NewTreeService() TreeService {
 	return &treeService{
-		dao: dao.NewTreeDao(datasource.InstanceDbMaster()),
+		dao:                  dao.NewTreeDao(datasource.InstanceDbMaster()),
+		permissionAccountDao: dao.NewPermissionAccountDao(datasource.InstanceDbMaster()),
 	}
 }
 
@@ -66,6 +70,24 @@ func (s *treeService) ValidRule(ctx iris.Context) (viewmodels.Tree, error) {
 	return folderVaild, nil
 }
 
+// 文件夹规则验证
+func (s *treeService) ValidRuleBidsectionType(ctx iris.Context) (viewmodels.Permission, error) {
+	folderVaild := viewmodels.Permission{}
+	err := ctx.ReadForm(&folderVaild)
+	if err != nil {
+		log.Println("folder-ValidRule-ReadForm转换异常, error=", err)
+		return folderVaild, err
+	}
+
+	err = folderVaild.ValidateType()
+	if err != nil {
+		log.Println("请求标段类型验证, error=", err)
+		return folderVaild, err
+	}
+
+	return folderVaild, nil
+}
+
 // 获得项目下 相关文件夹-整个树结构
 func (s *treeService) GetAllProject(projectId int) *viewmodels.Tree {
 	datalist := s.dao.GetAllTree(projectId)
@@ -122,10 +144,13 @@ func (s *treeService) GetAllProject(projectId int) *viewmodels.Tree {
 }
 
 // 获得合同管理的目录
-func (s *treeService) GetAllContract(projectId int, projectAccountId int) *viewmodels.FolderContract {
+func (s *treeService) GetAllContract(projectId int, account *models.CmProjectAccount, bidsectionType int) *viewmodels.FolderContract {
 	datalist := s.dao.GetAllTree(projectId)
 	folderlist := make([]viewmodels.FolderContract, 0)
 
+	// 2.获得该账号的权限
+	permissionData := s.permissionAccountDao.GetProjectIdAccountId(projectId, account.Id)
+
 	// 生成根
 	folder := viewmodels.FolderContract{}
 	id, _ := comm.AesEncrypt(strconv.Itoa(0), conf.SignSecret)
@@ -137,54 +162,85 @@ func (s *treeService) GetAllContract(projectId int, projectAccountId int) *viewm
 	folderlist = append(folderlist, folder)
 	// 加入数据
 	for _, data := range datalist {
-		folder := viewmodels.FolderContract{}
-		id, _ := comm.AesEncrypt(strconv.Itoa(data.Id), conf.SignSecret)
-		parentId, _ := comm.AesEncrypt(strconv.Itoa(data.ParentId), conf.SignSecret)
-		projectId, _ := comm.AesEncrypt(strconv.Itoa(data.ProjectId), conf.SignSecret)
-		bidsectionId, _ := comm.AesEncrypt(strconv.Itoa(data.BidsectionId), conf.SignSecret)
-		folder.Id = id
-		folder.Name = data.Name
-		folder.ParentId = parentId
-		folder.ProjectId = projectId
-		folder.BidsectionId = bidsectionId
-		// 合同数据
-		folder.Contracts = data.Contracts
-		folder.ContractsIncome = data.ContractsIncome
-		folder.ContractsReturned = data.ContractsReturned
-		// 汇款进度
-		ContractsIncome, err := strconv.ParseFloat(data.ContractsIncome, 64)
-		if err != nil {
-			ContractsIncome = 0
-		}
-		ContractsReturned, err := strconv.ParseFloat(data.ContractsReturned, 64)
-		if err != nil || ContractsReturned == 0 {
-			ContractsReturned = 0
-			folder.ContractsIncomeProgress = "0%"
-		} else {
-			folder.ContractsIncomeProgress = fmt.Sprintf("%.0f", (ContractsReturned/ContractsIncome)*100) + "%"
-		}
 
-		folder.ContractsPay = data.ContractsPay
-		folder.ContractsPaid = data.ContractsPaid
-		// 支付进度
-		ContractsPay, err := strconv.ParseFloat(data.ContractsPay, 64)
-		if err != nil {
-			ContractsPay = 0
+		flag := true
+		if data.BidsectionId != 0 {
+			flag = false
 		}
-		ContractsPaid, err := strconv.ParseFloat(data.ContractsPaid, 64)
-		if err != nil || ContractsPaid == 0 {
-			ContractsPaid = 0
-			folder.ContractsPayProgress = "0%"
-		} else {
-			folder.ContractsPayProgress = fmt.Sprintf("%.0f", (ContractsPaid/ContractsPay)*100) + "%"
+
+		// 过滤没有权限访问的标段-管理员不需要过滤
+		if data.BidsectionId != 0 && account.IsAdmin != 1 {
+			permission := map[string]int{}
+			for _, item := range permissionData {
+				if data.BidsectionId == item.BidsectionId {
+					// 区别合同，安全，质量
+					if bidsectionType == 1 {
+						json.Unmarshal([]byte(item.SafePermission), &permission)
+					} else if bidsectionType == 2 {
+						json.Unmarshal([]byte(item.QualityPermission), &permission)
+					} else if bidsectionType == 0 {
+						json.Unmarshal([]byte(item.ContractPermission), &permission)
+					} else {
+						return nil
+					}
+					if permission["access"] == 1 {
+						flag = true
+					}
+				}
+			}
 		}
 
-		folder.Isfolder = data.Isfolder
-		folder.IsEnd = false
+		if flag {
+			folder := viewmodels.FolderContract{}
+			id, _ := comm.AesEncrypt(strconv.Itoa(data.Id), conf.SignSecret)
+			parentId, _ := comm.AesEncrypt(strconv.Itoa(data.ParentId), conf.SignSecret)
+			projectId, _ := comm.AesEncrypt(strconv.Itoa(data.ProjectId), conf.SignSecret)
+			bidsectionId, _ := comm.AesEncrypt(strconv.Itoa(data.BidsectionId), conf.SignSecret)
+			folder.Id = id
+			folder.Name = data.Name
+			folder.ParentId = parentId
+			folder.ProjectId = projectId
+			folder.BidsectionId = bidsectionId
+			// 合同数据
+			folder.Contracts = data.Contracts
+			folder.ContractsIncome = data.ContractsIncome
+			folder.ContractsReturned = data.ContractsReturned
+			// 汇款进度
+			ContractsIncome, err := strconv.ParseFloat(data.ContractsIncome, 64)
+			if err != nil {
+				ContractsIncome = 0
+			}
+			ContractsReturned, err := strconv.ParseFloat(data.ContractsReturned, 64)
+			if err != nil || ContractsReturned == 0 {
+				ContractsReturned = 0
+				folder.ContractsIncomeProgress = "0%"
+			} else {
+				folder.ContractsIncomeProgress = fmt.Sprintf("%.0f", (ContractsReturned/ContractsIncome)*100) + "%"
+			}
+
+			folder.ContractsPay = data.ContractsPay
+			folder.ContractsPaid = data.ContractsPaid
+			// 支付进度
+			ContractsPay, err := strconv.ParseFloat(data.ContractsPay, 64)
+			if err != nil {
+				ContractsPay = 0
+			}
+			ContractsPaid, err := strconv.ParseFloat(data.ContractsPaid, 64)
+			if err != nil || ContractsPaid == 0 {
+				ContractsPaid = 0
+				folder.ContractsPayProgress = "0%"
+			} else {
+				folder.ContractsPayProgress = fmt.Sprintf("%.0f", (ContractsPaid/ContractsPay)*100) + "%"
+			}
+
+			folder.Isfolder = data.Isfolder
+			folder.IsEnd = false
+
+			folder.HasFolder = false
+			folder.IsBid = false
+			folderlist = append(folderlist, folder)
+		}
 
-		folder.HasFolder = false
-		folder.IsBid = false
-		folderlist = append(folderlist, folder)
 	}
 
 	//fmt.Println(folderlist)

web/api/contract_api.go

@@ -11,6 +11,7 @@ import (
 
 	"github.com/kataras/iris/v12"
 	"go.mod/lib"
+	"go.mod/models"
 	"go.mod/services"
 	"go.mod/web/utils"
 	"go.mod/web/viewmodels"
@@ -31,25 +32,35 @@ type ContractApi struct {
 // @Description 获得合同目录和标段
 // @Accept  json
 // @Produce  json
-// @Security ApiKeyAuth
+// @Param   bidsectionType     path    string     true        "标段类型0合同1安全2质量"
 // @Success 200 {object} viewmodels.FolderContract "{code:0成功,-1参数类错误,data:viewmodels.ProjectAccount,msg:错误信息}"
 // @Router /api/contract/folder [get]
 func (c *ContractApi) GetFolder() {
-	// 获得项目ID
-	projectId, err := utils.GetProjectId(c.Ctx)
+
+	bidTypeData, err := c.ServiceTree.ValidRuleBidsectionType(c.Ctx)
 	if err != nil {
-		c.Ctx.JSON(iris.Map{"code": -1, "msg": err})
+		ErrMsg := utils.FormValidError(err)
+		c.Ctx.JSON(iris.Map{"code": -1, "msg": ErrMsg})
 		return
 	}
-	// 获得项目账号ID
-	projectAccountId, err := utils.GetProjectAccountId(c.Ctx)
+
+	// 获得项目ID
+	projectId, err := utils.GetProjectId(c.Ctx)
 	if err != nil {
 		c.Ctx.JSON(iris.Map{"code": -1, "msg": err})
 		return
 	}
+	// 获得项目账号ID
+	// projectAccountId, err := utils.GetProjectAccountId(c.Ctx)
+	// if err != nil {
+	// 	c.Ctx.JSON(iris.Map{"code": -1, "msg": err})
+	// 	return
+	// }
+
+	account := c.Ctx.Values().Get("account").(*models.CmProjectAccount)
 
 	// 获得层级文件夹
-	FolderData := c.ServiceTree.GetAllContract(projectId, projectAccountId)
+	FolderData := c.ServiceTree.GetAllContract(projectId, account, bidTypeData.BidsectionType)
 
 	c.Ctx.JSON(iris.Map{
 		"code": 0,
@@ -513,6 +524,16 @@ func (c *ContractApi) GetSurvey() {
 		return
 	}
 
+	// 账号ID
+	accountId, err := utils.GetProjectAccountId(c.Ctx)
+	if err != nil {
+		c.Ctx.JSON(iris.Map{"code": -1, "msg": fmt.Sprintf("%s", err)})
+		return
+	}
+	// 缓存标段ID-用于权限
+	key := fmt.Sprintf("pm_%d_%d", projectId, accountId)
+	lib.NewRedis().SetBidsectionIdByCache(key, bidsectionId)
+
 	incomeData := c.ServiceContract.GetSurvey(bidsectionId, projectId, 1)
 	expenditureData := c.ServiceContract.GetSurvey(bidsectionId, projectId, 2)
 	data := map[string]interface{}{

web/api/contract_section_tree_api.go

@@ -231,7 +231,6 @@ func (c *ContractApi) PostSectionTemplate() {
 		c.Ctx.JSON(iris.Map{"code": -1, "msg": "项目节已经设置"})
 		return
 	}
-
 }
 
 // @Summary 新增 合同项目节

web/api/quality_api.go

@@ -13,6 +13,7 @@ import (
 
 	"github.com/kataras/iris/v12"
 	"go.mod/conf"
+	"go.mod/lib"
 	"go.mod/models"
 	"go.mod/services"
 	"go.mod/web/utils"
@@ -229,6 +230,16 @@ func (c *QualityApi) GetSurvey() {
 		return
 	}
 
+	// 账号ID
+	accountId, err := utils.GetProjectAccountId(c.Ctx)
+	if err != nil {
+		c.Ctx.JSON(iris.Map{"code": -1, "msg": fmt.Sprintf("%s", err)})
+		return
+	}
+	// 缓存标段ID-用于权限
+	key := fmt.Sprintf("pm_%d_%d", projectId, accountId)
+	lib.NewRedis().SetBidsectionIdByCache(key, bidsectionId)
+
 	QualityData := c.ServiceQuality.GetSurvey(projectId, bidsectionId)
 
 	c.Ctx.JSON(iris.Map{

web/api/safe_api.go

@@ -13,6 +13,7 @@ import (
 
 	"github.com/kataras/iris/v12"
 	"go.mod/conf"
+	"go.mod/lib"
 	"go.mod/models"
 	"go.mod/services"
 	"go.mod/web/utils"
@@ -236,6 +237,16 @@ func (c *SafeApi) GetSurvey() {
 		return
 	}
 
+	// 账号ID
+	accountId, err := utils.GetProjectAccountId(c.Ctx)
+	if err != nil {
+		c.Ctx.JSON(iris.Map{"code": -1, "msg": fmt.Sprintf("%s", err)})
+		return
+	}
+	// 缓存标段ID-用于权限
+	key := fmt.Sprintf("pm_%d_%d", projectId, accountId)
+	lib.NewRedis().SetBidsectionIdByCache(key, bidsectionId)
+
 	SafeData := c.ServiceSafe.GetSurvey(projectId, bidsectionId)
 
 	c.Ctx.JSON(iris.Map{

web/middleware/accessAuth.go

@@ -7,9 +7,17 @@
 package middleware
 
 import (
+	"encoding/json"
 	"errors"
+	"fmt"
+	"io/ioutil"
+	"log"
 
 	"github.com/kataras/iris/v12"
+	"go.mod/dao"
+	"go.mod/datasource"
+	"go.mod/lib"
+	"go.mod/models"
 )
 
 // 员工表权限解析
@@ -36,73 +44,93 @@ type path struct {
 
 // 权限验证中间件
 func AccessAuth(ctx iris.Context) {
-	// // 1.获得成员信息
-	// account := ctx.Values().Get("account").(*models.CmProjectAccount)
-	// // 1-1.是管理员- 拥有所有权限
-	// if account.IsAdmin != 1 {
-	// 	// if account.IsAdmin == 1 {
-	// 	// 2.获得员工可访问的权限
-	// 	contractPermission := permission{}
-	// 	if account.ContractPermission != "" {
-	// 		err := json.Unmarshal([]byte(account.ContractPermission), &contractPermission)
-	// 		// 错误后 全部权限默认为0
-	// 		if err != nil {
-	// 			log.Println("合同权限解析错误:err=", err)
-	// 		}
-	// 	}
-	// 	safePermission := permission{}
-	// 	if account.SafePermission != "" {
-	// 		err := json.Unmarshal([]byte(account.SafePermission), &safePermission)
-	// 		if err != nil {
-	// 			log.Println("安全权限解析错误:err=", err)
-	// 		}
-	// 	}
-	// 	qualityPermission := permission{}
-	// 	if account.QualityPermission != "" {
-	// 		err := json.Unmarshal([]byte(account.QualityPermission), &qualityPermission)
-	// 		if err != nil {
-	// 			log.Println("质量权限解析错误:err=", err)
-	// 		}
-	// 	}
 
-	// 	// 2-1获得权限列表
-	// 	permissionPath := permissionPath{}
-	// 	permissionPathData, err := ioutil.ReadFile("../lib/permission.json")
-	// 	err = json.Unmarshal(permissionPathData, &permissionPath)
-	// 	if err != nil {
-	// 		log.Println("权限解析错误:err=", err)
-	// 		ctx.JSON(iris.Map{"code": 2, "msg": "权限解析错误"})
-	// 		return
-	// 	}
-	// 	// 2-2 不容许访问的权限--比对访问路径
-	// 	requestPath := ctx.Path()
-	// 	// 合同权限
-	// 	err = verifyAuth(contractPermission, permissionPath.Contract, requestPath)
-	// 	if err != nil {
-	// 		ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
-	// 		return
-	// 	}
-	// 	// 安全权限
-	// 	err = verifyAuth(contractPermission, permissionPath.Safe, requestPath)
-	// 	if err != nil {
-	// 		ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
-	// 		return
-	// 	}
-	// 	// 质量权限
-	// 	err = verifyAuth(contractPermission, permissionPath.Quality, requestPath)
-	// 	if err != nil {
-	// 		ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
-	// 		return
-	// 	}
-	// 	// 项目设置 -只有管理员才能访问
-	// 	for _, path := range permissionPath.ProjectSetting {
-	// 		if path == requestPath {
-	// 			ctx.JSON(iris.Map{"code": 2, "msg": "无权访问"})
-	// 			return
-	// 		}
-	// 	}
+	// 需要先设置标段ID，在获得权限进行判断
+	// 账号活动状态下，入口必须是 /api/contract/survey，
+	path := ctx.Path()
+	if path == "/api/contract/survey" || path == "/api/quality/survey" || path == "/api/safe/survey" {
+		ctx.Next()
+		return
+	}
+	// 1.获得成员信息
+	account := ctx.Values().Get("account").(*models.CmProjectAccount)
+
+	// 1-1获得标段ID
+	key := fmt.Sprintf("pm_%d_%d", account.ProjectId, account.Id)
+	bidsectionId := lib.NewRedis().GetBidsectionIdByCache(key)
+
+	// 1-2 获得账号权限
+	permissionAccountDao := dao.NewPermissionAccountDao(datasource.InstanceDbMaster())
+	permissionData := permissionAccountDao.GetBidsectionIdAccountId(bidsectionId, account.Id)
+	// permissionData := s.permissionAccountDao.GetBidsectionId(bidsectionId)
+	fmt.Println(bidsectionId, account.Id)
+	fmt.Println(permissionData)
+
+	// 1-1.是管理员- 拥有所有权限
+	if account.IsAdmin != 1 {
+		// if account.IsAdmin == 1 {
+		// 2.获得员工可访问的权限
+		contractPermission := permission{}
+		if permissionData.ContractPermission != "" {
+			err := json.Unmarshal([]byte(permissionData.ContractPermission), &contractPermission)
+			// 错误后 全部权限默认为0
+			if err != nil {
+				log.Println("合同权限解析错误:err=", err)
+			}
+		}
+		safePermission := permission{}
+		if permissionData.SafePermission != "" {
+			err := json.Unmarshal([]byte(permissionData.SafePermission), &safePermission)
+			if err != nil {
+				log.Println("安全权限解析错误:err=", err)
+			}
+		}
+		qualityPermission := permission{}
+		if permissionData.QualityPermission != "" {
+			err := json.Unmarshal([]byte(permissionData.QualityPermission), &qualityPermission)
+			if err != nil {
+				log.Println("质量权限解析错误:err=", err)
+			}
+		}
 
-	// }
+		// 2-1获得权限列表
+		permissionPath := permissionPath{}
+		permissionPathData, err := ioutil.ReadFile("../lib/permission.json")
+		err = json.Unmarshal(permissionPathData, &permissionPath)
+		if err != nil {
+			log.Println("权限解析错误:err=", err)
+			ctx.JSON(iris.Map{"code": 2, "msg": "权限解析错误"})
+			return
+		}
+		// 2-2 不容许访问的权限--比对访问路径
+		requestPath := ctx.Path()
+		// 合同权限
+		err = verifyAuth(contractPermission, permissionPath.Contract, requestPath)
+		if err != nil {
+			ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
+			return
+		}
+		// 安全权限
+		err = verifyAuth(contractPermission, permissionPath.Safe, requestPath)
+		if err != nil {
+			ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
+			return
+		}
+		// 质量权限
+		err = verifyAuth(contractPermission, permissionPath.Quality, requestPath)
+		if err != nil {
+			ctx.JSON(iris.Map{"code": 2, "msg": fmt.Sprintf("%s", err)})
+			return
+		}
+		// 项目设置 -只有管理员才能访问
+		for _, path := range permissionPath.ProjectSetting {
+			if path == requestPath {
+				ctx.JSON(iris.Map{"code": 2, "msg": "无权访问"})
+				return
+			}
+		}
+
+	}
 
 	ctx.Next()
 }

web/viewmodels/permission.go

@@ -24,6 +24,8 @@ type Permission struct {
 	QualityAdd    int `form:"qualityAdd" json:"qualityAdd"`
 	QualityDelete int `form:"qualityDelete" json:"qualityDelete"`
 	QualityAccess int `form:"qualityAccess" json:"qualityAccess"`
+
+	BidsectionType int `form:"bidsectionType" json:"bidsectionType"`
 }
 
 func (l Permission) Validate() error {
@@ -32,3 +34,9 @@ func (l Permission) Validate() error {
 		validation.Field(&l.AccountId, validation.Required.Error("账号ID不能为空")),
 	)
 }
+
+func (l Permission) ValidateType() error {
+	return validation.ValidateStruct(&l,
+		validation.Field(&l.BidsectionType, validation.In(0, 1, 2).Error("未找到相关请求类型")),
+	)
+}

web/viewmodels/permission_account.go

@@ -0,0 +1,19 @@
+/*
+ * @description:标段用户关系
+ * @Author: CP
+ * @Date: 2020-10-22 16:00:19
+ * @FilePath: \construction_management\web\viewmodels\permission_account.go
+ */
+package viewmodels
+
+import validation "github.com/go-ozzo/ozzo-validation/v3"
+
+type PermissionAccount struct {
+	BidsectionType int `form:"bidsectionType" json:"bidsectionType"`
+}
+
+func (l PermissionAccount) Validate() error {
+	return validation.ValidateStruct(&l,
+		validation.Field(&l.BidsectionType, validation.Required.Error("请求类型不能为空"), validation.In(0, 1, 2).Error("未找到相关请求类型")),
+	)
+}