search

qor / roles

Roles is an authorization library for Golang
MIT License
146 stars 35 forks source link

roles bug #7

Open owen-gxz opened 6 years ago

owen-gxz commented 6 years ago

I want to generate permissions through the directory my login user roles: [complaint_type_read locale_admin complaint_type_add locale_reader complaint_type_edit global_admin complaint_type_delete] more menu errors: image

roles code:

for _, rs := range CmsRoles {
        for _, ts := range CmsTemp {
            // fmt.Println(rs, ts)
            crl := cms.CmsUserRoleList{}
            switch rs {
            case "read":
                crl.Name = fmt.Sprintf("%s%s", ts.Name, "查看")
            case "edit":
                crl.Name = fmt.Sprintf("%s%s", ts.Name, "更新")
            case "delete":
                crl.Name = fmt.Sprintf("%s%s", ts.Name, "删除")
            case "add":
                crl.Name = fmt.Sprintf("%s%s", ts.Name, "增加")
            }
            crl.Value = fmt.Sprintf("%s_%s", ts.Value, rs)
            err := db.Where(crl).FirstOrCreate(&crl).Error
            if err != nil {
                panic(err)
            }
            setRoles(crl.Value, db)
        }
    }

UserTmpl:

type UserTmpl struct {
    Name  string
    Value string
}
owen-gxz commented 6 years ago 

func setRoles(r string, db *gorm.DB) {
    roles.Register(r, func(req *http.Request, currentUser interface{}) bool {
        u := currentUser.(*cms.User)
        if u.RoleID == 0 {
            return false
        }
        // fmt.Println(fmt.Sprintf("%#v", u))
        cmsR := &cms.CmsUserRole{}
        cmsUsers.Locker.Lock()
        if cmsUsers.Data[fmt.Sprintf("%d", u.ID)] == nil {
            newCUR := &cms.CmsUserRole{}
            err := db.Model(newCUR).Preload("CmsUserRoleList").First(newCUR, u.RoleID).Error
            if err != nil {
                return false
            }
            cmsR = newCUR
            cmsUsers.Data[fmt.Sprintf("%d", u.ID)] = newCUR
        } else {
            cmsR = cmsUsers.Data[fmt.Sprintf("%d", u.ID)]
        }
        cmsUsers.Locker.Unlock()
        for _, i := range cmsR.CmsUserRoleList {
            if i.Value == r {
                return true
            }
        }
        return false
    })

}
azumads commented 6 years ago

你需要给resource指定具体的权限 Admin.AddResource(&models.News{}, &admin.Config{Name: "Sport", Priority: 1, Menu: []string{"新闻"}, Permission: roles.Deny(roles.CRUD, "locale_reader")})

owen-gxz commented 6 years ago

我所有的都指定了。。但是有的是正确的有的无效

QorAdmin.AddResource(&model.NewsType{}, &admin.Config{
        Permission: roles.Allow(roles.Read, helpers.CmsAdmin, getRole(newsTypeRole, roleRead)).
            Allow(roles.Update, helpers.CmsAdmin, getRole(newsTypeRole, roleEdit)).
            Allow(roles.Delete, helpers.CmsAdmin, getRole(newsTypeRole, roleDelete)).
            Allow(roles.Create, helpers.CmsAdmin, getRole(newsTypeRole, roleAdd)),
        Menu: []string{"新闻管理"}, Name: "新闻类型管理", IconName: "merge_type",
    })
azumads commented 6 years ago

你的程序有点复杂,建议你在roles.Register方法里debug一下,看看每次用户是哪个role,一个用户只能命中一个role

owen-gxz commented 6 years ago

我使用

func(c *admin.Context) {
        fmt.Println(c.Roles)
}

获取到的权限列表是正确的,但是页面展示及操作会有问题,有一部分是好的,一部分是错误的