Skip to content

Z
zhichan
Commit 784c8438 by 王昆
Options

gsb

parent f1136e16
Showing with 208 additions and 19 deletions
xggsve-uc/app/base/api/impl/op/action.js
......@@ -9,7 +9,6 @@ class ActionAPI extends APIBase {
this.userSve = system.getObject("service.user.userSve");
this.roleSve = system.getObject("service.role.roleSve");
this.authSve = system.getObject("service.auth.authSve");
}
/**
......@@ -80,7 +79,7 @@ class ActionAPI extends APIBase {
opResult = await this.orgSve.apiByPid(action_body);
break;
case "orgTree":
opResult = await this.orgSve.apiTree();
opResult = await this.orgSve.apiTree(action_body);
break;
// 菜单权限
......@@ -120,6 +119,10 @@ class ActionAPI extends APIBase {
case "roleQueryById":
opResult = await this.roleSve.apiQueryById(action_body);
break;
case "setAuth":
opResult = await this.roleSve.setAuth(action_body);
break;
// 用户
case "addUser":
if (action_body.uctype === 1) {
......@@ -154,6 +157,12 @@ class ActionAPI extends APIBase {
case "updPassword":
opResult = this.userSve.updPassword(action_body);
break;
case "login":
opResult = this.userSve.login(action_body);
break;
case "loginByUcid":
opResult = this.userSve.loginByUcid(action_body);
break;
}
return opResult;
}
......
xggsve-uc/app/base/db/impl/auth/authDao.js
......@@ -19,5 +19,24 @@ class AuthDao extends Dao {
}
return this.customQuery(sql.join(" "), params);
}
async byRoleIds(params) {
if(!params.roleIds || params.roleIds.length == 0) {
return [];
}
var sql = [];
sql.push("SELECT");
sql.push("t1.id, t1.`pid`, t1.`name`, t1.`icon`, t1.`path`");
sql.push("FROM uc_auth t1");
sql.push("INNER JOIN `uc_role_auth` t2 ON t1.`id` = t2.`auth_id`");
sql.push("WHERE t2.`role_id` IN (:roleIds)");
if(params.menuType) {
sql.push("AND t1.menuType = :menuType");
}
if(params.saas_id) {
sql.push("AND t1.saas_id = :saas_id");
}
return this.customQuery(sql.join(" "), params);
}
}
module.exports = AuthDao;
\ No newline at end of file
xggsve-uc/app/base/db/impl/role/roleauthDao.js
......@@ -4,5 +4,12 @@ class RoleauthDao extends Dao {
constructor() {
super(Dao.getModelName(RoleauthDao));
}
async delByRoleId(role_id, t) {
var sql = "DELETE FROM uc_role_auth WHERE role_id = :role_id";
await this.customUpdate(sql, {
role_id: role_id
}, t) || [];
}
}
module.exports = RoleauthDao;
\ No newline at end of file
xggsve-uc/app/base/db/impl/user/userDao.js
......@@ -32,6 +32,28 @@ class UserDao extends Dao {
return await this.customQuery(sql.join(" "), params);
}
async getByUcname(ucname) {
var sql = "SELECT * FROM uc_user WHERE ucname = :ucname AND deleted_at IS NULL";
var list = await this.customQuery(sql, {
ucname: ucname,
});
if (!list || list.length == 0) {
return null;
}
return list[0];
}
async getByUcid(ucid) {
var sql = "SELECT * FROM uc_user WHERE ucid = :ucid AND deleted_at IS NULL";
var list = await this.customQuery(sql, {
ucid: ucid
});
if (!list || list.length == 0) {
return null;
}
return list[0];
}
async countByCondition(params) {
var sql = [];
sql.push("SELECT");
......@@ -71,35 +93,35 @@ class UserDao extends Dao {
if (!params || !sql) {
return;
}
if(params.saas_id) {
if (params.saas_id) {
sql.push("AND t1.saas_id = :saas_id");
}
if(params.ucnameLike) {
if (params.ucnameLike) {
sql.push("AND t1.ucname LIKE :ucnameLike");
}
if(params.mobileLike) {
if (params.mobileLike) {
sql.push("AND t2.mobile LIKE :mobileLike");
}
if(params.realNameLike) {
if (params.realNameLike) {
sql.push("AND t2.realName LIKE :realNameLike");
}
if(params.uctype) {
if (params.uctype) {
sql.push("AND t1.uctype LIKE :uctype");
}
if(params.createBegin) {
if (params.createBegin) {
sql.push("AND t1.created_at >= :createBegin");
}
if(params.createEnd) {
if (params.createEnd) {
sql.push("AND t1.created_at <= :createEnd");
}
if(params.isEnabled === 0 || params.isEnabled === 1) {
if (params.isEnabled === 0 || params.isEnabled === 1) {
sql.push("AND t1.isEnabled = :isEnabled");
}
}
......
xggsve-uc/app/base/db/impl/user/userinfoDao.js
......@@ -4,5 +4,7 @@ class UserinfoDao extends Dao {
constructor() {
super(Dao.getModelName(UserinfoDao));
}
}
module.exports = UserinfoDao;
\ No newline at end of file
xggsve-uc/app/base/db/impl/user/userroleDao.js
......@@ -19,5 +19,17 @@ class UserroleDao extends Dao {
user_id: user_id
}, t) || [];
}
async findUserRoles(user_id) {
var sql = [];
sql.push("SELECT");
sql.push("t2.`id`, t2.`code`, t2.`name`");
sql.push("FROM uc_user_role t1")
sql.push("INNER JOIN uc_role t2 ON t1.`role_id` = t2.`id`");
sql.push("WHERE t1.`user_id` = :user_id");
return await this.customQuery(sql.join(" "), {
user_id: user_id
}) || [];
}
}
module.exports = UserroleDao;
\ No newline at end of file
xggsve-uc/app/base/db/models/role/roleauth.js
......@@ -3,7 +3,7 @@ const settings = require("../../../../config/settings");
const uiconfig = system.getUiConfig2(settings.appKey);
module.exports = (db, DataTypes) => {
return db.define("roleauth", {
user_id: DataTypes.INTEGER,
role_id: DataTypes.INTEGER,
auth_id: DataTypes.INTEGER,
}, {
paranoid: true, //假的删除
......
xggsve-uc/app/base/service/impl/auth/authSve.js
......@@ -90,6 +90,34 @@ class AuthService extends ServiceBase {
return system.getResultSuccess(pmap[0][0]);
}
async byRoleIds(params) {
return await this.dao.byRoleIds(params);
}
async menuByRoleIds(params) {
params.menuType = 1;
var all = await this.byRoleIds(params);
var pmap = {};
for (var item of all) {
var list = pmap[item.pid];
if (!list) {
list = [];
}
list.push(item);
pmap[item.pid] = list;
}
for(var item of all) {
item.childs = pmap[item.id] || [];
}
return system.getResultSuccess(pmap[0][0]);
}
async authByRoleIds(params) {
params.menuType = 2;
return await this.byRoleIds(params);
}
async info(obj) {
var auth = await this.dao.getById(obj.id);
return system.getResultSuccess(auth);
......
xggsve-uc/app/base/service/impl/role/roleSve.js
......@@ -3,6 +3,8 @@ const ServiceBase = require("../../sve.base")
class RoleService extends ServiceBase {
constructor() {
super("role", ServiceBase.getDaoName(RoleService));
this.roleauthDao = system.getObject("db.role.roleauthDao");
}
/**
......@@ -49,7 +51,6 @@ class RoleService extends ServiceBase {
}
}
/**
* role 查询列表
* @param {*} params
......@@ -62,6 +63,32 @@ class RoleService extends ServiceBase {
}
}
async setAuth(params) {
var saas_id = Number(params.saas_id || 0);
var role = await this.findById(params.id);
var authIds = params.authIds;
if(!role) {
return system.getResult(null, "角色不存在");
}
if(role.saas_id !== saas_id) {
return system.getResult(null, "权限不足");
}
var self = this;
// 先删
await this.roleauthDao.delByRoleId(role.id);
var list = [];
for(var auth_id of authIds) {
list.push({auth_id: auth_id, role_id: role.id});
}
// 后存
if(list.length > 0) {
await this.roleauthDao.bulkCreate(list)
}
return system.getResultSuccess();
}
......
xggsve-uc/app/base/service/impl/user/userSve.js
......@@ -6,6 +6,9 @@ class UserService extends ServiceBase {
super("user", ServiceBase.getDaoName(UserService));
this.userinfoDao = system.getObject("db.user.userinfoDao");
this.userroleDao = system.getObject("db.user.userroleDao");
this.authSve = system.getObject("service.auth.authSve");
}
......@@ -37,6 +40,59 @@ class UserService extends ServiceBase {
}
}
async login(obj) {
var user = await this.dao.getByUcname(obj.ucname);
// 验证登录合法
if (!user) {
return system.getResult(null, "用户名或密码错误");
}
if (!user.isEnabled) {
return system.getResult(null, "用户已禁用");
}
var loginPwd = await this.getEncryptStr(obj.password);
if (loginPwd != user.password) {
return system.getResult(null, "用户名或密码错误");
}
await this.setLoginUser(user);
return system.getResultSuccess(user);
}
async loginByUcid(obj) {
var user = await this.dao.getByUcid(obj.ucid);
// 验证登录合法
if (!user) {
return system.getResult(null, "用户名或密码错误");
}
await this.setLoginUser(user);
return system.getResultSuccess(user);
}
async setLoginUser(user) {
// 登录成功,补充登录所需内容
// 详情
user.info = await this.userinfoDao.findById(user.id);
// 角色
user.roles = await this.userroleDao.findUserRoles(user.id);
// 构建请求权限接口参数
var roleIds = [];
for (var role of user.roles) {
roleIds.push(role.id);
}
var authParams = {
roleIds: roleIds,
saas_id: user.saas_id,
}
// 菜单权限
user.menus = await this.authSve.menuByRoleIds(authParams);
// 接口权限
user.auths = await this.authSve.authByRoleIds(authParams);
}
async add(obj) {
var roles = obj.roles || [];
var org = obj.org || {};
......@@ -123,7 +179,7 @@ class UserService extends ServiceBase {
orgpath: "",
isMain: obj.isMain || 0,
}
if(user.uctype === 1) {
if (user.uctype === 1) {
user.orgpath = isMain ? org.path : org.path + "/" + id;
}
var info = {
......@@ -192,8 +248,8 @@ class UserService extends ServiceBase {
result.count = total;
params.startRow = (currentPage - 1) * pageSize;
result.rows = await this.dao.listByCondition(params) || [];
if(result.rows) {
for(var item of result.rows) {
if (result.rows) {
for (var item of result.rows) {
this.handleDate(item, ["created_at"], null, -8);
}
}
......@@ -202,19 +258,21 @@ class UserService extends ServiceBase {
async delUser(params) {
var user = await this.findById(params.id);
if(!user) {
if (!user) {
return system.getResultSuccess();
}
if(user.saas_id != params.saas_id) {
if (user.saas_id != params.saas_id) {
return system.getResult(null, "权限不足");
}
await this.delete({id: params.id});
await this.delete({
id: params.id
});
return system.getResultSuccess();
}
async updPassword(params) {
var user = await this.findById(params.id);
if(!user) {
if (!user) {
return system.getResult(null, "用户不存在");
}
......
xggsve-uc/app/base/service/sve.base.js
......@@ -274,6 +274,7 @@ class ServiceBase {
}
async getEncryptStr(str) {
str = this.trim(str);
if (!str) {
throw new Error("字符串不能为空");
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment