1

common/actions/create.go

@@ -0,0 +1,49 @@
+package actions
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"github.com/go-admin-team/go-admin-core/sdk/api"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/jwtauth/user"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/response"
+
+	"go-admin/common/dto"
+	"go-admin/common/models"
+)
+
+// CreateAction 通用新增动作
+func CreateAction(control dto.Control) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		log := api.GetRequestLogger(c)
+		db, err := pkg.GetOrm(c)
+		if err != nil {
+			log.Error(err)
+			return
+		}
+
+		//新增操作
+		req := control.Generate()
+		err = req.Bind(c)
+		if err != nil {
+			response.Error(c, http.StatusUnprocessableEntity, err, err.Error())
+			return
+		}
+		var object models.ActiveRecord
+		object, err = req.GenerateM()
+		if err != nil {
+			response.Error(c, 500, err, "模型生成失败")
+			return
+		}
+		object.SetCreateBy(user.GetUserId(c))
+		err = db.WithContext(c).Create(object).Error
+		if err != nil {
+			log.Errorf("Create error: %s", err)
+			response.Error(c, 500, err, "创建失败")
+			return
+		}
+		response.OK(c, object.GetId(), "创建成功")
+		c.Next()
+	}
+}

common/actions/delete.go

@@ -0,0 +1,61 @@
+package actions
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	log "github.com/go-admin-team/go-admin-core/logger"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/jwtauth/user"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/response"
+
+	"go-admin/common/dto"
+	"go-admin/common/models"
+)
+
+// DeleteAction 通用删除动作
+func DeleteAction(control dto.Control) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		db, err := pkg.GetOrm(c)
+		if err != nil {
+			log.Error(err)
+			return
+		}
+
+		msgID := pkg.GenerateMsgIDFromContext(c)
+		//删除操作
+		req := control.Generate()
+		err = req.Bind(c)
+		if err != nil {
+			log.Errorf("MsgID[%s] Bind error: %s", msgID, err)
+			response.Error(c, http.StatusUnprocessableEntity, err, "参数验证失败")
+			return
+		}
+		var object models.ActiveRecord
+		object, err = req.GenerateM()
+		if err != nil {
+			response.Error(c, 500, err, "模型生成失败")
+			return
+		}
+
+		object.SetUpdateBy(user.GetUserId(c))
+
+		//数据权限检查
+		p := GetPermissionFromContext(c)
+
+		db = db.WithContext(c).Scopes(
+			Permission(object.TableName(), p),
+		).Where(req.GetId()).Delete(object)
+		if err = db.Error; err != nil {
+			log.Errorf("MsgID[%s] Delete error: %s", msgID, err)
+			response.Error(c, 500, err, "删除失败")
+			return
+		}
+		if db.RowsAffected == 0 {
+			response.Error(c, http.StatusForbidden, nil, "无权删除该数据")
+			return
+		}
+		response.OK(c, object.GetId(), "删除成功")
+		c.Next()
+	}
+}

common/actions/index.go

@@ -0,0 +1,58 @@
+package actions
+
+import (
+	"errors"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	log "github.com/go-admin-team/go-admin-core/logger"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/response"
+	"gorm.io/gorm"
+
+	"go-admin/common/dto"
+	"go-admin/common/models"
+)
+
+// IndexAction 通用查询动作
+func IndexAction(m models.ActiveRecord, d dto.Index, f func() interface{}) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		db, err := pkg.GetOrm(c)
+		if err != nil {
+			log.Error(err)
+			return
+		}
+
+		msgID := pkg.GenerateMsgIDFromContext(c)
+		list := f()
+		object := m.Generate()
+		req := d.Generate()
+		var count int64
+
+		//查询列表
+		err = req.Bind(c)
+		if err != nil {
+			response.Error(c, http.StatusUnprocessableEntity, err, "参数验证失败")
+			return
+		}
+
+		//数据权限检查
+		p := GetPermissionFromContext(c)
+
+		err = db.WithContext(c).Model(object).
+			Scopes(
+				dto.MakeCondition(req.GetNeedSearch()),
+				dto.Paginate(req.GetPageSize(), req.GetPageIndex()),
+				Permission(object.TableName(), p),
+			).
+			Find(list).Limit(-1).Offset(-1).
+			Count(&count).Error
+		if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
+			log.Errorf("MsgID[%s] Index error: %s", msgID, err)
+			response.Error(c, 500, err, "查询失败")
+			return
+		}
+		response.PageOK(c, list, int(count), req.GetPageIndex(), req.GetPageSize(), "查询成功")
+		c.Next()
+	}
+}

common/actions/permission.go

@@ -0,0 +1,96 @@
+package actions
+
+import (
+	"errors"
+
+	"github.com/gin-gonic/gin"
+	log "github.com/go-admin-team/go-admin-core/logger"
+	"github.com/go-admin-team/go-admin-core/sdk/config"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/jwtauth/user"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/response"
+	"gorm.io/gorm"
+)
+
+type DataPermission struct {
+	DataScope string
+	UserId    int
+	DeptId    int
+	RoleId    int
+}
+
+func PermissionAction() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		db, err := pkg.GetOrm(c)
+		if err != nil {
+			log.Error(err)
+			return
+		}
+
+		msgID := pkg.GenerateMsgIDFromContext(c)
+		var p = new(DataPermission)
+		if userId := user.GetUserIdStr(c); userId != "" {
+			p, err = newDataPermission(db, userId)
+			if err != nil {
+				log.Errorf("MsgID[%s] PermissionAction error: %s", msgID, err)
+				response.Error(c, 500, err, "权限范围鉴定错误")
+				c.Abort()
+				return
+			}
+		}
+		c.Set(PermissionKey, p)
+		c.Next()
+	}
+}
+
+func newDataPermission(tx *gorm.DB, userId interface{}) (*DataPermission, error) {
+	var err error
+	p := &DataPermission{}
+
+	err = tx.Table("sys_user").
+		Select("sys_user.user_id", "sys_role.role_id", "sys_user.dept_id", "sys_role.data_scope").
+		Joins("left join sys_role on sys_role.role_id = sys_user.role_id").
+		Where("sys_user.user_id = ?", userId).
+		Scan(p).Error
+	if err != nil {
+		err = errors.New("获取用户数据出错 msg:" + err.Error())
+		return nil, err
+	}
+	return p, nil
+}
+
+func Permission(tableName string, p *DataPermission) func(db *gorm.DB) *gorm.DB {
+	return func(db *gorm.DB) *gorm.DB {
+		if !config.ApplicationConfig.EnableDP {
+			return db
+		}
+		switch p.DataScope {
+		case "2":
+			return db.Where(tableName+".create_by in (select sys_user.user_id from sys_role_dept left join sys_user on sys_user.dept_id=sys_role_dept.dept_id where sys_role_dept.role_id = ?)", p.RoleId)
+		case "3":
+			return db.Where(tableName+".create_by in (SELECT user_id from sys_user where dept_id = ? )", p.DeptId)
+		case "4":
+			return db.Where(tableName+".create_by in (SELECT user_id from sys_user where sys_user.dept_id in(select dept_id from sys_dept where dept_path like ? ))", "%/"+pkg.IntToString(p.DeptId)+"/%")
+		case "5":
+			return db.Where(tableName+".create_by = ?", p.UserId)
+		default:
+			return db
+		}
+	}
+}
+
+func getPermissionFromContext(c *gin.Context) *DataPermission {
+	p := new(DataPermission)
+	if pm, ok := c.Get(PermissionKey); ok {
+		switch pm.(type) {
+		case *DataPermission:
+			p = pm.(*DataPermission)
+		}
+	}
+	return p
+}
+
+// GetPermissionFromContext 提供非action写法数据范围约束
+func GetPermissionFromContext(c *gin.Context) *DataPermission {
+	return getPermissionFromContext(c)
+}

common/actions/type.go

@@ -0,0 +1,5 @@
+package actions
+
+const (
+	PermissionKey = "dataPermission"
+)

common/actions/update.go

@@ -0,0 +1,59 @@
+package actions
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	log "github.com/go-admin-team/go-admin-core/logger"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/jwtauth/user"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/response"
+
+	"go-admin/common/dto"
+	"go-admin/common/models"
+)
+
+// UpdateAction 通用更新动作
+func UpdateAction(control dto.Control) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		db, err := pkg.GetOrm(c)
+		if err != nil {
+			log.Error(err)
+			return
+		}
+
+		msgID := pkg.GenerateMsgIDFromContext(c)
+		req := control.Generate()
+		//更新操作
+		err = req.Bind(c)
+		if err != nil {
+			response.Error(c, http.StatusUnprocessableEntity, err, "参数验证失败")
+			return
+		}
+		var object models.ActiveRecord
+		object, err = req.GenerateM()
+		if err != nil {
+			response.Error(c, 500, err, "模型生成失败")
+			return
+		}
+		object.SetUpdateBy(user.GetUserId(c))
+
+		//数据权限检查
+		p := GetPermissionFromContext(c)
+
+		db = db.WithContext(c).Scopes(
+			Permission(object.TableName(), p),
+		).Where(req.GetId()).Updates(object)
+		if err = db.Error; err != nil {
+			log.Errorf("MsgID[%s] Update error: %s", msgID, err)
+			response.Error(c, 500, err, "更新失败")
+			return
+		}
+		if db.RowsAffected == 0 {
+			response.Error(c, http.StatusForbidden, nil, "无权更新该数据")
+			return
+		}
+		response.OK(c, object.GetId(), "更新成功")
+		c.Next()
+	}
+}

common/actions/view.go

@@ -0,0 +1,67 @@
+package actions
+
+import (
+	"errors"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg/response"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	log "github.com/go-admin-team/go-admin-core/logger"
+	"github.com/go-admin-team/go-admin-core/sdk/pkg"
+	"gorm.io/gorm"
+
+	"go-admin/common/dto"
+	"go-admin/common/models"
+)
+
+// ViewAction 通用详情动作
+func ViewAction(control dto.Control, f func() interface{}) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		db, err := pkg.GetOrm(c)
+		if err != nil {
+			log.Error(err)
+			return
+		}
+
+		msgID := pkg.GenerateMsgIDFromContext(c)
+		//查看详情
+		req := control.Generate()
+		err = req.Bind(c)
+		if err != nil {
+			response.Error(c, http.StatusUnprocessableEntity, err, "参数验证失败")
+			return
+		}
+		var object models.ActiveRecord
+		object, err = req.GenerateM()
+		if err != nil {
+			response.Error(c, 500, err, "模型生成失败")
+			return
+		}
+
+		var rsp interface{}
+		if f != nil {
+			rsp = f()
+		} else {
+			rsp, _ = req.GenerateM()
+		}
+
+		//数据权限检查
+		p := GetPermissionFromContext(c)
+
+		err = db.Model(object).WithContext(c).Scopes(
+			Permission(object.TableName(), p),
+		).Where(req.GetId()).First(rsp).Error
+
+		if err != nil && errors.Is(err, gorm.ErrRecordNotFound) {
+			response.Error(c, http.StatusNotFound, nil, "查看对象不存在或无权查看")
+			return
+		}
+		if err != nil {
+			log.Errorf("MsgID[%s] View error: %s", msgID, err)
+			response.Error(c, 500, err, "查看失败")
+			return
+		}
+		response.OK(c, rsp, "查询成功")
+		c.Next()
+	}
+}