casbin_rbac.go 996 B

1234567891011121314151617181920212223242526272829303132333435
  1. package middleware
  2. import (
  3. "github.com/flipped-aurora/gin-vue-admin/server/global"
  4. "github.com/flipped-aurora/gin-vue-admin/server/model/common/response"
  5. "github.com/flipped-aurora/gin-vue-admin/server/model/system/request"
  6. "github.com/flipped-aurora/gin-vue-admin/server/service"
  7. "github.com/gin-gonic/gin"
  8. )
  9. var casbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService
  10. // 拦截器
  11. func CasbinHandler() gin.HandlerFunc {
  12. return func(c *gin.Context) {
  13. claims, _ := c.Get("claims")
  14. waitUse := claims.(*request.CustomClaims)
  15. // 获取请求的URI
  16. obj := c.Request.URL.RequestURI()
  17. // 获取请求方法
  18. act := c.Request.Method
  19. // 获取用户的角色
  20. sub := waitUse.AuthorityId
  21. e := casbinService.Casbin()
  22. // 判断策略中是否存在
  23. success, _ := e.Enforce(sub, obj, act)
  24. if global.GVA_CONFIG.System.Env == "develop" || success {
  25. c.Next()
  26. } else {
  27. response.FailWithDetailed(gin.H{}, "权限不足", c)
  28. c.Abort()
  29. return
  30. }
  31. }
  32. }