Browse Source

Merge pull request #815 from dyzsoft/master

优化:casbin验证优化
main
奇淼(piexlmax 3 years ago
committed by GitHub
parent
commit
cdd965f5b2
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 1
      server/go.mod
  2. 4
      server/middleware/casbin_rbac.go
  3. 2
      server/resource/rbac_model.conf
  4. 28
      server/service/system/sys_casbin.go
  5. 5
      server/service/system/sys_user.go

1
server/go.mod

@ -16,7 +16,6 @@ require (
github.com/go-redis/redis/v8 v8.11.0
github.com/go-sql-driver/mysql v1.5.0
github.com/gookit/color v1.3.1
github.com/jackc/pgx/v4 v4.7.1
github.com/jordan-wright/email v0.0.0-20200824153738-3f5bafa1cd84
github.com/mojocn/base64Captcha v1.3.1
github.com/natefinch/lumberjack v2.0.0+incompatible

4
server/middleware/casbin_rbac.go

@ -14,8 +14,8 @@ var casbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService
func CasbinHandler() gin.HandlerFunc {
return func(c *gin.Context) {
waitUse, _ := utils.GetClaims(c)
// 获取请求的URI
obj := c.Request.URL.RequestURI()
// 获取请求的PATH
obj := c.Request.URL.Path
// 获取请求方法
act := c.Request.Method
// 获取用户的角色

2
server/resource/rbac_model.conf

@ -11,4 +11,4 @@ g = _, _
e = some(where (p.eft == allow))
[matchers]
m = r.sub == p.sub && ParamsMatch(r.obj,p.obj) && r.act == p.act
m = r.sub == p.sub && keyMatch2(r.obj,p.obj) && r.act == p.act

28
server/service/system/sys_casbin.go

@ -2,11 +2,9 @@ package system
import (
"errors"
"strings"
"sync"
"github.com/casbin/casbin/v2"
"github.com/casbin/casbin/v2/util"
gormadapter "github.com/casbin/gorm-adapter/v3"
"github.com/flipped-aurora/gin-vue-admin/server/global"
"github.com/flipped-aurora/gin-vue-admin/server/model/system"
@ -104,33 +102,7 @@ func (casbinService *CasbinService) Casbin() *casbin.SyncedEnforcer {
once.Do(func() {
a, _ := gormadapter.NewAdapterByDB(global.GVA_DB)
syncedEnforcer, _ = casbin.NewSyncedEnforcer(global.GVA_CONFIG.Casbin.ModelPath, a)
syncedEnforcer.AddFunction("ParamsMatch", casbinService.ParamsMatchFunc)
})
_ = syncedEnforcer.LoadPolicy()
return syncedEnforcer
}
//@author: [piexlmax](https://github.com/piexlmax)
//@function: ParamsMatch
//@description: 自定义规则函数
//@param: fullNameKey1 string, key2 string
//@return: bool
func (casbinService *CasbinService) ParamsMatch(fullNameKey1 string, key2 string) bool {
key1 := strings.Split(fullNameKey1, "?")[0]
// 剥离路径后再使用casbin的keyMatch2
return util.KeyMatch2(key1, key2)
}
//@author: [piexlmax](https://github.com/piexlmax)
//@function: ParamsMatchFunc
//@description: 自定义规则函数
//@param: args ...interface{}
//@return: interface{}, error
func (casbinService *CasbinService) ParamsMatchFunc(args ...interface{}) (interface{}, error) {
name1 := args[0].(string)
name2 := args[1].(string)
return casbinService.ParamsMatch(name1, name2), nil
}

5
server/service/system/sys_user.go

@ -2,6 +2,7 @@ package system
import (
"errors"
"fmt"
"github.com/flipped-aurora/gin-vue-admin/server/global"
"github.com/flipped-aurora/gin-vue-admin/server/model/common/request"
@ -39,6 +40,10 @@ func (userService *UserService) Register(u system.SysUser) (err error, userInter
//@return: err error, userInter *model.SysUser
func (userService *UserService) Login(u *system.SysUser) (err error, userInter *system.SysUser) {
if nil == global.GVA_DB {
return fmt.Errorf("db not init"), nil
}
var user system.SysUser
u.Password = utils.MD5V([]byte(u.Password))
err = global.GVA_DB.Where("username = ? AND password = ?", u.Username, u.Password).Preload("Authorities").Preload("Authority").First(&user).Error

Loading…
Cancel
Save