diff --git a/server/go.mod b/server/go.mod index 365a8f2b..5a52a65e 100644 --- a/server/go.mod +++ b/server/go.mod @@ -16,7 +16,6 @@ require ( github.com/go-redis/redis/v8 v8.11.0 github.com/go-sql-driver/mysql v1.5.0 github.com/gookit/color v1.3.1 - github.com/jackc/pgx/v4 v4.7.1 github.com/jordan-wright/email v0.0.0-20200824153738-3f5bafa1cd84 github.com/mojocn/base64Captcha v1.3.1 github.com/natefinch/lumberjack v2.0.0+incompatible diff --git a/server/middleware/casbin_rbac.go b/server/middleware/casbin_rbac.go index b21345ec..ea9c9824 100644 --- a/server/middleware/casbin_rbac.go +++ b/server/middleware/casbin_rbac.go @@ -14,8 +14,8 @@ var casbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService func CasbinHandler() gin.HandlerFunc { return func(c *gin.Context) { waitUse, _ := utils.GetClaims(c) - // 获取请求的URI - obj := c.Request.URL.RequestURI() + // 获取请求的PATH + obj := c.Request.URL.Path // 获取请求方法 act := c.Request.Method // 获取用户的角色 diff --git a/server/resource/rbac_model.conf b/server/resource/rbac_model.conf index 04ebedff..b5918d45 100644 --- a/server/resource/rbac_model.conf +++ b/server/resource/rbac_model.conf @@ -11,4 +11,4 @@ g = _, _ e = some(where (p.eft == allow)) [matchers] -m = r.sub == p.sub && ParamsMatch(r.obj,p.obj) && r.act == p.act +m = r.sub == p.sub && keyMatch2(r.obj,p.obj) && r.act == p.act diff --git a/server/service/system/sys_casbin.go b/server/service/system/sys_casbin.go index c583ab07..118173c6 100644 --- a/server/service/system/sys_casbin.go +++ b/server/service/system/sys_casbin.go @@ -2,11 +2,9 @@ package system import ( "errors" - "strings" "sync" "github.com/casbin/casbin/v2" - "github.com/casbin/casbin/v2/util" gormadapter "github.com/casbin/gorm-adapter/v3" "github.com/flipped-aurora/gin-vue-admin/server/global" "github.com/flipped-aurora/gin-vue-admin/server/model/system" @@ -104,33 +102,7 @@ func (casbinService *CasbinService) Casbin() *casbin.SyncedEnforcer { once.Do(func() { a, _ := gormadapter.NewAdapterByDB(global.GVA_DB) syncedEnforcer, _ = casbin.NewSyncedEnforcer(global.GVA_CONFIG.Casbin.ModelPath, a) - syncedEnforcer.AddFunction("ParamsMatch", casbinService.ParamsMatchFunc) }) _ = syncedEnforcer.LoadPolicy() return syncedEnforcer } - -//@author: [piexlmax](https://github.com/piexlmax) -//@function: ParamsMatch -//@description: 自定义规则函数 -//@param: fullNameKey1 string, key2 string -//@return: bool - -func (casbinService *CasbinService) ParamsMatch(fullNameKey1 string, key2 string) bool { - key1 := strings.Split(fullNameKey1, "?")[0] - // 剥离路径后再使用casbin的keyMatch2 - return util.KeyMatch2(key1, key2) -} - -//@author: [piexlmax](https://github.com/piexlmax) -//@function: ParamsMatchFunc -//@description: 自定义规则函数 -//@param: args ...interface{} -//@return: interface{}, error - -func (casbinService *CasbinService) ParamsMatchFunc(args ...interface{}) (interface{}, error) { - name1 := args[0].(string) - name2 := args[1].(string) - - return casbinService.ParamsMatch(name1, name2), nil -} diff --git a/server/service/system/sys_user.go b/server/service/system/sys_user.go index f39f804a..9b260538 100644 --- a/server/service/system/sys_user.go +++ b/server/service/system/sys_user.go @@ -2,6 +2,7 @@ package system import ( "errors" + "fmt" "github.com/flipped-aurora/gin-vue-admin/server/global" "github.com/flipped-aurora/gin-vue-admin/server/model/common/request" @@ -39,6 +40,10 @@ func (userService *UserService) Register(u system.SysUser) (err error, userInter //@return: err error, userInter *model.SysUser func (userService *UserService) Login(u *system.SysUser) (err error, userInter *system.SysUser) { + if nil == global.GVA_DB { + return fmt.Errorf("db not init"), nil + } + var user system.SysUser u.Password = utils.MD5V([]byte(u.Password)) err = global.GVA_DB.Where("username = ? AND password = ?", u.Username, u.Password).Preload("Authorities").Preload("Authority").First(&user).Error