Merge pull request #815 from dyzsoft/master

优化：casbin验证优化
3 years ago · cdd965f5b2
5 changed files with 8 additions and 32 deletions
--- a/server/go.mod
+++ b/server/go.mod
@ -16,7 +16,6 @@ require (
 	github.com/go-redis/redis/v8 v8.11.0
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/gookit/color v1.3.1
-	github.com/jackc/pgx/v4 v4.7.1
 	github.com/jordan-wright/email v0.0.0-20200824153738-3f5bafa1cd84
 	github.com/mojocn/base64Captcha v1.3.1
 	github.com/natefinch/lumberjack v2.0.0+incompatible
--- a/server/middleware/casbin_rbac.go
+++ b/server/middleware/casbin_rbac.go
@ -14,8 +14,8 @@ var casbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService
 func CasbinHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		waitUse, _ := utils.GetClaims(c)
-		// 获取请求的URI
-		obj := c.Request.URL.RequestURI()
+		// 获取请求的PATH
+		obj := c.Request.URL.Path
 		// 获取请求方法
 		act := c.Request.Method
 		// 获取用户的角色
--- a/server/resource/rbac_model.conf
+++ b/server/resource/rbac_model.conf
@ -11,4 +11,4 @@ g = _, _
 e = some(where (p.eft == allow))

 [matchers]
-m = r.sub == p.sub && ParamsMatch(r.obj,p.obj) && r.act == p.act
+m = r.sub == p.sub && keyMatch2(r.obj,p.obj) && r.act == p.act
--- a/server/service/system/sys_casbin.go
+++ b/server/service/system/sys_casbin.go
@ -2,11 +2,9 @@ package system

 import (
 	"errors"
-	"strings"
 	"sync"

 	"github.com/casbin/casbin/v2"
-	"github.com/casbin/casbin/v2/util"
 	gormadapter "github.com/casbin/gorm-adapter/v3"
 	"github.com/flipped-aurora/gin-vue-admin/server/global"
 	"github.com/flipped-aurora/gin-vue-admin/server/model/system"
@ -104,33 +102,7 @@ func (casbinService *CasbinService) Casbin() *casbin.SyncedEnforcer {
 	once.Do(func() {
 		a, _ := gormadapter.NewAdapterByDB(global.GVA_DB)
 		syncedEnforcer, _ = casbin.NewSyncedEnforcer(global.GVA_CONFIG.Casbin.ModelPath, a)
-		syncedEnforcer.AddFunction("ParamsMatch", casbinService.ParamsMatchFunc)
 	})
 	_ = syncedEnforcer.LoadPolicy()
 	return syncedEnforcer
 }
-
-//@author: [piexlmax](https://github.com/piexlmax)
-//@function: ParamsMatch
-//@description: 自定义规则函数
-//@param: fullNameKey1 string, key2 string
-//@return: bool
-
-func (casbinService *CasbinService) ParamsMatch(fullNameKey1 string, key2 string) bool {
-	key1 := strings.Split(fullNameKey1, "?")[0]
-	// 剥离路径后再使用casbin的keyMatch2
-	return util.KeyMatch2(key1, key2)
-}
-
-//@author: [piexlmax](https://github.com/piexlmax)
-//@function: ParamsMatchFunc
-//@description: 自定义规则函数
-//@param: args ...interface{}
-//@return: interface{}, error
-
-func (casbinService *CasbinService) ParamsMatchFunc(args ...interface{}) (interface{}, error) {
-	name1 := args[0].(string)
-	name2 := args[1].(string)
-
-	return casbinService.ParamsMatch(name1, name2), nil
-}
--- a/server/service/system/sys_user.go
+++ b/server/service/system/sys_user.go
@ -2,6 +2,7 @@ package system

 import (
 	"errors"
+	"fmt"

 	"github.com/flipped-aurora/gin-vue-admin/server/global"
 	"github.com/flipped-aurora/gin-vue-admin/server/model/common/request"
@ -39,6 +40,10 @@ func (userService *UserService) Register(u system.SysUser) (err error, userInter
 //@return: err error, userInter *model.SysUser

 func (userService *UserService) Login(u *system.SysUser) (err error, userInter *system.SysUser) {
+	if nil == global.GVA_DB {
+		return fmt.Errorf("db not init"), nil
+	}
+
 	var user system.SysUser
 	u.Password = utils.MD5V([]byte(u.Password))
 	err = global.GVA_DB.Where("username = ? AND password = ?", u.Username, u.Password).Preload("Authorities").Preload("Authority").First(&user).Error