chengqian
/
lc_veterans


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182
							package middleware

import (
	"fmt"
	"github.com/gin-gonic/gin"
	"iot_manager_service/app/file/dao"
	dao2 "iot_manager_service/app/user/dao"
	"iot_manager_service/util/common"
	"iot_manager_service/util/token"
	"net/http"
	"strconv"
	"strings"
	"time"
)

// 校验用户对文件的权限
func CheckAuth() gin.HandlerFunc {
	return func(c *gin.Context) {
		header := c.GetHeader("Authorization")
		claims, _ := token.JwtClaims.ParseJwtToken(header)

		userdao := dao2.SysUser{}
		id, _ := strconv.Atoi(claims.ID)
		nowSysUser, err2 := userdao.GetNowSysUser(id)
		if err2 != nil {
			panic(err2)
		}
		userAuth := nowSysUser.AuthId

		var permissionMap = map[string]struct {
			index   string
			message string
		}{
			"/viewFile":       {"1", "查看"},
			"/downloadFile":   {"2", "下载"},
			"/forwardingFile": {"3", "转发"},
		}

		for url, obj := range permissionMap {
			if strings.Contains(c.Request.RequestURI, url) {
				fileid := c.Query("fileId")

				filedao := &dao.File{}
				fileInfo, err := filedao.GetFileInfo(fileid, claims.ID)
				if err != nil {
					c.JSON(http.StatusOK, err)
					c.Abort()
					return
				}

				fileAuth := fileInfo.AuthId
				// 将时间字符串解析为时间对象
				targetTime, _ := time.Parse("2006-01-02 15:04:05 -0700 MST", fileInfo.EffectiveDate.String())
				now := time.Now()
				// 比较两个时间
				if !now.Before(targetTime) {
					c.JSON(http.StatusForbidden, common.StatusForbidden("访问时间已过，无权访问", nil))
					c.Abort()
					return
				}

				if !strings.Contains(fileAuth, obj.index) {
					c.JSON(http.StatusForbidden, common.StatusForbidden(fmt.Sprintf("抱歉，该文件不支持【%s】操作，请联系管理员。", obj.message), nil))
					c.Abort()
					return
				}
				if !strings.Contains(userAuth, obj.index) {
					c.JSON(http.StatusForbidden, common.StatusForbidden(fmt.Sprintf("抱歉，您没有对文件的【%s】权限，请联系管理员。", obj.message), nil))
					c.Abort()
					return
				}
			}
		}

		if strings.Contains(c.Request.RequestURI, "/upload") && !strings.Contains(userAuth, "4") {
			c.JSON(http.StatusForbidden, common.StatusForbidden("您没有上传权限，请联系管理员。", nil))
			c.Abort()
			return
		}
		c.Next()
	}
}