property-applete-gateway/route/middleware/permission.go

package middleware

import (
	"fmt"
	"git.getensh.com/common/gopkgs/cache"
	"github.com/tidwall/gjson"
	"google.golang.org/grpc/status"
	"strings"
	"property-applete-gateway/errors"
)

const SystemPermissionChangeKeyPrefix = "system_permission_change_"
const GlobalPermissionKey = "property_global_permission"
func globalPermissionTime() string {
	str, _ := cache.Redis().Get(GlobalPermissionKey)
	return str
}

func userPermissionTime(uid int64) string {
	key := fmt.Sprintf("%s%d", SystemPermissionChangeKeyPrefix, uid)
	str, _ := cache.Redis().Get(key)
	return str
}


func checkPermission(routers map[string]gjson.Result, router string, uid int64, gPermissionTime string, uPermissionTime string) error {
	//手机号登录选择账户不作权限检查
	if strings.Contains(router, "user/choose_user") {
		return nil
	}

	// 权限变更触发重新登录
	if  gPermissionTime != globalPermissionTime() || uPermissionTime != userPermissionTime(uid) {
		return status.Error(10011, "权限已变更，重新登录")
	}

	array := strings.Split(router, "?")
	array = strings.Split(array[0], "/")
	path := ""
	// 逐个匹配路径
	for _, v := range array {
		if v == "" {
			continue
		}
		path = path + "/" + v
		if _, ok := routers[path]; ok {
			return nil
		}
	}


	return errors.PermissionError
}