v1.2.3

Branches (1)

Tags (23)

Manage

Manage

master

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.9

v1.1.8

v1.1.7

v1.1.6

v1.1.5

v1.1.4

v1.1.3

v1.1.1

v1.1.2

v1.1.0

v1.0.9

v1.0.8

v1.0.7

v1.0.6

v1.0.5

v1.0.4

multiapp
/
policy
/
policy_middleware.go

package policy

import (
	"net/http"

	"gitee.com/pangxianfei/multiapp/tmaic"
	"github.com/gin-gonic/gin"
)

type UserNotPermitError struct{}

func (e UserNotPermitError) Error() string {
	return "user has no permission"
}

func Middleware(policy Policier, action Action, c Context, params []gin.Param) {

	// get route url param
	routeParamMap := make(map[string]string)
	for _, param := range params {
		routeParamMap[param.Key] = param.Value
	}

	// get user
	if err := c.ScanUser(); err != nil {
		c.JSON(http.StatusUnprocessableEntity, tmaic.V{
			"code":    http.StatusUnprocessableEntity,
			"message": err,
			"data":    nil,
		})
		c.Abort()
		return
	}

	// validate policy
	if !policyValidate(c.User(), policy, action, routeParamMap) {
		forbid(c)
		c.Abort()
		return
	}
	c.Next()
}

func forbid(c Context) {
	c.JSON(http.StatusForbidden, tmaic.V{
		"code":    http.StatusForbidden,
		"message": UserNotPermitError{}.Error(),
		"data":    nil,
	})
}