From daeaf08854843a51eae061de8a2a479158c345ec Mon Sep 17 00:00:00 2001
From: weizhihong <weizhihong@joylink.club>
Date: Wed, 30 Aug 2023 15:04:42 +0800
Subject: [PATCH] =?UTF-8?q?=E3=80=90=E7=94=A8=E6=88=B7=E6=97=A0=E8=A7=92?=
 =?UTF-8?q?=E8=89=B2=E5=85=B3=E8=81=94=E6=97=B6=EF=BC=8C=E9=BB=98=E8=AE=A4?=
 =?UTF-8?q?=E6=99=AE=E9=80=9A=E7=94=A8=E6=88=B7=E8=A7=92=E8=89=B2=E3=80=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 dto/auth.go     |  4 +++
 service/auth.go | 66 +++++++++++++++++++++++++------------------------
 service/user.go |  3 ---
 3 files changed, 38 insertions(+), 35 deletions(-)

diff --git a/dto/auth.go b/dto/auth.go
index 879302d..1d078c5 100644
--- a/dto/auth.go
+++ b/dto/auth.go
@@ -55,6 +55,10 @@ const (
 	USER
 )
 
+func IsSystemRole(role int32) bool {
+	return role == int32(ADMIN) || role == int32(USER)
+}
+
 type AuthUserStorageDto struct {
 	UID       int32       `json:"uid" form:"uid"`
 	IsAdmin   bool        `json:"isAdmin" form:"isAdmin"`
diff --git a/service/auth.go b/service/auth.go
index edf8ade..99de831 100644
--- a/service/auth.go
+++ b/service/auth.go
@@ -87,8 +87,8 @@ func UpdateAuthRole(rid int32, info *dto.AuthRoleReqDto) bool {
 	if err != nil {
 		panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err.Error()})
 	}
-	if role.Weight == int32(dto.ADMIN) {
-		panic(dto.ErrorDto{Code: dto.DataOperationError, Message: "超级管理员不可编辑"})
+	if dto.IsSystemRole(role.Weight) {
+		panic(dto.ErrorDto{Code: dto.DataOperationError, Message: "系统角色不可编辑"})
 	}
 	role.Name = info.Name
 	// 更新名称
@@ -117,8 +117,8 @@ func DeleteAuthRole(rid int32) bool {
 	if err1 != nil {
 		panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err1.Error()})
 	}
-	if oldD.Weight == int32(dto.ADMIN) {
-		panic(dto.ErrorDto{Code: dto.DataOperationError, Message: "超级管理员不可删除"})
+	if dto.IsSystemRole(oldD.Weight) {
+		panic(dto.ErrorDto{Code: dto.DataOperationError, Message: "系统角色不可删除"})
 	}
 	// 如果有用户关联则不删除
 	count, err2 := dbquery.AuthRoleUser.Where(dbquery.AuthRoleUser.Rid.Eq(rid)).Count()
@@ -234,47 +234,49 @@ func UserLinkRole(linkInfo *dto.AuthRoleUserReqDto) bool {
 
 // 查询用户权限信息
 func QueryUserAuthApiPath(uid int32) *dto.AuthUserStorageDto {
-	linkRids, err1 := dbquery.AuthRoleUser.Where(dbquery.AuthRoleUser.UID.Eq(uid)).Find()
+	linkRids, err1 := dbquery.AuthRoleUser.Distinct(dbquery.AuthRoleUser.Rid).Where(dbquery.AuthRoleUser.UID.Eq(uid)).Find()
 	if err1 != nil {
 		panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err1.Error()})
 	}
 	authUser := &dto.AuthUserStorageDto{UID: uid, IsAdmin: false}
-	rn := len(linkRids)
+	rn := len(linkRids) // 查询用户角色
+	roleQuery := dbquery.AuthRole.Where()
 	if rn > 0 {
 		rids := make([]int32, rn)
 		for i, r := range linkRids {
 			rids[i] = r.Rid
 		}
 		authUser.RoleIds = rids // 用户角色ID
-		// 查询用户角色信息
-		roles, err2 := dbquery.AuthRole.Where(dbquery.AuthRole.ID.In(rids...)).Find()
-		if err2 != nil {
-			panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err2.Error()})
+		roleQuery = roleQuery.Where(dbquery.AuthRole.ID.In(rids...))
+	}
+	// 查询用户角色信息
+	roles, err2 := roleQuery.Or(dbquery.AuthRole.Weight.Eq(int32(dto.USER))).Find()
+	if err2 != nil {
+		panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err2.Error()})
+	}
+	// 判断是否是管理员
+	rids := make([]int32, len(roles))
+	for i, r := range roles {
+		rids[i] = r.ID
+		authUser.IsAdmin = authUser.IsAdmin || (r.Weight == int32(dto.ADMIN))
+	}
+	if !authUser.IsAdmin { // 非管理员时，查询角色权限路径
+		// 查询角色与路径关联信息
+		linkPids, err3 := dbquery.AuthRoleAPIPath.Distinct(dbquery.AuthRoleAPIPath.Pid).Where(dbquery.AuthRoleAPIPath.Rid.In(rids...)).Find()
+		if err3 != nil {
+			panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err3.Error()})
 		}
-		// 判断是否是管理员
-		for _, r := range roles {
-			authUser.IsAdmin = (authUser.IsAdmin || (r.Weight == int32(dto.ADMIN)))
-		}
-		// 非管理员时，查询角色权限路径
-		if !authUser.IsAdmin {
-			// 查询角色与路径关联信息
-			linkPids, err3 := dbquery.AuthRoleAPIPath.Distinct(dbquery.AuthRoleAPIPath.Pid).Where(dbquery.AuthRoleAPIPath.Rid.In(rids...)).Find()
-			if err3 != nil {
-				panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err3.Error()})
+		pn := len(linkPids)
+		if pn > 0 {
+			pids := make([]int32, pn)
+			for i, r := range linkPids {
+				pids[i] = r.Pid
 			}
-			pn := len(linkPids)
-			if pn > 0 {
-				pids := make([]int32, pn)
-				for i, r := range linkPids {
-					pids[i] = r.Pid
-				}
-				apiPaths, err4 := dbquery.AuthAPIPath.Where(dbquery.AuthAPIPath.ID.In(pids...)).Find()
-				if err4 != nil {
-					panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err4.Error()})
-				}
-				// 赋值路径数组
-				authUser.AuthPaths = dto.ConvertFromAuthPath(apiPaths)
+			apiPaths, err4 := dbquery.AuthAPIPath.Where(dbquery.AuthAPIPath.ID.In(pids...)).Find()
+			if err4 != nil {
+				panic(dto.ErrorDto{Code: dto.DataOperationError, Message: err4.Error()})
 			}
+			authUser.AuthPaths = dto.ConvertFromAuthPath(apiPaths) // 赋值路径数组
 		}
 	}
 	return authUser
diff --git a/service/user.go b/service/user.go
index 7ae00ff..f00e676 100644
--- a/service/user.go
+++ b/service/user.go
@@ -35,9 +35,6 @@ func Register(user *dto.RegisterUser) {
 			panic(err)
 		}
 	}()
-	/*	if user.Mobile == "" || len([]rune(user.Mobile)) != 13 {
-		panic("asdfasdf")
-	}*/
 	u := dbquery.User
 	uq := u.Where()
 	uq = uq.Where(u.Mobile.Eq(user.Mobile))