权限拦截部分

# Conflicts:
#	dao/user.go

dao/logger.go

@@ -26,3 +26,13 @@ func deleteByID(id int) bool {
 	DB.Where("ID = ?", id).Delete(&Logger{})
 	return true
 }
+
+// 删除3天前的日志
+func DeleteLog(days int) bool {
+	res := DB.Exec("delete from loggers where created_at < DATE_SUB(CURDATE(), INTERVAL ? DAY)", days)
+	if res.Error != nil {
+		fmt.Println("DeleteLog error", res.Error)
+		return false
+	}
+	return true
+}

dao/user.go

@@ -17,6 +17,9 @@ type User struct {
 	Redis      bool   `gorm:"column:redis"`
 	Run        bool   `gorm:"column:run"`
 	Upload     bool   `gorm:"column:upload"`
+	VideoFunc  bool   `gorm:"column:video_func"`  //视频功能
+	DeviceFunc bool   `gorm:"column:device_func"` //设备功能
+	CIDFunc    bool   `gorm:"column:cid_func"`    //持续集成功能
 	Avatar     string `gorm:"column:avatar"`
 	CreateTime string `gorm:"column:create_time"`
 	UpdateTime string `gorm:"column:update_time"`
@@ -77,6 +80,24 @@ func UpdateUserByID(id int, name, password, email string) {
 	DB.Model(&User{}).Where("id = ?", id).Updates(User{Name: name, Password: password, Email: email})
 }
 
+// 管理员修改用户信息
 func UpdateUserByID2(id int, req proto.UpdateUserInfoReq) {
-	DB.Model(&User{}).Where("id = ?", id).Updates(User{Name: req.Username, Age: req.Age, Role: req.Role, Run: req.Run, Redis: req.Redis, Upload: req.Upload, Avatar: req.Avatar, Gender: req.Gender})
+	updateData := make(map[string]interface{})
+	updateData["Name"] = req.Username
+	updateData["Age"] = req.Age
+	updateData["Role"] = req.Role
+	updateData["Run"] = req.Run
+	updateData["Redis"] = req.Redis
+	updateData["Upload"] = req.Upload
+	updateData["VideoFunc"] = req.VideoFunc
+	updateData["DeviceFunc"] = req.DeviceFunc
+	updateData["CIDFunc"] = req.CIDFunc
+	updateData["Avatar"] = req.Avatar
+	updateData["Gender"] = req.Gender
+	DB.Model(&User{}).Where("id =?", id).Updates(updateData)
+}
+
+// 用户修改自己的信息
+func UpdateUserByID3(id int, req proto.UpdateUserInfoReq) {
+	DB.Model(&User{}).Where("id = ?", id).Updates(User{Name: req.Username, Age: req.Age, Avatar: req.Avatar, Gender: req.Gender})
 }

main.go

@@ -1,6 +1,8 @@
 package main
 
 import (
+	"encoding/json"
+	"fmt"
 	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt"
 	"github.com/robfig/cron/v3"
@@ -43,6 +45,8 @@ func main() {
 		log.Fatal("添加定时任务失败: ", err)
 	}
 	c.Start()
+	//读取配置文件，设置系统
+	ReadConfigToSetSystem()
 	r.Run(":" + proto.Config.SERVER_PORT) // listen and serve on 0.0.0.0:8083
 }
 func init() {
@@ -86,7 +90,9 @@ func writeLogger(c *gin.Context) {
 
 func JWTAuthMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		writeLogger(c)
+		if proto.Config.LOG_SAVE_DAYS > 0 {
+			writeLogger(c)
+		}
 		// 从请求头中获取 JWT 令牌
 		tokenString := c.Request.Header.Get("token")
 
@@ -123,6 +129,22 @@ func JWTAuthMiddleware() gin.HandlerFunc {
 				return
 			}
 		}
+		//查看token是否在超级token中
+		if worker.IsContainSet("super_permission_tokens", tokenString) {
+			s_id := c.Request.Header.Get("super_id")
+			if s_id == "" {
+				c.AbortWithStatus(200)
+				c.JSON(200, gin.H{
+					"message": "NOT_LOGIN",
+					"error":   "super_id is empty",
+					"code":    proto.TokenIsNull,
+				})
+				return
+			}
+			c.Set("id", s_id)
+			c.Next()
+			return
+		}
 
 		// 使用加密secret 解析 JWT 令牌
 		token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
@@ -144,6 +166,16 @@ func JWTAuthMiddleware() gin.HandlerFunc {
 		c.Set("id", token.Claims.(jwt.MapClaims)["id"])
 		c.Set("username", token.Claims.(jwt.MapClaims)["username"])
 
+		if UserFuncIntercept(int(token.Claims.(jwt.MapClaims)["id"].(float64)), c.Request.URL.Path) {
+			c.AbortWithStatus(200)
+			c.JSON(200, gin.H{
+				"message": "no function permission",
+				"error":   "no permission",
+				"code":    proto.NoPermission,
+			})
+			return
+		}
+
 		// 继续处理请求
 		c.Next()
 	}
@@ -156,4 +188,113 @@ func myTask() {
 	if proto.Config.MONITOR {
 		handler.ScanDeviceStatus()
 	}
+	//其它定时任务-通用
+	RunGeneralCron()
+
+}
+
+func ReadConfigToSetSystem() {
+	//redis添加通用定时任务
+	key := "cron_info"
+	//日志清理
+	res := worker.GetRedis(key)
+	var cron_infos []proto.CronInfo
+	if res != "" {
+		err := json.Unmarshal([]byte(res), &cron_infos)
+		if err != nil {
+			fmt.Println("ReadConfigToSetSystem Error decoding config,key value is :", res)
+		}
+
+		//查看清除日志任务是否存在
+		if proto.Config.LOG_SAVE_DAYS > 0 {
+			var is_exist bool
+			for _, v := range cron_infos {
+				if v.Type == 1 {
+					is_exist = true
+					break
+				}
+			}
+			if !is_exist {
+				var logClean proto.CronInfo
+				logClean.Type = 1
+				logClean.Info = "日志清理"
+				logClean.Curr = 86400
+				logClean.Every = 86400
+				cron_infos = append(cron_infos, logClean)
+			}
+
+		}
+	} else {
+		if proto.Config.LOG_SAVE_DAYS > 0 {
+			var logClean proto.CronInfo
+			logClean.Type = 1
+			logClean.Info = "日志清理"
+			logClean.Curr = 86400
+			logClean.Every = 86400
+			cron_infos = append(cron_infos, logClean)
+		}
+	}
+	//存入redis
+	json_data, err := json.Marshal(cron_infos)
+	if err != nil {
+		fmt.Println("ReadConfigToSetSystem Error encoding config,value is :", cron_infos)
+	} else {
+		worker.SetRedis(key, string(json_data))
+	}
+}
+
+func RunGeneralCron() {
+	//redis添加通用定时任务
+	key := "cron_info"
+	//日志清理
+	res := worker.GetRedis(key)
+	var cron_infos []proto.CronInfo
+	if res != "" {
+		err := json.Unmarshal([]byte(res), &cron_infos)
+		if err != nil {
+			fmt.Println("RunGeneralCron Error decoding config,key value is :", res)
+		}
+		for _, v := range cron_infos {
+			//1:日志清理，其他待定
+			if v.Type == 1 {
+				//日志清理
+				if v.Curr <= 0 {
+					//执行日志清理
+					go dao.DeleteLog(proto.Config.LOG_SAVE_DAYS)
+					v.Curr = v.Every
+				} else {
+					v.Curr -= 10
+				}
+			}
+		}
+		//存入redis
+		json_data, err := json.Marshal(cron_infos)
+		if err != nil {
+			fmt.Println("RunGeneralCron Error encoding config,value is :", cron_infos)
+		} else {
+			worker.SetRedis(key, string(json_data))
+		}
+
+	}
+}
+
+// 用户功能拦截,返回true表示拦截，false表示不拦截
+func UserFuncIntercept(id int, url string) bool {
+	//先查看是否有权限
+	user := dao.FindUserByUserID(id)
+	//如果用户有权限，则不拦截
+	for k, v := range proto.Per_menu_map {
+		if strings.Contains(url, k) {
+			if v == 1 && user.VideoFunc == false {
+				return true
+			}
+			if v == 2 && user.DeviceFunc == false {
+				return true
+			}
+			if v == 3 && user.CIDFunc == false {
+				return true
+			}
+		}
+	}
+	return false
 }

proto/conf.go

@@ -10,6 +10,7 @@ import (
 var Config ConfigStruct
 var SigningKey = []byte{}
 var Url_map = map[string]bool{"/login": true, "/register": true, "/uuid": true, "/gqr": true, "/cid/callback": true, "/tool/monitor": true} // 不需要token验证的url
+var Per_menu_map = map[string]int{"/video/": 1, "/device/": 2, "/cid/": 3}
 
 const (
 	MYSQL_USER     = "video_t2"
@@ -73,8 +74,9 @@ type ConfigStruct struct {
 	TOKEN_SECRET    string `json:"token_secret"`
 	CID_BASE_DIR    string `json:"cid_base_dir"`
 	FILE_BASE_DIR   string `json:"file_base_dir"`
-	MONITOR         bool   `json:"monitor"`     // 状态监控及邮件通知
-	SERVER_PORT     string `json:"server_port"` // 服务端口
+	MONITOR         bool   `json:"monitor"`       // 状态监控及邮件通知
+	SERVER_PORT     string `json:"server_port"`   // 服务端口
+	LOG_SAVE_DAYS   int    `json:"log_save_days"` // 日志保存天数,-1表示不保存，0表示永久保存
 }
 
 // 读取配置文件

proto/status.go

@@ -47,6 +47,7 @@ const (
 	NoRedisPermissions  = 51
 	NoRunPermissions    = 52
 	NoDevicePermissions = 53
+	NoPermission        = 54
 
 	//消息错误码
 	MsgSendFailed = 61 // 消息发送失败

proto/user_req.go

@@ -1,15 +1,18 @@
 package proto
 
 type UpdateUserInfoReq struct {
-	ID       int    `json:"id" form:"id"`             //用户id
-	Username string `json:"username" form:"username"` //用户名
-	Age      int    `json:"age" form:"age"`           //年龄
-	Role     string `json:"role" form:"role"`         //角色
-	Gender   string `json:"gender" form:"gender"`     //性别
-	Redis    bool   `json:"redis" form:"redis"`       //是否刷新redis
-	Upload   bool   `json:"upload" form:"upload"`     //是否上传头像
-	Run      bool   `json:"run" form:"run"`           //是否运行
-	Avatar   string `json:"avatar" form:"avatar"`     //头像
+	ID         int    `json:"id" form:"id"`                   //用户id
+	Username   string `json:"name" form:"name"`               //用户名
+	Age        int    `json:"age" form:"age"`                 //年龄
+	Role       string `json:"role" form:"role"`               //角色
+	Gender     string `json:"gender" form:"gender"`           //性别
+	Redis      bool   `json:"redis" form:"redis"`             //是否刷新redis
+	Upload     bool   `json:"upload" form:"upload"`           //是否上传头像
+	VideoFunc  bool   `json:"video_func" form:"video_func"`   //视频功能
+	DeviceFunc bool   `json:"device_func" form:"device_func"` //设备功能
+	CIDFunc    bool   `json:"cid_func" form:"cid_func"`       //持续集成功能
+	Run        bool   `json:"run" form:"run"`                 //是否运行
+	Avatar     string `json:"avatar" form:"avatar"`           //头像
 }
 
 type CIDRUN struct {
@@ -17,3 +20,11 @@ type CIDRUN struct {
 	Curr  int  `json:"curr" form:"curr"`   //当前剩余时间，每次执行减10s小于等于0则执行
 	Every int  `json:"every" form:"every"` //每隔多少秒执行一次,小于等于0表示不执行，时间粒度为10s
 }
+
+// 用于执行函数，方法
+type CronInfo struct {
+	Type  int    `json:"type" form:"type"`   //类型编码,1日志清理（且只会有一个），其他待定
+	Info  string `json:"info" form:"info"`   //信息
+	Curr  int    `json:"curr" form:"curr"`   //当前剩余时间，每次执行减10s小于等于0则执行
+	Every int    `json:"every" form:"every"` //每隔多少秒执行一次,小于等于0表示不执行，时间粒度为10s
+}

service/userService.go

@@ -44,8 +44,9 @@ func GetUserByNameLike(name string) []proto.User {
 
 func UpdateUser(user_id int, req proto.UpdateUserInfoReq) (int, error) {
 	cur_user := dao.FindUserByID2(user_id)
-	if user_id == req.ID {
-		dao.UpdateUserByID2(user_id, req)
+	//fmt.Println("cur_user:", cur_user, "req:", req)
+	if user_id == req.ID && cur_user.Role != "admin" {
+		dao.UpdateUserByID3(user_id, req) //用户修改自己的信息，不能修改权限信息
 		return user_id, nil
 	} else if cur_user.Role == "admin" {
 		dao.UpdateUserByID2(req.ID, req)