Browse Source

(*)用户数据范围值获取

master
zmh 1 year ago
parent
commit
9483be6454
  1. 50
      api/app/lib/controllers/auth/index.js
  2. 20
      api/app/lib/middlewares/authenticator.js

50
api/app/lib/controllers/auth/index.js

@ -4,7 +4,52 @@ const MD5 = require('crypto-js/md5');
const moment = require('moment'); const moment = require('moment');
const uuid = require('uuid'); const uuid = require('uuid');
async function login (ctx, next) { async function getDataRange(ctx) {
//null为所有权限,不加条件过滤
let userIds = null;
let departmentNames = null;
let userNames = null;
let dataRange = null;
const { adminHr, id, department, allDepartment } = ctx.fs.api.userInfo;
//人资管理-所有权限
if (adminHr.filter(admin => admin.id == id).length) {
dataRange = 1;
} else {
const models = ctx.fs.dc.models;
//获取用户对应角色的最高数据范围
let roleRes = await models.Role.findAll({
include: [{
model: models.UserRole,
where: { userId: id }
}]
})
if (roleRes.some(r => r.dataRange && r.dataRange === 1)) {
dataRange = 1;
} else {
const departments = allDepartment.departments;
dataRange = 2;
userIds = [];
userNames = [];
if (department && departments) {
let userDeps = department.map(d => d.id);
departmentNames = department.map(d => d.name);
let deps = departments.filter(d => userDeps.indexOf(d.id) > -1)
if (deps && deps.length > 0) {
deps.map(d => d.users.map(u => {
if (userIds.indexOf(u.id) < 0) {
userIds.push(u.id);
userNames.push(u.name);
}
}));
}
}
}
}
return { dataRange, userIds, departmentNames, userNames };
}
async function login(ctx, next) {
// const transaction = await ctx.fs.dc.orm.transaction(); // const transaction = await ctx.fs.dc.orm.transaction();
try { try {
const models = ctx.fs.dc.models; const models = ctx.fs.dc.models;
@ -58,7 +103,7 @@ async function login (ctx, next) {
} }
} }
async function logout (ctx) { async function logout(ctx) {
try { try {
const models = ctx.fs.dc.models; const models = ctx.fs.dc.models;
const params = ctx.request.body; const params = ctx.request.body;
@ -81,4 +126,5 @@ async function logout (ctx) {
module.exports = { module.exports = {
login, login,
logout, logout,
getDataRange
}; };

20
api/app/lib/middlewares/authenticator.js

@ -72,32 +72,16 @@ let authorizeToken = async function (ctx, token) {
if (token && tokenFormatRegexp.test(token)) { if (token && tokenFormatRegexp.test(token)) {
try { try {
const expired = await ctx.redis.hget(token, 'expired'); const expired = await ctx.redis.hget(token, 'expired');
// const authorizeRes = await ctx.app.fs.emisRequest.get('authorize', {
// query: { token }
// })
// const { userInfo, expired } = authorizeRes;
// TODO 从项企 clickhouse 数据库中查 token 并更新 // TODO 从项企 clickhouse 数据库中查 token 并更新
if (expired && moment().valueOf() <= moment(expired).valueOf()) { if (expired && moment().valueOf() <= moment(expired).valueOf()) {
const userInfo = JSON.parse(await ctx.redis.hmget(token, 'userInfo')); const userInfo = JSON.parse(await ctx.redis.hmget(token, 'userInfo'));
const { pomsUserInfo: pomsUser } = userInfo
// const pomsUser = await ctx.app.fs.dc.models.User.findOne({
// where: {
// pepUserId: userInfo.id
// }
// }) || {}
rslt = { rslt = {
'authorized': userInfo.authorized, 'authorized': userInfo.authorized,
'resources': (userInfo || {}).resources || [], 'resources': (userInfo || {}).resources || [],
}; };
ctx.fs.api.userId = pomsUser.id; ctx.fs.api.userId = userInfo.id;
ctx.fs.api.userInfo = pomsUser; ctx.fs.api.userInfo = userInfo;
ctx.fs.api.pepUserId = userInfo.id; ctx.fs.api.pepUserId = userInfo.id;
ctx.fs.api.pepUserInfo = userInfo;
ctx.fs.api.token = token; ctx.fs.api.token = token;
} }
} catch (err) { } catch (err) {

Loading…
Cancel
Save