剔除之前的权限控制

forked-project · Jan 16, 2024 · a8a2c72 · a8a2c72
1 parent 6631b66
commit a8a2c72
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 141 deletions.
diff --git a/model/init.go b/model/init.go
@@ -346,96 +346,12 @@ func (m *DBModel) initDatabase() (err error) {
 		return
 	}
 
-	// 从group中迁移权限(需要先检测数据库表permission中是否已存在相应权限id)
-	if err = m.migratePermissionAccesses(); err != nil {
-		m.logger.Error("migratePermissionAccesses", zap.Error(err))
-	}
-
 	// 初始化静态页面SEO
 	m.InitSEO()
 
 	return
 }
 
-func (m *DBModel) migratePermissionAccesses() (err error) {
-	// 1. 查询所有 access permission
-	var (
-		permissions           []Permission
-		permissionId          []int64
-		existGroupPermissions []GroupPermission
-		accessMap             = make(map[string]Permission)
-	)
-
-	err = m.db.Where("method = ?", PermissionMethodAccess).Find(&permissions).Error
-	if err != nil && err != gorm.ErrRecordNotFound {
-		m.logger.Error("migratePermissionAccesses", zap.Error(err))
-		return
-	}
-
-	for _, permission := range permissions {
-		permissionId = append(permissionId, permission.Id)
-		accessMap[strings.ToLower(permission.Path)] = permission
-	}
-
-	// 在 group_permission
-	m.db.Where("permission_id in (?)", permissionId).Find(&existGroupPermissions)
-	if len(existGroupPermissions) > 0 { // 已存在，不用迁移
-		return
-	}
-
-	// 2. 查询所有用户组
-	var groups []Group
-	err = m.db.Find(&groups).Error
-	if err != nil && err != gorm.ErrRecordNotFound {
-		m.logger.Error("migratePermissionAccesses", zap.Error(err))
-		return
-	}
-
-	// 3. 给所有用户组授权
-	var groupPermissions []GroupPermission
-	for _, group := range groups {
-
-		// 默认允许评论
-		if p, ok := accessMap[strings.ToLower(PermissionAccessComment)]; ok {
-			groupPermissions = append(groupPermissions, GroupPermission{
-				GroupId:      group.Id,
-				PermissionId: p.Id,
-			})
-		}
-
-		// 评论是否需要审核
-		if group.EnableCommentApproval {
-			if p, ok := accessMap[strings.ToLower(PermissionAccessCommentNeedReview)]; ok {
-				groupPermissions = append(groupPermissions, GroupPermission{
-					GroupId:      group.Id,
-					PermissionId: p.Id,
-				})
-			}
-		}
-
-		// 上传文档。如果用户组允许上传文档，则给用户组授权，同时默认文档免审
-		if group.EnableUpload {
-			if p, ok := accessMap[strings.ToLower(PermissionAccessUploadDocument)]; ok {
-				groupPermissions = append(groupPermissions, GroupPermission{
-					GroupId:      group.Id,
-					PermissionId: p.Id,
-				})
-			}
-		}
-
-	}
-
-	if len(groupPermissions) == 0 {
-		return
-	}
-
-	err = m.db.Create(&groupPermissions).Error
-	if err != nil {
-		m.logger.Error("migratePermissionAccesses", zap.Error(err))
-	}
-	return
-}
-
 // 初始化用户组
 func (m *DBModel) initGroupAndPermission() (err error) {
 	groups := []Group{
@@ -473,27 +389,6 @@ func (m *DBModel) initGroupAndPermission() (err error) {
 			return
 		}
 	}
-
-	// 功能权限
-	for _, permission := range m.getPermissionAccesses() {
-		permissionId := permission.Id
-		err = sess.Where("method = ? and path = ?", permission.Method, permission.Path).FirstOrCreate(&permission).Error
-		if err != nil {
-			m.logger.Error("initPermission", zap.Error(err))
-			return
-		}
-		// 给用户组ID为1的用户组授权
-		gp := &GroupPermission{
-			GroupId:      1,
-			PermissionId: permissionId,
-		}
-		err = sess.Where("group_id = ? and permission_id = ?", gp.GroupId, gp.PermissionId).FirstOrCreate(gp).Error
-		if err != nil {
-			m.logger.Error("initGroupPermission", zap.Error(err))
-			return
-		}
-	}
-
 	return
 }
 

diff --git a/model/permission.go b/model/permission.go
@@ -7,31 +7,6 @@ import (
 	"gorm.io/gorm"
 )
 
-const (
-	// GRPC 请求
-	PermissionMethodGRPC = "GRPC"
-
-	// 前台功能权限
-	PermissionMethodAccess = "ACCESS"
-
-	// 普通的HTTP请求
-	PermissionMethodPost = "POST"
-	PermissionMethodGet  = "GET"
-	PermissionMethodPut  = "PUT"
-	PermissionMethodDel  = "DELETE"
-)
-
-const (
-	// 是否允许发表评论
-	PermissionAccessComment = "Comment"
-	// 评论是否免审
-	PermissionAccessCommentNeedReview = "CommentNeedReview"
-	// 是否允许上传文档
-	PermissionAccessUploadDocument = "UploadDocument"
-	// 上传的文档是否需要审核
-	PermissionAccessDocumentNeedReview = "DocumentNeedReview"
-)
-
 type Permission struct {
 	Id          int64      `form:"id" json:"id,omitempty" gorm:"primaryKey;autoIncrement;column:id;comment:;"`
 	Method      string     `form:"method" json:"method,omitempty" gorm:"column:method;type:varchar(16);size:16;index:method_path,unique;index:idx_method;comment:请求方法，如GRPC、GET、POST、PUT、DELETE、ACCESS等，其中ACCESS表示前台功能;"`
@@ -205,7 +180,6 @@ func (m *DBModel) GetPermissionList(opt *OptionGetPermissionList) (permissionLis
 
 	db = m.generateQueryIn(db, tableName, opt.QueryIn)
 	db = m.generateQueryLike(db, tableName, opt.QueryLike)
-	db = db.Where("method != ?", PermissionMethodAccess)
 
 	if opt.WithCount {
 		err = db.Count(&total).Error
@@ -228,13 +202,3 @@ func (m *DBModel) GetPermissionList(opt *OptionGetPermissionList) (permissionLis
 	}
 	return
 }
-
-func (m *DBModel) getPermissionAccesses() (accesses []Permission) {
-	accesses = []Permission{
-		{Method: PermissionMethodAccess, Path: PermissionAccessComment, Title: "允许评论", Description: "是否允许用户进行评论。"},
-		{Method: PermissionMethodAccess, Path: PermissionAccessCommentNeedReview, Title: "评论审核", Description: "用户发表的评论是否需要审核才能显示。"},
-		{Method: PermissionMethodAccess, Path: PermissionAccessUploadDocument, Title: "上传文档", Description: "是否允许用户上传文档。"},
-		{Method: PermissionMethodAccess, Path: PermissionAccessDocumentNeedReview, Title: "文档审核", Description: "用户上传的文档是否需要审核才能显示。"},
-	}
-	return
-}