Merge pull request 'feat-IRONFANS-70' (#309) from feat-IRONFANS-70 into test

Reviewed-on: http://121.41.31.146:3000/wishpal_ironfan/service/pulls/309
This commit is contained in:
chenhao 2024-04-22 07:18:47 +08:00
commit 0df6e2b2fc
1 changed files with 83 additions and 0 deletions

View File

@ -27,6 +27,7 @@ type AuthBusinessValidator struct {
accountrelation *dbstruct.AccountRelation
momentCreateTimes *dbstruct.MomentCreateTimes
accountpunishment *dbstruct.AccountPunishment
zoneThirdPartner *dbstruct.ZoneThirdPartner
}
func NewAuthBusinessValidator(ctx *gin.Context, req any) *AuthBusinessValidator {
@ -51,6 +52,18 @@ func (a *AuthBusinessValidator) EnsureIsOperatingHisOwn(reqMid int64) *AuthBusin
return a
}
// 确认不对本人操作
func (a *AuthBusinessValidator) EnsureIsNotOperatingHisOwn(Uid int64) *AuthBusinessValidator {
a.oplist = append(a.oplist, func() {
if a.OperMid != Uid {
logger.Error("Insufficient privileges: this operation is self-execute-only")
a.ec = errcode.ErrCodeOperationToSelfIsNotPermitted
return
}
})
return a
}
// 查询账户
func (a *AuthBusinessValidator) QueryAccount(QueryFunc func(ctx *gin.Context, req *accountproto.OpListByMidReq) (*dbstruct.Account, error)) *AuthBusinessValidator {
a.oplist = append(a.oplist, func() {
@ -69,6 +82,24 @@ func (a *AuthBusinessValidator) QueryAccount(QueryFunc func(ctx *gin.Context, re
return a
}
// 查询指定账户
func (a *AuthBusinessValidator) QueryAccountForUid(QueryFunc func(ctx *gin.Context, req *accountproto.OpListByMidReq) (*dbstruct.Account, error), Uid int64) *AuthBusinessValidator {
a.oplist = append(a.oplist, func() {
listByMidReq := &accountproto.OpListByMidReq{
Mid: goproto.Int64(Uid),
}
account, err := QueryFunc(a.ctx, listByMidReq)
if err != nil {
logger.Error("Query account failed, err: %v", err)
a.ec = errcode.ErrCodeAccountSrvFail
return
}
a.account = account
})
return a
}
func (a *AuthBusinessValidator) EnsureAccountExist() *AuthBusinessValidator {
a.oplist = append(a.oplist, func() {
if a.account == nil {
@ -127,6 +158,21 @@ func (a *AuthBusinessValidator) EnsureIsInTheseRoles(roles []int64) *AuthBusines
return a
}
// 角色鉴权
func (a *AuthBusinessValidator) EnsureIsNotThisRole(role int64) *AuthBusinessValidator {
a.oplist = append(a.oplist, func() {
accountRole := util.DerefInt64(a.account.Role)
if accountRole == role {
logger.Error("Insufficient privileges of role: %v, this operation to %v is not permitted", consts.RoleNameMap[role])
a.ec = errcode.ErrCodeRolePrivilegesNotEnough
return
}
})
return a
}
// 角色鉴权-后台系统
func (a *AuthBusinessValidator) EnsureIsOpRole() *AuthBusinessValidator {
a.oplist = append(a.oplist, func() {
@ -454,6 +500,43 @@ func (l *AuthBusinessValidator) EnsureZoneMomentImagesEnoughForEncryption(mType
}
func (l *AuthBusinessValidator) QueryZoneThirdPartnerByZid(fun func(*gin.Context, int64) (*dbstruct.ZoneThirdPartner, error), zid int64) *AuthBusinessValidator {
l.oplist = append(l.oplist, func() {
zoneThirdPartner, err := fun(l.ctx, zid)
if err != nil {
l.ec = errcode.ErrCodeZoneThirdPartnerSrvFail
return
}
l.zoneThirdPartner = zoneThirdPartner
})
return l
}
func (l *AuthBusinessValidator) EnsureZoneThirdPartnerExist() *AuthBusinessValidator {
l.oplist = append(l.oplist, func() {
if l.zoneThirdPartner == nil {
l.ec = errcode.ErrCodeZoneThirdPartnerNotExist
return
}
})
return l
}
func (l *AuthBusinessValidator) EnsureZoneCollaboratorCreaterIsZoneThirdPartner(createrMid int64) *AuthBusinessValidator {
l.oplist = append(l.oplist, func() {
if l.zoneThirdPartner.GetThirdPartnerMid() != createrMid {
l.ec = errcode.ErrCodeZoneCollaboratorCreateIsZTPOnlyOperation
return
}
})
return l
}
// 执行校验
func (a *AuthBusinessValidator) Validate() *AuthBusinessValidator {
a.BusinessValidateStream.Validate()