2024-04-22 07:18:48 +08:00
1 changed files with 83 additions and 0 deletions
--- a/app/mix/service/business_validator/auth.go
+++ b/app/mix/service/business_validator/auth.go
@ -27,6 +27,7 @@ type AuthBusinessValidator struct {
 	accountrelation   *dbstruct.AccountRelation
 	momentCreateTimes *dbstruct.MomentCreateTimes
 	accountpunishment *dbstruct.AccountPunishment
 	zoneThirdPartner  *dbstruct.ZoneThirdPartner
 }
 func NewAuthBusinessValidator(ctx *gin.Context, req any) *AuthBusinessValidator {
@ -51,6 +52,18 @@ func (a *AuthBusinessValidator) EnsureIsOperatingHisOwn(reqMid int64) *AuthBusin
 	return a
 }
 // 确认不对本人操作
 func (a *AuthBusinessValidator) EnsureIsNotOperatingHisOwn(Uid int64) *AuthBusinessValidator {
 	a.oplist = append(a.oplist, func() {
 		if a.OperMid != Uid {
 			logger.Error("Insufficient privileges: this operation is self-execute-only")
 			a.ec = errcode.ErrCodeOperationToSelfIsNotPermitted
 			return
 		}
 	})
 	return a
 }
 // 查询账户
 func (a *AuthBusinessValidator) QueryAccount(QueryFunc func(ctx *gin.Context, req *accountproto.OpListByMidReq) (*dbstruct.Account, error)) *AuthBusinessValidator {
 	a.oplist = append(a.oplist, func() {
@ -69,6 +82,24 @@ func (a *AuthBusinessValidator) QueryAccount(QueryFunc func(ctx *gin.Context, re
 	return a
 }
 // 查询指定账户
 func (a *AuthBusinessValidator) QueryAccountForUid(QueryFunc func(ctx *gin.Context, req *accountproto.OpListByMidReq) (*dbstruct.Account, error), Uid int64) *AuthBusinessValidator {
 	a.oplist = append(a.oplist, func() {
 		listByMidReq := &accountproto.OpListByMidReq{
 			Mid: goproto.Int64(Uid),
 		}
 		account, err := QueryFunc(a.ctx, listByMidReq)
 		if err != nil {
 			logger.Error("Query account failed, err: %v", err)
 			a.ec = errcode.ErrCodeAccountSrvFail
 			return
 		}
 		a.account = account
 	})
 	return a
 }
 func (a *AuthBusinessValidator) EnsureAccountExist() *AuthBusinessValidator {
 	a.oplist = append(a.oplist, func() {
 		if a.account == nil {
@ -127,6 +158,21 @@ func (a *AuthBusinessValidator) EnsureIsInTheseRoles(roles []int64) *AuthBusines
 	return a
 }
 // 角色鉴权
 func (a *AuthBusinessValidator) EnsureIsNotThisRole(role int64) *AuthBusinessValidator {
 	a.oplist = append(a.oplist, func() {
 		accountRole := util.DerefInt64(a.account.Role)
 		if accountRole == role {
 			logger.Error("Insufficient privileges of role: %v, this operation to %v is not permitted", consts.RoleNameMap[role])
 			a.ec = errcode.ErrCodeRolePrivilegesNotEnough
 			return
 		}
 	})
 	return a
 }
 // 角色鉴权-后台系统
 func (a *AuthBusinessValidator) EnsureIsOpRole() *AuthBusinessValidator {
 	a.oplist = append(a.oplist, func() {
@ -454,6 +500,43 @@ func (l *AuthBusinessValidator) EnsureZoneMomentImagesEnoughForEncryption(mType
 }
 func (l *AuthBusinessValidator) QueryZoneThirdPartnerByZid(fun func(*gin.Context, int64) (*dbstruct.ZoneThirdPartner, error), zid int64) *AuthBusinessValidator {
 	l.oplist = append(l.oplist, func() {
 		zoneThirdPartner, err := fun(l.ctx, zid)
 		if err != nil {
 			l.ec = errcode.ErrCodeZoneThirdPartnerSrvFail
 			return
 		}
 		l.zoneThirdPartner = zoneThirdPartner
 	})
 	return l
 }
 func (l *AuthBusinessValidator) EnsureZoneThirdPartnerExist() *AuthBusinessValidator {
 	l.oplist = append(l.oplist, func() {
 		if l.zoneThirdPartner == nil {
 			l.ec = errcode.ErrCodeZoneThirdPartnerNotExist
 			return
 		}
 	})
 	return l
 }
 func (l *AuthBusinessValidator) EnsureZoneCollaboratorCreaterIsZoneThirdPartner(createrMid int64) *AuthBusinessValidator {
 	l.oplist = append(l.oplist, func() {
 		if l.zoneThirdPartner.GetThirdPartnerMid() != createrMid {
 			l.ec = errcode.ErrCodeZoneCollaboratorCreateIsZTPOnlyOperation
 			return
 		}
 	})
 	return l
 }
 // 执行校验
 func (a *AuthBusinessValidator) Validate() *AuthBusinessValidator {
 	a.BusinessValidateStream.Validate()