整体优化完善接口与数据权限检查

web/auth/check.go

@@ -2,6 +2,7 @@ package auth
 
 import (
 	m "platform/web/models"
+	"strings"
 
 	"github.com/gofiber/fiber/v2"
 )
@@ -12,7 +13,6 @@ type AuthCtx struct {
 	Client  *m.Client  `json:"client,omitempty"`
 	Scopes  []string   `json:"scopes,omitempty"`
 	Session *m.Session `json:"session,omitempty"`
-	smap    map[string]struct{}
 }
 
 func (a *AuthCtx) PermitUser(scopes ...string) (*AuthCtx, error) {
@@ -68,15 +68,11 @@ func (a *AuthCtx) checkScopes(scopes ...string) bool {
 	if len(scopes) == 0 || len(a.Scopes) == 0 {
 		return true
 	}
-	if len(a.smap) == 0 && len(a.Scopes) > 0 {
-		a.smap = make(map[string]struct{}, len(a.Scopes))
-		for _, scope := range a.Scopes {
-			a.smap[scope] = struct{}{}
-		}
-	}
 	for _, scope := range scopes {
-		if _, ok := a.smap[scope]; ok {
-			return true
+		for _, prefix := range a.Scopes {
+			if strings.HasPrefix(scope, prefix) {
+				return true
+			}
 		}
 	}
 	return false