权限管理接口实现

2026-03-18 18:09:32 +08:00
parent 9d996acf5f
commit bb895eccdf
44 changed files with 1958 additions and 161 deletions
--- a/web/auth/account.go
+++ b/web/auth/account.go
@@ -17,6 +17,7 @@ func authClient(clientId string, clientSecrets ...string) (*m.Client, error) {

 	// 获取客户端信息
 	client, err := q.Client.
+		Preload(q.Client.Permissions).
 		Where(
 			q.Client.ClientID.Eq(clientId),
 			q.Client.Status.Eq(1)).
@@ -36,8 +37,6 @@ func authClient(clientId string, clientSecrets ...string) (*m.Client, error) {
 		}
 	}

-	// todo 查询客户端关联权限
-
 	// 组织授权信息（一次性请求）
 	return client, nil
 }
@@ -154,3 +153,33 @@ func authAdminByPassword(tx *q.Query, username, password string) (*m.Admin, erro

 	return admin, nil
 }
+
+func adminScopes(admin *m.Admin) ([]string, error) {
+	count, err := q.Admin.
+		LeftJoin(q.LinkAdminRole, q.LinkAdminRole.AdminID.EqCol(q.Admin.ID)).
+		LeftJoin(q.LinkAdminRolePermission, q.LinkAdminRolePermission.RoleID.EqCol(q.LinkAdminRole.RoleID)).
+		LeftJoin(q.Permission, q.Permission.ID.EqCol(q.LinkAdminRolePermission.PermissionID)).
+		Where(q.Admin.ID.Eq(admin.ID)).
+		Select(q.Permission.Name).
+		Count()
+	if err != nil {
+		return nil, err
+	}
+	if count == 0 {
+		return nil, nil
+	}
+
+	scopes := make([]string, 0, count)
+	err = q.Admin.
+		LeftJoin(q.LinkAdminRole, q.LinkAdminRole.AdminID.EqCol(q.Admin.ID)).
+		LeftJoin(q.LinkAdminRolePermission, q.LinkAdminRolePermission.RoleID.EqCol(q.LinkAdminRole.RoleID)).
+		LeftJoin(q.Permission, q.Permission.ID.EqCol(q.LinkAdminRolePermission.PermissionID)).
+		Where(q.Admin.ID.Eq(admin.ID)).
+		Select(q.Permission.Name).
+		Scan(&scopes)
+	if err != nil {
+		return nil, err
+	}
+
+	return scopes, nil
+}