From 4daf0a15ba379cf9c3815da970854b323f43ee8f Mon Sep 17 00:00:00 2001 From: ouqiang Date: Sun, 1 Oct 2017 22:53:22 +0800 Subject: [PATCH] =?UTF-8?q?feat($permission):=20=E5=A2=9E=E5=8A=A0?= =?UTF-8?q?=E8=B4=A6=E6=88=B7=E6=9D=83=E9=99=90=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Close #12 --- gocron-node.go | 2 +- routers/routers.go | 29 ++++++++++++++++++++++ templates/common/header.html | 4 +-- templates/host/index.html | 8 +++++- templates/task/index.html | 48 ++++++++++++++++++++++-------------- templates/task/log.html | 2 ++ 6 files changed, 70 insertions(+), 23 deletions(-) diff --git a/gocron-node.go b/gocron-node.go index c751f0d..c53c9f0 100644 --- a/gocron-node.go +++ b/gocron-node.go @@ -14,7 +14,7 @@ import ( "strings" ) -const AppVersion = "1.2.2" +const AppVersion = "1.3" func main() { var serverAddr string diff --git a/routers/routers.go b/routers/routers.go index a27eff9..3bfa014 100644 --- a/routers/routers.go +++ b/routers/routers.go @@ -171,6 +171,7 @@ func RegisterMiddleware(m *macaron.Macaron) { if app.Installed { ipAuth(ctx) userAuth(ctx, sess) + urlAuth(ctx, sess) setShareData(ctx, sess) } }) @@ -224,6 +225,33 @@ func userAuth(ctx *macaron.Context, sess session.Store) { } } +// URL权限验证 +func urlAuth(ctx *macaron.Context, sess session.Store) { + if user.IsAdmin(sess) { + return + } + // 普通用户允许访问的URL地址 + allowPaths := []string{ + "", + "/task", + "/task/log", + "/host", + "/user/login", + "/user/logout", + "/user/editMyPassword", + } + uri := strings.TrimSpace(ctx.Req.URL.Path) + uri = strings.TrimRight(uri, "/") + for _, path := range allowPaths { + if path == uri { + return + } + } + + ctx.Status(403) + +} + /** 设置共享数据 **/ func setShareData(ctx *macaron.Context, sess session.Store) { ctx.Data["URI"] = ctx.Req.URL.Path @@ -239,6 +267,7 @@ func setShareData(ctx *macaron.Context, sess session.Store) { } ctx.Data["LoginUsername"] = user.Username(sess) ctx.Data["LoginUid"] = user.Uid(sess) + ctx.Data["IsAdmin"] = user.IsAdmin(sess) ctx.Data["AppName"] = app.Setting.AppName } diff --git a/templates/common/header.html b/templates/common/header.html index d82f842..af6e849 100644 --- a/templates/common/header.html +++ b/templates/common/header.html @@ -62,9 +62,9 @@
任务 任务节点 + {{{if .IsAdmin}}} 用户管理 - {{{if gt .LoginUid 0}}} - 管理 + 系统管理 {{{end}}}
diff --git a/templates/host/index.html b/templates/host/index.html index 6505ac7..5056f77 100644 --- a/templates/host/index.html +++ b/templates/host/index.html @@ -4,7 +4,8 @@ {{{ template "host/menu" . }}}
-
+ {{{if .IsAdmin}}} +

@@ -16,6 +17,7 @@

+ {{{end}}}
@@ -49,11 +51,15 @@ {{{.Port}}} {{{.Remark}}} + {{{if $.IsAdmin}}} 编辑
+ {{{end}}}
+ {{{if $.IsAdmin}}} + {{{end}}}
diff --git a/templates/task/index.html b/templates/task/index.html index 949fe4a..46bbe7b 100644 --- a/templates/task/index.html +++ b/templates/task/index.html @@ -2,7 +2,8 @@
{{{template "task/menu" .}}}
-
+ {{{if .IsAdmin}}} +

@@ -14,6 +15,7 @@

+ {{{end}}}
@@ -54,21 +56,25 @@
-
- -
+ {{{if .IsAdmin}}} +
+ +
+ {{{end}}}
- + {{{if .IsAdmin}}} + + {{{end}}} @@ -86,12 +92,14 @@ {{{range $i, $v := .Tasks}}} - + {{{if $.IsAdmin}}} + + {{{end}}} @@ -113,7 +121,7 @@ diff --git a/templates/task/log.html b/templates/task/log.html index 9f8a09c..d9f7fbf 100644 --- a/templates/task/log.html +++ b/templates/task/log.html @@ -13,6 +13,7 @@ {{{ template "task/menu" . }}}
+ {{{if .IsAdmin}}}

@@ -22,6 +23,7 @@

+ {{{end}}}
- - + + 任务ID 任务名称 任务类型
- - + + {{{.Id}}} {{{.Name}}} {{{if eq .Level 1}}}主任务{{{else}}}子任务{{{end}}}
- + {{{if $.IsAdmin}}}      {{{if eq .Level 1}}} {{{if eq .Status 1}}} @@ -124,6 +132,8 @@ {{{end}}}    + {{{end}}} +