casbin相关操作修改为事务

2023-11-19 11:50:30 +08:00
parent 5ef0e43312
commit e1ca17637f
5 changed files with 60 additions and 100 deletions
--- a/server/service/system/sys_casbin.go
+++ b/server/service/system/sys_casbin.go
@@ -96,6 +96,55 @@ func (casbinService *CasbinService) ClearCasbin(v int, p ...string) bool {
 	return success
 }

+//@author: [piexlmax](https://github.com/piexlmax)
+//@function: RemoveFilteredPolicy
+//@description: 使用数据库方法清理筛选的politicy 此方法需要调用FreshCasbin方法才可以在系统中即刻生效
+//@param: db *gorm.DB, authorityId string
+//@return: error
+
+func (casbinService *CasbinService) RemoveFilteredPolicy(db *gorm.DB, authorityId string) error {
+	return db.Delete(&gormadapter.CasbinRule{}, "v0 = ?", authorityId).Error
+}
+
+//@author: [piexlmax](https://github.com/piexlmax)
+//@function: RemoveFilteredPolicy
+//@description: 同步目前数据库的policy 此方法需要调用FreshCasbin方法才可以在系统中即刻生效
+//@param: db *gorm.DB, authorityId string, rules [][]string
+//@return: error
+
+func (casbinService *CasbinService) SyncPolicy(db *gorm.DB, authorityId string, rules [][]string) error {
+	err := casbinService.RemoveFilteredPolicy(db, authorityId)
+	if err != nil {
+		return err
+	}
+	return casbinService.AddPolicies(db, rules)
+}
+
+//@author: [piexlmax](https://github.com/piexlmax)
+//@function: ClearCasbin
+//@description: 清除匹配的权限
+//@param: v int, p ...string
+//@return: bool
+
+func (casbinService *CasbinService) AddPolicies(db *gorm.DB, rules [][]string) error {
+	var casbinRules []gormadapter.CasbinRule
+	for i := range rules {
+		casbinRules = append(casbinRules, gormadapter.CasbinRule{
+			Ptype: "p",
+			V0:    rules[i][0],
+			V1:    rules[i][1],
+			V2:    rules[i][2],
+		})
+	}
+	return db.Create(&casbinRules).Error
+}
+
+func (CasbinService *CasbinService) FreshCasbin() (err error) {
+	e := CasbinService.Casbin()
+	err = e.LoadPolicy()
+	return err
+}
+
 //@author: [piexlmax](https://github.com/piexlmax)
 //@function: Casbin
 //@description: 持久化到数据库  引入自定义规则
@@ -140,48 +189,3 @@ func (casbinService *CasbinService) Casbin() *casbin.SyncedCachedEnforcer {
 	})
 	return syncedCachedEnforcer
 }
-
-func (casbinService *CasbinService) CasbinWithDB(db *gorm.DB) (*casbin.SyncedEnforcer, error) {
-	var a *gormadapter.Adapter
-	var m model.Model
-	var s *casbin.SyncedEnforcer
-	var err error
-	var text = `
-			[request_definition]
-			r = sub, obj, act
-			
-			[policy_definition]
-			p = sub, obj, act
-			
-			[role_definition]
-			g = _, _
-			
-			[policy_effect]
-			e = some(where (p.eft == allow))
-			
-			[matchers]
-			m = r.sub == p.sub && keyMatch2(r.obj,p.obj) && r.act == p.act
-			`
-
-	if a, err = gormadapter.NewAdapterByDB(db); err != nil {
-		zap.L().Error("适配数据库失败请检查casbin表是否为InnoDB引擎!", zap.Error(err))
-		return nil, err
-	}
-
-	if m, err = model.NewModelFromString(text); err != nil {
-		zap.L().Error("字符串加载模型失败!", zap.Error(err))
-		return nil, err
-	}
-
-	if s, err = casbin.NewSyncedEnforcer(m, a); err != nil {
-		zap.L().Error("通过文件或 DB 创建执行器失败!", zap.Error(err))
-		return nil, err
-	}
-
-	if err = s.LoadPolicy(); err != nil {
-		zap.L().Error("从持久层中加载policy规则失败!", zap.Error(err))
-		return nil, err
-	}
-
-	return s, nil
-}