diff --git a/src/admin.server.ts b/src/admin.server.ts index 5d91150..d22e0d6 100644 --- a/src/admin.server.ts +++ b/src/admin.server.ts @@ -56,6 +56,7 @@ export class AdminServer { preValidation: async function (request: FastifyRequest, reply: FastifyReply) { request.roles = config.roles; request.permissions = config.permissions; + request.depts = config.depts; await this.zAuth(request, reply); } }, controller); diff --git a/src/admin/controllers/permission.controller.ts b/src/admin/controllers/permission.controller.ts index e87100f..2d85c44 100644 --- a/src/admin/controllers/permission.controller.ts +++ b/src/admin/controllers/permission.controller.ts @@ -2,22 +2,26 @@ import BaseController from '../../common/base.controller' import { permission, router } from '../../decorators/router' import { ZError } from '../../common/ZError' import { AdminPermission } from '../../models/admin/AdminPermission' -import { AdminRole } from '../../models/admin/AdminRole' class PermissionController extends BaseController { @permission('permission:update') @router('post /permission') async saveRole(req) { const { datas } = req.params - for (let data of datas) { - const record = (await AdminPermission.findOrCreate({_id: data._id})).doc; + for (let i = 0, len = datas.length; i < len; i++) { + const data = datas[i] + const record = (await AdminPermission.findOrCreate({ _id: data._id })).doc; record.name = data.name record.actions = data.actions + record.sort = i await record.save() } - return {} + let ids = datas.map(o => o._id) + const result = await AdminPermission.deleteMany({ _id: { $nin: ids }, show: true }) + return {deleteCount: result.deletedCount, saveCount: datas.length} } + @permission('permission:read') // @role('sysadmin') @router('get /permissions') @@ -27,7 +31,7 @@ class PermissionController extends BaseController { if (!user.isSysAdmin()) { queryData.show = true } - const records = await AdminPermission.find(queryData) + const records = await AdminPermission.find(queryData).sort({sort: 1}) return records.map(o => o.toJson()) } diff --git a/src/decorators/router.ts b/src/decorators/router.ts index cba3ecb..ac4f459 100644 --- a/src/decorators/router.ts +++ b/src/decorators/router.ts @@ -12,6 +12,7 @@ export class RouterMap { roles?: string[], permissions?: string[][], data?: RouterData[] + depts?: string[] }> = new Map() } @@ -108,3 +109,31 @@ export function permission(permissions?: string | string[]) { } } } + +/** + * 有dept修饰器的, 需要验证部门id是否存在 + */ +export function dept(depts?: string | string[]) { + return (target: BaseController, name: string, value: PropertyDescriptor) => { + let deptList: string[] = [] + if (depts) { + if (Array.isArray(depts)) { + deptList = depts + } else { + deptList = [depts] + } + } + // @ts-ignore + const key = target[name] + let deptObj = { depts: deptList } + if (RouterMap.decoratedRouters.has(key)) { + let objCurrent = RouterMap.decoratedRouters.get(key) + Object.assign(objCurrent, deptObj) + // @ts-ignore + RouterMap.decoratedRouters.set(target[name], objCurrent) + } else { + // @ts-ignore + RouterMap.decoratedRouters.set(target[name], deptObj) + } + } +} diff --git a/src/models/admin/AdminPermission.ts b/src/models/admin/AdminPermission.ts index f2d402c..d91e6ce 100644 --- a/src/models/admin/AdminPermission.ts +++ b/src/models/admin/AdminPermission.ts @@ -1,4 +1,3 @@ - import { getModelForClass, index, @@ -9,30 +8,40 @@ import { dbconn } from 'decorators/dbconn' import { BaseModule } from '../Base' @dbconn() -@index({ name: 1, action: 1 }, { unique: true }) -@modelOptions({schemaOptions: {collection: "admin_permission", _id: false, timestamps: true}}) -export class AdminPermissionClass extends BaseModule{ +@modelOptions({ + schemaOptions: { + collection: 'admin_permission', + _id: false, + timestamps: true + } +}) +export class AdminPermissionClass extends BaseModule { @prop() - public _id: string; + public _id: string @prop() - public name: string; + public name: string @prop() - public actions: string[]; + public actions: string[] @prop() - public comment?: string; + public comment?: string - @prop({default: true}) + @prop({default: 999}) + public sort: number + + @prop({ default: true }) public show: boolean public toJson() { return { id: this._id, label: this.name, - children: this.actions.map(o=>{return {id: `${this._id}:${o}`, label: o}}), + children: this.actions.map(o => { + return { id: `${ this._id }:${ o }`, label: o } + }), comment: this.comment } } @@ -40,4 +49,4 @@ export class AdminPermissionClass extends BaseModule{ } -export const AdminPermission = getModelForClass(AdminPermissionClass, {existingConnection: AdminPermissionClass.db}); +export const AdminPermission = getModelForClass(AdminPermissionClass, { existingConnection: AdminPermissionClass.db }) diff --git a/src/plugins/zauth.ts b/src/plugins/zauth.ts index 6497c49..9a8a72e 100644 --- a/src/plugins/zauth.ts +++ b/src/plugins/zauth.ts @@ -14,7 +14,6 @@ declare module 'fastify' { interface FastifyRequest { jwtVerify: Function; - permissions?: string[][]; } } diff --git a/typings/extend.d.ts b/typings/extend.d.ts index 1828416..f29352f 100644 --- a/typings/extend.d.ts +++ b/typings/extend.d.ts @@ -4,6 +4,8 @@ declare module 'fastify' { interface FastifyRequest{ roles?: string[], user?: any, - token?: string + token?: string, + permissions?: string[][], + depts?: string[] } }