package nginx_controller import ( "errors" "github.com/astaxie/beego/logs" "github.com/astaxie/beego/orm" "nginx-ui/server/base" "nginx-ui/server/middleware" "nginx-ui/server/models" "strconv" ) type BaseController struct { base.Controller } // CheckNginxPermission 从path中获取nginx的参数 func (c *BaseController) CheckNginxPermission() (*models.Nginx, error) { idStr := c.GetParam(":id") id, err := strconv.Atoi(idStr) if err != nil { logs.Warn("strconv.Atoi(idStr) fail", idStr) c.SetCode(-1).SetMsg("请传递正确的参数!").Json() return nil, err } return c.CheckNginxPermissionById(id) } // CheckNginxPermissionById 验证权限,如果无权操作该nginx,返回nil,否则返回 func (c *BaseController) CheckNginxPermissionById(nginxId int) (*models.Nginx, error) { current := c.RequiredUser() if current == nil { middleware.WriteForbidden(c.Ctx.ResponseWriter) return nil, errors.New("当前未登录,无法操作") } if nginxId < 1 { c.SetCode(-1).SetMsg("Nginx ID must gt 0!").Json() return nil, errors.New("nginx ID must gt 0!") } nginx := models.Nginx{Id: nginxId} o := orm.NewOrm() err := o.Read(&nginx) if err != nil { c.ErrorJson(err) return nil, err } if !current.IsAdmin() && current.Account != nginx.Uid { c.Forbidden() return nil, errors.New("forbidden") } return &nginx, nil }