user.go 9.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348
  1. package bo
  2. import (
  3. "scd_check_tools/logger"
  4. "scd_check_tools/models/enum"
  5. "scd_check_tools/tools"
  6. "crypto/md5"
  7. "errors"
  8. "fmt"
  9. "strconv"
  10. "strings"
  11. "time"
  12. "github.com/astaxie/beego/orm"
  13. _ "github.com/astaxie/beego/orm"
  14. )
  15. type T_data_user struct {
  16. Id int `orm:"pk;auto"`
  17. Name string `orm:"size(20)"`
  18. Account string `orm:"size(20)"`
  19. Pwd string `orm:"size(256)"`
  20. PwdExpire string
  21. Mobilephone string
  22. Role int
  23. BindIps string
  24. DatelimitStart string
  25. DatelimitEnd string
  26. Memo string
  27. Createtime string
  28. Createuser int
  29. }
  30. type T_data_user_func struct {
  31. Id int `orm:"pk"`
  32. Userid int
  33. Funccode string
  34. }
  35. func init() {
  36. orm.RegisterModel(new(T_data_user))
  37. orm.RegisterModel(new(T_data_user_func))
  38. }
  39. func OneUser(dataobj T_data_user) T_data_user {
  40. db := orm.NewOrm()
  41. db.Read(&dataobj)
  42. return dataobj
  43. }
  44. func SaveUser(dataobj T_data_user, userinfo map[string]interface{}) (result int64, err error) {
  45. opt := "创建"
  46. if dataobj.Id > 0 {
  47. opt = "编辑"
  48. }
  49. dblog := new(SystemLog)
  50. dblog.SetUserInfo(userinfo)
  51. dblog.Audittype = enum.AuditType_admin_system_user
  52. dblog.Logtype = enum.LogType_Insert
  53. dblog.Eventtype = enum.OptEventType_Bus
  54. dblog.Eventlevel = enum.OptEventLevel_Hight
  55. if dataobj.Account == "admin" {
  56. dblog.Description = opt + "用户失败:帐号admin已存在"
  57. dblog.Fail2()
  58. return 0, errors.New("帐号admin已存在")
  59. }
  60. has, err2 := checkUserAccount(dataobj)
  61. if !has || err2 != nil {
  62. dblog.Description = opt + "用户失败:" + err2.Error()
  63. dblog.Fail2()
  64. return 0, err2
  65. }
  66. o := orm.NewOrm()
  67. var id int64
  68. if dataobj.Id == 0 {
  69. dataobj.Createtime = tools.NowTime()
  70. dataobj.Createuser, _ = strconv.Atoi(tools.IsEmpty(userinfo["userid"]))
  71. id, err = o.Insert(&dataobj)
  72. } else {
  73. id, err = o.Update(&dataobj)
  74. }
  75. if err == nil {
  76. dblog.Description = opt + "用户成功!"
  77. dblog.Success2()
  78. } else {
  79. dblog.Description = opt + "用户失败:" + err.Error()
  80. dblog.Fail2()
  81. logger.Logger.Error(err, fmt.Sprintf("操作数据:%+v", dataobj))
  82. }
  83. return id, err
  84. }
  85. func SavePwd(dataobj T_data_user, userinfo map[string]interface{}) (result int64, err error) {
  86. dblog := new(SystemLog)
  87. dblog.SetUserInfo(userinfo)
  88. dblog.Audittype = enum.AuditType_admin_system_user
  89. dblog.Logtype = enum.LogType_changepassword
  90. dblog.Eventtype = enum.OptEventType_Bus
  91. dblog.Eventlevel = enum.OptEventLevel_Hight
  92. o := orm.NewOrm()
  93. newPwd := dataobj.Pwd
  94. e := o.Read(&dataobj)
  95. if e != nil || e == orm.ErrNoRows {
  96. dblog.Description = fmt.Sprintf("用户%d重置密码失败:%s", dataobj.Id, e.Error())
  97. dblog.Fail2()
  98. return 0, errors.New("无效的用户ID")
  99. }
  100. if len(newPwd) > 32 {
  101. newPwd = tools.OriginalCode(newPwd)
  102. }
  103. has := md5.Sum([]byte(newPwd))
  104. newPwd = fmt.Sprintf("%x", has)
  105. dataobj.Pwd = newPwd
  106. pwd_expire_day, _ := GetSysParamValue("user_pwd_expire_day", "60")
  107. pwd_expire_date := ""
  108. if pwd_expire_day == "0" {
  109. //永不过期
  110. pwd_expire_date = "1970-01-01 00:00:00"
  111. } else {
  112. pwd_expire_dayInt, _ := strconv.Atoi(pwd_expire_day)
  113. pwd_expire_dayInt = pwd_expire_dayInt * 24
  114. d, _ := time.ParseDuration(strconv.Itoa(pwd_expire_dayInt) + "h")
  115. pwd_expire_date = time.Now().Add(d).Format("2006-01-02 15:04:05")
  116. }
  117. dataobj.PwdExpire = pwd_expire_date
  118. var id int64
  119. id, err = o.Update(&dataobj)
  120. if err != nil {
  121. logger.Logger.Error(err)
  122. dblog.Description = fmt.Sprintf("用户%s重置密码失败:%s", dataobj.Name, e.Error())
  123. dblog.Fail2()
  124. return 0, err
  125. }
  126. dblog.Description = fmt.Sprintf("用户重置密码成功|%s", dataobj.Name)
  127. dblog.Success2()
  128. return id, err
  129. }
  130. func AuthUser(account string, pwd string) (result int64, err error) {
  131. var obj = T_data_user{Account: account}
  132. o := orm.NewOrm()
  133. has := o.QueryTable("t_data_user")
  134. has.Filter("account", account).One(&obj)
  135. if obj.Id > 0 {
  136. tmpValuePart := strings.Split(pwd, "0000")
  137. pwdpart := strings.Split(obj.Pwd, "0000")
  138. fmt.Println(pwdpart[1])
  139. fmt.Println(tmpValuePart[1])
  140. if pwdpart[1] == tmpValuePart[1] {
  141. return int64(obj.Id), nil
  142. }
  143. return 0, nil
  144. } else {
  145. //判断是否是管理员
  146. var er2 error
  147. var tmpValue string
  148. tmpValue, er2 = GetSysParamValue("admin_account", "")
  149. if er2 != nil {
  150. return 0, er2
  151. }
  152. if tmpValue == account {
  153. tmpValue, er2 = GetSysParamValue("admin_pwd", "")
  154. if er2 != nil {
  155. return 0, er2
  156. }
  157. tmpValuePart := strings.Split(tmpValue, "0000")
  158. pwdpart := strings.Split(pwd, "0000")
  159. if tmpValuePart[1] == pwdpart[1] {
  160. return 9999, nil
  161. }
  162. }
  163. return 0, er2
  164. }
  165. }
  166. func checkUserAccount(bo T_data_user) (bool, error) {
  167. if tools.IsEmpty(bo.Account) == "" {
  168. return false, errors.New("用户帐号不能为空")
  169. }
  170. o := orm.NewOrm()
  171. sql := "select id from t_data_user where account=?"
  172. var maps []orm.Params
  173. num, err := o.Raw(sql, bo.Account).Values(&maps)
  174. if err != nil {
  175. return false, err
  176. }
  177. if num > 0 {
  178. var oldid = 0
  179. for _, term := range maps {
  180. oldid, _ = strconv.Atoi(term["id"].(string))
  181. }
  182. if bo.Id > 0 && bo.Id != oldid {
  183. return false, errors.New("帐号已存在")
  184. } else if bo.Id == 0 {
  185. return false, errors.New("帐号已存在")
  186. }
  187. }
  188. return true, nil
  189. }
  190. func HasUserName(uname string) (bool, error) {
  191. if tools.IsEmpty(uname) == "" {
  192. return false, errors.New("用户名称不能为空")
  193. }
  194. o := orm.NewOrm()
  195. sql := "select id from t_data_user where name=?"
  196. var maps []orm.Params
  197. _, err := o.Raw(sql, uname).Values(&maps)
  198. if err != nil {
  199. return false, err
  200. }
  201. if len(maps) > 0 {
  202. return true, nil
  203. }
  204. return false, nil
  205. }
  206. func QueryUserList(param map[string]interface{}, dataobj T_data_user, userinfo map[string]interface{}) (data map[string]interface{}, err error) {
  207. o := orm.NewOrm()
  208. var dberr error
  209. var maps = map[string]interface{}{}
  210. querycondtion := param["datatable"].(map[string]interface{})
  211. var paramvalues = []interface{}{}
  212. var sqls = []string{}
  213. sqlcolnum := "select *,(select ifnull(count(0),0) cnt from t_data_user_func b where a.id=b.userid ) privcount FROM t_data_user a WHERE 1=1"
  214. sqltotal := "select count(1) cnt FROM t_data_user WHERE 1=1"
  215. sqls = append(sqls, " and not exist(select 1 from global_const_code where a.role=id and code='role_superadmin')")
  216. if dataobj.Id > 0 {
  217. sqls = append(sqls, " and a.id=?")
  218. paramvalues = append(paramvalues, dataobj.Id)
  219. }
  220. if name, ok2 := querycondtion["name"]; ok2 && tools.IsEmpty(name) != "" {
  221. sqls = append(sqls, " and a.name like like %?%")
  222. paramvalues = append(paramvalues, name)
  223. }
  224. if account, ok3 := querycondtion["account"]; ok3 && tools.IsEmpty(account) != "" {
  225. sqls = append(sqls, " and a.account like %?%")
  226. paramvalues = append(paramvalues, account)
  227. }
  228. limitStr, meta := tools.ParsePaginationToSqlPart(param)
  229. datas := []orm.Params{}
  230. sql := sqlcolnum + strings.Join(sqls, " ") + limitStr
  231. _, dberr = o.Raw(sql, paramvalues).Values(&datas)
  232. dblog := new(SystemLog)
  233. dblog.SetUserInfo(userinfo)
  234. dblog.Audittype = enum.AuditType_admin_system_user
  235. dblog.Logtype = enum.LogType_Query
  236. dblog.Eventtype = enum.OptEventType_Bus
  237. dblog.Eventlevel = enum.OptEventLevel_Low
  238. sqllog := fmt.Sprintf("SQL:%s 参数:%+v", sql, paramvalues)
  239. if dberr != nil {
  240. logger.Logger.Error(dberr)
  241. dblog.Description = sqllog
  242. dblog.Fail2()
  243. return nil, dberr
  244. } else {
  245. dblog.Description = sqllog
  246. dblog.Success2()
  247. }
  248. //查询数据记录数
  249. ts := []orm.Params{}
  250. _, dberr = o.Raw(sqltotal+strings.Join(sqls, " "), paramvalues).Values(&ts)
  251. for _, v := range ts {
  252. meta["total"], _ = strconv.Atoi(v["cnt"].(string))
  253. }
  254. if dberr == nil {
  255. maps["meta"] = meta
  256. if datas == nil || len(datas) == 0 {
  257. maps["data"] = ""
  258. } else {
  259. maps["data"] = datas
  260. }
  261. return maps, nil
  262. }
  263. return nil, dberr
  264. }
  265. func QueryUserPrivList(dataobj T_data_user_func, userinfo map[string]interface{}) (data map[string]interface{}, err error) {
  266. if dataobj.Userid == 0 {
  267. return nil, errors.New("用户ID不能为空")
  268. }
  269. o := orm.NewOrm()
  270. var dberr error
  271. var maps = map[string]interface{}{}
  272. datas := []orm.Params{}
  273. sql := "select a.*,b.name funcname FROM t_data_user_func a,global_const_code b WHERE a.funccode=b.code and b.parentcode='userpriv' and a.userid=? "
  274. _, dberr = o.Raw(sql, dataobj.Userid).Values(&datas)
  275. dblog := new(SystemLog)
  276. dblog.SetUserInfo(userinfo)
  277. dblog.Audittype = enum.AuditType_admin_system_userrole
  278. dblog.Logtype = enum.LogType_Query
  279. dblog.Eventtype = enum.OptEventType_Bus
  280. dblog.Eventlevel = enum.OptEventLevel_Low
  281. sqllog := fmt.Sprintf("SQL:%s 参数:%+v", sql, dataobj)
  282. if dberr != nil {
  283. logger.Logger.Error(dberr)
  284. dblog.Description = sqllog
  285. dblog.Fail2()
  286. return nil, dberr
  287. } else {
  288. dblog.Description = sqllog
  289. dblog.Success2()
  290. maps["data"] = datas
  291. return maps, nil
  292. }
  293. return nil, dberr
  294. }
  295. func SaveUserPrivList(uid int, policyids string, userinfo map[string]interface{}) (result int, err error) {
  296. if uid == 0 {
  297. return 0, errors.New("用户ID不能为空")
  298. }
  299. dblog := new(SystemLog)
  300. dblog.SetUserInfo(userinfo)
  301. dblog.Audittype = enum.AuditType_admin_system_userrole
  302. dblog.Logtype = enum.LogType_Update
  303. dblog.Eventtype = enum.OptEventType_Bus
  304. dblog.Eventlevel = enum.OptEventLevel_Hight
  305. o := orm.NewOrm()
  306. _, err = o.Raw("delete from t_data_user_func where userid=?", uid).Exec()
  307. if err != nil {
  308. dblog.Description = fmt.Sprintf("用户%d权限设置失败:%s", uid, err.Error())
  309. dblog.Fail2()
  310. return 0, err
  311. }
  312. ids := strings.Split(policyids, ",")
  313. dataobj := T_data_user_func{Userid: uid}
  314. for _, code := range ids {
  315. if tools.IsEmpty(code) == "" {
  316. continue
  317. }
  318. dataobj.Funccode = code
  319. newid, err2 := o.Insert(&dataobj)
  320. if err2 != nil {
  321. logger.Logger.Error(err2)
  322. dblog.Description = fmt.Sprintf("用户%d权限设置失败:%s", uid, err2.Error())
  323. dblog.Fail2()
  324. return 0, err2
  325. }
  326. dataobj.Id = int(newid + 1)
  327. }
  328. dblog.Description = fmt.Sprintf("用户%d权限设置成功!", uid)
  329. dblog.Success2()
  330. return dataobj.Id, nil
  331. }