67 lines
1.7 KiB
JavaScript
67 lines
1.7 KiB
JavaScript
|
/**
|
||
|
|
* 操作日志权限检查中间件
|
||
|
|
* @file operationLogAuth.js
|
||
|
|
* @description 检查用户是否有操作日志访问权限
|
||
|
|
*/
|
||
|
|
const { User, Role, Permission } = require('../models');
|
||
|
|
|
||
|
|
/**
|
||
|
|
* 检查操作日志权限的中间件
|
||
|
|
* @param {Object} req - 请求对象
|
||
|
|
* @param {Object} res - 响应对象
|
||
|
|
* @param {Function} next - 下一步函数
|
||
|
|
*/
|
||
|
|
const checkOperationLogPermission = async (req, res, next) => {
|
||
|
|
try {
|
||
|
|
const userId = req.user.id;
|
||
|
|
|
||
|
|
// 查询用户及其角色和权限
|
||
|
|
const user = await User.findByPk(userId, {
|
||
|
|
include: [{
|
||
|
|
model: Role,
|
||
|
|
as: 'role',
|
||
|
|
include: [{
|
||
|
|
model: Permission,
|
||
|
|
as: 'permissions',
|
||
|
|
through: { attributes: [] },
|
||
|
|
attributes: ['permission_key']
|
||
|
|
}]
|
||
|
|
}]
|
||
|
|
});
|
||
|
|
|
||
|
|
if (!user || !user.role) {
|
||
|
|
return res.status(403).json({
|
||
|
|
success: false,
|
||
|
|
message: '用户角色信息不存在'
|
||
|
|
});
|
||
|
|
}
|
||
|
|
|
||
|
|
// 获取用户权限列表
|
||
|
|
const userPermissions = user.role.permissions
|
||
|
|
? user.role.permissions.map(p => p.permission_key)
|
||
|
|
: [];
|
||
|
|
|
||
|
|
// 检查是否有操作日志查看权限
|
||
|
|
if (!userPermissions.includes('operation_log:view')) {
|
||
|
|
return res.status(403).json({
|
||
|
|
success: false,
|
||
|
|
message: '权限不足,无法访问操作日志'
|
||
|
|
});
|
||
|
|
}
|
||
|
|
|
||
|
|
// 将权限信息添加到请求对象中
|
||
|
|
req.user.permissions = userPermissions;
|
||
|
|
next();
|
||
|
|
} catch (error) {
|
||
|
|
console.error('操作日志权限检查失败:', error);
|
||
|
|
return res.status(500).json({
|
||
|
|
success: false,
|
||
|
|
message: '权限检查失败'
|
||
|
|
});
|
||
|
|
}
|
||
|
|
};
|
||
|
|
|
||
|
|
module.exports = {
|
||
|
|
checkOperationLogPermission
|
||
|
|
};
|