feat: 优化鉴权

2026-01-25 14:34:46 +00:00 · 2020-06-04 15:36:53 +08:00
parent ff39a2a19a
commit 154d118949
5 changed files with 28 additions and 17 deletions
--- a/src/layout/components/NavHeader/AccountDropdown.vue
+++ b/src/layout/components/NavHeader/AccountDropdown.vue
@@ -42,8 +42,9 @@ export default {
  },
  computed: {
    isInAdminRole() {
-      console.log(this.currentRole)
-      return (this.currentRole & rolec.PERM_ADMIN) === rolec.PERM_ADMIN
+      const inAdmin = rolec.hasPerm(this.currentRole, rolec.PERM_ADMIN)
+      this.$log.debug('Current in admin role: ', inAdmin)
+      return inAdmin
    },
    hasAdminRole() {
      return this.currentOrgRoles.includes('Admin')
@@ -54,9 +55,6 @@ export default {
      'currentOrgRoles'
    ])
  },
-  mounted() {
-    console.log('Roles: ', this.currentOrgRoles)
-  },
  methods: {
    handleClick(val) {
      switch (val) {
--- a/src/store/modules/permission.js
+++ b/src/store/modules/permission.js
@@ -13,9 +13,7 @@ function hasPermission(roles, route) {
  if (!requirePerms) {
    requirePerms = [rolec.PERM_ADMIN]
  }
-  const requirePermsSum = rolec.sumPerms(requirePerms)
-  const userRolesSum = rolec.sumPerms(roles)
-  const has = (requirePermsSum & userRolesSum) === requirePermsSum
+  const has = rolec.hasPerm(roles, requirePerms)
  // console.log('Has route permission: ', route.path, requirePermsSum, userRolesSum, ' => ', has, roles)
  return has
 }
--- a/src/store/modules/users.js
+++ b/src/store/modules/users.js
@@ -71,7 +71,7 @@ const actions = {
  // get user Profile
  getProfile({ commit, state }, refresh = false) {
    return new Promise((resolve, reject) => {
-      if (!refresh && state.profile && state.profile.length > 0) {
+      if (!refresh && state.profile && Object.keys(state.profile).length > 0) {
        resolve(state.profile)
        return
      }
--- a/src/utils/role.js
+++ b/src/utils/role.js
@@ -73,6 +73,18 @@ export function getAdminOrUserPageRole(allRoles, page) {
  return allRoles[1]
 }

+export function hasPerm(source, target) {
+  if (typeof source !== 'object') {
+    source = [source]
+  }
+  if (typeof target !== 'object') {
+    target = [target]
+  }
+  const totalSource = sumPerms(source)
+  const totalTarget = sumPerms(target)
+  return (totalTarget & totalSource) === totalTarget
+}
+
 export function sumPerms(perms) {
  let sum = 0
  for (const perm of perms) {
@@ -86,5 +98,5 @@ export default {
  SUPER_ADMIN, SUPER_AUDITOR, ORG_ADMIN, ORG_AUDITOR,
  USER, ANON,
  getRolesDisplay, getPermsToRolesDisplay, getAdminOrUserPageRole,
-  parseUserRoles, sumPerms
+  parseUserRoles, sumPerms, hasPerm
 }
--- a/src/utils/startup.js
+++ b/src/utils/startup.js
@@ -106,15 +106,18 @@ function cleanCurrentRole(allRoles) {
  let currentRole = store.getters.currentRole
  // 没有的话就应该选择一个

-  console.log('Curernt ROle', currentRole)
+  // console.log('Curernt Role', currentRole)
  if (!currentRole && typeof currentRole !== 'number') {
    currentRole = rolec.getAdminOrUserPageRole(allRoles)
-    console.log('1')
-  } else {
-    console.log('2')
-    if ((currentRole & rolec.sumPerms(allRoles)) !== currentRole) {
-      currentRole = rolec.getAdminOrUserPageRole(allRoles)
-    }
+  }
+  const hasAudit = rolec.hasPerm(currentRole, rolec.PERM_AUDIT)
+  const hasAdmin = rolec.hasPerm(allRoles, rolec.PERM_ADMIN)
+  // 这代表上次用户登录了auditor，这次切换了
+  if (hasAudit && hasAdmin) {
+    currentRole = rolec.getAdminOrUserPageRole(allRoles)
+  }
+  if (!rolec.hasPerm(allRoles, currentRole)) {
+    currentRole = rolec.getAdminOrUserPageRole(allRoles)
  }
  store.dispatch('users/setCurrentRole', currentRole)
  return [currentRole]