增加了左侧动态菜单树接口；优化了jwt；

a/joint_test.go

@@ -1 +1,67 @@
 package a
+
+import (
+	"go-iris/web/models"
+	"testing"
+
+	"github.com/go-xorm/xorm"
+	"github.com/kataras/golog"
+)
+
+func TestJoint(t *testing.T)  {
+	url := "root:root@tcp(127.0.0.1:3306)/casbin?charset=utf8"
+	engine, err := xorm.NewEngine("mysql", url)
+	if err != nil {
+		t.Fatal(err.Error())
+	}
+
+	join := make([]models.MenuTreeGroup, 0)
+
+	sql := `
+SELECT
+	m1.id, m1.path, m1.modular, m1.component, m1.icon, m1.name, m1.require_auth,
+	m2.id AS id2,
+	m2.modular AS modular2,
+	m2.component AS component2,
+	m2.icon AS icon2,
+	m2.keep_alive AS keep_alive2,
+	m2.name AS name2,
+	m2.path AS path2,
+	m2.require_auth AS require_auth2
+FROM menu m1, menu m2
+WHERE m1.id = m2.parent_id
+	AND m1.id != 1
+	AND m2.id IN 
+(
+		SELECT rm.mid
+		FROM role_menu rm WHERE rm.rid in
+		(
+			SELECT id FROM casbin_rule 
+			WHERE 
+			v2 <> 'ANY' AND 
+			v0 in 
+			(
+				SELECT v1 FROM casbin_rule WHERE v0=90
+			)
+		)
+)
+AND m2.enabled=true order by m1.id, m2.id
+`
+	engine.SQL(sql).Find(&join)
+	//t.Log(join)
+	parent := join[0].Menu
+	child := make([]models.Children, 0)
+	for _, v := range join {
+		child = append(child, v.Children)
+	}
+
+	parent.Children = child
+	//t.Log("p => ", parent)
+	//for _, v := range child {
+	//	t.Log("c => ", v)
+	//}
+
+	user := new(models.User)
+	i, e := engine.Where("id = ?", 90).Count(user)
+	golog.Info(i, e)
+}

a/mapper.go

@@ -1,4 +1,4 @@
-package models
+package a
 
 import (
 	"fmt"
@@ -9,7 +9,7 @@ import (
 	_ "github.com/go-sql-driver/mysql"
 )
 
-func main()  {
+func Enforce() *casbin.Enforcer {
 	// Initialize a Xorm adapter and use it in a Casbin enforcer:
 	// The adapter will use the MySQL database named "casbins".
 	// If it doesn't exist, the adapter will create it automatically.
@@ -19,9 +19,12 @@ func main()  {
 	// The adapter will use the table named "casbin_rule".
 	// If it doesn't exist, the adapter will create it automatically.
 	// a := xormadapter.NewAdapter("mysql", "mysql_username:mysql_password@tcp(127.0.0.1:3306)/abc", true)
-
 	e := casbin.NewEnforcer("conf/rbac_model.conf", adt)
+	return e
+}
 
+func a1()  {
+	e := Enforce()
 	// Load the policy from DB.
 	e.LoadPolicy()
 
@@ -34,7 +37,7 @@ func main()  {
 	fmt.Println(reflect.TypeOf(e.GetPolicy()))
 
 	// Modify the policy.
-	 e.AddPolicy("alice", "data1", "read")
+	e.AddPolicy("alice", "data1", "read")
 	// e.RemovePolicy(...)
 
 	e.Enforce()
@@ -43,3 +46,12 @@ func main()  {
 	// Save the policy back to DB.
 	e.SavePolicy()
 }
+
+func a2()  {
+	//e := Enforce()
+
+}
+
+func main()  {
+	a2()
+}

a/rbac_test.go

@@ -0,0 +1,202 @@
+package a
+
+import (
+	"testing"
+
+	"github.com/casbin/casbin"
+	"github.com/casbin/casbin/util"
+)
+
+func testGetRoles(t *testing.T, e *casbin.Enforcer, name string, res []string) {
+	t.Helper()
+	myRes := e.GetRolesForUser(name)
+	t.Log("Roles for ", name, ": ", myRes)
+
+	if !util.SetEquals(res, myRes) {
+		t.Error("Roles for ", name, ": ", myRes, ", supposed to be ", res)
+	}
+}
+
+func testGetUsers(t *testing.T, e *casbin.Enforcer, name string, res []string) {
+	t.Helper()
+	myRes := e.GetUsersForRole(name)
+	t.Log("Users for ", name, ": ", myRes)
+
+	if !util.SetEquals(res, myRes) {
+		t.Error("Users for ", name, ": ", myRes, ", supposed to be ", res)
+	}
+}
+
+func testHasRole(t *testing.T, e *casbin.Enforcer, name string, role string, res bool) {
+	t.Helper()
+	myRes := e.HasRoleForUser(name, role)
+	t.Log(name, " has role ", role, ": ", myRes)
+
+	if res != myRes {
+		t.Error(name, " has role ", role, ": ", myRes, ", supposed to be ", res)
+	}
+}
+
+//func TestRoleAPI(t *testing.T) {
+//	e := NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv")
+//
+//	testGetRoles(t, e, "alice", []string{"data2_admin"})
+//	testGetRoles(t, e, "bob", []string{})
+//	testGetRoles(t, e, "data2_admin", []string{})
+//	testGetRoles(t, e, "non_exist", []string{})
+//
+//	testHasRole(t, e, "alice", "data1_admin", false)
+//	testHasRole(t, e, "alice", "data2_admin", true)
+//
+//	e.AddRoleForUser("alice", "data1_admin")
+//
+//	testGetRoles(t, e, "alice", []string{"data1_admin", "data2_admin"})
+//	testGetRoles(t, e, "bob", []string{})
+//	testGetRoles(t, e, "data2_admin", []string{})
+//
+//	e.DeleteRoleForUser("alice", "data1_admin")
+//
+//	testGetRoles(t, e, "alice", []string{"data2_admin"})
+//	testGetRoles(t, e, "bob", []string{})
+//	testGetRoles(t, e, "data2_admin", []string{})
+//
+//	e.DeleteRolesForUser("alice")
+//
+//	testGetRoles(t, e, "alice", []string{})
+//	testGetRoles(t, e, "bob", []string{})
+//	testGetRoles(t, e, "data2_admin", []string{})
+//
+//	e.AddRoleForUser("alice", "data1_admin")
+//	e.DeleteUser("alice")
+//
+//	testGetRoles(t, e, "alice", []string{})
+//	testGetRoles(t, e, "bob", []string{})
+//	testGetRoles(t, e, "data2_admin", []string{})
+//
+//	e.AddRoleForUser("alice", "data2_admin")
+//
+//	testEnforce(t, e, "alice", "data1", "read", true)
+//	testEnforce(t, e, "alice", "data1", "write", false)
+//	testEnforce(t, e, "alice", "data2", "read", true)
+//	testEnforce(t, e, "alice", "data2", "write", true)
+//	testEnforce(t, e, "bob", "data1", "read", false)
+//	testEnforce(t, e, "bob", "data1", "write", false)
+//	testEnforce(t, e, "bob", "data2", "read", false)
+//	testEnforce(t, e, "bob", "data2", "write", true)
+//
+//	e.DeleteRole("data2_admin")
+//
+//	testEnforce(t, e, "alice", "data1", "read", true)
+//	testEnforce(t, e, "alice", "data1", "write", false)
+//	testEnforce(t, e, "alice", "data2", "read", false)
+//	testEnforce(t, e, "alice", "data2", "write", false)
+//	testEnforce(t, e, "bob", "data1", "read", false)
+//	testEnforce(t, e, "bob", "data1", "write", false)
+//	testEnforce(t, e, "bob", "data2", "read", false)
+//	testEnforce(t, e, "bob", "data2", "write", true)
+//}
+
+func testGetPermissions(t *testing.T, e *casbin.Enforcer, name string, res [][]string) {
+	t.Helper()
+	myRes := e.GetPermissionsForUser(name)
+	t.Log("Permissions for ", name, ": ", myRes)
+
+	if !util.Array2DEquals(res, myRes) {
+		t.Error("Permissions for ", name, ": ", myRes, ", supposed to be ", res)
+	}
+}
+
+func testHasPermission(t *testing.T, e *casbin.Enforcer, name string, permission []string, res bool) {
+	t.Helper()
+	myRes := e.HasPermissionForUser(name, permission...)
+	t.Log(name, " has permission ", util.ArrayToString(permission), ": ", myRes)
+
+	if res != myRes {
+		t.Error(name, " has permission ", util.ArrayToString(permission), ": ", myRes, ", supposed to be ", res)
+	}
+}
+
+//func TestPermissionAPI(t *testing.T) {
+//	e := NewEnforcer("examples/basic_without_resources_model.conf", "examples/basic_without_resources_policy.csv")
+//
+//	testEnforceWithoutUsers(t, e, "alice", "read", true)
+//	testEnforceWithoutUsers(t, e, "alice", "write", false)
+//	testEnforceWithoutUsers(t, e, "bob", "read", false)
+//	testEnforceWithoutUsers(t, e, "bob", "write", true)
+//
+//	testGetPermissions(t, e, "alice", [][]string{{"alice", "read"}})
+//	testGetPermissions(t, e, "bob", [][]string{{"bob", "write"}})
+//
+//	testHasPermission(t, e, "alice", []string{"read"}, true)
+//	testHasPermission(t, e, "alice", []string{"write"}, false)
+//	testHasPermission(t, e, "bob", []string{"read"}, false)
+//	testHasPermission(t, e, "bob", []string{"write"}, true)
+//
+//	e.DeletePermission("read")
+//
+//	testEnforceWithoutUsers(t, e, "alice", "read", false)
+//	testEnforceWithoutUsers(t, e, "alice", "write", false)
+//	testEnforceWithoutUsers(t, e, "bob", "read", false)
+//	testEnforceWithoutUsers(t, e, "bob", "write", true)
+//
+//	e.AddPermissionForUser("bob", "read")
+//
+//	testEnforceWithoutUsers(t, e, "alice", "read", false)
+//	testEnforceWithoutUsers(t, e, "alice", "write", false)
+//	testEnforceWithoutUsers(t, e, "bob", "read", true)
+//	testEnforceWithoutUsers(t, e, "bob", "write", true)
+//
+//	e.DeletePermissionForUser("bob", "read")
+//
+//	testEnforceWithoutUsers(t, e, "alice", "read", false)
+//	testEnforceWithoutUsers(t, e, "alice", "write", false)
+//	testEnforceWithoutUsers(t, e, "bob", "read", false)
+//	testEnforceWithoutUsers(t, e, "bob", "write", true)
+//
+//	e.DeletePermissionsForUser("bob")
+//
+//	testEnforceWithoutUsers(t, e, "alice", "read", false)
+//	testEnforceWithoutUsers(t, e, "alice", "write", false)
+//	testEnforceWithoutUsers(t, e, "bob", "read", false)
+//	testEnforceWithoutUsers(t, e, "bob", "write", false)
+//}
+
+func testGetImplicitRoles(t *testing.T, e *casbin.Enforcer, name string, res []string) {
+	t.Helper()
+	myRes := e.GetImplicitRolesForUser(name)
+	t.Log("Implicit roles for ", name, ": ", myRes)
+
+	if !util.ArrayEquals(res, myRes) {
+		t.Error("Implicit roles for ", name, ": ", myRes, ", supposed to be ", res)
+	}
+}
+
+//func TestImplicitRoleAPI(t *testing.T) {
+//	e := NewEnforcer("examples/rbac_model.conf", "examples/rbac_with_hierarchy_policy.csv")
+//
+//	testGetPermissions(t, e, "alice", [][]string{{"alice", "data1", "read"}})
+//	testGetPermissions(t, e, "bob", [][]string{{"bob", "data2", "write"}})
+//
+//	testGetImplicitRoles(t, e, "alice", []string{"admin", "data1_admin", "data2_admin"})
+//	testGetImplicitRoles(t, e, "bob", []string{})
+//}
+
+func testGetImplicitPermissions(t *testing.T, e *casbin.Enforcer, name string, res [][]string) {
+	t.Helper()
+	myRes := e.GetImplicitPermissionsForUser(name)
+	t.Log("Implicit permissions for ", name, ": ", myRes)
+
+	if !util.Array2DEquals(res, myRes) {
+		t.Error("Implicit permissions for ", name, ": ", myRes, ", supposed to be ", res)
+	}
+}
+
+//func TestImplicitPermissionAPI(t *testing.T) {
+//	e := NewEnforcer("examples/rbac_model.conf", "examples/rbac_with_hierarchy_policy.csv")
+//
+//	testGetPermissions(t, e, "alice", [][]string{{"alice", "data1", "read"}})
+//	testGetPermissions(t, e, "bob", [][]string{{"bob", "data2", "write"}})
+//
+//	testGetImplicitPermissions(t, e, "alice", [][]string{{"alice", "data1", "read"}, {"data1_admin", "data1", "read"}, {"data1_admin", "data1", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}})
+//	testGetImplicitPermissions(t, e, "bob", [][]string{{"bob", "data2", "write"}})
+//}