manta/gofaster/backend/internal/shared/middleware/permission_middleware.go

package middleware

import (
	"net/http"

	"gofaster/internal/auth/repository"

	"github.com/gin-gonic/gin"
	"gorm.io/gorm"
)

var permRepo *repository.PermissionRepo

// 初始化权限仓库(可以在main.go中调用)
func InitPermissionMiddleware(db *gorm.DB) {
	permRepo = repository.NewPermissionRepo(db)
}

func PermissionMiddleware(permission string) gin.HandlerFunc {
	return func(c *gin.Context) {
		userID, exists := c.Get("user_id")
		if !exists {
			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "未认证"})
			return
		}

		// 检查用户是否有该权限
		hasPerm := permRepo.CheckUserPermission(userID.(uint), permission)
		if !hasPerm {
			c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "没有权限"})
			return
		}

		c.Next()
	}
}
new create 1 month ago			`package middleware`

			`import (`
			`"net/http"`

模块化 1 month ago			`"gofaster/internal/auth/repository"`
初步编译通过 1 month ago
new create 1 month ago			`"github.com/gin-gonic/gin"`
初步编译通过 1 month ago			`"gorm.io/gorm"`
new create 1 month ago			`)`

初步编译通过 1 month ago			`var permRepo *repository.PermissionRepo`

			`// 初始化权限仓库(可以在main.go中调用)`
			`func InitPermissionMiddleware(db *gorm.DB) {`
			`permRepo = repository.NewPermissionRepo(db)`
			`}`

new create 1 month ago			`func PermissionMiddleware(permission string) gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`userID, exists := c.Get("user_id")`
			`if !exists {`
			`c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "未认证"})`
			`return`
			`}`

			`// 检查用户是否有该权限`
初步编译通过 1 month ago			`hasPerm := permRepo.CheckUserPermission(userID.(uint), permission)`
new create 1 month ago			`if !hasPerm {`
			`c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "没有权限"})`
			`return`
			`}`

			`c.Next()`
			`}`
			`}`