角色添加、修改，权限分配，权限过滤。

app/controller/admin/auth.go

@@ -1,12 +1,16 @@
 package admin
 
 import (
+	"fmt"
 	"gfast/app/model/auth_rule"
+	"gfast/app/model/role"
 	"gfast/app/service/auth_service"
+	"gfast/app/service/casbin_adapter_service"
 	"gfast/library/response"
 	"gfast/library/utils"
 	"github.com/gogf/gf/frame/g"
 	"github.com/gogf/gf/net/ghttp"
+	"github.com/gogf/gf/text/gstr"
 	"github.com/gogf/gf/util/gconv"
 	"github.com/gogf/gf/util/gvalid"
 )
@@ -100,39 +104,92 @@ func (c *Auth) DeleteMenu(r *ghttp.Request) {
 	response.SusJson(true, r, "删除成功")
 }
 
-//添加用户组
-func (c *Auth) AddGroup(r *ghttp.Request) {
+//角色列表
+func (c *Auth) RoleList(r *ghttp.Request) {
+	//获取角色列表
+
+}
+
+//添加角色
+func (c *Auth) AddRole(r *ghttp.Request) {
 	//添加操作
 	if r.Method == "POST" {
-		/*enforcer,err:=casbin_adapter_service.GetEnforcer()
-		if err!=nil{
-			g.Log().Error(err.Error())
-			response.FailJson(true, r, "权限适配器获取失败")
-		}
-		ss:=enforcer.GetPolicy()*/
 		//获取表单提交的数据
 		res := r.GetFormMap()
-		//添加角色获取添加的id
 		tx, err := g.DB("default").Begin() //开启事务
 		if err != nil {
 			g.Log().Error(err)
 			response.FailJson(true, r, "事务处理失败")
 		}
 		//插入角色
+		//添加角色获取添加的id
 		insertId, err := auth_service.AddRole(tx, res)
 		if err != nil {
 			tx.Rollback() //回滚
 			response.FailJson(true, r, err.Error())
 		}
 		//添加角色权限
-		err = auth_service.AddRoleRule(tx, res["rule"], insertId)
+		err = auth_service.AddRoleRule(res["rule"], insertId)
+		if err != nil {
+			tx.Rollback() //回滚
+			g.Log().Error(err.Error())
+			response.FailJson(true, r, "添加用户组失败")
+		}
+		tx.Commit()
+		response.SusJson(true, r, "添加用户组成功")
+	}
+	//获取父级组
+	err, pList := auth_service.GetRoleList("")
+	if err != nil {
+		g.Log().Error(err)
+		response.FailJson(true, r, "获取父级数据失败")
+	}
+	pList = utils.ParentSonSort(pList, 0, 0, "parent_id", "id", "flg", "name")
+	//获取菜单信息
+	err, mList := auth_service.GetMenuList("")
+	if err != nil {
+		g.Log().Error(err)
+		response.FailJson(true, r, "获取菜单数据失败")
+	}
+	mList = utils.PushSonToParent(mList)
+	res := g.Map{
+		"parentList": pList,
+		"menuList":   mList,
+	}
+	response.SusJson(true, r, "成功", res)
+}
+
+//修改角色
+func (c *Auth) EditRole(r *ghttp.Request) {
+	id := r.GetRequestInt64("id")
+	if r.Method == "POST" {
+		//获取表单提交的数据
+		res := r.GetFormMap()
+		tx, err := g.DB("default").Begin() //开启事务
+		if err != nil {
+			g.Log().Error(err)
+			response.FailJson(true, r, "事务处理失败")
+		}
+		//修改角色信息
+		err = auth_service.EditRole(tx, res)
+		if err != nil {
+			tx.Rollback() //回滚
+			response.FailJson(true, r, err.Error())
+		}
+		//添加角色权限
+		err = auth_service.EditRoleRule(res["rule"], id)
 		if err != nil {
 			tx.Rollback() //回滚
 			g.Log().Error(err.Error())
 			response.FailJson(true, r, "添加用户组失败")
 		}
 		tx.Commit()
-		response.SusJson(true, r, "添加用户组成功", insertId, res)
+		response.SusJson(true, r, "修改用户组成功")
+	}
+	//获取角色信息
+	role, err := role.Model.Where("id=?", id).One()
+	if err != nil {
+		response.FailJson(true, r, "获取角色数据失败")
 	}
 	//获取父级组
 	err, pList := auth_service.GetRoleList("")
@@ -147,10 +204,32 @@ func (c *Auth) AddGroup(r *ghttp.Request) {
 		g.Log().Error(err)
 		response.FailJson(true, r, "获取菜单数据失败")
 	}
+	//获取角色关联的菜单规则
+	enforcer, err := casbin_adapter_service.GetEnforcer()
+	if err != nil {
+		g.Log().Error(err)
+		response.FailJson(true, r, "获取权限处理器失败")
+	}
+	gp := enforcer.GetFilteredNamedPolicy("p", 0, fmt.Sprintf("g_%d", id))
+	g.Log().Debug(gp)
+	gpMap := map[int64]int64{}
+	for _, v := range gp {
+		gpMap[gconv.Int64(gstr.SubStr(v[1], 2))] = gconv.Int64(gstr.SubStr(v[1], 2))
+	}
+	//关联选中的权限
+	for k, v := range mList {
+		if _, has := gpMap[gconv.Int64(v["id"])]; has {
+			v["isChecked"] = true
+		} else {
+			v["isChecked"] = false
+		}
+		mList[k] = v
+	}
 	mList = utils.PushSonToParent(mList)
 	res := g.Map{
 		"parentList": pList,
 		"menuList":   mList,
+		"role":       role,
 	}
 	response.SusJson(true, r, "成功", res)
 }

app/service/auth_service/auth_rule.go

@@ -2,8 +2,11 @@ package auth_service
 
 import (
 	"database/sql"
+	"errors"
+	"fmt"
 	"gfast/app/model/auth_rule"
 	"gfast/app/model/role"
+	"gfast/app/service/casbin_adapter_service"
 	"github.com/gogf/gf/database/gdb"
 	"github.com/gogf/gf/errors/gerror"
 	"github.com/gogf/gf/frame/g"
@@ -115,10 +118,74 @@ func AddRole(tx *gdb.TX, data map[string]interface{}) (InsId int64, err error) {
 	return
 }
 
-func AddRoleRule(tx *gdb.TX, iRule interface{}, roleId int64) (err error) {
+//添加角色授权规则
+func AddRoleRule(iRule interface{}, roleId int64) (err error) {
+	enforcer, e := casbin_adapter_service.GetEnforcer()
+	if e != nil {
+		err = e
+		return
+	}
+	rule := iRule.([]interface{})
+	for _, v := range rule {
+		_, err = enforcer.AddPolicy(fmt.Sprintf("g_%d", roleId), fmt.Sprintf("r_%s", v), "All")
+		if err != nil {
+			return
+		}
+	}
+	return
+}
+
+//修改角色信息操作
+func EditRole(tx *gdb.TX, data map[string]interface{}) (err error) {
+	if _, k := data["id"]; !k {
+		err = errors.New("缺少更新条件Id")
+		return
+	}
+	if e := checkRoleData(data); e != nil {
+		err = gerror.New(e.(*gvalid.Error).FirstString())
+		return
+	}
+	//保存角色信息
+	now := gtime.Timestamp()
+	roleMap := gdb.Map{
+		"id":          data["id"],
+		"parent_id":   data["parent_id"],
+		"status":      data["status"],
+		"name":        data["name"],
+		"update_time": now,
+		"list_order":  data["list_order"],
+		"remark":      data["remark"],
+	}
+	_, err = tx.Table(role.Table).Data(roleMap).Save()
+	if err != nil {
+		return
+	}
+	return
+}
+
+//修改角色的授权规则
+func EditRoleRule(iRule interface{}, roleId int64) (err error) {
+	enforcer, e := casbin_adapter_service.GetEnforcer()
+	if e != nil {
+		err = e
+		return
+	}
+	//查询当前权限
+	gp := enforcer.GetFilteredNamedPolicy("p", 0, fmt.Sprintf("g_%d", roleId))
+	//删除旧权限
+	for _, v := range gp {
+		_, e = enforcer.RemovePolicy(v)
+		if e != nil {
+			err = e
+			return
+		}
+	}
 	rule := iRule.([]interface{})
 	for _, v := range rule {
-		g.Log().Debug(v)
+		_, err = enforcer.AddPolicy(fmt.Sprintf("g_%d", roleId), fmt.Sprintf("r_%s", v), "All")
+		if err != nil {
+			return
+		}
 	}
 	return
 }

app/service/casbin_adapter_service/adapter.go

@@ -206,24 +206,23 @@ func rawDelete(a *Adapter, line casbin_rule.Entity) error {
 	db := casbin_rule.Model
 	db.Where("ptype = ?", line.Ptype)
 	if line.V0 != "" {
-		db.Where("v0 = ?", line.V0)
+		db = db.Where("v0 = ?", line.V0)
 	}
 	if line.V1 != "" {
-		db.Where("v1 = ?", line.V1)
+		db = db.Where("v1 = ?", line.V1)
 	}
 	if line.V2 != "" {
-		db.Where("v2 = ?", line.V2)
+		db = db.Where("v2 = ?", line.V2)
 	}
 	if line.V3 != "" {
-		db.Where("v3 = ?", line.V3)
+		db = db.Where("v3 = ?", line.V3)
 	}
 	if line.V4 != "" {
-		db.Where("v4 = ?", line.V4)
+		db = db.Where("v4 = ?", line.V4)
 	}
 	if line.V5 != "" {
-		db.Where("v5 = ?", line.V5)
+		db = db.Where("v5 = ?", line.V5)
 	}
-
 	_, err := db.Delete()
 	return err
 }