package middleware

import (
	"bytes"
	"designs/global"
	"designs/model"
	"designs/response"
	"designs/utils"
	"encoding/json"
	"github.com/gin-gonic/gin"
	"io"
)

func CheckAuth() gin.HandlerFunc {
	return func(c *gin.Context) {
		//查询出权限
		userName := c.GetString("userName")
		if userName == "chunhao" {
			//超级权限
			c.Set("permission", "[\"all\"]")
			c.Next()
			return
		}

		data, _ := c.GetRawData()
		form := struct {
			Gid string `form:"gid" json:"gid"`
		}{}
		json.Unmarshal(data, &form)

		// 3. 重置请求体，以便后续绑定使用
		c.Request.Body = io.NopCloser(bytes.NewBuffer(data))

		var admin model.Admin
		global.App.DB.Table("admin").Where("account", userName).Find(&admin)

		var PermissionSlice []string
		json.Unmarshal([]byte(admin.Permission), &PermissionSlice)

		if form.Gid == "" {
			//这个接口不验证gid
			c.Set("permission", admin.Permission)
			c.Next()
			return
		}
		if utils.InArray("all", PermissionSlice) || utils.InArray(form.Gid, PermissionSlice) {
			//能够使用gid
			c.Set("permission", admin.Permission)
			c.Next()
			return
		} else {
			response.Fail(c, -1, "gid权限不足，不能查看该数据!")
			c.Abort()
			return
		}
	}
}

func CheckSuper() gin.HandlerFunc {
	return func(c *gin.Context) {
		//查询出权限
		userName := c.GetString("userName")

		if userName == "chunhao" {
			c.Next()
		} else {
			response.Fail(c, -1, "权限不足,只有超级管理员可以访问!")
			c.Abort()
			return
		}
	}
}