权限管理优化

This commit is contained in:
hoteas 2022-08-01 18:48:08 +08:00
parent 6fe44cb1cb
commit 6034598bb4

View File

@ -263,7 +263,7 @@ func (that *HoTimeDB) backupCol(tt string) string {
for k := range data[0] { for k := range data[0] {
if tempLthData == lthCol-1 { if tempLthData == lthCol-1 {
str += "`" + k + "`)" str += "`" + k + "`) "
} else { } else {
str += "`" + k + "`," str += "`" + k + "`,"
} }
@ -287,7 +287,7 @@ func (that *HoTimeDB) backupCol(tt string) string {
} }
if m == lthCol-1 { if m == lthCol-1 {
str += v + ")" str += v + ") "
} else { } else {
str += v + "," str += v + ","
@ -454,9 +454,9 @@ func (that *HoTimeDB) Select(table string, qu ...interface{}) []Map {
query += " *" query += " *"
} }
if !strings.Contains(table, ".") && !strings.Contains(table, " AS ") { if !strings.Contains(table, ".") && !strings.Contains(table, " AS ") {
query += " FROM `" + that.Prefix + table + "`" query += " FROM `" + that.Prefix + table + "` "
} else { } else {
query += " FROM " + that.Prefix + table query += " FROM " + that.Prefix + table + " "
} }
if join { if join {
@ -472,15 +472,15 @@ func (that *HoTimeDB) Select(table string, qu ...interface{}) []Map {
v := testQuData[k] v := testQuData[k]
switch Substr(k, 0, 3) { switch Substr(k, 0, 3) {
case "[>]": case "[>]":
query += " LEFT JOIN `" + Substr(k, 3, len(k)-3) + "` ON " + v.(string) query += " LEFT JOIN `" + Substr(k, 3, len(k)-3) + "` ON " + v.(string) + " "
case "[<]": case "[<]":
query += " RIGHT JOIN `" + Substr(k, 3, len(k)-3) + "` ON " + v.(string) query += " RIGHT JOIN `" + Substr(k, 3, len(k)-3) + "` ON " + v.(string) + " "
} }
switch Substr(k, 0, 4) { switch Substr(k, 0, 4) {
case "[<>]": case "[<>]":
query += " FULL JOIN `" + Substr(k, 4, len(k)-4) + "` ON " + v.(string) query += " FULL JOIN `" + Substr(k, 4, len(k)-4) + "` ON " + v.(string) + " "
case "[><]": case "[><]":
query += " INNER JOIN `" + Substr(k, 4, len(k)-4) + "` ON " + v.(string) query += " INNER JOIN `" + Substr(k, 4, len(k)-4) + "` ON " + v.(string) + " "
} }
} }
} }
@ -631,7 +631,16 @@ func (that *HoTimeDB) where(data Map) (string, []interface{}) {
} }
if len(where) != 0 { if len(where) != 0 {
where = " WHERE " + where hasWhere := true
for _, v := range vcond {
if strings.Index(where, v) == 0 {
hasWhere = false
}
}
if hasWhere {
where = " WHERE " + where + " "
}
} }
//特殊字符 //特殊字符
@ -647,31 +656,31 @@ func (that *HoTimeDB) where(data Map) (string, []interface{}) {
v := data[k] v := data[k]
if vcond[j] == k { if vcond[j] == k {
if k == "ORDER" { if k == "ORDER" {
where += " " + k + " BY " where += k + " BY "
//fmt.Println(reflect.ValueOf(v).Type()) //fmt.Println(reflect.ValueOf(v).Type())
//break //break
} else if k == "GROUP" { } else if k == "GROUP" {
where += " " + k + " BY " where += k + " BY "
} else { } else {
where += " " + k where += k
} }
if reflect.ValueOf(v).Type().String() == "common.Slice" { if reflect.ValueOf(v).Type().String() == "common.Slice" {
for i := 0; i < len(v.(Slice)); i++ { for i := 0; i < len(v.(Slice)); i++ {
where += " " + ObjToStr(v.(Slice)[i]) where += " " + ObjToStr(v.(Slice)[i]) + " "
if len(v.(Slice)) != i+1 { if len(v.(Slice)) != i+1 {
where += "," where += ", "
} }
} }
} else { } else {
//fmt.Println(v) //fmt.Println(v)
where += " " + ObjToStr(v) where += " " + ObjToStr(v) + " "
} }
break break
@ -699,72 +708,72 @@ func (that *HoTimeDB) varCond(k string, v interface{}) (string, []interface{}) {
case "[>]": case "[>]":
k = strings.Replace(k, "[>]", "", -1) k = strings.Replace(k, "[>]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + ">? " where += k + ">? "
res = append(res, v) res = append(res, v)
case "[<]": case "[<]":
k = strings.Replace(k, "[<]", "", -1) k = strings.Replace(k, "[<]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + "<? " where += k + "<? "
res = append(res, v) res = append(res, v)
case "[!]": case "[!]":
k = strings.Replace(k, "[!]", "", -1) k = strings.Replace(k, "[!]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where, res = that.notIn(k, v, where, res) where, res = that.notIn(k, v, where, res)
case "[#]": case "[#]":
k = strings.Replace(k, "[#]", "", -1) k = strings.Replace(k, "[#]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += " " + k + "=" + ObjToStr(v) where += " " + k + "=" + ObjToStr(v) + " "
case "[##]": //直接添加value到sql需要考虑防注入value比如"a>b" case "[##]": //直接添加value到sql需要考虑防注入value比如"a>b"
where += " " + ObjToStr(v) where += " " + ObjToStr(v)
case "[#!]": case "[#!]":
k = strings.Replace(k, "[#!]", "", -1) k = strings.Replace(k, "[#!]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += " " + k + "!=" + ObjToStr(v) where += " " + k + "!=" + ObjToStr(v) + " "
case "[!#]": case "[!#]":
k = strings.Replace(k, "[!#]", "", -1) k = strings.Replace(k, "[!#]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += " " + k + "!=" + ObjToStr(v) where += " " + k + "!=" + ObjToStr(v) + " "
case "[~]": case "[~]":
k = strings.Replace(k, "[~]", "", -1) k = strings.Replace(k, "[~]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + " LIKE ? " where += k + " LIKE ? "
v = "%" + ObjToStr(v) + "%" v = "%" + ObjToStr(v) + "% "
res = append(res, v) res = append(res, v)
case "[!~]": //左边任意 case "[!~]": //左边任意
k = strings.Replace(k, "[~]", "", -1) k = strings.Replace(k, "[~]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + " LIKE ? " where += k + " LIKE ? "
v = "%" + ObjToStr(v) v = "%" + ObjToStr(v) + " "
res = append(res, v) res = append(res, v)
case "[~!]": //右边任意 case "[~!]": //右边任意
k = strings.Replace(k, "[~]", "", -1) k = strings.Replace(k, "[~]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + " LIKE ? " where += k + " LIKE ? "
v = ObjToStr(v) + "%" v = ObjToStr(v) + "% "
res = append(res, v) res = append(res, v)
case "[~~]": //手动任意 case "[~~]": //手动任意
k = strings.Replace(k, "[~]", "", -1) k = strings.Replace(k, "[~]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + " LIKE ? " where += k + " LIKE ? "
//v = ObjToStr(v) //v = ObjToStr(v)
@ -778,21 +787,21 @@ func (that *HoTimeDB) varCond(k string, v interface{}) (string, []interface{}) {
case "[>=]": case "[>=]":
k = strings.Replace(k, "[>=]", "", -1) k = strings.Replace(k, "[>=]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + ">=? " where += k + ">=? "
res = append(res, v) res = append(res, v)
case "[<=]": case "[<=]":
k = strings.Replace(k, "[<=]", "", -1) k = strings.Replace(k, "[<=]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + "<=? " where += k + "<=? "
res = append(res, v) res = append(res, v)
case "[><]": case "[><]":
k = strings.Replace(k, "[><]", "", -1) k = strings.Replace(k, "[><]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + " NOT BETWEEN ? AND ? " where += k + " NOT BETWEEN ? AND ? "
res = append(res, v.(Slice)[0]) res = append(res, v.(Slice)[0])
@ -800,22 +809,24 @@ func (that *HoTimeDB) varCond(k string, v interface{}) (string, []interface{}) {
case "[<>]": case "[<>]":
k = strings.Replace(k, "[<>]", "", -1) k = strings.Replace(k, "[<>]", "", -1)
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
where += k + " BETWEEN ? AND ? " where += k + " BETWEEN ? AND ? "
res = append(res, v.(Slice)[0]) res = append(res, v.(Slice)[0])
res = append(res, v.(Slice)[1]) res = append(res, v.(Slice)[1])
default: default:
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
if reflect.ValueOf(v).Type().String() == "common.Slice" || strings.Contains(reflect.ValueOf(v).Type().String(), "[]") { if reflect.ValueOf(v).Type().String() == "common.Slice" || strings.Contains(reflect.ValueOf(v).Type().String(), "[]") {
vs := ObjToSlice(v) vs := ObjToSlice(v)
if len(vs) == 0 {
return where, res
}
where += k + " IN (" where += k + " IN ("
res = append(res, vs...) res = append(res, vs...)
if len(v.(Slice)) == 0 {
where += ") "
} else {
for i := 0; i < len(vs); i++ { for i := 0; i < len(vs); i++ {
if i+1 != len(vs) { if i+1 != len(vs) {
where += "?," where += "?,"
@ -824,7 +835,6 @@ func (that *HoTimeDB) varCond(k string, v interface{}) (string, []interface{}) {
} }
//res=append(res,(v.(Slice))[i]) //res=append(res,(v.(Slice))[i])
} }
}
} else { } else {
where += k + "=? " where += k + "=? "
@ -837,15 +847,19 @@ func (that *HoTimeDB) varCond(k string, v interface{}) (string, []interface{}) {
} else { } else {
//fmt.Println(reflect.ValueOf(v).Type().String()) //fmt.Println(reflect.ValueOf(v).Type().String())
if !strings.Contains(k, ".") { if !strings.Contains(k, ".") {
k = "`" + k + "`" k = "`" + k + "` "
} }
if v == nil { if v == nil {
where += k + " IS NULL" where += k + " IS NULL "
} else if reflect.ValueOf(v).Type().String() == "common.Slice" || strings.Contains(reflect.ValueOf(v).Type().String(), "[]") { } else if reflect.ValueOf(v).Type().String() == "common.Slice" || strings.Contains(reflect.ValueOf(v).Type().String(), "[]") {
vs := ObjToSlice(v) vs := ObjToSlice(v)
//fmt.Println(v) //fmt.Println(v)
if len(vs) == 0 {
return where, res
}
where += k + " IN (" where += k + " IN ("
res = append(res, vs...) res = append(res, vs...)
for i := 0; i < len(vs); i++ { for i := 0; i < len(vs); i++ {
if i+1 != len(vs) { if i+1 != len(vs) {
where += "?," where += "?,"
@ -854,6 +868,7 @@ func (that *HoTimeDB) varCond(k string, v interface{}) (string, []interface{}) {
} }
//res=append(res,(v.(Slice))[i]) //res=append(res,(v.(Slice))[i])
} }
} else { } else {
where += k + "=? " where += k + "=? "
@ -875,8 +890,12 @@ func (that *HoTimeDB) notIn(k string, v interface{}, where string, res []interfa
} else if reflect.ValueOf(v).Type().String() == "common.Slice" || strings.Contains(reflect.ValueOf(v).Type().String(), "[]") { } else if reflect.ValueOf(v).Type().String() == "common.Slice" || strings.Contains(reflect.ValueOf(v).Type().String(), "[]") {
vs := ObjToSlice(v) vs := ObjToSlice(v)
if len(vs) == 0 {
return where, res
}
where += k + " NOT IN (" where += k + " NOT IN ("
res = append(res, vs...) res = append(res, vs...)
for i := 0; i < len(vs); i++ { for i := 0; i < len(vs); i++ {
if i+1 != len(vs) { if i+1 != len(vs) {
where += "?," where += "?,"
@ -885,6 +904,7 @@ func (that *HoTimeDB) notIn(k string, v interface{}, where string, res []interfa
} }
//res=append(res,(v.(Slice))[i]) //res=append(res,(v.(Slice))[i])
} }
} else { } else {
where += k + " !=? " where += k + " !=? "
@ -931,7 +951,10 @@ func (that *HoTimeDB) cond(tag string, data Map) (string, []interface{}) {
if x == len(condition) { if x == len(condition) {
tv, vv := that.varCond(k, v) tv, vv := that.varCond(k, v)
if tv == "" {
lens--
continue
}
res = append(res, vv...) res = append(res, vv...)
if lens--; lens <= 0 { if lens--; lens <= 0 {
where += tv + "" where += tv + ""
@ -962,7 +985,7 @@ func (that *HoTimeDB) Update(table string, data Map, where Map) int64 {
} else { } else {
qs = append(qs, v) qs = append(qs, v)
} }
query += "`" + k + "`=" + vstr + "" query += "`" + k + "`=" + vstr + " "
if tp--; tp != 0 { if tp--; tp != 0 {
query += ", " query += ", "
} }