增加获取角色数据的测试例子

conf/nginx.conf

@@ -56,8 +56,8 @@ http {
         include 'system/system.conf';
 
         #测试接口配置
-        location /testSQL {
-            content_by_lua_file '${APP_PATH}/src/test/testPostgres.lua';
+        location /testTree {
+            content_by_lua_file '${APP_PATH}/src/test/testRadixtree.lua';
         }
         location /testRBAC {
             content_by_lua_file '${APP_PATH}/src/test/testRBAC.lua';

src/api/system/user.lua

@@ -14,32 +14,47 @@ local routes = {
     {
         paths = { "/api/system/users" },
         methods = { "GET" },
+        filter_fun = function(vars)
+            ngx.ctx.perms = "system::users::list"
+            return true
+        end,
         handler = systemUser.getSystemUsers,
-        metadata = "system::users::list",
     },
     {
         paths = { "/api/system/users/:id" },
         methods = { "GET" },
+        filter_fun = function(vars)
+            ngx.ctx.perms = "system::users::view"
+            return true
+        end,
         handler = systemUser.getSystemUser,
-        metadata = "system::users::view",
     },
     {
         paths = { "/api/system/users" },
         methods = { "POST" },
+        filter_fun = function(vars)
+            ngx.ctx.perms = "system::users::add"
+            return true
+        end,
         handler = systemUser.addSystemUser,
-        metadata = "system::users::add",
     },
     {
         paths = { "/api/system/users/:id" },
         methods = { "DELETE" },
+        filter_fun = function(vars)
+            ngx.ctx.perms = "system::users::delete"
+            return true
+        end,
         handler = systemUser.deleteSystemUser,
-        metadata = "system::users::delete",
     },
     {
         paths = { "/api/system/users/:id" },
         methods = { "PUT" },
+        filter_fun = function(vars)
+            ngx.ctx.perms = "system::users::edit"
+            return true
+        end,
         handler = systemUser.updateSystemUser,
-        metadata = "system::users::edit",
     },
 }
 
@@ -51,9 +66,12 @@ if not rx then
 end
 
 --获取访问的uri地址
+--local uri = ngx.var.request_uri
 local uri = ngx.var.uri
 local opts = {
+    host = ngx.var.host,
     method = ngx.var.request_method,
+    remote_addr = ngx.var.remote_addr,
     matched = {}
 }
 

src/auth/jwt-auth.lua

@@ -1,6 +1,7 @@
 local jwt = require "resty.jwt"
 local cjson = require("cjson.safe")
 local jsonschema = require("jsonschema")
+require("config")
 
 -- 定义一个JSON Schema
 local schema = {
@@ -49,9 +50,11 @@ if jwt_obj.payload.exp and ngx.time() > jwt_obj.payload.exp then
 end
 
 -- Access claims in the payload
-local claims = verified.claims
 -- write the uid variable
-ngx.var.uid = jwt_obj.payload
+ngx.ctx.userid = jwt_obj.payload.userid
+ngx.ctx.username = jwt_obj.payload.username
+ngx.ctx.role = jwt_obj.payload.role
+ngx.log(ngx.WARN, "claims: ".. cjson.encode(jwt_obj.payload))
 
 --全部校验完成后，说明令牌有效，返回令牌数据
 ngx.log(ngx.INFO, "令牌校验通过 JWT: " .. cjson.encode(jwt_obj))

src/config.lua

@@ -38,4 +38,4 @@ SYSTEM_CONFIG = {
         POOL_SIZE = 100, -- postgresql pool size
         TIMEOUT = 1000, -- postgresql timeout
     }
-}
+}

src/dao/auth.lua

@@ -3,10 +3,7 @@
 --- Created by frankly.
 --- DateTime: 2025/10/29 23:36
 ---
---引用使用的库文件
-local model = require("share.model")
---创建一个数据表相关的模型
-local userModel = model:new('sys_user')
+local userDao = require("dao.user")
 
 local _M = {}
 
@@ -20,24 +17,7 @@ local function authenticate(name, passwd)
     if passwd == "" then
         return 0x010002, nil
     end
-   local pwdMd5 = ngx.md5(passwd)
-    --根据用户进行验证用户是否存在
-    local code, res = userModel:where("username", "=", name):where("password", "=", pwdMd5):get()
-    if code == 0 and res ~= nil then
-        return code, res
-    end
-    --根据手机号进行验证用户是否存在
-    code, res = userModel:where("phone", "=", name):where("password", "=", pwdMd5):get()
-    if code == 0 and res ~= nil then
-        return code, res
-    end
-    --根据邮箱进行验证用户是否存在
-    code, res = userModel:where("email", "=", name):where("password", "=", pwdMd5):get()
-    if code == 0 and res ~= nil then
-        return code, res
-    end
-    --查询不到用户信息
-    return 0x010003, nil
+    return userDao:adjustUser(name, passwd)
 end
 
 --用户登录业务逻辑处理
@@ -60,6 +40,14 @@ function _M.login(jsonData)
     if num <= 0 then
         return 0x01000C,nil
     end
+    local userid = res[1].id
+    --获取用户id查询角色信息
+    local err, rest = userDao:userRole(userid)
+    if rest == nil then
+        return 0x01000C,nil
+    end
+    res[1].role_id = rest[1].role_id
+    res[1].role_name = rest[1].role_name
     return 0, res
 end
 
@@ -72,11 +60,11 @@ end
 
 --用户注册业务逻辑处理
 function _M.signup(jsonData)
-    return userModel:addSystemUser(jsonData)
+    return userDao:addSystemUser(jsonData)
 end
 
 function _M.getUser(userid)
-    return userModel:find(userid)
+    return userDao:getSystemUser(userid)
 end
 
 return _M

src/dao/role.lua

@@ -89,4 +89,15 @@ function _M:updateSystemRole(id, jsonData)
     return roleModel:where('id', '=', id):update(jsonData)
 end
 
+--通过角色id获取用户权限
+function _M:getPermission2roleId(role_id, status)
+    local sql = [[SELECT "A"."id","A".role_name,"B".permission_id,"B".permission_name,"B".permission_code,
+	    "A".status FROM sys_role AS "A"	INNER JOIN sys_role_permission AS "C" ON "A"."id"="C".role_id
+        INNER JOIN sys_permission AS "B" ON	"C".permission_id="B".permission_id WHERE "A"."id"=]]..tostring(role_id)
+    if status ~= nil then
+        sql = sql.." AND \"A\".status='"..status.."'"
+    end
+    return roleModel.exec(sql)
+end
+
 return _M

src/dao/user.lua

@@ -10,6 +10,8 @@ local model = require("share.model")
 --创建一个数据表相关的模型
 local userModel = model:new('sys_user')
 
+local roles = require("dao.role")
+
 local _M = {}
 
 local user = {
@@ -101,4 +103,38 @@ function _M:updateSystemUser(id, jsonData)
     return userModel:where('id', '=', id):update(jsonData)
 end
 
+--通过用户名和密码验证用户是否存在
+function _M:adjustUser(name, passwd)
+    if name == nil or passwd == nil then
+        return 0x010003, nil
+    end
+    local pwdMd5 = ngx.md5(passwd)
+    --根据用户进行验证用户是否存在
+    local code, res = userModel:where("username", "=", name):where("password", "=", pwdMd5):get()
+    if code == 0 and res ~= nil then
+        return code, res
+    end
+    --根据手机号进行验证用户是否存在
+    code, res = userModel:where("phone", "=", name):where("password", "=", pwdMd5):get()
+    if code == 0 and res ~= nil then
+        return code, res
+    end
+    --根据邮箱进行验证用户是否存在
+    code, res = userModel:where("email", "=", name):where("password", "=", pwdMd5):get()
+    if code == 0 and res ~= nil then
+        return code, res
+    end
+    --查询不到用户信息
+    return 0x010003, nil
+end
+
+--通过用户id获取角色的角色id和角色名称
+function _M:userRole(id)
+    local sql = [[SELECT "a"."id","a".username,b."id" AS role_id,b.role_name FROM
+                sys_user AS "a" INNER JOIN sys_user_role AS "c" ON "a"."id" = "c".user_id
+                INNER JOIN sys_role AS b ON "c".role_id = b."id" WHERE
+                "a"."id" = ']]..id.."'"
+    return userModel:exec(sql)
+end
+
 return _M

src/init.lua

@@ -7,6 +7,7 @@
 在"ngx_lua"模块的"init_by_lua_file"命令中执行;
 只在启动nginx时初始化一次。
 --]]
+require("config")
 
 print("init application...")
 --判断程序是否加载权限数据
@@ -23,21 +24,25 @@ end
 
 --初始化，获取系统默认的用户权限，为实现RBAC框架做权限数据准备
 local function handler()
-    --引用使用的库文件
-    local Model = require("share.model")
-    --创建一个数据表相关的模型
-    local userModel = Model:new('sys_user')
-
     --读取用户表、角色表和权限表中配置的权限数据
+    local roleDao = require("dao.role")
     --获取数据表中的记录数
-    local code, res = userModel:count()
+    local code, res = roleDao:all()
+    if res == nil then return end
     ngx.log(ngx.INFO, "user count:"..res)
+    --读取角色id和角色名称
+    for _, row in pairs(res) do
+        for key, value in pairs(row) do
+            ngx.say(key .. ":" .. tostring(value))
+        end
+    end
+    --“admin-system::users::edit“  ”1“
 
+    --将取到的数据存储到redis中，后续进行验证使用
     local redis = require("resty.redis")
     local red = redis:new()
-
     -- 设置超时时间
-    red:set_timeout(conf.REDIS.TIMEOUT) -- 1秒
+    red:set_timeout(SYSTEM_CONFIG.REDIS.TIMEOUT) -- 1秒
 
     -- 连接到 Redis
     local ok, err = red:connect(SYSTEM_CONFIG.REDIS.HOST, SYSTEM_CONFIG.REDIS.PORT)
@@ -55,7 +60,7 @@ local function handler()
     end
 
     -- 从连接池中获取连接
-    red:set_keepalive(SYSTEM_CONFIG.REDIS.POOL_MAX_IDLE_TIME, SYSTEM_CONFIG.REDIS.POOL_SIZE)
+    --red:set_keepalive(SYSTEM_CONFIG.REDIS.POOL_MAX_IDLE_TIME, SYSTEM_CONFIG.REDIS.POOL_SIZE)
 
     -- 设置 key-value
     local ok, err = red:set("admin-system:user:add", "1")

src/service/auth/auth.lua

@@ -2,7 +2,7 @@
 --- Generated by EmmyLua(https://github.com/EmmyLua)
 --- Created by admin.
 --- DateTime: 2025/10/28 11:09
----
+--- 用于
 local resp = require("util.response")
 local authDao = require("dao.auth")
 local validator = require("validator.auth.auth")
@@ -36,15 +36,12 @@ function _M.login()
         resp:send(result)
         return
     end
-    local id = ""
-    local username = ""
-    for _, row in ipairs(ret) do
-        id = row.id
-        username = row.username
-    end
-
+    local id = ret[1].id
+    local username = ret[1].username
+    local role_id = ret[1].role_id
+    local role_name = ret[1].role_name
     --获取的登陆的用户信息，返回tocken
-    local jwt_token = token.generateToken(id, username)
+    local jwt_token = token.generateToken(id, username, role_id, role_name)
     local data = {}
     data["token"] = jwt_token
     data["userInfo"] = ret
@@ -95,8 +92,9 @@ function _M.logout()
     --验证成功记录登出的日志信息
     local userid = ret["body"]["payload"]["userid"]
     local username = ret["body"]["payload"]["username"]
-    local rolename = ret["body"]["payload"]["username"]
-    ngx.log(ngx.INFO, "userid:"..userid.." username:"..username.." rolename:"..rolename.." logout system")
+    local role_id = ret["body"]["payload"]["role_id"]
+    local role_name = ret["body"]["payload"]["role_name"]
+    ngx.log(ngx.INFO, "userid:"..userid.." username:"..username.." role_id:"..role_id.." role_name:"..role_name.." logout system")
     local result = resp:json(0, "用户退出系统成功")
     resp:send(result)
 end
@@ -143,6 +141,9 @@ function _M.permission()
     end
     --验证成功获取用户id信息
     local userid = retToken["body"]["payload"]["userid"]
+    local username = retToken["body"]["payload"]["username"]
+    local role_id = retToken["body"]["payload"]["role_id"]
+    local role_name = retToken["body"]["payload"]["role_name"]
     --通过用户id查询到用户的权限信息
     local code, ret = authDao.getUser(userid)
     --读取数据错误

src/service/system/user.lua

@@ -23,15 +23,20 @@ local function getUserId()
     return userid
 end
 
---判断用户是都有权限使用接口
---local payload = ngx.var.uid
-
 --获取所有用户信息
 function _M.getSystemUsers(m)
     --获取登录的用户信息
-    local payload = ngx.var.uid
-    local metadata = m.metadata
-    ngx.log(ngx.INFO, "metadata value:"..metadata)
+    local userid = ngx.ctx.userid
+    local username = ngx.ctx.username
+    local role = ngx.ctx.role
+    ngx.log(ngx.INFO, "userid:"..userid.." username:"..username.." role:"..role)
+    --权限数据
+    local perms = ngx.ctx.perms
+    local method = m._method
+    local path = m._path
+    ngx.log(ngx.INFO, "path:"..path.." method:"..method)
+    --判断当前接口用户和角色是否有权限
+
     --获取页码和请求的数据量
     --local args = ngx.req.get_uri_args()
     local pageNum = ngx.var.pagenum or 1

src/share/helpers.lua

@@ -5,6 +5,7 @@
 ---
 local snowflake = require("share.snowflake")
 local cjson = require("cjson.safe")
+require("config")
 
 local _M = {}
 

src/share/model.lua

@@ -1,3 +1,4 @@
+require("config")
 local Database = require('share.database')
 local helpers = require('share.helpers')
 local implode = helpers.implode
@@ -63,6 +64,7 @@ function _M:retrieve_relations(ids)
 		return {}
 	end
 	local ids_str = implode(unique(ids))
+    print(ids_str)
 	self.relation_sql = 'select * from \"'..self.relation.model.table..'\" where ' .. self.relation.foreign_key .. ' in (' .. ids_str .. ')'
 	return table_remove(self:query(self.relation_sql, READ), self.relation.model:get_hidden())
 end
@@ -394,6 +396,10 @@ function _M:debug()
     ngx.log(ngx.INFO, self.table.." ")
 end
 
+function _M:exec(sql)
+    return self:query(sql, READ)
+end
+
 --初始化数据表中的字段
 function _M:new(table, attributes, hidden)
     local obj = {

src/share/redis.lua

@@ -1,4 +1,5 @@
 local redis = require("resty.redis")
+require("config")
 
 local _M = setmetatable({}, {__index = function(self, key)
     local red = redis:new()

src/test/test.lua

@@ -17,6 +17,44 @@ local redis = require("share.redis")
 
 --max =a and b or c--a?b:c
 
+--[[
+local radix = require("resty.radixtree")
+
+-- 路由处理函数注册表
+local function user_handler(m)
+    print(m.name)
+    print(ngx.ctx.perms)
+end
+
+-- 创建路由规则
+local routes = {
+    {
+        paths = {"/user/:name"},
+        methods = {"GET"},
+        filter_fun = function(vars)
+            ngx.ctx.perms = "system::users::view"
+            return true
+        end,
+        handler = user_handler,
+    }
+}
+
+-- 初始化radixtree实例
+local rx = radix.new(routes)
+
+-- 路由分发主函数
+-- 构建dispatch参数
+local opts = {
+    --host = ngx.var.host,
+    method = ngx.var.request_method,
+    --remote_addr = ngx.var.remote_addr,
+    matched = {}
+}
+
+-- 使用dispatch方法进行路由匹配
+local ok = rx:dispatch("/user/123", opts, opts.matched)
+--]]
+
 --[[
 --获取用户相关的角色数据的数据
 local function init_task()
@@ -63,6 +101,11 @@ ngx.say(addlib.add(5,7))
 --    ngx.say("zhangsan-system:user:list is not exist")
 --end
 
+--[[
+-- 方法1：直接使用EXISTS命令
+local value = redis.call("EXISTS", "admin-system:user:add")
+ngx.say("key value exist:"..value)
+
 local val1, err = redis:get("admin-system:user:add")
 local val2, err = redis:get("admin-system:user:edit")
 local val3, err = redis:get("admin-system:user:delete")
@@ -78,6 +121,8 @@ local val6, err = redis:get("admin-system:user:test")
 if val6 ~= nil then
     ngx.say("test:"..val6)
 end
+--]]
+
 --[[
 local uuid = require("resty.jit-uuid")
 uuid.seed()
@@ -288,12 +333,20 @@ else
 end
 --]]
 
---[[
---引用使用的库文件
-local Model = require("share.model")
---创建一个数据表相关的模型
-local userModel = Model:new('sys_user')
 
+local userModel = require("dao.user")
+local code, res = userModel:userRole("1")
+--显示查询到的数据记录
+if res ~= nil then
+    print("id value: -- ", res[1].id)
+    for _, row in pairs(res) do
+        for key, value in pairs(row) do
+            ngx.say(key .. ":" .. tostring(value))
+        end
+    end
+end
+
+--[[
 --获取数据表中的记录数
 local code, res = userModel:count()
 ngx.say(res)

src/test/testRadixtree.lua

@@ -33,7 +33,7 @@ local opts = {
 }
 
 -- matches the first route
-ngx.say(rx:match("/login/update", opts))   -- metadata /login/action
+ngx.say(rx:dispatch("/login/update", opts))   -- metadata /login/action
 ngx.say("action: ", opts.matched.action)   -- action: update
 
 ngx.say(rx:match("/login/register", opts)) -- metadata /login/action

src/util/token.lua

@@ -6,6 +6,7 @@
 
 local jwt = require("resty.jwt")
 local jsonschema = require("jsonschema")
+require("config")
 
 local _M = {}
 
@@ -22,21 +23,24 @@ local obj = {
     payload = { -- 自定义数据
         userid = "",                -- 用户id
         username = "",              -- 用户名
-        role = "",                  -- 角色
+        role_id = "",               -- 角色id
+        role_name = "",             -- 角色名称
         --iss = "your_issuer",      -- 签发者
         --sub = "1234567890",       -- 主题
-        exp = ngx.time() + 3600,     -- 过期时间（例如：当前时间+1小时）
-        iat = ngx.time()             -- 签发时间
+        exp = ngx.time() + 3600,    -- 过期时间（例如：当前时间+1小时）
+        iat = ngx.time()            -- 签发时间
     }
 }
 
-function _M.generateToken(userid, username)
-    if userid == nil or username == nil then
+function _M.generateToken(userid, username, role_id, role_name)
+    if userid == nil or username == nil or role_id == nil or role_name == nil then
         return ""
     end
 
     obj.payload.userid = userid
     obj.payload.username = username
+    obj.payload.role_id = role_id
+    obj.payload.role_name = role_name
     --获取的登陆的用户信息，返回tocken
     local jwt_token = jwt:sign(SYSTEM_CONFIG.secret_key, obj)
     return "Bearer "..jwt_token