wip:个人订阅查询过滤、token权限校验优化

jyBXSubscribe/rpc/model/staffSubscribe.go

@@ -12,6 +12,35 @@ import (
 	"time"
 )
 
+// PersonSubscribe 个人订阅结构体
+type PersonSubscribe struct {
+	AInfotype     []string            `json:"a_infotype"`
+	ABuyerclass   []string            `json:"a_buyerclass"`
+	IProjectmatch int                 `json:"i_projectmatch"`
+	OArea         map[string][]string `json:"o_area"`
+	AItems        []struct {
+		SItem string `json:"s_item"`
+		AKey  []struct {
+			Key      []string `json:"key"`
+			Notkey   []string `json:"notkey"`
+			Matchway float64  `json:"matchway"`
+		} `json:"a_key"`
+	} `json:"a_items"`
+	IEntFastimport int `json:"i_ent_fastimport"`
+	IApppush       int `json:"i_apppush"`
+	IMailpush      int `json:"i_mailpush"`
+	IMatchway      int `json:"i_matchway"`
+	IRatemode      int `json:"i_ratemode"`
+}
+
+// IsEmpty 判断订阅内容是否为空
+func (p *PersonSubscribe) IsEmpty() bool {
+	if len(p.AItems) > 0 || len(p.AInfotype) > 0 || len(p.ABuyerclass) > 0 || len(p.OArea) > 0 {
+		return false
+	}
+	return true
+}
+
 // GetStaffSubscribeList 员工订阅总览列表
 // query 检索名字/手机号
 // eStatus 是否有企业订阅 -1 无企业订阅 1 有企业订阅
@@ -122,7 +151,7 @@ WHERE`
 					}
 				}
 				list = append(list, &bxsubscribe.StaffSubscribe{
-					Token:   encodeSubscribeMsg(gconv.Int64(entId), gconv.Int64(m["id"]), common.ObjToString(m["rule_id"]), gconv.String(m["product_type"])),
+					Token:   encodeSubscribeMsg(gconv.Int64(entId), gconv.Int64(entUserId), gconv.Int64(m["id"]), common.ObjToString(m["rule_id"]), gconv.String(m["product_type"])),
 					Name:    common.ObjToString(m["name"]),
 					Phone:   common.ObjToString(m["phone"]),
 					EStatus: gconv.Int64(common.If(common.ObjToString(m["rule_id"]) == "", -1, 1)),
@@ -134,61 +163,9 @@ WHERE`
 	return
 }
 
-// decodeSubscribeMsg /解密
-func decodeSubscribeMsg(token string) (entId, uId int64, ruleId, power string, err error) {
-	values := encrypt.DecodeArticleId2ByCheck(token)
-	if len(values) != 4 {
-		err = fmt.Errorf("解析异常")
-		return
-	}
-	entId = gconv.Int64(values[0])
-	uId = gconv.Int64(values[1])
-	ruleId = gconv.String(values[2])
-	power = gconv.String(values[3])
-
-	if entId == 0 || uId == 0 {
-		err = fmt.Errorf("参数异常")
-		return
-	}
-	return
-}
-
-// encodeSubscribeMsg 加密
-func encodeSubscribeMsg(entId, uId int64, ruleId, power string) string {
-	return encrypt.EncodeArticleId2ByCheck(fmt.Sprintf("%d,%d,%s,%s", entId, uId, ruleId, strings.Replace(power, ",", "_", -1)))
-}
-
-// PersonSubscribe 个人订阅结构体
-type PersonSubscribe struct {
-	AInfotype     []string            `json:"a_infotype"`
-	ABuyerclass   []string            `json:"a_buyerclass"`
-	IProjectmatch int                 `json:"i_projectmatch"`
-	OArea         map[string][]string `json:"o_area"`
-	AItems        []struct {
-		SItem string `json:"s_item"`
-		AKey  []struct {
-			Key      []string `json:"key"`
-			Notkey   []string `json:"notkey"`
-			Matchway float64  `json:"matchway"`
-		} `json:"a_key"`
-	} `json:"a_items"`
-	IEntFastimport int `json:"i_ent_fastimport"`
-	IApppush       int `json:"i_apppush"`
-	IMailpush      int `json:"i_mailpush"`
-	IMatchway      int `json:"i_matchway"`
-	IRatemode      int `json:"i_ratemode"`
-}
-
-func (p *PersonSubscribe) IsEmpty() bool {
-	if len(p.AItems) > 0 || len(p.AInfotype) > 0 || len(p.ABuyerclass) > 0 || len(p.OArea) > 0 {
-		return false
-	}
-	return true
-}
-
 // getEntPersonOrderList 查询企业订阅所有设置个人订阅的列表
 func getEntPersonOrderList(entId int) (uIds []int64) {
-	res, _ := IC.Mgo.Find("entniche_rule", map[string]interface{}{"i_entid": entId, "i_userid": map[string]interface{}{"$exists": 1}}, nil, `{"o_entniche":1,"i_userid":1}`, false, -1, -1)
+	res, _ := IC.Mgo.Find("entniche_rule", map[string]interface{}{"i_entid": entId, "i_userid": map[string]interface{}{"$exists": 1}, "i_type": map[string]interface{}{"$exists": 1}}, nil, `{"o_entniche":1,"i_userid":1}`, false, -1, -1)
 	if res == nil || len(*res) == 0 {
 		return
 	}
@@ -209,11 +186,11 @@ func getEntPersonOrderList(entId int) (uIds []int64) {
 
 // GetStaffSubscribeDetail 获取企业个人订阅
 func GetStaffSubscribeDetail(entId, uid int64, token string) (rData map[string]interface{}, err error) {
-	entIdCheck, staffId, ruleId, power, err := decodeSubscribeMsg(token)
+	entIdCheck, uidCheck, staffId, ruleId, power, err := decodeSubscribeMsg(token)
 	if err != nil {
 		return
 	}
-	if entId != entIdCheck {
+	if entId != entIdCheck || uid != uidCheck {
 		err = fmt.Errorf("权限异常")
 		return
 	}
@@ -328,3 +305,28 @@ func getEntDistribute(ruleId string, entId, uid int64) (rData map[string]interfa
 	rData["wordsList"] = wordsList
 	return
 }
+
+// decodeSubscribeMsg token解密
+func decodeSubscribeMsg(token string) (entId, uId, staffId int64, ruleId, power string, err error) {
+	values := encrypt.DecodeArticleId2ByCheck(token)
+	if len(values) != 5 {
+		err = fmt.Errorf("解析异常")
+		return
+	}
+	entId = gconv.Int64(values[0])
+	uId = gconv.Int64(values[1])
+	staffId = gconv.Int64(values[2])
+	ruleId = gconv.String(values[3])
+	power = gconv.String(values[4])
+
+	if entId == 0 || uId == 0 || staffId == 0 {
+		err = fmt.Errorf("参数异常")
+		return
+	}
+	return
+}
+
+// encodeSubscribeMsg token加密
+func encodeSubscribeMsg(entId, uId, staffId int64, ruleId, power string) string {
+	return encrypt.EncodeArticleId2ByCheck(fmt.Sprintf("%d,%d,%d,%s,%s", entId, uId, staffId, ruleId, strings.Replace(power, ",", "_", -1)))
+}