func (u *User) New(cx *goblet.Context) { if len(u.CreateOnlyByPermits) > 0 { var user UserModule if id, has := cx.GetLoginId(); has { if has, err := goblet.DB.Id(id).Get(&user); err == nil && has { for _, permit := range u.CreateOnlyByPermits { if _, ok := user.Permits[permit]; ok { cx.RespondOK() } } } } } cx.RespondStatus(http.StatusMethodNotAllowed) }
func (u *User) UpdateMany(cx *goblet.Context) { rec := new(UserModule) cx.Fill(rec) var err error if rec.Name != "" && rec.Pwd != "" { var has bool if has, err = goblet.DB.Where("name = ? and pwd = ?", rec.Name, rec.Pwd).Get(rec); err == nil && has { cx.AddLoginId(rec.Id) cx.RespondOK() } else { cx.RespondWithStatus("用户名或密码错误", http.StatusForbidden) } } else { cx.RespondWithStatus("用户名或密码为空", http.StatusForbidden) } }