feat: restrict permission roles
This commit is contained in:
@@ -43,8 +43,8 @@ func (c *AuthController) Login(ctx *gin.Context) {
|
||||
ErrorResponse(ctx, http.StatusUnauthorized, err.Error())
|
||||
return
|
||||
}
|
||||
if user.Role == "employee" {
|
||||
ErrorResponse(ctx, http.StatusForbidden, "员工账号无后台登录权限")
|
||||
if !models.HasBackendAccess(user.Role) {
|
||||
ErrorResponse(ctx, http.StatusForbidden, "该账号无后台登录权限")
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user