add some permssion api (#572)

src/modules/rdb/http/router.go

@@ -136,6 +136,7 @@ func Config(r *gin.Engine) {
 		userLogin.GET("/node/:id/roles", rolesUnderNodeGets)
 		userLogin.POST("/node/:id/roles", rolesUnderNodePost)
 		userLogin.DELETE("/node/:id/roles", rolesUnderNodeDel)
+		userLogin.DELETE("/node/:id/roles/try", rolesUnderNodeDelTry)
 		userLogin.GET("/node/:id/resources", resourceUnderNodeGet)
 		userLogin.GET("/node/:id/resources/cate-count", renderNodeResourcesCountByCate)
 		userLogin.POST("/node/:id/resources/bind", resourceBindNode)
@@ -149,6 +150,7 @@ func Config(r *gin.Engine) {
 
 		userLogin.GET("/resources/search", resourceSearchGet)
 		userLogin.PUT("/resources/note", resourceNotePut)
+		userLogin.PUT("/resources/note/try", resourceNotePutTry)
 		userLogin.GET("/resources/bindings", resourceBindingsGet)
 		userLogin.GET("/resources/orphan", resourceOrphanGet)
 

src/modules/rdb/http/router_node_role.go

@@ -114,3 +114,12 @@ func rolesUnderNodeDel(c *gin.Context) {
 
 	renderMessage(c, err)
 }
+
+func rolesUnderNodeDelTry(c *gin.Context) {
+	node := Node(urlParamInt64(c, "id"))
+
+	me := loginUser(c)
+	me.CheckPermByNode(node, "rdb_perm_grant")
+
+	renderMessage(c, nil)
+}

src/modules/rdb/http/router_resource.go

@@ -131,6 +131,33 @@ func resourceHttpRegister(count int, items []v1ContainersRegisterItem) {
 	}
 }
 
+// 游离资源页面修改备注权限测试，超级管理员，或者是租户管理员有权限
+func resourceNotePutTry(c *gin.Context) {
+	path := queryStr(c, "tenant", "")
+	me := loginUser(c)
+
+	if me.IsRooter() {
+		renderMessage(c, nil)
+		return
+	}
+
+	if path == "" {
+		bomb("no privilege")
+	}
+
+	tenantNode, err := models.NodeGet("path=?", path)
+	if tenantNode == nil || err != nil {
+		bomb("no privilege")
+	}
+
+	exists, err := models.NodesAdminExists([]int64{tenantNode.Id}, me.Id)
+	if err != nil || !exists {
+		bomb("no privilege")
+	}
+
+	renderMessage(c, nil)
+}
+
 // 游离资源页面修改备注，超级管理员，或者是租户管理员
 func resourceNotePut(c *gin.Context) {
 	var f resourceNotePutForm