307 lines
9.5 KiB
Go
307 lines
9.5 KiB
Go
package service
|
|
|
|
import (
|
|
"dianshang/internal/model"
|
|
"errors"
|
|
"time"
|
|
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
// RoleService 角色服务
|
|
type RoleService struct {
|
|
db *gorm.DB
|
|
}
|
|
|
|
// NewRoleService 创建角色服务
|
|
func NewRoleService(db *gorm.DB) *RoleService {
|
|
return &RoleService{
|
|
db: db,
|
|
}
|
|
}
|
|
|
|
// CreateRole 创建角色
|
|
func (s *RoleService) CreateRole(role *model.Role) error {
|
|
return s.db.Create(role).Error
|
|
}
|
|
|
|
// GetRoleByID 根据ID获取角色
|
|
func (s *RoleService) GetRoleByID(id uint) (*model.Role, error) {
|
|
var role model.Role
|
|
err := s.db.Preload("Permissions").Where("id = ?", id).First(&role).Error
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &role, nil
|
|
}
|
|
|
|
// GetRoleByName 根据名称获取角色
|
|
func (s *RoleService) GetRoleByName(name string) (*model.Role, error) {
|
|
var role model.Role
|
|
err := s.db.Preload("Permissions").Where("name = ?", name).First(&role).Error
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &role, nil
|
|
}
|
|
|
|
// GetRoleList 获取角色列表
|
|
func (s *RoleService) GetRoleList(page, pageSize int, conditions map[string]interface{}) ([]model.Role, map[string]interface{}, error) {
|
|
var roles []model.Role
|
|
var total int64
|
|
|
|
query := s.db.Model(&model.Role{})
|
|
|
|
// 应用查询条件
|
|
if keyword, ok := conditions["keyword"]; ok && keyword != "" {
|
|
query = query.Where("name LIKE ? OR display_name LIKE ?",
|
|
"%"+keyword.(string)+"%", "%"+keyword.(string)+"%")
|
|
}
|
|
|
|
if status, ok := conditions["status"]; ok && status != "" {
|
|
query = query.Where("status = ?", status)
|
|
}
|
|
|
|
// 获取总数
|
|
err := query.Count(&total).Error
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// 分页查询
|
|
offset := (page - 1) * pageSize
|
|
err = query.Preload("Permissions").Offset(offset).Limit(pageSize).Order("created_at DESC").Find(&roles).Error
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// 构建分页信息
|
|
pagination := map[string]interface{}{
|
|
"total": total,
|
|
"page": page,
|
|
"page_size": pageSize,
|
|
"total_pages": (total + int64(pageSize) - 1) / int64(pageSize),
|
|
}
|
|
|
|
return roles, pagination, nil
|
|
}
|
|
|
|
// UpdateRole 更新角色
|
|
func (s *RoleService) UpdateRole(id uint, updates map[string]interface{}) error {
|
|
return s.db.Model(&model.Role{}).Where("id = ?", id).Updates(updates).Error
|
|
}
|
|
|
|
// DeleteRole 删除角色
|
|
func (s *RoleService) DeleteRole(id uint) error {
|
|
// 检查是否有用户使用该角色
|
|
var count int64
|
|
s.db.Model(&model.UserRole{}).Where("role_id = ?", id).Count(&count)
|
|
if count > 0 {
|
|
return errors.New("该角色正在被用户使用,无法删除")
|
|
}
|
|
|
|
// 删除角色权限关联
|
|
s.db.Where("role_id = ?", id).Delete(&model.RolePermission{})
|
|
|
|
// 删除角色
|
|
return s.db.Delete(&model.Role{}, id).Error
|
|
}
|
|
|
|
// AssignPermissionsToRole 为角色分配权限
|
|
func (s *RoleService) AssignPermissionsToRole(roleID uint, permissionIDs []uint) error {
|
|
// 删除原有权限
|
|
s.db.Where("role_id = ?", roleID).Delete(&model.RolePermission{})
|
|
|
|
// 添加新权限
|
|
for _, permissionID := range permissionIDs {
|
|
rolePermission := &model.RolePermission{
|
|
RoleID: roleID,
|
|
PermissionID: permissionID,
|
|
CreatedAt: time.Now(),
|
|
UpdatedAt: time.Now(),
|
|
}
|
|
if err := s.db.Create(rolePermission).Error; err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// AssignRolesToUser 为用户分配角色
|
|
func (s *RoleService) AssignRolesToUser(userID uint, roleIDs []uint) error {
|
|
// 删除原有角色
|
|
s.db.Where("user_id = ?", userID).Delete(&model.UserRole{})
|
|
|
|
// 添加新角色
|
|
for _, roleID := range roleIDs {
|
|
userRole := &model.UserRole{
|
|
UserID: userID,
|
|
RoleID: roleID,
|
|
CreatedAt: time.Now(),
|
|
UpdatedAt: time.Now(),
|
|
}
|
|
if err := s.db.Create(userRole).Error; err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// GetUserRoles 获取用户角色
|
|
func (s *RoleService) GetUserRoles(userID uint) ([]model.Role, error) {
|
|
var roles []model.Role
|
|
err := s.db.Table("ai_roles").
|
|
Joins("JOIN ai_user_roles ON ai_roles.id = ai_user_roles.role_id").
|
|
Where("ai_user_roles.user_id = ?", userID).
|
|
Find(&roles).Error
|
|
return roles, err
|
|
}
|
|
|
|
// GetUserPermissions 获取用户权限
|
|
func (s *RoleService) GetUserPermissions(userID uint) ([]model.Permission, error) {
|
|
var permissions []model.Permission
|
|
err := s.db.Table("ai_permissions").
|
|
Joins("JOIN ai_role_permissions ON ai_permissions.id = ai_role_permissions.permission_id").
|
|
Joins("JOIN ai_user_roles ON ai_role_permissions.role_id = ai_user_roles.role_id").
|
|
Where("ai_user_roles.user_id = ?", userID).
|
|
Distinct().
|
|
Find(&permissions).Error
|
|
return permissions, err
|
|
}
|
|
|
|
// CheckUserPermission 检查用户权限
|
|
func (s *RoleService) CheckUserPermission(userID uint, module, action string) (bool, error) {
|
|
var count int64
|
|
err := s.db.Table("ai_permissions").
|
|
Joins("JOIN ai_role_permissions ON ai_permissions.id = ai_role_permissions.permission_id").
|
|
Joins("JOIN ai_user_roles ON ai_role_permissions.role_id = ai_user_roles.role_id").
|
|
Where("ai_user_roles.user_id = ? AND ai_permissions.module = ? AND ai_permissions.action = ? AND ai_permissions.status = 1",
|
|
userID, module, action).
|
|
Count(&count).Error
|
|
|
|
return count > 0, err
|
|
}
|
|
|
|
// CreatePermission 创建权限
|
|
func (s *RoleService) CreatePermission(permission *model.Permission) error {
|
|
return s.db.Create(permission).Error
|
|
}
|
|
|
|
// GetPermissionList 获取权限列表
|
|
func (s *RoleService) GetPermissionList(page, pageSize int, conditions map[string]interface{}) ([]model.Permission, map[string]interface{}, error) {
|
|
var permissions []model.Permission
|
|
var total int64
|
|
|
|
query := s.db.Model(&model.Permission{})
|
|
|
|
// 应用查询条件
|
|
if keyword, ok := conditions["keyword"]; ok && keyword != "" {
|
|
query = query.Where("name LIKE ? OR display_name LIKE ?",
|
|
"%"+keyword.(string)+"%", "%"+keyword.(string)+"%")
|
|
}
|
|
|
|
if module, ok := conditions["module"]; ok && module != "" {
|
|
query = query.Where("module = ?", module)
|
|
}
|
|
|
|
if status, ok := conditions["status"]; ok && status != "" {
|
|
query = query.Where("status = ?", status)
|
|
}
|
|
|
|
// 获取总数
|
|
err := query.Count(&total).Error
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// 分页查询
|
|
offset := (page - 1) * pageSize
|
|
err = query.Offset(offset).Limit(pageSize).Order("module ASC, action ASC").Find(&permissions).Error
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// 构建分页信息
|
|
pagination := map[string]interface{}{
|
|
"total": total,
|
|
"page": page,
|
|
"page_size": pageSize,
|
|
"total_pages": (total + int64(pageSize) - 1) / int64(pageSize),
|
|
}
|
|
|
|
return permissions, pagination, nil
|
|
}
|
|
|
|
// UpdatePermission 更新权限
|
|
func (s *RoleService) UpdatePermission(id uint, updates map[string]interface{}) error {
|
|
return s.db.Model(&model.Permission{}).Where("id = ?", id).Updates(updates).Error
|
|
}
|
|
|
|
// DeletePermission 删除权限
|
|
func (s *RoleService) DeletePermission(id uint) error {
|
|
// 检查是否有角色使用该权限
|
|
var count int64
|
|
s.db.Model(&model.RolePermission{}).Where("permission_id = ?", id).Count(&count)
|
|
if count > 0 {
|
|
return errors.New("该权限正在被角色使用,无法删除")
|
|
}
|
|
|
|
return s.db.Delete(&model.Permission{}, id).Error
|
|
}
|
|
|
|
// InitDefaultRolesAndPermissions 初始化默认角色和权限
|
|
func (s *RoleService) InitDefaultRolesAndPermissions() error {
|
|
// 创建默认权限
|
|
permissions := []model.Permission{
|
|
// 用户管理权限
|
|
{Name: "user.create", DisplayName: "创建用户", Module: "user", Action: "create", Status: 1},
|
|
{Name: "user.read", DisplayName: "查看用户", Module: "user", Action: "read", Status: 1},
|
|
{Name: "user.update", DisplayName: "更新用户", Module: "user", Action: "update", Status: 1},
|
|
{Name: "user.delete", DisplayName: "删除用户", Module: "user", Action: "delete", Status: 1},
|
|
|
|
// 商品管理权限
|
|
{Name: "product.create", DisplayName: "创建商品", Module: "product", Action: "create", Status: 1},
|
|
{Name: "product.read", DisplayName: "查看商品", Module: "product", Action: "read", Status: 1},
|
|
{Name: "product.update", DisplayName: "更新商品", Module: "product", Action: "update", Status: 1},
|
|
{Name: "product.delete", DisplayName: "删除商品", Module: "product", Action: "delete", Status: 1},
|
|
|
|
// 订单管理权限
|
|
{Name: "order.create", DisplayName: "创建订单", Module: "order", Action: "create", Status: 1},
|
|
{Name: "order.read", DisplayName: "查看订单", Module: "order", Action: "read", Status: 1},
|
|
{Name: "order.update", DisplayName: "更新订单", Module: "order", Action: "update", Status: 1},
|
|
{Name: "order.delete", DisplayName: "删除订单", Module: "order", Action: "delete", Status: 1},
|
|
|
|
// 系统管理权限
|
|
{Name: "system.config", DisplayName: "系统配置", Module: "system", Action: "config", Status: 1},
|
|
{Name: "system.log", DisplayName: "系统日志", Module: "system", Action: "log", Status: 1},
|
|
}
|
|
|
|
for _, permission := range permissions {
|
|
var existingPermission model.Permission
|
|
if err := s.db.Where("name = ?", permission.Name).First(&existingPermission).Error; err != nil {
|
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
|
s.db.Create(&permission)
|
|
}
|
|
}
|
|
}
|
|
|
|
// 创建默认角色
|
|
roles := []model.Role{
|
|
{Name: "admin", DisplayName: "超级管理员", Description: "拥有所有权限", Status: 1},
|
|
{Name: "manager", DisplayName: "管理员", Description: "拥有大部分管理权限", Status: 1},
|
|
{Name: "user", DisplayName: "普通用户", Description: "基础用户权限", Status: 1},
|
|
}
|
|
|
|
for _, role := range roles {
|
|
var existingRole model.Role
|
|
if err := s.db.Where("name = ?", role.Name).First(&existingRole).Error; err != nil {
|
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
|
s.db.Create(&role)
|
|
}
|
|
}
|
|
}
|
|
|
|
return nil
|
|
} |