|
|
@@ -0,0 +1,726 @@
|
|
|
+package service
|
|
|
+
|
|
|
+import (
|
|
|
+ "context"
|
|
|
+ "errors"
|
|
|
+ "fmt"
|
|
|
+ "log"
|
|
|
+ "strings"
|
|
|
+ "sync"
|
|
|
+ "time"
|
|
|
+
|
|
|
+ "github.com/mhaya/game/game_cluster/internal/mdb"
|
|
|
+ "github.com/mhaya/game/game_cluster/internal/mdb/models"
|
|
|
+ "github.com/mhaya/game/game_cluster/nodes/webadmin/entity"
|
|
|
+ "github.com/mhaya/game/game_cluster/nodes/webadmin/model"
|
|
|
+ "go.mongodb.org/mongo-driver/bson"
|
|
|
+ "go.mongodb.org/mongo-driver/bson/primitive"
|
|
|
+ "go.mongodb.org/mongo-driver/mongo"
|
|
|
+ "go.mongodb.org/mongo-driver/mongo/options"
|
|
|
+)
|
|
|
+
|
|
|
+type Role struct {
|
|
|
+}
|
|
|
+
|
|
|
+func NewRole() *Role {
|
|
|
+ return &Role{}
|
|
|
+}
|
|
|
+
|
|
|
+// List 角色列表
|
|
|
+func (r *Role) List(ctx context.Context, req entity.RoleListReq) ([]entity.RoleResp, error) {
|
|
|
+ roles := models.Roles{}
|
|
|
+ rolesCollection := mdb.MDB.Collection(roles.TableName())
|
|
|
+
|
|
|
+ // 构建过滤器
|
|
|
+ filter := bson.M{}
|
|
|
+ if req.Name != "" {
|
|
|
+ filter["name"] = req.Name
|
|
|
+ }
|
|
|
+ if req.Status > 0 {
|
|
|
+ filter["status"] = req.Status
|
|
|
+ }
|
|
|
+
|
|
|
+ // 数据验证
|
|
|
+ if req.Page <= 0 || req.Size <= 0 {
|
|
|
+ return nil, fmt.Errorf("invalid page or size")
|
|
|
+ }
|
|
|
+
|
|
|
+ // 设置分页选项
|
|
|
+ findOptions := options.Find().SetSkip(int64((req.Page - 1) * req.Size)).SetLimit(int64(req.Size))
|
|
|
+
|
|
|
+ // 防御性编程
|
|
|
+ tableName := roles.TableName()
|
|
|
+ if tableName == "" {
|
|
|
+ return nil, fmt.Errorf("invalid table name")
|
|
|
+ }
|
|
|
+
|
|
|
+ cursor, err := rolesCollection.Find(ctx, filter, findOptions)
|
|
|
+ if err != nil {
|
|
|
+ log.Printf("Failed to execute query: %v", err)
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ defer func() {
|
|
|
+ if err := cursor.Close(ctx); err != nil {
|
|
|
+ log.Printf("Failed to close cursor: %v", err)
|
|
|
+ }
|
|
|
+ }()
|
|
|
+
|
|
|
+ var result []entity.RoleResp
|
|
|
+ for cursor.Next(ctx) {
|
|
|
+ var role entity.RoleResp
|
|
|
+ if err := cursor.Decode(&role); err != nil {
|
|
|
+ log.Printf("Failed to decode document: %v", err)
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ result = append(result, role)
|
|
|
+ }
|
|
|
+
|
|
|
+ if err := cursor.Err(); err != nil {
|
|
|
+ log.Printf("Cursor error: %v", err)
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+
|
|
|
+ return result, nil
|
|
|
+}
|
|
|
+
|
|
|
+// Add 新增角色
|
|
|
+func (r *Role) Add(ctx context.Context, req entity.RoleAddReq) error {
|
|
|
+ // 验证角色名称是否已存在
|
|
|
+ if r.checkRoleNameExist(req.Name) == false {
|
|
|
+ return fmt.Errorf("角色名称已存在")
|
|
|
+ }
|
|
|
+ // 检查上下文是否有效
|
|
|
+ if ctx.Err() != nil {
|
|
|
+ return ctx.Err()
|
|
|
+ }
|
|
|
+ // 插入新角色记录
|
|
|
+ roles := models.Roles{}
|
|
|
+ insertData := bson.M{}
|
|
|
+ insertData["name"] = req.Name
|
|
|
+ insertData["desc"] = req.Desc
|
|
|
+ insertData["status"] = req.Status
|
|
|
+ insertData["created_at"] = time.Now().Unix()
|
|
|
+ // 确保 Collection 方法不会返回错误
|
|
|
+ collection := mdb.MDB.Collection(roles.TableName())
|
|
|
+ _, insertErr := collection.InsertOne(ctx, req)
|
|
|
+ if insertErr != nil {
|
|
|
+ log.Printf("Failed to insert role: %s", insertErr)
|
|
|
+ return insertErr
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
|
|
+
|
|
|
+// Update 修改角色
|
|
|
+func (r *Role) Update(ctx context.Context, req entity.RoleUpdateReq) error {
|
|
|
+ // 更新条件
|
|
|
+ objID, err := primitive.ObjectIDFromHex(req.Id)
|
|
|
+ if err != nil {
|
|
|
+ return fmt.Errorf("invalid ObjectID: %v", err)
|
|
|
+ }
|
|
|
+ updateCondition := bson.M{"_id": objID}
|
|
|
+ // 更新内容
|
|
|
+ updateContent := bson.M{
|
|
|
+ "$set": bson.M{
|
|
|
+ "name": req.Name,
|
|
|
+ "desc": req.Desc,
|
|
|
+ "status": req.Status,
|
|
|
+ },
|
|
|
+ }
|
|
|
+ // 设置更新选项
|
|
|
+ roles := models.Roles{}
|
|
|
+ collection := mdb.MDB.Collection(roles.TableName())
|
|
|
+ updateOptions := options.Update().SetUpsert(true) // 设置 upsert 选项
|
|
|
+ // 执行更新操作
|
|
|
+ _, err = collection.UpdateOne(context.TODO(), updateCondition, updateContent, updateOptions)
|
|
|
+ if err != nil {
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
|
|
+
|
|
|
+// checkRoleNameExist 检查角色名称是否已存在
|
|
|
+func (r *Role) checkRoleNameExist(name string) bool {
|
|
|
+ // 创建带超时的上下文
|
|
|
+ ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
|
|
+ defer cancel()
|
|
|
+ roles := models.Roles{}
|
|
|
+ collection := mdb.MDB.Collection(roles.TableName())
|
|
|
+
|
|
|
+ // 构建过滤器
|
|
|
+ filter := bson.M{"name": name}
|
|
|
+
|
|
|
+ // 执行查询
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ log.Printf("No document found with role name: %s", name)
|
|
|
+ return true
|
|
|
+ }
|
|
|
+ return false
|
|
|
+ }
|
|
|
+ return false
|
|
|
+}
|
|
|
+
|
|
|
+// Del 删除角色
|
|
|
+func (r *Role) Del(ctx context.Context, req entity.RoleDelReq) error {
|
|
|
+ // 创建带超时的上下文
|
|
|
+ ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
|
|
+ defer cancel()
|
|
|
+ roles := models.Roles{}
|
|
|
+ collection := mdb.MDB.Collection(roles.TableName())
|
|
|
+ id, _ := primitive.ObjectIDFromHex(req.Id)
|
|
|
+ _, err := collection.DeleteOne(ctx, bson.M{"id": id})
|
|
|
+ return err
|
|
|
+}
|
|
|
+
|
|
|
+// AddRoleAccess 添加角色权限
|
|
|
+func (r *Role) AddRoleAccess(ctx context.Context, req entity.RoleAccessAddReq) error {
|
|
|
+ // 检查上下文是否有效
|
|
|
+ if ctx.Err() != nil {
|
|
|
+ return ctx.Err()
|
|
|
+ }
|
|
|
+ // 检查角色是否存在
|
|
|
+ roles := models.Roles{}
|
|
|
+ collection := mdb.MDB.Collection(roles.TableName())
|
|
|
+ roleIDobj, _ := primitive.ObjectIDFromHex(req.RoleId)
|
|
|
+ if err := collection.FindOne(ctx, bson.M{"_id": roleIDobj}).Err(); err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ return fmt.Errorf("角色不存在")
|
|
|
+ }
|
|
|
+ }
|
|
|
+ // 检查权限是否存在 ->具体的权限规则表-存放路由、菜单等
|
|
|
+ access := models.Access{}
|
|
|
+ collection = mdb.MDB.Collection(access.TableName())
|
|
|
+ var accessIDS []primitive.ObjectID
|
|
|
+ for _, v := range req.AccessId {
|
|
|
+ accessIDobj, _ := primitive.ObjectIDFromHex(v)
|
|
|
+ accessIDS = append(accessIDS, accessIDobj)
|
|
|
+ }
|
|
|
+ filter := bson.M{"_id": bson.M{"$in": accessIDS}} // 数组查询
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ return fmt.Errorf("权限不存在")
|
|
|
+ }
|
|
|
+ }
|
|
|
+ // 插入新角色权限记录
|
|
|
+ roleAccess := models.RoleAccess{}
|
|
|
+ // 确保 Collection 方法不会返回错误
|
|
|
+ collection = mdb.MDB.Collection(roleAccess.TableName())
|
|
|
+ _, insertErr := collection.UpdateOne(ctx, bson.M{"role_id": req.RoleId}, bson.M{"$addToSet": bson.M{"access_id": bson.M{"$each": req.AccessId}}}, options.Update().SetUpsert(true))
|
|
|
+ if insertErr != nil {
|
|
|
+ log.Printf("Failed to insert role: %s", insertErr)
|
|
|
+ return insertErr
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
|
|
+
|
|
|
+// UpdateRoleAccess 修改角色权限
|
|
|
+func (r *Role) UpdateRoleAccess(ctx context.Context, req entity.RoleAccessUpdateReq) error {
|
|
|
+ // 验证请求数据的有效性
|
|
|
+ if err := validateConcurrently(ctx, req); err != nil {
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ // 更新角色权限
|
|
|
+ if err := r.updateAccessInDatabase(ctx, req); err != nil {
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ // 返回成功
|
|
|
+ return nil
|
|
|
+}
|
|
|
+
|
|
|
+// DelRoleAccess 根据角色ID删除角色权限
|
|
|
+func (r *Role) DelRoleAccess(ctx context.Context, req entity.RoleAccessDelReq) error {
|
|
|
+ roleAccess := models.RoleAccess{}
|
|
|
+ collection := mdb.MDB.Collection(roleAccess.TableName())
|
|
|
+ filter := bson.M{"role_id": req.RoleId}
|
|
|
+ _, err := collection.DeleteOne(ctx, filter)
|
|
|
+ if err != nil {
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
|
|
+
|
|
|
+// GetRoleAccessList 获取角色权限列表根据角色ID
|
|
|
+func (r *Role) GetRoleAccessList(ctx context.Context, req entity.RoleAccessListReq) ([]*entity.AccessResp, error) {
|
|
|
+ // 查询角色权限列表
|
|
|
+ roleAccess := models.RoleAccess{}
|
|
|
+ collection := mdb.MDB.Collection(roleAccess.TableName())
|
|
|
+ filter := bson.M{"role_id": req.RoleId} // 数组查询
|
|
|
+ cursor, err := collection.Find(ctx, filter)
|
|
|
+ defer cursor.Close(ctx)
|
|
|
+ if err != nil {
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ var accessIDS []string
|
|
|
+ for cursor.Next(ctx) {
|
|
|
+ var roleAccess models.RoleAccess
|
|
|
+ if err := cursor.Decode(&roleAccess); err != nil {
|
|
|
+ log.Printf("Failed to decode document: %v", err)
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ accessIDS = append(accessIDS, roleAccess.AccessID...)
|
|
|
+ }
|
|
|
+
|
|
|
+ // 判断accessIDS是否为空
|
|
|
+ if len(accessIDS) == 0 {
|
|
|
+ return nil, nil
|
|
|
+ }
|
|
|
+
|
|
|
+ // 根据accessIDS查询权限列表 并且按照下级关系组合
|
|
|
+ access := models.Access{}
|
|
|
+ collection = mdb.MDB.Collection(access.TableName())
|
|
|
+ accessFilter := bson.M{"id": bson.M{"$in": accessIDS}}
|
|
|
+ cursor, err = collection.Find(ctx, accessFilter)
|
|
|
+ defer cursor.Close(ctx)
|
|
|
+ if err != nil {
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ var accessList []*entity.AccessResp
|
|
|
+ for cursor.Next(ctx) {
|
|
|
+ var accesss *models.Access
|
|
|
+ if err := cursor.Decode(&accesss); err != nil {
|
|
|
+ log.Printf("Failed to decode document: %v", err)
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ accessList = append(accessList, &entity.AccessResp{
|
|
|
+ ID: accesss.ID,
|
|
|
+ ActionName: accesss.ActionName,
|
|
|
+ ModuleName: accesss.ModuleName,
|
|
|
+ Description: accesss.Description,
|
|
|
+ URL: accesss.URL,
|
|
|
+ ParentId: accesss.ParentId,
|
|
|
+ Sort: accesss.Sort,
|
|
|
+ Type: accesss.Type,
|
|
|
+ Status: accesss.Status,
|
|
|
+ })
|
|
|
+ }
|
|
|
+ // 格式化数据并且按照下级关系组合
|
|
|
+ return formatAccessData(accessList), nil
|
|
|
+}
|
|
|
+
|
|
|
+// formatAccessData formats and organizes access data into a hierarchical structure
|
|
|
+func formatAccessData(accessData []*entity.AccessResp) []*entity.AccessResp {
|
|
|
+ nodeMap := make(map[interface{}]*entity.AccessResp)
|
|
|
+ var rootNodes []*entity.AccessResp
|
|
|
+ for i := range accessData {
|
|
|
+ node := accessData[i]
|
|
|
+ nodeMap[node.ID] = node
|
|
|
+ }
|
|
|
+ for i := range accessData {
|
|
|
+ node := accessData[i]
|
|
|
+ if node.ParentId == "0" {
|
|
|
+ rootNodes = append(rootNodes, node)
|
|
|
+ } else {
|
|
|
+ if parentNode, exists := nodeMap[node.ParentId]; exists {
|
|
|
+ parentNode.AccessItem = append(parentNode.AccessItem, node)
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ return rootNodes
|
|
|
+}
|
|
|
+
|
|
|
+// AddAccess 添加权限路由
|
|
|
+func (r *Role) AddAccess(ctx context.Context, req entity.AccessAddReq) error {
|
|
|
+ // 检查上下文是否有效
|
|
|
+ if ctx.Err() != nil {
|
|
|
+ return ctx.Err()
|
|
|
+ }
|
|
|
+ access := models.Access{}
|
|
|
+ collection := mdb.MDB.Collection(access.TableName())
|
|
|
+ // 判断是否有相同的数据
|
|
|
+ filter := bson.M{"path": req.URL}
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err == nil {
|
|
|
+ return fmt.Errorf("权限已存在")
|
|
|
+ }
|
|
|
+ // 插入新角色权限记录
|
|
|
+ _, err := collection.InsertOne(ctx, req)
|
|
|
+ return err
|
|
|
+}
|
|
|
+
|
|
|
+// DelAccess 删除权限路由
|
|
|
+func (r *Role) DelAccess(ctx context.Context, req entity.AccessDelReq) error {
|
|
|
+ access := models.Access{}
|
|
|
+ collection := mdb.MDB.Collection(access.TableName())
|
|
|
+ // 判断是否有角色使用了该权限路由
|
|
|
+ roleAccess := models.RoleAccess{}
|
|
|
+ collection = mdb.MDB.Collection(roleAccess.TableName())
|
|
|
+ filter := bson.M{"access_id": bson.M{"$in": req.Id}} // 数组查询
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err == nil {
|
|
|
+ return fmt.Errorf("权限已被角色使用,无法删除")
|
|
|
+ }
|
|
|
+ _, err := collection.DeleteOne(ctx, bson.M{"id": req.Id})
|
|
|
+ return err
|
|
|
+}
|
|
|
+
|
|
|
+// UpdateAccess 修改权限路由
|
|
|
+func (r *Role) UpdateAccess(ctx context.Context, req entity.AccessUpdateReq) error {
|
|
|
+ access := models.Access{}
|
|
|
+ collection := mdb.MDB.Collection(access.TableName())
|
|
|
+ // update
|
|
|
+ var updateFields = bson.M{
|
|
|
+ "module_name": req.ModuleName,
|
|
|
+ "action_name": req.ActionName,
|
|
|
+ "url": req.URL,
|
|
|
+ "type": req.Type,
|
|
|
+ "description": req.Description,
|
|
|
+ "sort": req.Sort,
|
|
|
+ "status": req.Status}
|
|
|
+ // 去掉为空的字段
|
|
|
+ for k, v := range updateFields {
|
|
|
+ switch v.(type) {
|
|
|
+ case string:
|
|
|
+ if v == "" {
|
|
|
+ delete(updateFields, k)
|
|
|
+ }
|
|
|
+ case int:
|
|
|
+ if v == 0 {
|
|
|
+ delete(updateFields, k)
|
|
|
+ }
|
|
|
+ default:
|
|
|
+ continue
|
|
|
+ }
|
|
|
+ }
|
|
|
+ // 检查是否有需要更新的字段
|
|
|
+ if len(updateFields) == 0 {
|
|
|
+ return errors.New("no fields to update")
|
|
|
+ }
|
|
|
+ // 确保 req.Id 是一个有效的 ObjectID
|
|
|
+ objID, err := primitive.ObjectIDFromHex(req.Id)
|
|
|
+ if err != nil {
|
|
|
+ return fmt.Errorf("invalid ObjectID: %v", err)
|
|
|
+ }
|
|
|
+
|
|
|
+ _, err = collection.UpdateByID(ctx, objID, bson.M{"$set": updateFields})
|
|
|
+ if err != nil {
|
|
|
+ return fmt.Errorf("update failed: %v", err)
|
|
|
+ }
|
|
|
+ return err
|
|
|
+}
|
|
|
+
|
|
|
+// ListAccess listAccessa
|
|
|
+func (r *Role) ListAccess(ctx context.Context, req entity.AccessListReq) ([]*entity.AccessResp, error) {
|
|
|
+ access := models.Access{}
|
|
|
+ collection := mdb.MDB.Collection(access.TableName())
|
|
|
+ filter := bson.M{}
|
|
|
+ if req.ActionName != "" {
|
|
|
+ filter["action_name"] = req.ActionName
|
|
|
+ }
|
|
|
+ if req.ModuleName != "" {
|
|
|
+ filter["module_name"] = req.ModuleName
|
|
|
+ }
|
|
|
+ if req.Status != 0 {
|
|
|
+ filter["status"] = req.Status
|
|
|
+ }
|
|
|
+ if req.Type != 0 {
|
|
|
+ filter["type"] = req.Type
|
|
|
+ }
|
|
|
+ if req.ParentId != "" {
|
|
|
+ filter["parent_id"] = req.ParentId
|
|
|
+ }
|
|
|
+ if req.URL != "" {
|
|
|
+ filter["url"] = req.URL
|
|
|
+ }
|
|
|
+ // 数据验证
|
|
|
+ if req.Page <= 0 || req.Size <= 0 {
|
|
|
+ return nil, fmt.Errorf("invalid page or size")
|
|
|
+ }
|
|
|
+ // 设置分页选项
|
|
|
+ findOptions := options.Find().SetSkip(int64((req.Page - 1) * req.Size)).SetLimit(int64(req.Size))
|
|
|
+ cursor, err := collection.Find(ctx, filter, findOptions)
|
|
|
+ defer cursor.Close(ctx)
|
|
|
+ if err != nil {
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ var accessList []*entity.AccessResp
|
|
|
+ for cursor.Next(ctx) {
|
|
|
+ var accesss *models.Access
|
|
|
+ if err := cursor.Decode(&accesss); err != nil {
|
|
|
+ log.Printf("Failed to decode document: %v", err)
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ accessList = append(accessList, &entity.AccessResp{
|
|
|
+ ID: accesss.ID,
|
|
|
+ ActionName: accesss.ActionName,
|
|
|
+ ModuleName: accesss.ModuleName,
|
|
|
+ Description: accesss.Description,
|
|
|
+ URL: accesss.URL,
|
|
|
+ ParentId: accesss.ParentId,
|
|
|
+ Sort: accesss.Sort,
|
|
|
+ Type: accesss.Type,
|
|
|
+ Status: accesss.Status,
|
|
|
+ })
|
|
|
+ }
|
|
|
+ // 格式化数据并且按照下级关系组合
|
|
|
+ return formatAccessData(accessList), nil
|
|
|
+}
|
|
|
+
|
|
|
+// updateAccessInDatabase 在数据库中更新角色权限
|
|
|
+func (r *Role) updateAccessInDatabase(ctx context.Context, req entity.RoleAccessUpdateReq) error {
|
|
|
+ // 例如更新角色权限表中的记录
|
|
|
+ roleAccess := models.RoleAccess{}
|
|
|
+ collection := mdb.MDB.Collection(roleAccess.TableName())
|
|
|
+ filter := bson.M{"role_id": req.RoleId}
|
|
|
+ update := bson.M{"$set": bson.M{"access_id": req.AccessId}}
|
|
|
+ _, err := collection.UpdateOne(ctx, filter, update)
|
|
|
+ if err != nil {
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ return nil // 假设更新成功,实际应根据业务逻辑处理
|
|
|
+}
|
|
|
+
|
|
|
+// AdminBindRole 绑定角色
|
|
|
+func (r *Role) AdminBindRole(ctx context.Context, req *entity.AdminBindRoleReq) error {
|
|
|
+ // 例如更新角色权限表中的记录
|
|
|
+ role := models.Roles{}
|
|
|
+ collection := mdb.MDB.Collection(role.TableName())
|
|
|
+ roleId, _ := primitive.ObjectIDFromHex(req.RoleId)
|
|
|
+ filter := bson.M{"_id": roleId, "status": 1}
|
|
|
+ // 判断你是否存在
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err != nil {
|
|
|
+ return fmt.Errorf("角色不存在,或者已经被禁用")
|
|
|
+ }
|
|
|
+ // 判断管理员是否存在
|
|
|
+ admin := model.Admin{}
|
|
|
+ collection = mdb.MDB.Collection(admin.TableName())
|
|
|
+ objID, _ := primitive.ObjectIDFromHex(req.AdminId)
|
|
|
+ filter = bson.M{"_id": objID, "status": 1}
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err != nil {
|
|
|
+ return fmt.Errorf("管理员不存在 或者 已经被禁用")
|
|
|
+ }
|
|
|
+ // 更新管理员数据
|
|
|
+ _, err := collection.UpdateByID(ctx, objID, bson.M{"$set": bson.M{"role_id": req.RoleId}})
|
|
|
+ if err != nil {
|
|
|
+ return fmt.Errorf("更新管理员失败")
|
|
|
+ }
|
|
|
+ return nil // 假设更新成功,实际应根据业务逻辑处理
|
|
|
+}
|
|
|
+
|
|
|
+// AdminUnBindRole 取消绑定角色
|
|
|
+func (r *Role) AdminUnBindRole(ctx context.Context, req *entity.AdminBindRoleReq) error {
|
|
|
+ // 例如更新角色权限表中的记录
|
|
|
+ admin := model.Admin{}
|
|
|
+ collection := mdb.MDB.Collection(admin.TableName())
|
|
|
+ objID, _ := primitive.ObjectIDFromHex(req.AdminId)
|
|
|
+ filter := bson.M{"_id": objID}
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err != nil {
|
|
|
+ return fmt.Errorf("管理员不存在")
|
|
|
+ }
|
|
|
+ // 更新管理员数据
|
|
|
+ _, err := collection.UpdateByID(ctx, objID, bson.M{"$set": bson.M{"role_id": ""}})
|
|
|
+ if err != nil {
|
|
|
+ return fmt.Errorf("更新管理员失败")
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
|
|
+
|
|
|
+// GetAdminRole GetAdminBindRole 根据角色id 获取Access
|
|
|
+func getAdmin(ctx context.Context, id string) (*model.Admin, error) {
|
|
|
+ objID, err := primitive.ObjectIDFromHex(id)
|
|
|
+ if err != nil {
|
|
|
+ return nil, fmt.Errorf("解析管理员ID失败: %v", err)
|
|
|
+ }
|
|
|
+
|
|
|
+ admin := model.Admin{}
|
|
|
+ adminCollection := mdb.MDB.Collection(admin.TableName())
|
|
|
+ adminFilter := bson.M{"_id": objID}
|
|
|
+ err = adminCollection.FindOne(ctx, adminFilter).Decode(&admin)
|
|
|
+ if err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ return nil, fmt.Errorf("找不到管理员")
|
|
|
+ }
|
|
|
+ return nil, fmt.Errorf("查询管理员失败: %v", err)
|
|
|
+ }
|
|
|
+ return &admin, nil
|
|
|
+}
|
|
|
+
|
|
|
+func getRole(ctx context.Context, id string) (*models.Roles, error) {
|
|
|
+ objID, err := primitive.ObjectIDFromHex(id)
|
|
|
+ if err != nil {
|
|
|
+ return nil, fmt.Errorf("解析角色ID失败: %v", err)
|
|
|
+ }
|
|
|
+
|
|
|
+ role := models.Roles{}
|
|
|
+ roleCollection := mdb.MDB.Collection(role.TableName())
|
|
|
+ roleFilter := bson.M{"_id": objID}
|
|
|
+ err = roleCollection.FindOne(ctx, roleFilter).Decode(&role)
|
|
|
+ if err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ return nil, fmt.Errorf("找不到角色")
|
|
|
+ }
|
|
|
+ return nil, fmt.Errorf("查询角色失败: %v", err)
|
|
|
+ }
|
|
|
+ return &role, nil
|
|
|
+}
|
|
|
+
|
|
|
+func getRoleAccess(ctx context.Context, roleId string) (*models.RoleAccess, error) {
|
|
|
+ roleAccess := models.RoleAccess{}
|
|
|
+ roleAccessCollection := mdb.MDB.Collection(roleAccess.TableName())
|
|
|
+ roleAccessFilter := bson.M{"role_id": roleId}
|
|
|
+ err := roleAccessCollection.FindOne(ctx, roleAccessFilter).Decode(&roleAccess)
|
|
|
+ if err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ return nil, fmt.Errorf("找不到角色权限")
|
|
|
+ }
|
|
|
+ return nil, fmt.Errorf("查询角色权限失败: %v", err)
|
|
|
+ }
|
|
|
+ return &roleAccess, nil
|
|
|
+}
|
|
|
+
|
|
|
+func (r *Role) GetAdminRole(ctx context.Context, req *entity.AdminBindRoleReq) (*entity.AdminBindRoleResp, error) {
|
|
|
+ admin, err := getAdmin(ctx, req.AdminId)
|
|
|
+ if err != nil {
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+
|
|
|
+ role, err := getRole(ctx, req.RoleId)
|
|
|
+ if err != nil {
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+
|
|
|
+ roleAccess, err := getRoleAccess(ctx, req.RoleId)
|
|
|
+ if err != nil {
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+
|
|
|
+ var AccessIds []primitive.ObjectID
|
|
|
+ var invalidAccessIds []string
|
|
|
+ for _, v := range roleAccess.AccessID {
|
|
|
+ objId, err := primitive.ObjectIDFromHex(v)
|
|
|
+ if err != nil {
|
|
|
+ invalidAccessIds = append(invalidAccessIds, v)
|
|
|
+ continue
|
|
|
+ }
|
|
|
+ AccessIds = append(AccessIds, objId)
|
|
|
+ }
|
|
|
+
|
|
|
+ if len(AccessIds) == 0 {
|
|
|
+ if len(invalidAccessIds) > 0 {
|
|
|
+ return nil, fmt.Errorf("无效的权限ID: %v", strings.Join(invalidAccessIds, ", "))
|
|
|
+ }
|
|
|
+ return nil, fmt.Errorf("没有权限")
|
|
|
+ }
|
|
|
+
|
|
|
+ access := models.Access{}
|
|
|
+ collection := mdb.MDB.Collection(access.TableName())
|
|
|
+ filter := bson.M{}
|
|
|
+ filter["_id"] = bson.M{"$in": AccessIds}
|
|
|
+ cursor, err := collection.Find(ctx, filter)
|
|
|
+ defer cursor.Close(ctx)
|
|
|
+ if err != nil {
|
|
|
+ return nil, fmt.Errorf("查询权限失败: %v", err)
|
|
|
+ }
|
|
|
+
|
|
|
+ var accessList []*entity.AccessResp
|
|
|
+ for cursor.Next(ctx) {
|
|
|
+ var accesss *models.Access
|
|
|
+ if err := cursor.Decode(&accesss); err != nil {
|
|
|
+ log.Printf("Failed to decode document: %v", err)
|
|
|
+ return nil, fmt.Errorf("解码权限失败: %v", err)
|
|
|
+ }
|
|
|
+ accessList = append(accessList, &entity.AccessResp{
|
|
|
+ ID: accesss.ID,
|
|
|
+ ActionName: accesss.ActionName,
|
|
|
+ ModuleName: accesss.ModuleName,
|
|
|
+ Description: accesss.Description,
|
|
|
+ URL: accesss.URL,
|
|
|
+ ParentId: accesss.ParentId,
|
|
|
+ Sort: accesss.Sort,
|
|
|
+ Type: accesss.Type,
|
|
|
+ Status: accesss.Status,
|
|
|
+ })
|
|
|
+ }
|
|
|
+
|
|
|
+ return &entity.AdminBindRoleResp{
|
|
|
+ AdminId: req.AdminId,
|
|
|
+ AdminName: admin.Username,
|
|
|
+ RoleName: role.Name,
|
|
|
+ RoleId: req.RoleId,
|
|
|
+ AccessList: formatAccessData(accessList)},
|
|
|
+ nil
|
|
|
+}
|
|
|
+
|
|
|
+// 使用协程和通道并发执行验证操作
|
|
|
+func validateConcurrently(ctx context.Context, req entity.RoleAccessUpdateReq) error {
|
|
|
+ // 创建通道
|
|
|
+ ch := make(chan error, 3)
|
|
|
+
|
|
|
+ // 并发执行验证操作
|
|
|
+ var wg sync.WaitGroup
|
|
|
+ wg.Add(3)
|
|
|
+ go func() {
|
|
|
+ defer wg.Done()
|
|
|
+ ch <- validateRoleExistence(ctx, req)
|
|
|
+ }()
|
|
|
+ go func() {
|
|
|
+ defer wg.Done()
|
|
|
+ ch <- validateAccessExistence(ctx, req)
|
|
|
+ }()
|
|
|
+ go func() {
|
|
|
+ defer wg.Done()
|
|
|
+ ch <- validateRoleAccessExistence(ctx, req)
|
|
|
+ }()
|
|
|
+
|
|
|
+ // 收集所有验证结果
|
|
|
+ var e []error
|
|
|
+ go func() {
|
|
|
+ defer wg.Wait()
|
|
|
+ for i := 0; i < 3; i++ {
|
|
|
+ if err := <-ch; err != nil {
|
|
|
+ e = append(e, err)
|
|
|
+ }
|
|
|
+ }
|
|
|
+ if len(e) > 0 {
|
|
|
+ ch <- fmt.Errorf("验证失败: %v", e)
|
|
|
+ } else {
|
|
|
+ ch <- nil
|
|
|
+ }
|
|
|
+ }()
|
|
|
+
|
|
|
+ // 等待所有并发任务完成
|
|
|
+ select {
|
|
|
+ case err := <-ch:
|
|
|
+ return err
|
|
|
+ case <-ctx.Done():
|
|
|
+ return ctx.Err()
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+// 验证角色是否存在
|
|
|
+func validateRoleExistence(ctx context.Context, req entity.RoleAccessUpdateReq) error {
|
|
|
+ roles := models.Roles{}
|
|
|
+ collection := mdb.MDB.Collection(roles.TableName())
|
|
|
+ if err := collection.FindOne(ctx, bson.M{"id": req.RoleId}).Err(); err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ return fmt.Errorf("角色不存在")
|
|
|
+ }
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
|
|
+
|
|
|
+// 验证权限是否存在
|
|
|
+func validateAccessExistence(ctx context.Context, req entity.RoleAccessUpdateReq) error {
|
|
|
+ access := models.Access{}
|
|
|
+ collection := mdb.MDB.Collection(access.TableName())
|
|
|
+ filter := bson.M{"id": bson.M{"$in": req.AccessId}} // 数组查询
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ return fmt.Errorf("权限不存在")
|
|
|
+ }
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
|
|
+
|
|
|
+// 验证角色权限是否已存在
|
|
|
+func validateRoleAccessExistence(ctx context.Context, req entity.RoleAccessUpdateReq) error {
|
|
|
+ roleAccess := models.RoleAccess{}
|
|
|
+ collection := mdb.MDB.Collection(roleAccess.TableName())
|
|
|
+ filter := bson.M{"role_id": req.RoleId}
|
|
|
+ if err := collection.FindOne(ctx, filter).Err(); err != nil {
|
|
|
+ if errors.Is(err, mongo.ErrNoDocuments) {
|
|
|
+ return fmt.Errorf("角色权限不存在 不能更新")
|
|
|
+ }
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
userxzz