refactor(account): 统一账号管理API、完善权限检查和操作审计
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m17s
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m17s
- 合并 customer_account 和 shop_account 路由到统一的 account 接口 - 新增统一认证接口 (auth handler) - 实现越权防护中间件和权限检查工具函数 - 新增操作审计日志模型和服务 - 更新数据库迁移 (版本 39: account_operation_log 表) - 补充集成测试覆盖权限检查和审计日志场景
This commit is contained in:
@@ -148,7 +148,7 @@ func (h *AccountHandler) GetRoles(c *fiber.Ctx) error {
|
||||
// RemoveRole 移除账号的角色
|
||||
// DELETE /api/admin/accounts/:account_id/roles/:role_id
|
||||
func (h *AccountHandler) RemoveRole(c *fiber.Ctx) error {
|
||||
accountID, err := strconv.ParseUint(c.Params("account_id"), 10, 64)
|
||||
id, err := strconv.ParseUint(c.Params("id"), 10, 64)
|
||||
if err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "无效的账号 ID")
|
||||
}
|
||||
@@ -158,7 +158,7 @@ func (h *AccountHandler) RemoveRole(c *fiber.Ctx) error {
|
||||
return errors.New(errors.CodeInvalidParam, "无效的角色 ID")
|
||||
}
|
||||
|
||||
if err := h.service.RemoveRole(c.UserContext(), uint(accountID), uint(roleID)); err != nil {
|
||||
if err := h.service.RemoveRole(c.UserContext(), uint(id), uint(roleID)); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -166,7 +166,7 @@ func (h *AccountHandler) RemoveRole(c *fiber.Ctx) error {
|
||||
}
|
||||
|
||||
// UpdatePassword 修改账号密码
|
||||
// PUT /api/admin/platform-accounts/:id/password
|
||||
// PUT /api/admin/accounts/:id/password
|
||||
func (h *AccountHandler) UpdatePassword(c *fiber.Ctx) error {
|
||||
id, err := strconv.ParseUint(c.Params("id"), 10, 64)
|
||||
if err != nil {
|
||||
@@ -186,7 +186,7 @@ func (h *AccountHandler) UpdatePassword(c *fiber.Ctx) error {
|
||||
}
|
||||
|
||||
// UpdateStatus 修改账号状态
|
||||
// PUT /api/admin/platform-accounts/:id/status
|
||||
// PUT /api/admin/accounts/:id/status
|
||||
func (h *AccountHandler) UpdateStatus(c *fiber.Ctx) error {
|
||||
id, err := strconv.ParseUint(c.Params("id"), 10, 64)
|
||||
if err != nil {
|
||||
@@ -205,8 +205,9 @@ func (h *AccountHandler) UpdateStatus(c *fiber.Ctx) error {
|
||||
return response.Success(c, nil)
|
||||
}
|
||||
|
||||
// ListPlatformAccounts 查询平台账号列表
|
||||
// GET /api/admin/platform-accounts
|
||||
// ListPlatformAccounts 查询平台账号列表(兼容旧路由)
|
||||
// 自动筛选 user_type IN (1, 2) 的账号
|
||||
// GET /api/admin/accounts - 查询平台账号列表
|
||||
func (h *AccountHandler) ListPlatformAccounts(c *fiber.Ctx) error {
|
||||
var req dto.PlatformAccountListRequest
|
||||
if err := c.QueryParser(&req); err != nil {
|
||||
|
||||
@@ -1,106 +0,0 @@
|
||||
package admin
|
||||
|
||||
import (
|
||||
"strconv"
|
||||
|
||||
"github.com/gofiber/fiber/v2"
|
||||
|
||||
"github.com/break/junhong_cmp_fiber/internal/model/dto"
|
||||
customerAccountService "github.com/break/junhong_cmp_fiber/internal/service/customer_account"
|
||||
"github.com/break/junhong_cmp_fiber/pkg/errors"
|
||||
"github.com/break/junhong_cmp_fiber/pkg/response"
|
||||
)
|
||||
|
||||
type CustomerAccountHandler struct {
|
||||
service *customerAccountService.Service
|
||||
}
|
||||
|
||||
func NewCustomerAccountHandler(service *customerAccountService.Service) *CustomerAccountHandler {
|
||||
return &CustomerAccountHandler{service: service}
|
||||
}
|
||||
|
||||
func (h *CustomerAccountHandler) List(c *fiber.Ctx) error {
|
||||
var req dto.CustomerAccountListReq
|
||||
if err := c.QueryParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
result, err := h.service.List(c.UserContext(), &req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.SuccessWithPagination(c, result.Items, result.Total, result.Page, result.Size)
|
||||
}
|
||||
|
||||
func (h *CustomerAccountHandler) Create(c *fiber.Ctx) error {
|
||||
var req dto.CreateCustomerAccountReq
|
||||
if err := c.BodyParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
result, err := h.service.Create(c.UserContext(), &req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.Success(c, result)
|
||||
}
|
||||
|
||||
func (h *CustomerAccountHandler) Update(c *fiber.Ctx) error {
|
||||
idStr := c.Params("id")
|
||||
id, err := strconv.ParseUint(idStr, 10, 64)
|
||||
if err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "无效的账号ID")
|
||||
}
|
||||
|
||||
var req dto.UpdateCustomerAccountRequest
|
||||
if err := c.BodyParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
result, err := h.service.Update(c.UserContext(), uint(id), &req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.Success(c, result)
|
||||
}
|
||||
|
||||
func (h *CustomerAccountHandler) UpdatePassword(c *fiber.Ctx) error {
|
||||
idStr := c.Params("id")
|
||||
id, err := strconv.ParseUint(idStr, 10, 64)
|
||||
if err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "无效的账号ID")
|
||||
}
|
||||
|
||||
var req dto.UpdateCustomerAccountPasswordRequest
|
||||
if err := c.BodyParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
if err := h.service.UpdatePassword(c.UserContext(), uint(id), req.Password); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.Success(c, nil)
|
||||
}
|
||||
|
||||
func (h *CustomerAccountHandler) UpdateStatus(c *fiber.Ctx) error {
|
||||
idStr := c.Params("id")
|
||||
id, err := strconv.ParseUint(idStr, 10, 64)
|
||||
if err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "无效的账号ID")
|
||||
}
|
||||
|
||||
var req dto.UpdateCustomerAccountStatusRequest
|
||||
if err := c.BodyParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
if err := h.service.UpdateStatus(c.UserContext(), uint(id), req.Status); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.Success(c, nil)
|
||||
}
|
||||
@@ -1,103 +0,0 @@
|
||||
package admin
|
||||
|
||||
import (
|
||||
"strconv"
|
||||
|
||||
"github.com/gofiber/fiber/v2"
|
||||
|
||||
"github.com/break/junhong_cmp_fiber/internal/model/dto"
|
||||
shopAccountService "github.com/break/junhong_cmp_fiber/internal/service/shop_account"
|
||||
"github.com/break/junhong_cmp_fiber/pkg/errors"
|
||||
"github.com/break/junhong_cmp_fiber/pkg/response"
|
||||
)
|
||||
|
||||
type ShopAccountHandler struct {
|
||||
service *shopAccountService.Service
|
||||
}
|
||||
|
||||
func NewShopAccountHandler(service *shopAccountService.Service) *ShopAccountHandler {
|
||||
return &ShopAccountHandler{service: service}
|
||||
}
|
||||
|
||||
func (h *ShopAccountHandler) List(c *fiber.Ctx) error {
|
||||
var req dto.ShopAccountListRequest
|
||||
if err := c.QueryParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
accounts, total, err := h.service.List(c.UserContext(), &req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.SuccessWithPagination(c, accounts, total, req.Page, req.PageSize)
|
||||
}
|
||||
|
||||
func (h *ShopAccountHandler) Create(c *fiber.Ctx) error {
|
||||
var req dto.CreateShopAccountRequest
|
||||
if err := c.BodyParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
account, err := h.service.Create(c.UserContext(), &req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.Success(c, account)
|
||||
}
|
||||
|
||||
func (h *ShopAccountHandler) Update(c *fiber.Ctx) error {
|
||||
id, err := strconv.ParseUint(c.Params("id"), 10, 64)
|
||||
if err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "无效的账号 ID")
|
||||
}
|
||||
|
||||
var req dto.UpdateShopAccountRequest
|
||||
if err := c.BodyParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
account, err := h.service.Update(c.UserContext(), uint(id), &req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.Success(c, account)
|
||||
}
|
||||
|
||||
func (h *ShopAccountHandler) UpdatePassword(c *fiber.Ctx) error {
|
||||
id, err := strconv.ParseUint(c.Params("id"), 10, 64)
|
||||
if err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "无效的账号 ID")
|
||||
}
|
||||
|
||||
var req dto.UpdateShopAccountPasswordRequest
|
||||
if err := c.BodyParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
if err := h.service.UpdatePassword(c.UserContext(), uint(id), &req); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.Success(c, nil)
|
||||
}
|
||||
|
||||
func (h *ShopAccountHandler) UpdateStatus(c *fiber.Ctx) error {
|
||||
id, err := strconv.ParseUint(c.Params("id"), 10, 64)
|
||||
if err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "无效的账号 ID")
|
||||
}
|
||||
|
||||
var req dto.UpdateShopAccountStatusRequest
|
||||
if err := c.BodyParser(&req); err != nil {
|
||||
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
|
||||
}
|
||||
|
||||
if err := h.service.UpdateStatus(c.UserContext(), uint(id), &req); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return response.Success(c, nil)
|
||||
}
|
||||
Reference in New Issue
Block a user