package role import ( "context" "fmt" "github.com/break/junhong_cmp_fiber/internal/model" "github.com/break/junhong_cmp_fiber/internal/store" "github.com/break/junhong_cmp_fiber/internal/store/postgres" "github.com/break/junhong_cmp_fiber/pkg/constants" "github.com/break/junhong_cmp_fiber/pkg/errors" "github.com/break/junhong_cmp_fiber/pkg/middleware" "gorm.io/gorm" ) // Service 角色业务服务 type Service struct { roleStore *postgres.RoleStore permissionStore *postgres.PermissionStore rolePermissionStore *postgres.RolePermissionStore } // New 创建角色服务 func New(roleStore *postgres.RoleStore, permissionStore *postgres.PermissionStore, rolePermissionStore *postgres.RolePermissionStore) *Service { return &Service{ roleStore: roleStore, permissionStore: permissionStore, rolePermissionStore: rolePermissionStore, } } // Create 创建角色 func (s *Service) Create(ctx context.Context, req *model.CreateRoleRequest) (*model.Role, error) { // 获取当前用户 ID currentUserID := middleware.GetUserIDFromContext(ctx) if currentUserID == 0 { return nil, errors.New(errors.CodeUnauthorized, "未授权访问") } // 创建角色 role := &model.Role{ RoleName: req.RoleName, RoleDesc: req.RoleDesc, RoleType: req.RoleType, Status: constants.StatusEnabled, } if err := s.roleStore.Create(ctx, role); err != nil { return nil, fmt.Errorf("创建角色失败: %w", err) } return role, nil } // Get 获取角色 func (s *Service) Get(ctx context.Context, id uint) (*model.Role, error) { role, err := s.roleStore.GetByID(ctx, id) if err != nil { if err == gorm.ErrRecordNotFound { return nil, errors.New(errors.CodeRoleNotFound, "角色不存在") } return nil, fmt.Errorf("获取角色失败: %w", err) } return role, nil } // Update 更新角色 func (s *Service) Update(ctx context.Context, id uint, req *model.UpdateRoleRequest) (*model.Role, error) { // 获取当前用户 ID currentUserID := middleware.GetUserIDFromContext(ctx) if currentUserID == 0 { return nil, errors.New(errors.CodeUnauthorized, "未授权访问") } // 获取现有角色 role, err := s.roleStore.GetByID(ctx, id) if err != nil { if err == gorm.ErrRecordNotFound { return nil, errors.New(errors.CodeRoleNotFound, "角色不存在") } return nil, fmt.Errorf("获取角色失败: %w", err) } // 更新字段 if req.RoleName != nil { role.RoleName = *req.RoleName } if req.RoleDesc != nil { role.RoleDesc = *req.RoleDesc } if req.Status != nil { role.Status = *req.Status } role.Updater = currentUserID if err := s.roleStore.Update(ctx, role); err != nil { return nil, fmt.Errorf("更新角色失败: %w", err) } return role, nil } // Delete 软删除角色 func (s *Service) Delete(ctx context.Context, id uint) error { // 检查角色存在 _, err := s.roleStore.GetByID(ctx, id) if err != nil { if err == gorm.ErrRecordNotFound { return errors.New(errors.CodeRoleNotFound, "角色不存在") } return fmt.Errorf("获取角色失败: %w", err) } if err := s.roleStore.Delete(ctx, id); err != nil { return fmt.Errorf("删除角色失败: %w", err) } return nil } // List 查询角色列表 func (s *Service) List(ctx context.Context, req *model.RoleListRequest) ([]*model.Role, int64, error) { opts := &store.QueryOptions{ Page: req.Page, PageSize: req.PageSize, OrderBy: "id DESC", } if opts.Page == 0 { opts.Page = 1 } if opts.PageSize == 0 { opts.PageSize = constants.DefaultPageSize } filters := make(map[string]interface{}) if req.RoleName != "" { filters["role_name"] = req.RoleName } if req.RoleType != nil { filters["role_type"] = *req.RoleType } if req.Status != nil { filters["status"] = *req.Status } return s.roleStore.List(ctx, opts, filters) } // AssignPermissions 为角色分配权限 func (s *Service) AssignPermissions(ctx context.Context, roleID uint, permIDs []uint) ([]*model.RolePermission, error) { // 获取当前用户 ID currentUserID := middleware.GetUserIDFromContext(ctx) if currentUserID == 0 { return nil, errors.New(errors.CodeUnauthorized, "未授权访问") } // 检查角色存在 _, err := s.roleStore.GetByID(ctx, roleID) if err != nil { if err == gorm.ErrRecordNotFound { return nil, errors.New(errors.CodeRoleNotFound, "角色不存在") } return nil, fmt.Errorf("获取角色失败: %w", err) } // 验证所有权限存在 for _, permID := range permIDs { _, err := s.permissionStore.GetByID(ctx, permID) if err != nil { if err == gorm.ErrRecordNotFound { return nil, errors.New(errors.CodePermissionNotFound, fmt.Sprintf("权限 %d 不存在", permID)) } return nil, fmt.Errorf("获取权限失败: %w", err) } } // 创建关联 var rps []*model.RolePermission for _, permID := range permIDs { // 检查是否已分配 exists, _ := s.rolePermissionStore.Exists(ctx, roleID, permID) if exists { continue // 跳过已存在的关联 } rp := &model.RolePermission{ RoleID: roleID, PermID: permID, Status: constants.StatusEnabled, } if err := s.rolePermissionStore.Create(ctx, rp); err != nil { return nil, fmt.Errorf("创建角色-权限关联失败: %w", err) } rps = append(rps, rp) } return rps, nil } // GetPermissions 获取角色的所有权限 func (s *Service) GetPermissions(ctx context.Context, roleID uint) ([]*model.Permission, error) { // 检查角色存在 _, err := s.roleStore.GetByID(ctx, roleID) if err != nil { if err == gorm.ErrRecordNotFound { return nil, errors.New(errors.CodeRoleNotFound, "角色不存在") } return nil, fmt.Errorf("获取角色失败: %w", err) } // 获取权限 ID 列表 permIDs, err := s.rolePermissionStore.GetPermIDsByRoleID(ctx, roleID) if err != nil { return nil, fmt.Errorf("获取角色权限 ID 失败: %w", err) } if len(permIDs) == 0 { return []*model.Permission{}, nil } // 获取权限详情 return s.permissionStore.GetByIDs(ctx, permIDs) } // RemovePermission 移除角色的权限 func (s *Service) RemovePermission(ctx context.Context, roleID, permID uint) error { // 检查角色存在 _, err := s.roleStore.GetByID(ctx, roleID) if err != nil { if err == gorm.ErrRecordNotFound { return errors.New(errors.CodeRoleNotFound, "角色不存在") } return fmt.Errorf("获取角色失败: %w", err) } // 删除关联 if err := s.rolePermissionStore.Delete(ctx, roleID, permID); err != nil { return fmt.Errorf("删除角色-权限关联失败: %w", err) } return nil }