junhong_cmp_fiber/internal/service/role/service.go

package role

import (
	"context"
	"fmt"

	"github.com/break/junhong_cmp_fiber/internal/model"
	"github.com/break/junhong_cmp_fiber/internal/store"
	"github.com/break/junhong_cmp_fiber/internal/store/postgres"
	"github.com/break/junhong_cmp_fiber/pkg/constants"
	"github.com/break/junhong_cmp_fiber/pkg/errors"
	"github.com/break/junhong_cmp_fiber/pkg/middleware"
	"gorm.io/gorm"
)

// Service 角色业务服务
type Service struct {
	roleStore           *postgres.RoleStore
	permissionStore     *postgres.PermissionStore
	rolePermissionStore *postgres.RolePermissionStore
}

// New 创建角色服务
func New(roleStore *postgres.RoleStore, permissionStore *postgres.PermissionStore, rolePermissionStore *postgres.RolePermissionStore) *Service {
	return &Service{
		roleStore:           roleStore,
		permissionStore:     permissionStore,
		rolePermissionStore: rolePermissionStore,
	}
}

// Create 创建角色
func (s *Service) Create(ctx context.Context, req *model.CreateRoleRequest) (*model.Role, error) {
	// 获取当前用户 ID
	currentUserID := middleware.GetUserIDFromContext(ctx)
	if currentUserID == 0 {
		return nil, errors.New(errors.CodeUnauthorized, "未授权访问")
	}

	// 创建角色
	role := &model.Role{
		RoleName: req.RoleName,
		RoleDesc: req.RoleDesc,
		RoleType: req.RoleType,
		Status:   constants.StatusEnabled,
	}

	if err := s.roleStore.Create(ctx, role); err != nil {
		return nil, fmt.Errorf("创建角色失败: %w", err)
	}

	return role, nil
}

// Get 获取角色
func (s *Service) Get(ctx context.Context, id uint) (*model.Role, error) {
	role, err := s.roleStore.GetByID(ctx, id)
	if err != nil {
		if err == gorm.ErrRecordNotFound {
			return nil, errors.New(errors.CodeRoleNotFound, "角色不存在")
		}
		return nil, fmt.Errorf("获取角色失败: %w", err)
	}
	return role, nil
}

// Update 更新角色
func (s *Service) Update(ctx context.Context, id uint, req *model.UpdateRoleRequest) (*model.Role, error) {
	// 获取当前用户 ID
	currentUserID := middleware.GetUserIDFromContext(ctx)
	if currentUserID == 0 {
		return nil, errors.New(errors.CodeUnauthorized, "未授权访问")
	}

	// 获取现有角色
	role, err := s.roleStore.GetByID(ctx, id)
	if err != nil {
		if err == gorm.ErrRecordNotFound {
			return nil, errors.New(errors.CodeRoleNotFound, "角色不存在")
		}
		return nil, fmt.Errorf("获取角色失败: %w", err)
	}

	// 更新字段
	if req.RoleName != nil {
		role.RoleName = *req.RoleName
	}
	if req.RoleDesc != nil {
		role.RoleDesc = *req.RoleDesc
	}
	if req.Status != nil {
		role.Status = *req.Status
	}

	role.Updater = currentUserID

	if err := s.roleStore.Update(ctx, role); err != nil {
		return nil, fmt.Errorf("更新角色失败: %w", err)
	}

	return role, nil
}

// Delete 软删除角色
func (s *Service) Delete(ctx context.Context, id uint) error {
	// 检查角色存在
	_, err := s.roleStore.GetByID(ctx, id)
	if err != nil {
		if err == gorm.ErrRecordNotFound {
			return errors.New(errors.CodeRoleNotFound, "角色不存在")
		}
		return fmt.Errorf("获取角色失败: %w", err)
	}

	if err := s.roleStore.Delete(ctx, id); err != nil {
		return fmt.Errorf("删除角色失败: %w", err)
	}

	return nil
}

// List 查询角色列表
func (s *Service) List(ctx context.Context, req *model.RoleListRequest) ([]*model.Role, int64, error) {
	opts := &store.QueryOptions{
		Page:     req.Page,
		PageSize: req.PageSize,
		OrderBy:  "id DESC",
	}
	if opts.Page == 0 {
		opts.Page = 1
	}
	if opts.PageSize == 0 {
		opts.PageSize = constants.DefaultPageSize
	}

	filters := make(map[string]interface{})
	if req.RoleName != "" {
		filters["role_name"] = req.RoleName
	}
	if req.RoleType != nil {
		filters["role_type"] = *req.RoleType
	}
	if req.Status != nil {
		filters["status"] = *req.Status
	}

	return s.roleStore.List(ctx, opts, filters)
}

// AssignPermissions 为角色分配权限
func (s *Service) AssignPermissions(ctx context.Context, roleID uint, permIDs []uint) ([]*model.RolePermission, error) {
	// 获取当前用户 ID
	currentUserID := middleware.GetUserIDFromContext(ctx)
	if currentUserID == 0 {
		return nil, errors.New(errors.CodeUnauthorized, "未授权访问")
	}

	// 检查角色存在
	_, err := s.roleStore.GetByID(ctx, roleID)
	if err != nil {
		if err == gorm.ErrRecordNotFound {
			return nil, errors.New(errors.CodeRoleNotFound, "角色不存在")
		}
		return nil, fmt.Errorf("获取角色失败: %w", err)
	}

	// 验证所有权限存在
	for _, permID := range permIDs {
		_, err := s.permissionStore.GetByID(ctx, permID)
		if err != nil {
			if err == gorm.ErrRecordNotFound {
				return nil, errors.New(errors.CodePermissionNotFound, fmt.Sprintf("权限 %d 不存在", permID))
			}
			return nil, fmt.Errorf("获取权限失败: %w", err)
		}
	}

	// 创建关联
	var rps []*model.RolePermission
	for _, permID := range permIDs {
		// 检查是否已分配
		exists, _ := s.rolePermissionStore.Exists(ctx, roleID, permID)
		if exists {
			continue // 跳过已存在的关联
		}

		rp := &model.RolePermission{
			RoleID: roleID,
			PermID: permID,
			Status: constants.StatusEnabled,
		}
		if err := s.rolePermissionStore.Create(ctx, rp); err != nil {
			return nil, fmt.Errorf("创建角色-权限关联失败: %w", err)
		}
		rps = append(rps, rp)
	}

	return rps, nil
}

// GetPermissions 获取角色的所有权限
func (s *Service) GetPermissions(ctx context.Context, roleID uint) ([]*model.Permission, error) {
	// 检查角色存在
	_, err := s.roleStore.GetByID(ctx, roleID)
	if err != nil {
		if err == gorm.ErrRecordNotFound {
			return nil, errors.New(errors.CodeRoleNotFound, "角色不存在")
		}
		return nil, fmt.Errorf("获取角色失败: %w", err)
	}

	// 获取权限 ID 列表
	permIDs, err := s.rolePermissionStore.GetPermIDsByRoleID(ctx, roleID)
	if err != nil {
		return nil, fmt.Errorf("获取角色权限 ID 失败: %w", err)
	}

	if len(permIDs) == 0 {
		return []*model.Permission{}, nil
	}

	// 获取权限详情
	return s.permissionStore.GetByIDs(ctx, permIDs)
}

// RemovePermission 移除角色的权限
func (s *Service) RemovePermission(ctx context.Context, roleID, permID uint) error {
	// 检查角色存在
	_, err := s.roleStore.GetByID(ctx, roleID)
	if err != nil {
		if err == gorm.ErrRecordNotFound {
			return errors.New(errors.CodeRoleNotFound, "角色不存在")
		}
		return fmt.Errorf("获取角色失败: %w", err)
	}

	// 删除关联
	if err := s.rolePermissionStore.Delete(ctx, roleID, permID); err != nil {
		return fmt.Errorf("删除角色-权限关联失败: %w", err)
	}

	return nil
}