huang
80f560df33
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m17s
- 合并 customer_account 和 shop_account 路由到统一的 account 接口 - 新增统一认证接口 (auth handler) - 实现越权防护中间件和权限检查工具函数 - 新增操作审计日志模型和服务 - 更新数据库迁移 (版本 39: account_operation_log 表) - 补充集成测试覆盖权限检查和审计日志场景
120 lines
3.7 KiB
Go
120 lines
3.7 KiB
Go
package routes
|
||
|
||
import (
|
||
"github.com/gofiber/fiber/v2"
|
||
|
||
"github.com/break/junhong_cmp_fiber/internal/handler/admin"
|
||
"github.com/break/junhong_cmp_fiber/internal/model/dto"
|
||
"github.com/break/junhong_cmp_fiber/pkg/constants"
|
||
"github.com/break/junhong_cmp_fiber/pkg/errors"
|
||
"github.com/break/junhong_cmp_fiber/pkg/middleware"
|
||
"github.com/break/junhong_cmp_fiber/pkg/openapi"
|
||
)
|
||
|
||
// registerAccountRoutes 注册账号相关路由
|
||
// 统一路由结构:/api/admin/accounts/*
|
||
// 账号类型通过请求体的 user_type 字段区分(2=平台用户,3=代理账号,4=企业账号)
|
||
func registerAccountRoutes(api fiber.Router, h *admin.AccountHandler, doc *openapi.Generator, basePath string) {
|
||
accounts := api.Group("/accounts")
|
||
accountsPath := basePath + "/accounts"
|
||
|
||
// 企业用户拦截中间件:禁止企业用户访问账号管理接口
|
||
accounts.Use(func(c *fiber.Ctx) error {
|
||
userType := middleware.GetUserTypeFromContext(c.UserContext())
|
||
if userType == constants.UserTypeEnterprise {
|
||
return errors.New(errors.CodeForbidden, "无权限访问账号管理功能")
|
||
}
|
||
return c.Next()
|
||
})
|
||
|
||
// 创建账号(user_type: 2=平台, 3=代理, 4=企业)
|
||
Register(accounts, doc, accountsPath, "POST", "", h.Create, RouteSpec{
|
||
Summary: "创建账号",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.CreateAccountRequest),
|
||
Output: new(dto.AccountResponse),
|
||
Auth: true,
|
||
})
|
||
|
||
// 查询账号列表(可通过 user_type 参数筛选)
|
||
Register(accounts, doc, accountsPath, "GET", "", h.List, RouteSpec{
|
||
Summary: "查询账号列表",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.AccountListRequest),
|
||
Output: new(dto.AccountPageResult),
|
||
Auth: true,
|
||
})
|
||
|
||
// 获取账号详情
|
||
Register(accounts, doc, accountsPath, "GET", "/:id", h.Get, RouteSpec{
|
||
Summary: "获取账号详情",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.IDReq),
|
||
Output: new(dto.AccountResponse),
|
||
Auth: true,
|
||
})
|
||
|
||
// 更新账号
|
||
Register(accounts, doc, accountsPath, "PUT", "/:id", h.Update, RouteSpec{
|
||
Summary: "更新账号",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.UpdateAccountParams),
|
||
Output: new(dto.AccountResponse),
|
||
Auth: true,
|
||
})
|
||
|
||
// 删除账号
|
||
Register(accounts, doc, accountsPath, "DELETE", "/:id", h.Delete, RouteSpec{
|
||
Summary: "删除账号",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.IDReq),
|
||
Output: nil,
|
||
Auth: true,
|
||
})
|
||
|
||
// 修改账号密码
|
||
Register(accounts, doc, accountsPath, "PUT", "/:id/password", h.UpdatePassword, RouteSpec{
|
||
Summary: "修改账号密码",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.UpdatePasswordParams),
|
||
Output: nil,
|
||
Auth: true,
|
||
})
|
||
|
||
// 修改账号状态
|
||
Register(accounts, doc, accountsPath, "PUT", "/:id/status", h.UpdateStatus, RouteSpec{
|
||
Summary: "修改账号状态",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.UpdateStatusParams),
|
||
Output: nil,
|
||
Auth: true,
|
||
})
|
||
|
||
// 为账号分配角色
|
||
Register(accounts, doc, accountsPath, "POST", "/:id/roles", h.AssignRoles, RouteSpec{
|
||
Summary: "为账号分配角色",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.AssignRolesParams),
|
||
Output: new([]dto.AccountRoleResponse),
|
||
Auth: true,
|
||
})
|
||
|
||
// 获取账号角色
|
||
Register(accounts, doc, accountsPath, "GET", "/:id/roles", h.GetRoles, RouteSpec{
|
||
Summary: "获取账号角色",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.IDReq),
|
||
Output: new(dto.AccountRolesResponse),
|
||
Auth: true,
|
||
})
|
||
|
||
// 移除账号角色
|
||
Register(accounts, doc, accountsPath, "DELETE", "/:account_id/roles/:role_id", h.RemoveRole, RouteSpec{
|
||
Summary: "移除账号角色",
|
||
Tags: []string{"账号管理"},
|
||
Input: new(dto.RemoveRoleParams),
|
||
Output: nil,
|
||
Auth: true,
|
||
})
|
||
}
|