宇恒一号官网

2026-03-17 00:59:32 +08:00
commit eb56519df7
105 changed files with 10783 additions and 0 deletions
--- a/server/handlers/role_permission.go
+++ b/server/handlers/role_permission.go
@@ -0,0 +1,109 @@
+package handlers
+
+import (
+	"context"
+	"net/http"
+	"strconv"
+	"time"
+
+	"go.mongodb.org/mongo-driver/v2/bson"
+	"go.mongodb.org/mongo-driver/v2/mongo/options"
+
+	"yh_web/server/config"
+	"yh_web/server/models"
+
+	"github.com/gin-gonic/gin"
+)
+
+// 预定义角色（与 users.role_id 对应）
+var roleMeta = []struct {
+	RoleID   int    `json:"role_id"`
+	RoleName string `json:"role_name"`
+}{
+	{models.RoleIDSuperAdmin, "超级管理员"},
+	{models.RoleIDSuperUser, "超级用户"},
+	{models.RoleIDUser, "普通用户"},
+}
+
+// GetRolePermissionsList 返回所有角色及其权限（用于角色权限管理页）
+func GetRolePermissionsList(c *gin.Context) {
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	coll := config.GetDB(config.DBName).Collection("role_permissions")
+	cursor, err := coll.Find(ctx, bson.M{})
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	defer cursor.Close(ctx)
+
+	var docs []models.RolePermissionsDoc
+	if err = cursor.All(ctx, &docs); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	permMap := make(map[int][]string)
+	for _, d := range docs {
+		permMap[d.RoleID] = d.Permissions
+	}
+
+	list := make([]gin.H, 0, len(roleMeta))
+	for _, r := range roleMeta {
+		perms := permMap[r.RoleID]
+		if perms == nil {
+			perms = []string{}
+		}
+		if r.RoleID == models.RoleIDSuperAdmin {
+			perms = allPermissionKeys()
+		}
+		list = append(list, gin.H{
+			"role_id":     r.RoleID,
+			"role_name":   r.RoleName,
+			"permissions": perms,
+		})
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"list":            list,
+		"all_permissions": models.AllPermissions,
+	})
+}
+
+// UpdateRolePermissionsInput 更新某角色权限
+type UpdateRolePermissionsInput struct {
+	Permissions []string `json:"permissions"`
+}
+
+// UpdateRolePermissions 更新指定角色的权限
+func UpdateRolePermissions(c *gin.Context) {
+	roleIDStr := c.Param("role_id")
+	roleID, err := strconv.Atoi(roleIDStr)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "无效的 role_id"})
+		return
+	}
+	if roleID == models.RoleIDSuperAdmin {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "超级管理员权限不可修改"})
+		return
+	}
+
+	var input UpdateRolePermissionsInput
+	if err := c.ShouldBindJSON(&input); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	coll := config.GetDB(config.DBName).Collection("role_permissions")
+	filter := bson.M{"role_id": roleID}
+	update := bson.M{"$set": bson.M{"role_id": roleID, "permissions": input.Permissions}}
+	opts := options.UpdateOne().SetUpsert(true)
+	_, err = coll.UpdateOne(ctx, filter, update, opts)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"message": "保存成功", "role_id": roleID, "permissions": input.Permissions})
+}