110 lines
2.9 KiB
Go
110 lines
2.9 KiB
Go
package handlers
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
"strconv"
|
|
"time"
|
|
|
|
"go.mongodb.org/mongo-driver/v2/bson"
|
|
"go.mongodb.org/mongo-driver/v2/mongo/options"
|
|
|
|
"yh_web/server/config"
|
|
"yh_web/server/models"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// 预定义角色(与 users.role_id 对应)
|
|
var roleMeta = []struct {
|
|
RoleID int `json:"role_id"`
|
|
RoleName string `json:"role_name"`
|
|
}{
|
|
{models.RoleIDSuperAdmin, "超级管理员"},
|
|
{models.RoleIDSuperUser, "超级用户"},
|
|
{models.RoleIDUser, "普通用户"},
|
|
}
|
|
|
|
// GetRolePermissionsList 返回所有角色及其权限(用于角色权限管理页)
|
|
func GetRolePermissionsList(c *gin.Context) {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
|
defer cancel()
|
|
|
|
coll := config.GetDB(config.DBName).Collection("role_permissions")
|
|
cursor, err := coll.Find(ctx, bson.M{})
|
|
if err != nil {
|
|
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
defer cursor.Close(ctx)
|
|
|
|
var docs []models.RolePermissionsDoc
|
|
if err = cursor.All(ctx, &docs); err != nil {
|
|
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
permMap := make(map[int][]string)
|
|
for _, d := range docs {
|
|
permMap[d.RoleID] = d.Permissions
|
|
}
|
|
|
|
list := make([]gin.H, 0, len(roleMeta))
|
|
for _, r := range roleMeta {
|
|
perms := permMap[r.RoleID]
|
|
if perms == nil {
|
|
perms = []string{}
|
|
}
|
|
if r.RoleID == models.RoleIDSuperAdmin {
|
|
perms = allPermissionKeys()
|
|
}
|
|
list = append(list, gin.H{
|
|
"role_id": r.RoleID,
|
|
"role_name": r.RoleName,
|
|
"permissions": perms,
|
|
})
|
|
}
|
|
c.JSON(http.StatusOK, gin.H{
|
|
"list": list,
|
|
"all_permissions": models.AllPermissions,
|
|
})
|
|
}
|
|
|
|
// UpdateRolePermissionsInput 更新某角色权限
|
|
type UpdateRolePermissionsInput struct {
|
|
Permissions []string `json:"permissions"`
|
|
}
|
|
|
|
// UpdateRolePermissions 更新指定角色的权限
|
|
func UpdateRolePermissions(c *gin.Context) {
|
|
roleIDStr := c.Param("role_id")
|
|
roleID, err := strconv.Atoi(roleIDStr)
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": "无效的 role_id"})
|
|
return
|
|
}
|
|
if roleID == models.RoleIDSuperAdmin {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": "超级管理员权限不可修改"})
|
|
return
|
|
}
|
|
|
|
var input UpdateRolePermissionsInput
|
|
if err := c.ShouldBindJSON(&input); err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
|
defer cancel()
|
|
|
|
coll := config.GetDB(config.DBName).Collection("role_permissions")
|
|
filter := bson.M{"role_id": roleID}
|
|
update := bson.M{"$set": bson.M{"role_id": roleID, "permissions": input.Permissions}}
|
|
opts := options.UpdateOne().SetUpsert(true)
|
|
_, err = coll.UpdateOne(ctx, filter, update, opts)
|
|
if err != nil {
|
|
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
c.JSON(http.StatusOK, gin.H{"message": "保存成功", "role_id": roleID, "permissions": input.Permissions})
|
|
}
|