权限管理接口实现

web/services/admin_role.go

@@ -0,0 +1,143 @@
+package services
+
+import (
+	"platform/pkg/u"
+	"platform/web/core"
+	g "platform/web/globals"
+	"platform/web/models"
+	m "platform/web/models"
+	q "platform/web/queries"
+
+	"gorm.io/gen/field"
+)
+
+var AdminRole = &adminRoleService{}
+
+type adminRoleService struct{}
+
+func (r *adminRoleService) ListRoles() (result []*m.AdminRole, err error) {
+	return q.AdminRole.
+		Order(q.AdminRole.Sort.Asc(), q.AdminRole.CreatedAt.Desc()).
+		Find()
+}
+
+func (r *adminRoleService) PageRoles(req core.PageReq) (result []*m.AdminRole, count int64, err error) {
+	return q.AdminRole.
+		Preload(q.AdminRole.Permissions).
+		Order(q.AdminRole.Sort.Asc(), q.AdminRole.CreatedAt.Desc()).
+		FindByPage(req.GetOffset(), req.GetLimit())
+}
+
+func (r *adminRoleService) CreateAdminRole(create *CreateAdminRole) error {
+	return q.Q.Transaction(func(q *q.Query) error {
+
+		// 创建角色
+		role := &m.AdminRole{
+			Name:        create.Name,
+			Description: create.Description,
+			Active:      u.Else(create.Active, true),
+			Sort:        u.Else(create.Sort, 0),
+		}
+		if err := q.AdminRole.Create(role); err != nil {
+			return err
+		}
+
+		// 替换权限
+		permissions := make([]*models.LinkAdminRolePermission, 0, len(create.Permissions))
+		for _, permissionID := range create.Permissions {
+			permissions = append(permissions, &models.LinkAdminRolePermission{
+				RoleID:       role.ID,
+				PermissionID: permissionID,
+			})
+		}
+		if len(permissions) > 0 {
+			err := g.Redsync.WithLock(AdminRoleModifyLock, func() error {
+				return q.LinkAdminRolePermission.CreateInBatches(permissions, 1000)
+			})
+			if err != nil {
+				return err
+			}
+		}
+
+		return nil
+	})
+}
+
+type CreateAdminRole struct {
+	Name        string  `json:"name"`
+	Description *string `json:"description"`
+	Active      *bool   `json:"active"`
+	Sort        *int32  `json:"sort"`
+	Permissions []int32 `json:"permissions"`
+}
+
+func (r *adminRoleService) UpdateAdminRole(update *UpdateAdminRole) error {
+
+	var simples = make([]field.AssignExpr, 0)
+	if update.Name != nil {
+		simples = append(simples, q.AdminRole.Name.Value(*update.Name))
+	}
+	if update.Description != nil {
+		simples = append(simples, q.AdminRole.Description.Value(*update.Description))
+	}
+	if update.Active != nil {
+		simples = append(simples, q.AdminRole.Active.Value(*update.Active))
+	}
+	if update.Sort != nil {
+		simples = append(simples, q.AdminRole.Sort.Value(*update.Sort))
+	}
+
+	err := q.Q.Transaction(func(q *q.Query) error {
+
+		// 修改角色
+		_, err := q.AdminRole.
+			Where(q.AdminRole.ID.Eq(update.Id)).
+			UpdateSimple(simples...)
+		if err != nil {
+			return err
+		}
+
+		// 修改角色关联权限
+		if update.Permissions != nil {
+			updatePermissions := *update.Permissions
+			permissions := make([]*models.LinkAdminRolePermission, len(updatePermissions))
+			for i, permissionID := range updatePermissions {
+				permissions[i] = &models.LinkAdminRolePermission{
+					RoleID:       update.Id,
+					PermissionID: permissionID,
+				}
+			}
+			err = g.Redsync.WithLock(AdminRoleModifyLock, func() error {
+				if _, err := q.LinkAdminRolePermission.Where(q.LinkAdminRolePermission.RoleID.Eq(update.Id)).Delete(); err != nil {
+					return err
+				}
+				if err = q.LinkAdminRolePermission.CreateInBatches(permissions, 1000); err != nil {
+					return err
+				}
+				return nil
+			})
+			if err != nil {
+				return err
+			}
+		}
+
+		return nil
+	})
+	return err
+}
+
+type UpdateAdminRole struct {
+	Id          int32    `json:"id"`
+	Name        *string  `json:"name"`
+	Description *string  `json:"description"`
+	Active      *bool    `json:"active"`
+	Sort        *int32   `json:"sort"`
+	Permissions *[]int32 `json:"permissions"`
+}
+
+func (r *adminRoleService) RemoveAdminRole(id int32) error {
+	_, err := q.AdminRole.Where(q.AdminRole.ID.Eq(id)).Delete()
+	return err
+}
+
+var AdminRoleModifyLock = "platform:admin_role_permissions:modify"