package service import ( "context" "dashoo.cn/micro/app/common/service" "dashoo.cn/micro/app/dao" "dashoo.cn/micro/app/model" "dashoo.cn/opms_libary/request" "dashoo.cn/opms_libary/utils" "errors" "fmt" "github.com/gogf/gf/container/gset" "github.com/gogf/gf/database/gdb" "github.com/gogf/gf/errors/gerror" "github.com/gogf/gf/frame/g" "github.com/gogf/gf/util/gconv" "github.com/gogf/gf/util/grand" ) type userService struct { *contextService Dao *dao.SysUserDao } func NewUserService(ctx context.Context) (svc *userService, err error) { svc = new(userService) if svc.contextService, err = svc.Init(ctx); err != nil { return nil, err } svc.Dao = dao.NewSysUserDao(svc.Tenant) return svc, nil } // Login 用户登录,成功返回用户UUID,否则返回空字符串; func (s *userService) Login(username, password string) (*request.UserInfo, error) { record, err := s.Dao.Where("user_name", username).Where("status='10'").FindOne() if err != nil { return nil, errors.New("系统异常") } if record == nil { return nil, errors.New("账号或密码错误,或限制登录") } // 验证密码 if utils.EncryptPassword(password, record.UserSalt) != record.Password { return nil, gerror.New("账号密码错误") } //账号状态 if record.Status == "20" { return nil, gerror.New("账号已被冻结") } userInfo := new(request.UserInfo) if err = gconv.Struct(record, userInfo); err != nil { return nil, err } // 权限 //permissionService, err := permission.NewService(s.Tenant) //if err != nil { // return nil, errors.New("系统异常,请重新尝试") //} //userRoles, err := permissionService.GetRoleIdsByUser(userInfo.Id) //if err != nil { // return nil, err //} //userInfo.Roles = userRoles return userInfo, nil } func (s *userService) GetUserList(req *model.SysUserSearchReq) (total int, userList []*model.SysUser, err error) { userModel := dao.SysUser.M if req.KeyWords != "" { keyWords := "%" + req.KeyWords + "%" userModel = userModel.Where("user_name like ? or nick_name like ?", keyWords, keyWords) } if req.DeptId != 0 { userModel = userModel.Where("dept_id", req.DeptId) } if len(req.DeptIds) != 0 { userModel = userModel.Where("dept_id in (?)", req.DeptIds) } if req.Status != "" { userModel = userModel.Where("status", gconv.Int(req.Status)) } if req.Phone != "" { userModel = userModel.Where("phone like ?", "%"+req.Phone+"%") } if req.BeginTime != "" { userModel = userModel.Where("created_at >=?", req.BeginTime) } if req.EndTime != "" { userModel = userModel.Where("created_at <=?", req.EndTime) } total, err = userModel.Count() if err != nil { g.Log().Error(err) err = gerror.New("获取总行数失败") return } if req.PageNum == 0 { req.PageNum = 1 } err = userModel.FieldsEx(dao.SysUser.Columns.Password, dao.SysUser.Columns.UserSalt). Page(req.PageNum, req.PageSize).Order("id asc").Scan(&userList) return } // GetAdminUserByUsernamePassword 后台登陆验证 func (s *userService) GetAdminUserByUsernamePassword(ctx context.Context, req *model.LoginParamsReq) (user *model.LoginUserRes, err error) { user, err = s.GetUserByUsernamePassword(ctx, req) if err != nil { return } //判断是否后台用户 //if user.IsAdmin != 1 { // return nil, gerror.New("抱歉!您不属于后台管理员!") //} return } // GetUserByUsernamePassword 登陆验证 func (s *userService) GetUserByUsernamePassword(ctx context.Context, req *model.LoginParamsReq) (user *model.LoginUserRes, err error) { user, err = s.GetUserByUsername(ctx, req.Username) if err != nil { return } if user == nil { return nil, gerror.New("账号密码错误") } //验证密码 if utils.EncryptPassword(req.Password, user.UserSalt) != user.UserPassword { return nil, gerror.New("账号密码错误") } //账号状态 if user.UserStatus == "20" { return nil, gerror.New("账号已被冻结") } return } // GetUserByUsername 通过用户名获取用户信息 func (s *userService) GetUserByUsername(ctx context.Context, userName string) (user *model.LoginUserRes, err error) { return dao.SysUser.FindByUsername(ctx, userName) } // UpdateLoginInfo 更新用户登录信息 保存登录日志 func (s *userService) UpdateLoginInfo(id int, username, ip, userAgent, msg, module string) { status := 0 //登录状态 0失败 1成功 if id != 0 { //说明登录成功更新登录信息 status = 1 //dao.SysUser.UpLoginInfo(id, ip) } //保存登录日志(异步) SysLoginLog.Invoke(&model.LoginLogParams{ Status: status, Username: username, Ip: ip, UserAgent: userAgent, Msg: msg, Module: module, }) } // LoginLog 记录登录日志 func (s *userService) LoginLog(params *model.LoginLogParams) { //ua := user_agent.New(params.UserAgent) //browser, _ := ua.Browser() //loginData := &model.SysLogin{ // LoginName: params.Username, // Ipaddr: params.Ip, // LoginLocation: utils.GetCityByIp(params.Ip), // Browser: browser, // Os: ua.OS(), // Status: params.Status, // Msg: params.Msg, // LoginTime: gtime.Now(), // Module: params.Module, //} //dao.SysLoginLog.SaveLog(loginData) } // SaveOnline 保存用户登录在线状态信息 //func (s *sysUser) SaveOnline(params *model.SysUserOnline) { // dao.SysUserOnline.SaveOnline(params) //} // GetAdminRole 获取用户角色 func (s *userService) GetAdminRole(userId int, allRoleList []*model.SysRole) (roles []*model.SysRole, err error) { var roleIds []uint roleIds, err = s.GetAdminRoleIds(userId) if err != nil { return } roles = make([]*model.SysRole, 0, len(allRoleList)) for _, v := range allRoleList { for _, id := range roleIds { if int(id) == v.Id { roles = append(roles, v) } } if len(roles) == len(roleIds) { break } } return } // GetAdminRoleIds 获取用户角色ids func (s *userService) GetAdminRoleIds(userId int) (roleIds []uint, err error) { enforcer, e := service.Casbin.GetEnforcer() if e != nil { err = e return } //查询关联角色规则 groupPolicy := enforcer.GetFilteredGroupingPolicy(0, gconv.String(userId)) if len(groupPolicy) > 0 { roleIds = make([]uint, len(groupPolicy)) //得到角色id的切片 for k, v := range groupPolicy { roleIds[k] = gconv.Uint(v[1]) } } return } // AddUserPost 添加用户岗位信息 func (s *userService) AddUserPost(postIds []int, userId int64, tx *gdb.TX) (err error) { //删除旧岗位信息 _, err = dao.SysUserPost.TX(tx).Where(dao.SysUserPost.Columns.UserId, userId).Delete() if err != nil { g.Log().Error(err) return } if len(postIds) == 0 { return } //添加用户岗位信息 data := g.List{} for _, v := range postIds { data = append(data, g.Map{ dao.SysUserPost.Columns.UserId: userId, dao.SysUserPost.Columns.PostId: v, }) } _, err = dao.SysUserPost.TX(tx).Data(data).Insert() if err != nil { g.Log().Error(err) return } return } // GetUserInfoById 通过Id获取用户信息 func (s *userService) GetUserInfoById(id int, withPwd ...bool) (user *model.SysUser, err error) { if len(withPwd) > 0 && withPwd[0] { //用户用户信息 err = dao.SysUser.Where(dao.SysUser.Columns.Id, id).Scan(&user) } else { //用户用户信息 err = dao.SysUser.Where(dao.SysUser.Columns.Id, id). FieldsEx(dao.SysUser.Columns.Password, dao.SysUser.Columns.UserSalt).Scan(&user) } if err != nil { g.Log().Error(err) return nil, errors.New("获取用户数据失败") } return } // GetEditUser 获取要修改的用户信息 func (s *userService) GetEditUser(id int) (g.Map, error) { userData, err := s.GetUserInfoById(id) //获取角色信息 //roleList, err := SysRole.GetRoleList() if err != nil { g.Log().Error(err) return nil, errors.New("获取角色数据失败") } //获取已选择的角色信息 checkedRoleIds, err := s.GetAdminRoleIds(id) if err != nil { g.Log().Error(err) return nil, errors.New("获取用户角色数据失败") } if checkedRoleIds == nil { checkedRoleIds = []uint{} } //获取岗位信息 posts, err := s.GetUsedPost() if err != nil { return nil, err } checkedPosts, err := s.GetUserPostIds(id) if err != nil { return nil, err } if checkedPosts == nil { checkedPosts = []int{} } res := g.Map{ //"roleList": roleList, "userInfo": userData, "checkedRoleIds": checkedRoleIds, "posts": posts, "checkedPosts": checkedPosts, } return res, nil } // GetUsedPost 获取正常状态的岗位 func (s *userService) GetUsedPost() (list []*model.SysPost, err error) { err = dao.SysPost.Where(dao.SysPost.Columns.Status, 1). Order(dao.SysPost.Columns.Sort + " ASC, " + dao.SysPost.Columns.Id + " ASC ").Scan(&list) if err != nil { g.Log().Error(err) err = gerror.New("获取岗位数据失败") } return } // GetUserPostIds 获取用户岗位 func (s *userService) GetUserPostIds(userId int) (postIds []int, err error) { var list []*model.SysUserPost err = dao.SysUserPost.Where(dao.SysUserPost.Columns.UserId, userId).Scan(&list) if err != nil { g.Log().Error(err) return nil, gerror.New("获取用户岗位信息失败") } postIds = make([]int, 0) for _, entity := range list { postIds = append(postIds, int(entity.PostId)) } return } // GetPostsByUserId 根据用户id获取岗位信息详情 func (s *userService) GetPostsByUserId(userId int) ([]*model.SysPost, error) { postIds, err := s.GetUserPostIds(userId) if err != nil { return nil, err } var posts []*model.SysPost err = dao.SysPost.Where(dao.SysPost.Columns.Id+" in (?)", postIds).Scan(&posts) return posts, err } func (s *userService) CreateUser(req *model.AddUserReq) (err error) { req.UserSalt = grand.S(10) req.Password = utils.EncryptPassword(req.Password, req.UserSalt) var tx *gdb.TX tx, err = g.DB().Begin() if err != nil { err = gerror.New("事务开启失败") return } Model := dao.SysUser.TX(tx) if i, _ := Model.Where("user_name=?", req.UserName).Count(); i != 0 { err = gerror.New("用户名已经存在") tx.Rollback() return } if i, _ := Model.Where("phone=?", req.Phone).Count(); i != 0 { err = gerror.New("手机号已经存在") tx.Rollback() return } userData := new(model.SysUser) //userData.UserName = req.UserName //userData.DeptId = req.DeptId //userData.Status = req.Status //userData.Phone = req.Phone //userData.Sex = req.Sex //userData.Email = req.Email //userData.NickName = req.NickName //userData.UserSalt = req.UserSalt //userData.Password = req.Password //userData.Remark = req.Remark if err = gconv.Struct(req, userData); err != nil { tx.Rollback() return } SetCreatedInfo(userData, s.GetCxtUserId(), s.GetCxtUserName()) res, err := Model.Insert(userData) if err != nil { tx.Rollback() return } InsertId, _ := res.LastInsertId() fmt.Println(InsertId) //err = s.AddUserRole(req.RoleIds, InsertId) //if err != nil { // g.Log().Error(err) // err = gerror.New("设置用户权限失败") // tx.Rollback() // return //} //err = s.AddUserPost(req.PostIds, InsertId, tx) if err != nil { g.Log().Error(err) err = gerror.New("设置用户岗位信息失败") tx.Rollback() return } tx.Commit() return } // AddUserRole 添加用户角色信息 func (s *userService) AddUserRole(roleIds interface{}, userId int64) (err error) { enforcer, e := service.Casbin.GetEnforcer() if e != nil { err = e return } rule := gconv.Ints(roleIds) for _, v := range rule { _, err = enforcer.AddGroupingPolicy(fmt.Sprintf("%d", userId), fmt.Sprintf("%d", v)) if err != nil { return } } return } // UpdateUser 修改用户 func (s *userService) UpdateUser(req *model.EditUserReq) (err error) { if i, _ := dao.SysUser.Where("id!=? and phone=?", req.Id, req.Phone).Count(); i != 0 { err = gerror.New("手机号已经存在") return } var tx *gdb.TX tx, err = g.DB().Begin() //保存管理员信息 var userData *model.SysUser err = dao.SysUser.Where("id", req.Id).Scan(&userData) if err != nil || userData == nil { g.Log().Error(err) err = gerror.New("获取用户信息失败") return } //userData.DeptId = req.DeptId //userData.Status = req.Status //userData.Phone = req.Phone //userData.Sex = req.Sex //userData.Email = req.Email //userData.NickName = req.NickName //userData.Remark = req.Remark if err = gconv.Struct(req, userData); err != nil { tx.Rollback() return } SetUpdatedInfo(userData, s.GetCxtUserId(), s.GetCxtUserName()) _, err = dao.SysUser.TX(tx).FieldsEx(dao.SysUser.Columns.Id, dao.SysUser.Columns.CreatedTime, dao.SysUser.Columns.DeletedTime, dao.SysUser.Columns.LoginDate). WherePri(userData.Id).Update(userData) if err != nil { g.Log().Error(err) err = gerror.New("修改用户信息失败") tx.Rollback() return } //设置用户所属角色信息 //err = s.EditUserRole(req.RoleIds, req.Id) //if err != nil { // g.Log().Error(err) // err = gerror.New("设置用户权限失败") // tx.Rollback() // return //} //设置用户岗位数据 //err = s.AddUserPost(req.PostIds, int64(req.Id), tx) //if err != nil { // g.Log().Error(err) // err = gerror.New("设置用户岗位信息失败") // tx.Rollback() // return //} tx.Commit() return } // EditUserRole 修改用户角色信息 func (s *userService) EditUserRole(roleIds interface{}, userId int) (err error) { enforcer, e := service.Casbin.GetEnforcer() if e != nil { err = e return } rule := gconv.Ints(roleIds) //删除用户旧角色信息 enforcer.RemoveFilteredGroupingPolicy(0, fmt.Sprintf("%d", userId)) for _, v := range rule { _, err = enforcer.AddGroupingPolicy(fmt.Sprintf("%d", userId), fmt.Sprintf("%d", v)) if err != nil { return } } return } // ResetUserPwd 重置用户密码 func (s *userService) ResetUserPwd(req *model.SysUserResetPwdReq) error { salt := grand.S(10) password := utils.EncryptPassword(req.Password, salt) _, err := dao.SysUser.WherePri(req.Id).Update(g.Map{ dao.SysUser.Columns.UserSalt: salt, dao.SysUser.Columns.Password: password, }) return err } func (s *userService) ChangeUserStatus(req *model.SysUserStatusReq) error { _, err := dao.SysUser.WherePri(req.Id).Update(g.Map{ dao.SysUser.Columns.Status: req.UserStatus, }) return err } // DeleteUserByIds 删除用户信息 func (s *userService) DeleteUserByIds(ctx context.Context, ids []int64) error { return g.DB().Transaction(ctx, func(ctx context.Context, tx *gdb.TX) error { _, err := s.Dao.Ctx(ctx).TX(tx).Where(dao.SysUser.Columns.Id+" in(?)", ids).Delete() //删除对应权限 enforcer, err := service.Casbin.GetEnforcer() if err == nil { for _, v := range ids { enforcer.RemoveFilteredGroupingPolicy(0, fmt.Sprintf("%d", v)) } } //删除用户对应的岗位 _, err = dao.SysUserPost.Ctx(ctx).TX(tx).Delete(dao.SysUserPost.Columns.UserId+" in (?)", ids) return err }) } // SetAvatar 修改用户头像 func (s *userService) SetAvatar(userId int, avatarUrl string) error { _, err := dao.SysUser.WherePri(userId).Unscoped().Update(g.Map{ dao.SysUser.Columns.Avatar: avatarUrl, }) return err } // ProfileEdit 修改个人资料 func (s *userService) ProfileEdit(req *model.ProfileUpReq) error { _, err := dao.SysUser.WherePri(req.UserId).Unscoped().Update(req) return err } // ProfileUpdatePwd 修改个人密码 func (s *userService) ProfileUpdatePwd(req *model.ProfileUpdatePwdReq) error { userInfo, err := s.GetUserInfoById(req.UserId, true) if err != nil { return err } oldPassword := utils.EncryptPassword(req.OldPassword, userInfo.UserSalt) if oldPassword != userInfo.Password { return errors.New("原始密码错误!") } salt := grand.S(10) newPassword := utils.EncryptPassword(req.NewPassword, salt) _, err = dao.SysUser.WherePri(req.UserId).Unscoped().Update(g.Map{ dao.SysUser.Columns.UserSalt: salt, dao.SysUser.Columns.Password: newPassword, }) return err } // GetDataWhere 获取数据权限判断条件 //func (s *sysUser) GetDataWhere(userInfo *dao.CtxUser, entity interface{}) (where g.Map, err error) { // whereJustMe := g.Map{} //本人数据权限 // t := reflect.TypeOf(entity) // for i := 0; i < t.Elem().NumField(); i++ { // if t.Elem().Field(i).Name == "CreatedBy" { // //若存在用户id的字段,则生成判断数据权限的条件 // //1、获取当前用户所属角色 // allRoles := ([]*model.SysRole)(nil) // allRoles, err = SysRole.GetRoleList() // if err != nil { // return nil, err // } // roles := ([]*model.SysRole)(nil) // roles, err = s.GetAdminRole(userInfo.Id, allRoles) // if err != nil { // return nil, err // } // //2获取角色对应数据权限 // deptIdArr := gset.New() // for _, role := range roles { // switch role.DataScope { // case 1: //全部数据权限 // return // case 2: //自定数据权限 // var deptIds []int // deptIds, err = Dept.GetRoleDepts(gconv.int(role.Id)) // if err != nil { // return // } // deptIdArr.Add(gconv.Interfaces(deptIds)...) // case 3: //本部门数据权限 // deptIdArr.Add(gconv.int(userInfo.DeptId)) // case 4: //本部门及以下数据权限 // deptIdArr.Add(gconv.int(userInfo.DeptId)) // //获取正常状态部门数据 // depts := ([]*model.SysDept)(nil) // depts, err = Dept.GetList(&dao.SysDeptSearchParams{Status: "1"}) // if err != nil { // return // } // var dList g.List // for _, d := range depts { // m := g.Map{ // "id": d.DeptId, // "pid": d.ParentId, // "label": d.DeptName, // } // dList = append(dList, m) // } // l := library.FindSonByParentId(dList, gconv.Int(userInfo.DeptId), "pid", "id") // for _, li := range l { // deptIdArr.Add(gconv.int(li["id"])) // } // case 5: //仅本人数据权限 // whereJustMe = g.Map{"user.id": userInfo.Id} // } // } // if deptIdArr.Size() > 0 { // where = g.Map{"user.dept_id": deptIdArr.Slice()} // } else if len(whereJustMe) > 0 { // where = whereJustMe // } // } // } // return //} // GetUsers 通过用户ids查询多个用户信息 func (s *userService) GetUsers(ids []int) (users []*model.SysUserRes, err error) { if len(ids) == 0 { return } idsSet := gset.NewIntSetFrom(ids).Slice() err = dao.SysUser.Where(dao.SysUser.Columns.Id+" in(?)", idsSet).Fields(model.SysUserRes{}). Order(dao.SysUser.Columns.Id + " ASC").Scan(&users) return }