opms_backend/opms_admin/app/service/sys_user.go

package service

import (
	"context"
	"dashoo.cn/micro/app/dao"
	"dashoo.cn/micro/app/model"
	"dashoo.cn/opms_libary/myerrors"
	"dashoo.cn/opms_libary/plugin/dingtalk"
	"dashoo.cn/opms_libary/request"
	"dashoo.cn/opms_libary/utils"
	"database/sql"
	"errors"
	"github.com/gogf/gf/container/garray"
	"github.com/gogf/gf/container/gset"
	"github.com/gogf/gf/database/gdb"
	"github.com/gogf/gf/errors/gerror"
	"github.com/gogf/gf/frame/g"
	"github.com/gogf/gf/util/gconv"
	"github.com/gogf/gf/util/grand"
)

type UserService struct {
	*contextService
	Dao          *dao.SysUserDao
	userRoleDao  *dao.SysUserRoleDao
	userPostDao  *dao.SysUserPostDao
	userGroupDao *dao.SysUserGroupDao
}

func NewUserService(ctx context.Context) (svc *UserService, err error) {
	svc = new(UserService)
	if svc.contextService, err = svc.Init(ctx); err != nil {
		return nil, err
	}
	svc.Dao = dao.NewSysUserDao(svc.Tenant)
	svc.userRoleDao = dao.NewSysUserRoleDao(svc.Tenant)
	svc.userPostDao = dao.NewSysUserPostDao(svc.Tenant)
	svc.userGroupDao = dao.NewSysUserGroupDao(svc.Tenant)
	return svc, nil
}

// Login 用户登录，成功返回用户UUID，否则返回空字符串;
func (s *UserService) Login(username, password string) (*request.UserInfo, error) {
	sysUserInfo, err := s.Dao.Where(s.Dao.C.UserName, username).Where(s.Dao.C.Status, "10").WhereGT(s.Dao.C.AllowErrorNum, 0).FindOne()
	if err != nil {
		return nil, myerrors.TipsError("系统异常")
	}
	if sysUserInfo == nil {
		return nil, myerrors.TipsError("账号错误或已限制登录")
	}
	// 验证密码
	if utils.EncryptPassword(password, sysUserInfo.UserSalt) != sysUserInfo.Password {
		s.Dao.WherePri(sysUserInfo.Id).Decrement(s.Dao.C.AllowErrorNum, 1)
		return nil, myerrors.TipsError("账号密码错误")
	}
	//账号状态
	if sysUserInfo.Status == "20" {
		return nil, myerrors.TipsError("账号已被冻结")
	}

	userInfo := new(request.UserInfo)
	if err = gconv.Struct(sysUserInfo, userInfo); err != nil {
		return nil, err
	}
	userInfo.IsFirstLogin = sysUserInfo.IsFirstLogin == "10"

	// 数据权限
	userInfo.DataScope, err = s.GetDataScope(userInfo)
	if err != nil {
		g.Log().Error(err)
		return nil, myerrors.TipsError("获取用户数据权限失败")
	}

	// 更新允许登录错误次数和是否首次登录
	if sysUserInfo.AllowErrorNum != 5 {
		data := g.Map{
			s.Dao.C.AllowErrorNum: 5,
		}
		s.Dao.WherePri(sysUserInfo.Id).Data(data).Update()
	}

	return userInfo, nil
}

func (s *UserService) GetUserList(req *model.SysUserSearchReq) (total int, userList []*model.SysUserRes, err error) {
	userModel := s.Dao.As("u")
	if req.KeyWords != "" {
		keyWords := "%" + req.KeyWords + "%"
		userModel = userModel.Where("u.user_name like ? or  u.nick_name like ?", keyWords, keyWords)
	}
	if req.DeptId != 0 {
		userModel = userModel.Where("u.dept_id", req.DeptId)
	}
	if len(req.DeptIds) != 0 {
		userModel = userModel.WhereIn("u.dept_id", req.DeptIds)
	}
	if req.Status != "" {
		userModel = userModel.Where("u.status", gconv.Int(req.Status))
	}
	if req.Phone != "" {
		userModel = userModel.WhereLike("u.phone", "%"+req.Phone+"%")
	}
	if req.BeginTime != "" {
		userModel = userModel.WhereGTE("u.created_time", req.BeginTime)
	}
	if req.EndTime != "" {
		userModel = userModel.WhereLTE("u.created_time", req.EndTime)
	}
	if len(req.Roles) > 0 {
		insql := dao.NewSysRoleDao(s.Tenant).Fields(dao.SysRole.C.Id).WhereIn(dao.SysRole.C.RoleKey, req.Roles).M
		userModel = userModel.LeftJoin(dao.SysUserRole.Table, "ur", "u.id=ur.user_id").WhereIn("ur.role_id", insql)
	}
	if len(req.Posts) > 0 {
		insql := dao.NewSysPostDao(s.Tenant).Fields(dao.SysPost.C.Id).WhereIn(dao.SysPost.C.PostCode, req.Posts).M
		userModel = userModel.LeftJoin(dao.SysUserPost.Table, "up", "u.id=up.user_id").WhereIn("up.post_id", insql)
	}
	if len(req.Groups) > 0 {
		insql := dao.NewSysGroupDao(s.Tenant).Fields(dao.SysGroup.C.Id).WhereIn(dao.SysGroup.C.GroupCode, req.Groups).M
		userModel = userModel.LeftJoin(dao.SysUserGroup.Table, "ug", "u.id=ug.user_id").WhereIn("ug.group_id", insql)
	}
	total, err = userModel.Count()
	if err != nil {
		return
	}

	userModel = userModel.OrderAsc("u.id")
	if req.OrderBy == "userName" {
		userModel = userModel.OrderAsc("u.user_name")
	}
	if req.OrderBy == "createdTime" {
		userModel = userModel.OrderAsc("u.created_time")
	}
	err = userModel.Page(req.GetPage()).Scan(&userList)
	deptService, _ := NewDeptService(s.Ctx)
	deptInfo, err := deptService.GetAllDeptName()
	if err != nil {
		return
	}
	for _, v := range userList {
		v.Password = ""
		v.UserSalt = ""
		v.DeptName = deptInfo[v.DeptId]
	}
	return
}

// GetUserByDept 获取部门下用户
func (s *UserService) GetUserByDept(deptId int) (userList []*model.SysUser, err error) {
	count, err := dao.NewSysDeptDao(s.Tenant).Where(dao.SysDept.C.Id, deptId).Where(dao.SysDept.C.Status, "10").Count()
	if err != nil {
		return nil, err
	}
	if count == 0 {
		return nil, myerrors.TipsError("部门不存在或已停用")
	}
	err = s.Dao.Where(s.Dao.C.DeptId, deptId).FieldsEx(s.Dao.C.Password, s.Dao.C.UserSalt).Scan(&userList)
	return userList, err
}

// GetUsersByDeptEx 获取部门及子部门下的用户
func (s *UserService) GetUsersByDeptEx(req *model.SysUserSearchReq) (total int, userList []*model.SysUser, err error) {
	depts, err := dao.NewSysDeptDao(s.Tenant).Fields(dao.SysDept.C.Id).Wheref("find_in_set( %d , ancestors )", req.DeptId).Array()
	if err != nil {
		if err == sql.ErrNoRows {
			return 0, nil, gerror.New("无部门数据")
		}
		return 0, nil, err
	}
	if len(depts) == 0 {
		return 0, nil, gerror.New("无部门数据")
	}
	depIds := gconv.Ints(depts)

	userModel := s.Dao.M
	if req.KeyWords != "" {
		keyWords := "%" + req.KeyWords + "%"
		userModel = userModel.Where("user_name like ? or nick_name like ?", keyWords, keyWords)
	}
	if req.Phone != "" {
		userModel = userModel.WhereLike(s.Dao.C.Phone, "%"+req.Phone+"%")
	}
	if len(depts) > 0 {
		userModel = userModel.WhereIn(s.Dao.C.DeptId, depIds)
	}
	total, err = userModel.Count()
	if err != nil {
		return 0, nil, err
	}

	err = userModel.Page(req.GetPage()).OrderAsc(s.Dao.C.Id).FieldsEx(s.Dao.C.Password, s.Dao.C.UserSalt).Scan(&userList)
	return total, userList, err
}

// GetUserByRole 获取角色关联的用户
func (s *UserService) GetUserByRole(roleId int) (userList []*model.SysUser, err error) {
	count, err := dao.NewSysRoleDao(s.Tenant).Where(dao.SysRole.C.Id, roleId).Where(dao.SysRole.C.Status, "10").Count()
	if err != nil {
		return nil, err
	}
	if count == 0 {
		return nil, myerrors.TipsError("角色不存在或已停用")
	}
	userList = make([]*model.SysUser, 0)
	err = s.Dao.FieldsEx(s.Dao.C.Password, s.Dao.C.UserSalt).Where(s.Dao.C.Status, "10").
		WhereIn(s.Dao.C.Id, dao.NewSysUserRoleDao(s.Tenant).Fields(dao.SysUserRole.C.UserId).WhereIn(dao.SysUserRole.C.RoleId, roleId)).
		Scan(&userList)
	return userList, err
}

// GetAdminUserByUsernamePassword 后台登陆验证
func (s *UserService) GetAdminUserByUsernamePassword(ctx context.Context, req *model.LoginParamsReq) (user *model.LoginUserRes, err error) {
	user, err = s.GetUserByUsernamePassword(ctx, req)
	if err != nil {
		return
	}
	//判断是否后台用户
	//if user.IsAdmin != 1 {
	//	return nil, myerrors.TipsError("抱歉!您不属于后台管理员!")
	//}
	return
}

// GetUserByUsernamePassword 登陆验证
func (s *UserService) GetUserByUsernamePassword(ctx context.Context, req *model.LoginParamsReq) (user *model.LoginUserRes, err error) {
	user, err = s.GetUserByUsername(ctx, req.Username)
	if err != nil {
		return
	}
	if user == nil {
		return nil, myerrors.TipsError("账号密码错误")
	}
	//验证密码
	if utils.EncryptPassword(req.Password, user.UserSalt) != user.UserPassword {
		return nil, myerrors.TipsError("账号密码错误")
	}
	//账号状态
	if user.UserStatus == "20" {
		return nil, myerrors.TipsError("账号已被冻结")
	}
	return
}

// GetUserByUsername 通过用户名获取用户信息
func (s *UserService) GetUserByUsername(ctx context.Context, userName string) (user *model.LoginUserRes, err error) {
	user = &model.LoginUserRes{}
	err = s.Dao.Ctx(ctx).Fields(user).Where(s.Dao.C.UserName, userName).Scan(user)
	if err != nil {
		return nil, err
	}
	if err == sql.ErrNoRows {
		return nil, myerrors.TipsError("用户信息不存在")
	}
	return user, nil
}

// GetUserInfoById 通过Id获取用户信息
func (s *UserService) GetUserInfoById(id int, withPwd ...bool) (user *model.SysUserRes, err error) {
	if len(withPwd) > 0 && withPwd[0] {
		//用户用户信息
		err = s.Dao.Where(s.Dao.C.Id, id).Scan(&user)
	} else {
		//用户用户信息
		err = s.Dao.Where(s.Dao.C.Id, id).FieldsEx(s.Dao.C.Password, s.Dao.C.UserSalt).Scan(&user)
	}
	if err != nil {
		g.Log().Error(err)
		return nil, errors.New("获取用户数据失败")
	}
	return
}

func (s *UserService) CreateUser(req *model.AddUserReq) (err error) {
	if i, _ := s.Dao.Where("user_name", req.UserName).Count(); i != 0 {
		err = myerrors.TipsError("用户名已经存在")
		return
	}
	if i, _ := s.Dao.Where("phone", req.Phone).Count(); i != 0 {
		err = myerrors.TipsError("手机号已经存在")
		return
	}
	userData := new(model.SysUser)
	if err = gconv.Struct(req, userData); err != nil {
		return
	}

	var tx *gdb.TX
	tx, err = s.Dao.DB.Begin()
	if err != nil {
		err = myerrors.TipsError("事务开启失败")
		return
	}
	userData.IsFirstLogin = "10"
	userData.AllowErrorNum = 5
	userData.UserSalt = grand.S(10)
	userData.Password = utils.EncryptPassword(userData.Password, userData.UserSalt)
	userData.DingtalkUid, userData.DingtalkId = dingtalk.NewClient().GetContact().QueryUserIdAndUnionidByPhone(req.Phone)
	SetCreatedInfo(userData, s.GetCxtUserId(), s.GetCxtUserName())
	insertId, err := s.Dao.TX(tx).InsertAndGetId(userData)
	if err != nil {
		tx.Rollback()
		return
	}
	if err := s.AddUserOtherInfo(req.SetUserReq, insertId, tx); err != nil {
		tx.Rollback()
		return err
	}
	tx.Commit()
	return
}

// AddUserOtherInfo 重新设置用户相关其他表信息
func (s *UserService) AddUserOtherInfo(req model.SetUserReq, insertId int64, tx *gdb.TX) (err error) {
	// 设置用户角色信息
	err = s.AddUserRole(req.RoleIds, insertId, tx)
	if err != nil {
		g.Log().Error(err)
		err = myerrors.TipsError("设置用户权限失败")
		tx.Rollback()
		return
	}
	// 设置用户岗位信息
	err = s.AddUserPost(req.PostIds, insertId, tx)
	if err != nil {
		g.Log().Error(err)
		err = myerrors.TipsError("设置用户岗位信息失败")
		tx.Rollback()
		return
	}
	// 设置用户的用户组信息
	err = s.AddUserGroup(req.GroupIds, insertId, tx)
	if err != nil {
		g.Log().Error(err)
		err = myerrors.TipsError("设置用户组信息失败")
		tx.Rollback()
		return
	}
	return
}

// AddUserRole 添加用户角色信息
func (s *UserService) AddUserRole(roleIds []int, userId int64, tx *gdb.TX) (err error) {
	s.userRoleDao = dao.NewSysUserRoleDao(s.Tenant)
	//删除旧用户角色信息
	_, err = s.userRoleDao.TX(tx).Where(dao.SysUserPost.C.UserId, userId).Delete()
	if err != nil {
		g.Log().Error(err)
		return
	}
	if len(roleIds) == 0 {
		return
	}
	//添加用户岗位信息
	data := g.List{}
	for _, v := range roleIds {
		data = append(data, g.Map{
			dao.SysUserRole.C.UserId: userId,
			dao.SysUserRole.C.RoleId: v,
		})
	}
	_, err = s.userRoleDao.TX(tx).Data(data).Insert()
	if err != nil {
		g.Log().Error(err)
		return
	}
	return
}

// AddUserPost 添加用户岗位信息
func (s *UserService) AddUserPost(postIds []int, userId int64, tx *gdb.TX) (err error) {
	s.userPostDao = dao.NewSysUserPostDao(s.Tenant)
	//删除旧岗位信息
	_, err = s.userPostDao.TX(tx).Where(dao.SysUserPost.C.UserId, userId).Delete()
	if err != nil {
		g.Log().Error(err)
		return
	}
	if len(postIds) == 0 {
		return
	}
	//添加用户岗位信息
	data := g.List{}
	for _, v := range postIds {
		data = append(data, g.Map{
			dao.SysUserPost.C.UserId: userId,
			dao.SysUserPost.C.PostId: v,
		})
	}
	_, err = s.userPostDao.TX(tx).Data(data).Insert()
	if err != nil {
		g.Log().Error(err)
		return
	}
	return
}

// AddUserGroup 添加用户的用户组信息
func (s *UserService) AddUserGroup(groupIds []int, userId int64, tx *gdb.TX) (err error) {
	s.userGroupDao = dao.NewSysUserGroupDao(s.Tenant)
	//删除旧用户组信息
	_, err = s.userGroupDao.TX(tx).Where(dao.SysUserGroup.C.UserId, userId).Delete()
	if err != nil {
		g.Log().Error(err)
		return
	}
	if len(groupIds) == 0 {
		return
	}
	//添加用户的用户组信息
	data := g.List{}
	for _, v := range groupIds {
		data = append(data, g.Map{
			dao.SysUserGroup.C.UserId:      userId,
			dao.SysUserGroup.C.GroupId:     v,
			dao.SysUserGroup.C.CreatedBy:   userId,
			dao.SysUserGroup.C.CreatedName: v,
		})
	}
	_, err = s.userGroupDao.TX(tx).Data(data).Insert()
	if err != nil {
		g.Log().Error(err)
		return
	}
	return
}

// UpdateUser 修改用户
func (s *UserService) UpdateUser(req *model.EditUserReq) (err error) {
	if i, _ := s.Dao.Where("id!=? and phone=?", req.Id, req.Phone).Count(); i != 0 {
		err = myerrors.TipsError("手机号已经存在")
		return
	}
	var tx *gdb.TX
	tx, err = s.Dao.DB.Begin()
	//保存管理员信息
	var userData *model.SysUser
	err = s.Dao.Where("id", req.Id).Scan(&userData)
	if err != nil || userData == nil {
		g.Log().Error(err)
		err = myerrors.TipsError("获取用户信息失败")
		return
	}
	if err = gconv.Struct(req, userData); err != nil {
		tx.Rollback()
		return
	}
	SetUpdatedInfo(userData, s.GetCxtUserId(), s.GetCxtUserName())
	_, err = s.Dao.TX(tx).FieldsEx(s.Dao.C.Id, s.Dao.C.CreatedTime,
		s.Dao.C.DeletedTime, s.Dao.C.LoginDate).
		WherePri(userData.Id).Update(userData)
	if err != nil {
		g.Log().Error(err)
		err = myerrors.TipsError("修改用户信息失败")
		tx.Rollback()
		return
	}
	if err := s.AddUserOtherInfo(req.SetUserReq, int64(req.Id), tx); err != nil {
		return err
	}
	tx.Commit()
	return
}

// ResetUserPwd 重置用户密码
func (s *UserService) ResetUserPwd(req *model.SysResetPwdReq) error {
	// todo:校验用户是否有修改权限
	arr := garray.NewStrArrayFrom(s.CxtUser.Roles, true)
	if !arr.Contains("SysAdmin") {
		return myerrors.TipsError("权限不足")
	}
	salt := grand.S(10)
	password := utils.EncryptPassword(req.Password, salt)
	data := g.Map{
		s.Dao.C.UserSalt:      salt,
		s.Dao.C.Password:      password,
		s.Dao.C.IsFirstLogin:  "10",
		s.Dao.C.AllowErrorNum: 5,
	}
	SetCurrentUpdatedInfo(data, s.CxtUser)
	_, err := s.Dao.WherePri(req.Id).Data(data).Update()
	return err
}

func (s *UserService) ChangeUserStatus(req *model.SysUserStatusReq) error {
	data := g.Map{
		s.Dao.C.Status: req.UserStatus,
	}
	SetCurrentUpdatedInfo(data, s.CxtUser)
	_, err := s.Dao.WherePri(req.Id).Data(data).Update()
	return err
}

// DeleteUserByIds 删除用户信息
func (s *UserService) DeleteUserByIds(ctx context.Context, ids []int64) error {
	return s.Dao.Transaction(ctx, func(ctx context.Context, tx *gdb.TX) error {
		_, err := s.Dao.Ctx(ctx).TX(tx).Where(s.Dao.C.Id+" in(?)", ids).Delete()
		//删除用户对应的岗位
		//_, err = dao.SysUserPost.Ctx(ctx).TX(tx).Delete(dao.SysUserPost.C.UserId+" in (?)", ids)
		return err
	})
}

// SetAvatar 修改用户头像
func (s *UserService) SetAvatar(userId int, avatarUrl string) error {
	_, err := s.Dao.WherePri(userId).Unscoped().Update(g.Map{
		s.Dao.C.Avatar: avatarUrl,
	})
	return err
}

// ProfileEdit 修改个人资料
func (s *UserService) ProfileEdit(req *model.ProfileUpReq) error {
	_, err := s.Dao.WherePri(req.UserId).Unscoped().Update(req)
	return err
}

// ProfileUpdatePwd 修改个人密码
func (s *UserService) ProfileUpdatePwd(req *model.ProfileUpdatePwdReq) error {
	userInfo, err := s.GetUserInfoById(req.UserId, true)
	if err != nil {
		return err
	}
	oldPassword := utils.EncryptPassword(req.OldPassword, userInfo.UserSalt)
	if oldPassword != userInfo.Password {
		return myerrors.TipsError("原始密码错误!")
	}
	salt := grand.S(10)
	newPassword := utils.EncryptPassword(req.NewPassword, salt)
	data := g.Map{
		s.Dao.C.UserSalt:      salt,
		s.Dao.C.Password:      newPassword,
		s.Dao.C.AllowErrorNum: 5,
	}
	// 更新是否首次登录
	if userInfo.IsFirstLogin == "10" {
		data[s.Dao.C.IsFirstLogin] = "20"
	}

	SetCurrentUpdatedInfo(data, s.CxtUser)
	_, err = s.Dao.WherePri(req.UserId).Unscoped().Update(data)
	return err
}

// GetUsersNickName 通过用户ids查询多个用户信息
func (s *UserService) GetUsersNickName(ids []int) (users []*model.SysUserNickNameRes, err error) {
	if len(ids) == 0 {
		return
	}
	idsSet := gset.NewIntSetFrom(ids).Slice()
	err = s.Dao.Where(s.Dao.C.Id+" in(?)", idsSet).Fields(model.SysUserNickNameRes{}).
		Order(s.Dao.C.Id + " ASC").Scan(&users)
	return
}