opms_backend/opms_admin/app/service/sys_role.go

package service

import (
	"context"
	"dashoo.cn/micro/app/dao"
	"dashoo.cn/micro/app/model"
	"dashoo.cn/opms_libary/myerrors"
	"dashoo.cn/opms_libary/utils"
	"github.com/gogf/gf/container/gset"
	"github.com/gogf/gf/database/gdb"
	"github.com/gogf/gf/errors/gerror"
	"github.com/gogf/gf/frame/g"
	"github.com/gogf/gf/util/gconv"
)

type RoleService struct {
	*contextService
	Dao         *dao.SysRoleDao
	roleMenuDao *dao.SysRoleMenuDao
	roleDeptDao *dao.SysRoleDeptDao
}

func NewRoleService(ctx context.Context) (svc *RoleService, err error) {
	svc = new(RoleService)
	if svc.contextService, err = svc.Init(ctx); err != nil {
		return nil, err
	}
	svc.Dao = dao.NewSysRoleDao(svc.Tenant)
	svc.Table = svc.Dao.Table
	svc.roleMenuDao = dao.NewSysRoleMenuDao(svc.Tenant)
	svc.roleDeptDao = dao.NewSysRoleDeptDao(svc.Tenant)
	return svc, nil
}

// GetRoleList 获取角色列表
func (s *RoleService) GetRoleList() (list []*model.SysRole, err error) {
	//从数据库获取
	list, err = s.Dao.Order(s.Dao.Columns.Sort + " asc," + s.Dao.Columns.Id + " asc").All()
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("获取角色数据失败")
	}
	return
}

func (s *RoleService) GetRoleListSearch(req *model.SelectPageReq) (total int, list []*model.SysRole, err error) {
	db := dao.SysRole.M
	if req.RoleName != "" {
		db = db.Where("role_name like ?", "%"+req.RoleName+"%")
	}
	if req.Status != "" {
		db = db.Where("status", req.Status)
	}
	if req.BeginTime != "" {
		db = db.Where("created_time >= ? ", utils.StrToTimestamp(req.BeginTime))
	}
	if req.EndTime != "" {
		db = db.Where("created_time<=?", utils.StrToTimestamp(req.EndTime))
	}
	total, err = db.Count()
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("获取总行数失败")
		return
	}
	err = db.Page(req.GetPage()).Order("id asc").Scan(&list)
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("获取数据失败")
		return
	}
	return
}

func (s *RoleService) GetRoleById(id int64) (roleInfo *model.UpdateSysRoleReq, err error) {
	roleInfo = new(model.UpdateSysRoleReq)
	role := new(model.SysRole)
	err = s.Dao.WherePri(id).Scan(&role)
	if err := gconv.Struct(role, roleInfo); err != nil {
		return nil, err
	}
	var menuList []model.SysRoleMenu
	err = s.roleMenuDao.Where("role_id", id).Scan(&menuList)
	if err != nil {
		return nil, err
	}
	roleInfo.MenuIds = []int{}
	for _, v := range menuList {
		roleInfo.MenuIds = append(roleInfo.MenuIds, v.MenuId)
	}
	return
}

func (s *RoleService) GetRoleDeptTreeselect(id int64) (deptIds []int, err error) {
	count, err := s.Dao.WherePri(id).Count()
	if err != nil || count == 0 {
		return nil, gerror.New("角色不存在")
	}
	roleDeptList, err := s.roleDeptDao.Where("role_id", id).FindAll()
	if err != nil {
		return nil, err
	}
	deptIds = make([]int, len(roleDeptList))
	for _, v := range roleDeptList {
		deptIds = append(deptIds, v.DeptId)
	}
	return
}

// GetRolesMenuPermissions 获取角色菜单权限
func (s *RoleService) GetRolesMenuPermissions(ids []int) (perms []string, err error) {
	result, err := dao.NewSysMenuDao(s.Tenant).Fields(dao.SysMenu.Columns.Perms).WhereIn(dao.SysMenu.Columns.MenuType, g.Slice{"C", "F"}).
		WhereIn(dao.SysMenu.Columns.Id, s.roleMenuDao.WhereIn(s.roleMenuDao.Columns.RoleId, ids).Fields(s.roleMenuDao.Columns.MenuId)).
		WhereNot(dao.SysMenu.Columns.Perms, "").Array()
	perms = gconv.Strings(result)
	return perms, err
}

func (s *RoleService) CreateRole(req *model.SysRoleReq) error {
	data := new(model.SysRole)
	if err := gconv.Struct(req, data); err != nil {
		return err
	}
	SetCreatedInfo(data, s.GetCxtUserId(), s.GetCxtUserName())
	err := s.Dao.Transaction(context.TODO(), func(ctx context.Context, tx *gdb.TX) error {
		roleId, err := s.Dao.TX(tx).Data(data).InsertAndGetId()
		if err != nil {
			return err
		}
		return s.createRoleMenu(tx, roleId, req.MenuIds)
	})
	return err
}

func (s *RoleService) UpdateRole(req *model.UpdateSysRoleReq) error {
	//保存角色信息
	roleMap := gdb.Map{
		"id":        req.Id,
		"role_name": req.RoleName,
		"role_Key":  req.RoleKey,
		"status":    req.Status,
		"sort":      req.Sort,
		"remark":    req.Remark,
	}
	SetUpdatedInfo(roleMap, s.GetCxtUserId(), s.GetCxtUserName())
	err := s.Dao.Transaction(context.TODO(), func(ctx context.Context, tx *gdb.TX) error {
		_, err := tx.Model(model.SysRole{}).Data(roleMap).WherePri(req.Id).Update()
		if err != nil {
			return err
		}
		_, err = s.roleMenuDao.TX(tx).Where(dao.SysRoleMenu.Columns.RoleId, req.Id).Delete()
		if err != nil {
			return err
		}
		return s.createRoleMenu(tx, int64(req.Id), req.MenuIds)
	})
	return err
}

// 角色关联菜单
func (s *RoleService) createRoleMenu(tx *gdb.TX, roleId int64, menuIds []int) error {
	list := g.Slice{}
	for _, v := range menuIds {
		list = append(list, g.Map{
			dao.SysRoleMenu.Columns.RoleId: roleId,
			dao.SysRoleMenu.Columns.MenuId: v,
		})
	}
	_, err := s.roleMenuDao.TX(tx).Insert(list)
	if err != nil {
		return err
	}
	return nil
}

func (s *RoleService) DeleteByIds(ids []int64) (err error) {
	err = s.Dao.Transaction(context.TODO(), func(ctx context.Context, tx *gdb.TX) error {
		_, err = s.Dao.TX(tx).Where("id in(?)", ids).Delete()
		if err != nil {
			return err
		}
		// 删除角色菜单权限
		_, err = s.roleMenuDao.TX(tx).WhereIn(dao.SysRoleMenu.Columns.RoleId, ids).Delete()
		if err != nil {
			return err
		}
		// 删除角色数据权限
		_, err = s.roleDeptDao.TX(tx).WhereIn(dao.SysRoleMenu.Columns.RoleId, ids).Delete()
		return err
	})

	return err
}

func (s *RoleService) UpdateRoleStatus(req *model.StatusSetReq) error {
	_, err := s.Dao.Where(s.Dao.Columns.Id, req.RoleId).Data(s.Dao.Columns.Status, req.Status).Update()
	return err
}

// 设置角色数据权限
func (s *RoleService) UpdateRoleDataScope(req *model.DataScopeReq) error {
	err := s.Dao.Transaction(context.TODO(), func(ctx context.Context, tx *gdb.TX) error {
		_, err := s.Dao.TX(tx).Where("id", req.RoleId).Data(g.Map{"data_scope": req.DataScope}).Update()
		if err != nil {
			return err
		}
		if req.DataScope == 2 {
			_, err := s.roleDeptDao.Where(s.roleDeptDao.Columns.RoleId, req.RoleId).Delete()
			if err != nil {
				return err
			}
			data := g.List{}
			for _, deptId := range req.DeptIds {
				data = append(data, g.Map{"role_id": req.RoleId, "dept_id": deptId})
			}
			_, err = s.roleDeptDao.Data(data).Insert()
			if err != nil {
				return err
			}
		}
		return nil
	})
	return err
}

// GetMaxRoleDataScopeByUser 获取用户所拥有的角色最高数据权限
func (s *RoleService) GetMaxRoleDataScopeByUser(userId int) (string, []int, error) {
	// 获取岗位角色
	postRoleIds, err := dao.NewSysPostRoleDao(s.Tenant).As("postRole").Fields(dao.SysPostRole.Columns.RoleId).
		WhereIn(dao.SysPostRole.Columns.PostId, dao.NewSysUserPostDao(s.Tenant).Where(dao.SysUserPost.Columns.UserId, userId)).Array()

	if err != nil {
		return "", nil, err
	}
	if postRoleIds == nil {
		return "-1", nil, nil
	}
	// 获取用户角色
	userRoleIds, err := dao.NewSysUserRoleDao(s.Tenant).Fields(dao.SysUserRole.Columns.RoleId).Where(dao.SysUserRole.Columns.UserId, userId).Array()
	if err != nil {
		return "", nil, err
	}
	if userRoleIds == nil {
		return "-1", nil, nil
	}
	roleIds := append(postRoleIds, userRoleIds...)
	scopes, err := s.Dao.Fields(s.Dao.Columns.DataScope).Distinct().Order(s.Dao.Columns.DataScope).WhereIn(s.Dao.Columns.Id, roleIds).Array()
	if err != nil {
		return "", nil, err
	}
	if scopes == nil || len(scopes) == 0 {
		return "", nil, gerror.New("用户角色设定有错误。")
	}

	scope := scopes[0].String()
	if scope == "30" {
		for _, v := range scopes {
			if v.String() == "40" {
				scope = "40"
				break
			}
		}
	}

	return scope, gconv.Ints(roleIds), err
}

// GetDataScope 获取某用户数据集合权限，返回Ids(用户Id列表)，返回-1表示无角色，返回-2表示有全部集合权限
func (s *RoleService) GetDataScope(userId int) (ids string, err error) {
	userDao := dao.NewSysUserDao(s.Tenant)
	userInfo, err := userDao.WherePri(userId).Where(dao.SysUser.Columns.Status, "10").FindOne()
	if err != nil {
		return "", err
	}
	if userInfo != nil {
		return "", myerrors.TipsError("用户不存在")
	}

	// 获取角色，获取最高数据权限
	dataScope, roleIds, err := s.GetMaxRoleDataScopeByUser(userId)
	if err != nil {
		return "", err
	}
	if dataScope == "-1" { // 无角色
		return "-1", nil
	}

	// 数据集合权限 10：全部数据权限 20：自定数据权限 30：本部门数据权限 40：本部门及以下数据权限 50：仅本人数据权限
	ids = "-1"
	switch dataScope {
	case "10": // 所有数据权限
		return "-2", nil
	case "20": // 自定数据权限
		userIds, err := userDao.Fields(userDao.Columns.Id).WhereIn(
			userDao.Columns.DeptId, s.roleDeptDao.Fields(s.roleDeptDao.Columns.DeptId).WhereIn(s.roleDeptDao.Columns.RoleId, roleIds),
		).Array()
		if err != nil {
			return "", err
		}
		ids = utils.ToIdsString(userIds)
	case "30": // 本部门数据权限
		userIds, err := userDao.Fields(userDao.Columns.Id).Where(userDao.Columns.DeptId, userInfo.DeptId).Array()
		if err != nil {
			return "", err
		}
		ids = utils.ToIdsString(userIds)
	case "40": // 本部门及以下数据权限
		deptSrv := &DeptService{
			contextService: s.contextService,
			Dao:            dao.NewSysDeptDao(s.Tenant),
		}
		//获取正常状态部门数据
		depts, err := deptSrv.GetList(&model.SysDeptSearchParams{Status: "10"})
		if err != nil {
			return "", err
		}
		deptIdArr := gset.New()
		childrenList := deptSrv.FindSonByParentId(depts, userInfo.DeptId)
		for _, children := range childrenList {
			deptIdArr.Add(gconv.Int(children.Id))
		}

		userIds, err := userDao.Fields(userDao.Columns.Id).WhereIn(userDao.Columns.DeptId, deptIdArr).Array()
		if err != nil {
			return "", err
		}
		ids = utils.ToIdsString(userIds)
	case "50": // 仅本人数据权限
		ids = gconv.String(userId)
	}

	return ids, nil
}