opms_backend/opms_admin/app/service/sys_user.go

package service

import (
	"context"
	comModel "dashoo.cn/micro/app/common/model"
	"dashoo.cn/micro/app/common/service"
	"dashoo.cn/micro/app/dao"
	"dashoo.cn/micro/app/model"
	"dashoo.cn/opms_libary/micro_srv"
	"dashoo.cn/opms_libary/utils"
	"errors"
	"fmt"
	"github.com/gogf/gf/container/gset"
	"github.com/gogf/gf/database/gdb"
	"github.com/gogf/gf/errors/gerror"
	"github.com/gogf/gf/frame/g"
	"github.com/gogf/gf/util/gconv"
	"github.com/gogf/gf/util/grand"
)

type UserService struct {
	Dao *dao.SysUserDao
}

func NewUserService(ctx context.Context) (*UserService, error) {
	user := new(UserService)
	// 获取租户码
	tenant, err := micro_srv.GetTenant(ctx)
	if err != nil {
		return nil, err
	}
	g.Log().Info("Received User.Login request @ " + tenant)
	user.Dao = dao.NewSysUserDao(tenant)
	return user, err
}

//// Login 用户登录，成功返回用户UUID，否则返回空字符串;
//func (s *sysUser) Login(ctx context.Context, tenant, username, password string) (interface{}, error) {
//	record, err := s.SafeModel.Where("username", username).Where("Enabled=1").FindOne()
//	if err != nil {
//		return nil, errors.New("系统异常")
//	}
//	if record.IsEmpty() {
//		return nil, errors.New("账号或密码错误,或限制登录")
//	}
//
//	encodedPwd := record["UserPassword"].String()
//	pubKey := record["PublicKey"].String()
//	p, err := utils.TripleDesDecrypt(encodedPwd, pubKey)
//	if err != nil {
//		return nil, errors.New("密码算法错误")
//	}
//	if password != p {
//		return nil, errors.New("账号或密码错误")
//	}
//	var userInfo request.UserInfo
//	userInfo.Id = record["Id"].Int32()
//	userInfo.UserName = record["UserName"].String()
//	userInfo.RealName = record["Realname"].String()
//	userInfo.Uuid = record["Uuid"].String()
//	userInfo.DeptId = record["DepartmentId"].String()
//	permissionService, err := permission.NewService(s.Tenant)
//	if err != nil {
//		return nil, errors.New("系统异常，请重新尝试")
//	}
//	userRoles, err := permissionService.GetRoleIdsByUser(userInfo.Id)
//	if err != nil {
//		return nil, err
//	}
//	userInfo.Roles = userRoles
//	dataByte, _ := json.Marshal(userInfo)
//	rsp := &auth.Response{}
//	err = authService.Call(ctx, "GetToken", &auth.Request{
//		Tenant:  tenant,
//		UserKey: userInfo.UserName,
//		Uuid:    userInfo.Uuid,
//		Data:    string(dataByte),
//	}, rsp)
//	if err != nil {
//		return nil, err
//	}
//	jsonData, err := gjson.DecodeToJson(rsp.Data)
//	if err != nil {
//		return nil, err
//	}
//
//	return jsonData, nil
//}
//
//// LogOut 退出登录
//func (s *sysUser) LogOut(ctx context.Context, token string) error {
//	glog.Info("Received Auth.RemoveToken request, token:", reqToken)
//	tokenResp := gfToken.RemoveToken(reqToken)
//	if err := gconv.Struct(tokenResp, rsp); err != nil {
//		return err
//	}
//	return nil
//}

func (s *UserService) GetUserList(req *model.SysUserSearchReq) (total int, userList []*model.SysUser, err error) {
	if req.PageSize == 0 {
		req.PageSize = comModel.PageSize
	}
	userModel := dao.SysUser.M
	if req.KeyWords != "" {
		keyWords := "%" + req.KeyWords + "%"
		userModel = userModel.Where("user_name like ? or  nick_name like ?", keyWords, keyWords)
	}
	if len(req.DeptIds) != 0 {
		userModel = userModel.Where("dept_id in (?)", req.DeptIds)
	}
	if req.Status != "" {
		userModel = userModel.Where("status", gconv.Int(req.Status))
	}
	if req.Phone != "" {
		userModel = userModel.Where("phone like ?", "%"+req.Phone+"%")
	}
	if req.BeginTime != "" {
		userModel = userModel.Where("created_at >=?", req.BeginTime)
	}
	if req.EndTime != "" {
		userModel = userModel.Where("created_at <=?", req.EndTime)
	}
	total, err = userModel.Count()
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("获取总行数失败")
		return
	}
	if req.PageNum == 0 {
		req.PageNum = 1
	}
	err = userModel.FieldsEx(dao.SysUser.Columns.Password, dao.SysUser.Columns.UserSalt).
		Page(req.PageNum, req.PageSize).Order("id asc").Scan(&userList)
	return
}

// GetAdminUserByUsernamePassword 后台登陆验证
func (s *UserService) GetAdminUserByUsernamePassword(ctx context.Context, req *model.LoginParamsReq) (user *model.LoginUserRes, err error) {
	user, err = s.GetUserByUsernamePassword(ctx, req)
	if err != nil {
		return
	}
	//判断是否后台用户
	//if user.IsAdmin != 1 {
	//	return nil, gerror.New("抱歉!您不属于后台管理员!")
	//}
	return
}

// GetUserByUsernamePassword 登陆验证
func (s *UserService) GetUserByUsernamePassword(ctx context.Context, req *model.LoginParamsReq) (user *model.LoginUserRes, err error) {
	user, err = s.GetUserByUsername(ctx, req.Username)
	if err != nil {
		return
	}
	if user == nil {
		return nil, gerror.New("账号密码错误")
	}
	//验证密码
	if utils.EncryptPassword(req.Password, user.UserSalt) != user.UserPassword {
		return nil, gerror.New("账号密码错误")
	}
	//账号状态
	if user.UserStatus == "20" {
		return nil, gerror.New("账号已被冻结")
	}
	return
}

// GetUserByUsername 通过用户名获取用户信息
func (s *UserService) GetUserByUsername(ctx context.Context, userName string) (user *model.LoginUserRes, err error) {
	return dao.SysUser.FindByUsername(ctx, userName)
}

// UpdateLoginInfo 更新用户登录信息 保存登录日志
func (s *UserService) UpdateLoginInfo(id int, username, ip, userAgent, msg, module string) {
	status := 0 //登录状态 0失败 1成功
	if id != 0 {
		//说明登录成功更新登录信息
		status = 1
		//dao.SysUser.UpLoginInfo(id, ip)
	}
	//保存登录日志（异步）
	SysLoginLog.Invoke(&model.LoginLogParams{
		Status:    status,
		Username:  username,
		Ip:        ip,
		UserAgent: userAgent,
		Msg:       msg,
		Module:    module,
	})
}

// LoginLog 记录登录日志
func (s *UserService) LoginLog(params *model.LoginLogParams) {
	//ua := user_agent.New(params.UserAgent)
	//browser, _ := ua.Browser()
	//loginData := &model.SysLogin{
	//	LoginName:     params.Username,
	//	Ipaddr:        params.Ip,
	//	LoginLocation: utils.GetCityByIp(params.Ip),
	//	Browser:       browser,
	//	Os:            ua.OS(),
	//	Status:        params.Status,
	//	Msg:           params.Msg,
	//	LoginTime:     gtime.Now(),
	//	Module:        params.Module,
	//}
	//dao.SysLoginLog.SaveLog(loginData)
}

// SaveOnline 保存用户登录在线状态信息
//func (s *sysUser) SaveOnline(params *model.SysUserOnline) {
//	dao.SysUserOnline.SaveOnline(params)
//}

// GetAdminRole 获取用户角色
func (s *UserService) GetAdminRole(userId int, allRoleList []*model.SysRole) (roles []*model.SysRole, err error) {
	var roleIds []uint
	roleIds, err = s.GetAdminRoleIds(userId)
	if err != nil {
		return
	}
	roles = make([]*model.SysRole, 0, len(allRoleList))
	for _, v := range allRoleList {
		for _, id := range roleIds {
			if int(id) == v.Id {
				roles = append(roles, v)
			}
		}
		if len(roles) == len(roleIds) {
			break
		}
	}
	return
}

// GetAdminRoleIds 获取用户角色ids
func (s *UserService) GetAdminRoleIds(userId int) (roleIds []uint, err error) {
	enforcer, e := service.Casbin.GetEnforcer()
	if e != nil {
		err = e
		return
	}
	//查询关联角色规则
	groupPolicy := enforcer.GetFilteredGroupingPolicy(0, gconv.String(userId))
	if len(groupPolicy) > 0 {
		roleIds = make([]uint, len(groupPolicy))
		//得到角色id的切片
		for k, v := range groupPolicy {
			roleIds[k] = gconv.Uint(v[1])
		}
	}
	return
}

// AddUserPost 添加用户岗位信息
func (s *UserService) AddUserPost(postIds []int, userId int64, tx *gdb.TX) (err error) {
	//删除旧岗位信息
	_, err = dao.SysUserPost.TX(tx).Where(dao.SysUserPost.Columns.UserId, userId).Delete()
	if err != nil {
		g.Log().Error(err)
		return
	}
	if len(postIds) == 0 {
		return
	}
	//添加用户岗位信息
	data := g.List{}
	for _, v := range postIds {
		data = append(data, g.Map{
			dao.SysUserPost.Columns.UserId: userId,
			dao.SysUserPost.Columns.PostId: v,
		})
	}
	_, err = dao.SysUserPost.TX(tx).Data(data).Insert()
	if err != nil {
		g.Log().Error(err)
		return
	}
	return
}

// GetUserInfoById 通过Id获取用户信息
func (s *UserService) GetUserInfoById(id int, withPwd ...bool) (user *model.SysUser, err error) {
	if len(withPwd) > 0 && withPwd[0] {
		//用户用户信息
		err = dao.SysUser.Where(dao.SysUser.Columns.Id, id).Scan(&user)
	} else {
		//用户用户信息
		err = dao.SysUser.Where(dao.SysUser.Columns.Id, id).
			FieldsEx(dao.SysUser.Columns.Password, dao.SysUser.Columns.UserSalt).Scan(&user)
	}
	if err != nil {
		g.Log().Error(err)
		return nil, errors.New("获取用户数据失败")
	}
	return
}

// GetEditUser 获取要修改的用户信息
func (s *UserService) GetEditUser(id int) (g.Map, error) {
	userData, err := s.GetUserInfoById(id)
	//获取角色信息
	roleList, err := SysRole.GetRoleList()
	if err != nil {
		g.Log().Error(err)
		return nil, errors.New("获取角色数据失败")
	}
	//获取已选择的角色信息
	checkedRoleIds, err := s.GetAdminRoleIds(id)
	if err != nil {
		g.Log().Error(err)
		return nil, errors.New("获取用户角色数据失败")
	}
	if checkedRoleIds == nil {
		checkedRoleIds = []uint{}
	}
	//获取岗位信息
	posts, err := s.GetUsedPost()
	if err != nil {
		return nil, err
	}
	checkedPosts, err := s.GetUserPostIds(id)
	if err != nil {
		return nil, err
	}

	if checkedPosts == nil {
		checkedPosts = []int{}
	}

	res := g.Map{
		"roleList":       roleList,
		"userInfo":       userData,
		"checkedRoleIds": checkedRoleIds,
		"posts":          posts,
		"checkedPosts":   checkedPosts,
	}

	return res, nil
}

// GetUsedPost 获取正常状态的岗位
func (s *UserService) GetUsedPost() (list []*model.SysPost, err error) {
	err = dao.SysPost.Where(dao.SysPost.Columns.Status, 1).
		Order(dao.SysPost.Columns.Sort + " ASC, " + dao.SysPost.Columns.Id + " ASC ").Scan(&list)
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("获取岗位数据失败")
	}
	return
}

// GetUserPostIds 获取用户岗位
func (s *UserService) GetUserPostIds(userId int) (postIds []int, err error) {
	var list []*model.SysUserPost
	err = dao.SysUserPost.Where(dao.SysUserPost.Columns.UserId, userId).Scan(&list)
	if err != nil {
		g.Log().Error(err)
		return nil, gerror.New("获取用户岗位信息失败")
	}
	postIds = make([]int, 0)
	for _, entity := range list {
		postIds = append(postIds, int(entity.PostId))
	}
	return
}

// GetPostsByUserId 根据用户id获取岗位信息详情
func (s *UserService) GetPostsByUserId(userId int) ([]*model.SysPost, error) {
	postIds, err := s.GetUserPostIds(userId)
	if err != nil {
		return nil, err
	}
	var posts []*model.SysPost
	err = dao.SysPost.Where(dao.SysPost.Columns.Id+" in (?)", postIds).Scan(&posts)
	return posts, err
}

func (s *UserService) AddUser(req *model.AddUserReq) (err error) {
	req.UserSalt = grand.S(10)
	req.Password = utils.EncryptPassword(req.Password, req.UserSalt)
	var tx *gdb.TX
	tx, err = g.DB().Begin()
	if err != nil {
		err = gerror.New("事务开启失败")
		return
	}
	Model := dao.SysUser.TX(tx)
	if i, _ := Model.Where("user_name=?", req.UserName).Count(); i != 0 {
		err = gerror.New("用户名已经存在")
		tx.Rollback()
		return
	}
	if i, _ := Model.Where("phone=?", req.Phone).Count(); i != 0 {
		err = gerror.New("手机号已经存在")
		tx.Rollback()
		return
	}
	userData := new(model.SysUser)
	//userData.UserName = req.UserName
	//userData.DeptId = req.DeptId
	//userData.Status = req.Status
	//userData.Phone = req.Phone
	//userData.Sex = req.Sex
	//userData.Email = req.Email
	//userData.NickName = req.NickName
	//userData.UserSalt = req.UserSalt
	//userData.Password = req.Password
	//userData.Remark = req.Remark
	err = gconv.Struct(req, userData)
	if err != nil {
		tx.Rollback()
		return
	}
	res, err := Model.Insert(userData)
	if err != nil {
		tx.Rollback()
		return
	}
	InsertId, _ := res.LastInsertId()
	fmt.Println(InsertId)
	//err = s.AddUserRole(req.RoleIds, InsertId)
	//if err != nil {
	//	g.Log().Error(err)
	//	err = gerror.New("设置用户权限失败")
	//	tx.Rollback()
	//	return
	//}
	//err = s.AddUserPost(req.PostIds, InsertId, tx)
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("设置用户岗位信息失败")
		tx.Rollback()
		return
	}
	tx.Commit()
	return
}

// AddUserRole 添加用户角色信息
func (s *UserService) AddUserRole(roleIds interface{}, userId int64) (err error) {
	enforcer, e := service.Casbin.GetEnforcer()
	if e != nil {
		err = e
		return
	}
	rule := gconv.Ints(roleIds)
	for _, v := range rule {
		_, err = enforcer.AddGroupingPolicy(fmt.Sprintf("%d", userId), fmt.Sprintf("%d", v))
		if err != nil {
			return
		}
	}
	return
}

// EditUser 修改用户
func (s *UserService) EditUser(req *model.EditUserReq) (err error) {
	if i, _ := dao.SysUser.Where("id!=? and mobile=?", req.UserId, req.Phone).Count(); i != 0 {
		err = gerror.New("手机号已经存在")
		return
	}
	var tx *gdb.TX
	tx, err = g.DB().Begin()
	//保存管理员信息
	var userData *model.SysUser
	err = dao.SysUser.Where("id", req.UserId).Scan(&userData)
	if err != nil || userData == nil {
		g.Log().Error(err)
		err = gerror.New("获取用户信息失败")
		return
	}
	userData.DeptId = req.DeptId
	userData.Status = req.Status
	userData.Phone = req.Phone
	userData.Sex = req.Sex
	userData.Email = req.Email
	userData.NickName = req.NickName
	userData.Remark = req.Remark
	_, err = dao.SysUser.TX(tx).FieldsEx(dao.SysUser.Columns.Id, dao.SysUser.Columns.CreatedTime,
		dao.SysUser.Columns.DeletedTime, dao.SysUser.Columns.LoginDate).
		WherePri(userData.Id).Update(userData)
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("修改用户信息失败")
		tx.Rollback()
		return
	}
	//设置用户所属角色信息
	err = s.EditUserRole(req.RoleIds, req.UserId)
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("设置用户权限失败")
		tx.Rollback()
		return
	}
	//设置用户岗位数据
	err = s.AddUserPost(req.PostIds, int64(req.UserId), tx)
	if err != nil {
		g.Log().Error(err)
		err = gerror.New("设置用户岗位信息失败")
		tx.Rollback()
		return
	}
	tx.Commit()
	return
}

// EditUserRole 修改用户角色信息
func (s *UserService) EditUserRole(roleIds interface{}, userId int) (err error) {
	enforcer, e := service.Casbin.GetEnforcer()
	if e != nil {
		err = e
		return
	}
	rule := gconv.Ints(roleIds)
	//删除用户旧角色信息
	enforcer.RemoveFilteredGroupingPolicy(0, fmt.Sprintf("%d", userId))
	for _, v := range rule {
		_, err = enforcer.AddGroupingPolicy(fmt.Sprintf("%d", userId), fmt.Sprintf("%d", v))
		if err != nil {
			return
		}
	}
	return
}

// ResetUserPwd 重置用户密码
func (s *UserService) ResetUserPwd(req *model.SysUserResetPwdReq) error {
	salt := grand.S(10)
	password := utils.EncryptPassword(req.Password, salt)
	_, err := dao.SysUser.WherePri(req.Id).Update(g.Map{
		dao.SysUser.Columns.UserSalt: salt,
		dao.SysUser.Columns.Password: password,
	})
	return err
}

func (s *UserService) ChangeUserStatus(req *model.SysUserStatusReq) error {
	_, err := dao.SysUser.WherePri(req.Id).Update(g.Map{
		dao.SysUser.Columns.Status: req.UserStatus,
	})
	return err
}

// DeleteUserByIds 删除用户信息
func (s *UserService) DeleteUserByIds(ctx context.Context, ids []int64) error {
	return g.DB().Transaction(ctx, func(ctx context.Context, tx *gdb.TX) error {
		_, err := s.Dao.Ctx(ctx).TX(tx).Where(dao.SysUser.Columns.Id+" in(?)", ids).Delete()
		//删除对应权限
		enforcer, err := service.Casbin.GetEnforcer()
		if err == nil {
			for _, v := range ids {
				enforcer.RemoveFilteredGroupingPolicy(0, fmt.Sprintf("%d", v))
			}
		}
		//删除用户对应的岗位
		_, err = dao.SysUserPost.Ctx(ctx).TX(tx).Delete(dao.SysUserPost.Columns.UserId+" in (?)", ids)
		return err
	})
}

// SetAvatar 修改用户头像
func (s *UserService) SetAvatar(userId int, avatarUrl string) error {
	_, err := dao.SysUser.WherePri(userId).Unscoped().Update(g.Map{
		dao.SysUser.Columns.Avatar: avatarUrl,
	})
	return err
}

// ProfileEdit 修改个人资料
func (s *UserService) ProfileEdit(req *model.ProfileUpReq) error {
	_, err := dao.SysUser.WherePri(req.UserId).Unscoped().Update(req)
	return err
}

// ProfileUpdatePwd 修改个人密码
func (s *UserService) ProfileUpdatePwd(req *model.ProfileUpdatePwdReq) error {
	userInfo, err := s.GetUserInfoById(req.UserId, true)
	if err != nil {
		return err
	}
	oldPassword := utils.EncryptPassword(req.OldPassword, userInfo.UserSalt)
	if oldPassword != userInfo.Password {
		return errors.New("原始密码错误!")
	}
	salt := grand.S(10)
	newPassword := utils.EncryptPassword(req.NewPassword, salt)
	_, err = dao.SysUser.WherePri(req.UserId).Unscoped().Update(g.Map{
		dao.SysUser.Columns.UserSalt: salt,
		dao.SysUser.Columns.Password: newPassword,
	})
	return err
}

// GetDataWhere 获取数据权限判断条件
//func (s *sysUser) GetDataWhere(userInfo *dao.CtxUser, entity interface{}) (where g.Map, err error) {
//	whereJustMe := g.Map{} //本人数据权限
//	t := reflect.TypeOf(entity)
//	for i := 0; i < t.Elem().NumField(); i++ {
//		if t.Elem().Field(i).Name == "CreatedBy" {
//			//若存在用户id的字段，则生成判断数据权限的条件
//			//1、获取当前用户所属角色
//			allRoles := ([]*model.SysRole)(nil)
//			allRoles, err = SysRole.GetRoleList()
//			if err != nil {
//				return nil, err
//			}
//			roles := ([]*model.SysRole)(nil)
//			roles, err = s.GetAdminRole(userInfo.Id, allRoles)
//			if err != nil {
//				return nil, err
//			}
//			//2获取角色对应数据权限
//			deptIdArr := gset.New()
//			for _, role := range roles {
//				switch role.DataScope {
//				case 1: //全部数据权限
//					return
//				case 2: //自定数据权限
//					var deptIds []int
//					deptIds, err = Dept.GetRoleDepts(gconv.int(role.Id))
//					if err != nil {
//						return
//					}
//					deptIdArr.Add(gconv.Interfaces(deptIds)...)
//				case 3: //本部门数据权限
//					deptIdArr.Add(gconv.int(userInfo.DeptId))
//				case 4: //本部门及以下数据权限
//					deptIdArr.Add(gconv.int(userInfo.DeptId))
//					//获取正常状态部门数据
//					depts := ([]*model.SysDept)(nil)
//					depts, err = Dept.GetList(&dao.SysDeptSearchParams{Status: "1"})
//					if err != nil {
//						return
//					}
//					var dList g.List
//					for _, d := range depts {
//						m := g.Map{
//							"id":    d.DeptId,
//							"pid":   d.ParentId,
//							"label": d.DeptName,
//						}
//						dList = append(dList, m)
//					}
//					l := library.FindSonByParentId(dList, gconv.Int(userInfo.DeptId), "pid", "id")
//					for _, li := range l {
//						deptIdArr.Add(gconv.int(li["id"]))
//					}
//				case 5: //仅本人数据权限
//					whereJustMe = g.Map{"user.id": userInfo.Id}
//				}
//			}
//			if deptIdArr.Size() > 0 {
//				where = g.Map{"user.dept_id": deptIdArr.Slice()}
//			} else if len(whereJustMe) > 0 {
//				where = whereJustMe
//			}
//		}
//	}
//	return
//}

// GetUsers 通过用户ids查询多个用户信息
func (s *UserService) GetUsers(ids []int) (users []*model.SysUserRes, err error) {
	if len(ids) == 0 {
		return
	}
	idsSet := gset.NewIntSetFrom(ids).Slice()
	err = dao.SysUser.Where(dao.SysUser.Columns.Id+" in(?)", idsSet).Fields(model.SysUserRes{}).
		Order(dao.SysUser.Columns.Id + " ASC").Scan(&users)
	return
}