supplier_system/src/dashoo.cn/backend/api/controllers/casbin/user.go

package casbin

import (
	"encoding/json"
	"fmt"
	"strconv"
	"strings"

	"dashoo.cn/backend/api/business/accountinfo"
	"dashoo.cn/backend/api/business/company"
	"dashoo.cn/backend/api/business/printscheme"
	. "dashoo.cn/backend/api/controllers"
	"dashoo.cn/business2/parameter"

	"dashoo.cn/backend/api/business/logsinfo"
	"dashoo.cn/business2/auth"

	"dashoo.cn/backend/api/business/organize"
	"dashoo.cn/backend/api/models"
	"dashoo.cn/business2/permission"
	"dashoo.cn/business2/userRole"

	"dashoo.cn/utils"
)

// Operations about Users
type UserController struct {
	BaseController
}

type UserModel struct {
	Username       string `json:"username"`
	Realname       string `json:"realname"`
	Telephone      string `json:"telephone"`
	Mobile         string `json:"mobile"`
	Description    string `json:"description"`
	Photo          string `json:"photo"`
	Role           string `json:"role"`
	RoleId         int    `json:"roleid"`
	Id             int    `json:"id"`
	ChannelIds     string `json:"channelids"`
	Password       string `json:"password"`
	DepartmentId   string `json:"departmentid"`
	DepartmentName string `json:"departmentname"`
	Sign           string `json:"sign"`
	IsCompanyUser  int    `json:"Iscompanyuser"`
	Superior      string  `json:"superior"`
}

type ChangePwdModel struct {
	Pwd    string `json:"pass"`
	NwePwd string `json:"newpass"`
}

type RegisteModel struct {
	Companyname string `json:"companyname"`
	Username    string `json:"username"`
	Password    string `json:"password"`
	Source      string `json:"source"`
}

// @Title get
// @Description get user by token
// @Param	uid		path 	string	true		"The key for staticblock"
// @Success 200 {object} models.User
// @Failure 403 :uid is empty
// @router /me [get]
func (this *UserController) Get() {
	svc := userRole.GetUserService(utils.DBE)
	usermodel := svc.GetUserInfoSelf(this.User.Username)
	//	var companyentity company.Base_Company
	//	svc.GetEntityById(usermodel.AccCode, &companyentity)
	var user models.User
	user.Id = utils.ToStr(usermodel.Id)
	user.Username = usermodel.Username
	user.Profile.Address = usermodel.Homeaddress
	user.Profile.Email = usermodel.Email
	user.Profile.Realname = usermodel.Realname
	user.Profile.Roleid = usermodel.Roleid
	user.Profile.Mobile = usermodel.Mobile
	user.Profile.Telephone = usermodel.Telephone
	user.Profile.Photo = usermodel.Photo
	user.Profile.Description = usermodel.Description
	user.Profile.Host = this.Ctx.Request.Host
	user.Profile.AccCode = usermodel.AccCode
	user.Profile.DepartmentId = usermodel.Departmentid
	user.Profile.IsCompanyUser = usermodel.IsCompanyUser
	user.Profile.Superior = usermodel.Superior
	user.Profile.Id = usermodel.Id
	// todo 从this.User获取用户名，再查询出具体用户
	//	user := models.User{"user01", "张三", models.Profile{Gender: "male", Age: 20, Address: "china", Email: "123zs@gmail.com", Realname: "ppppppp"}}
	this.Data["json"] = user
	this.ServeJSON()
}

// @Title 获取用户菜单权限

// @Description 获取用户菜单权限
// @Success	200	{object} controllers.Request
// @router /getusermodule [get]
func (this *UserController) GetUserModule() {
	//svc := permission.GetPermissionService(utils.DBE)
	//var model UserModuleModel
	//model.A1list = svc.GetModuleAllNamesByCode(this.User.Id, "A1")
	//model.A2list = svc.GetModuleAllNamesByCode(this.User.Id, "A2")
	//this.Data["json"] = model
	//this.ServeJSON()
}

// @Title 获取用户菜单权限
// @Description 获取用户菜单权限
// @Success	200	{object} controllers.Request
// @router /getusermoduletree [get]
func (this *UserController) GetUserModuleTree() {
	svc := permission.GetPermissionService(utils.DBE)
	list := svc.GetModuleAll(this.User.Id, "30000000")
	this.Data["json"] = list
	this.ServeJSON()
}

// @Title 获得用户角色id
// @Description 获得用户角色id
// @Success	200	{object} controllers.Request
// @router /getuserrole/:id [get]
func (this *UserController) UserPowerCheckRole() {
	userid := this.Ctx.Input.Param(":id")
	roleofuser := utils.RBAC.GetRolesForUserInDomain("uid_"+userid, utils.DOMAIN)
	for i := 0; i < len(roleofuser); i++ {
		roleofuser[i] = strings.Replace(roleofuser[i], "rid_", "", 1)
	}
	this.Data["json"] = &roleofuser
	this.ServeJSON()
}

// @Title get
// @Description get user by token
// @Success 200 {object} models.User
// @router /list [get]
func (this *UserController) List() {
	page := this.GetPageInfoForm()
	keyword := this.GetString("keyword")
	username := this.GetString("username")
	departmentname := this.GetString("departmentname")
	IsCompanyUser := this.GetString("IsCompanyUser")
	svc := permission.GetPermissionService(utils.DBE)
	organsvc := organize.GetOrganizeService(utils.DBE)
	var users []userRole.Base_User

	svcPerm := permission.GetPermissionService(utils.DBE)
	isauth := svcPerm.IsAuthorized(this.User.Id, "oil_admin")
	topid := ""
	if isauth {
		paramSvc := baseparameter.GetBaseparameterService(utils.DBE)
		topid = paramSvc.GetBaseparameterMessage("", "paramset", "HeadquartersID") // 总公司Id
	} else {
		topid = organsvc.GetMyUnitDepartmentId(this.User.DepartmentId)
	}
	depids := organsvc.GetAllChildById(topid)
	where := "(IsVisible=1 and IsCompanyUser = 0 and DepartmentId in (" + depids + ") or Id = '" + utils.ToStr(this.User.Id) + "') "
	//外部用户 IsCompanyUser == 1
	if IsCompanyUser == "1" {
		where = "(IsVisible=1 and IsCompanyUser = 1 and CreateUserId='" + utils.ToStr(this.User.Id) + "' or Id = '" + utils.ToStr(this.User.Id) + "')"
	}
	if keyword != "" {
		where = where + " and UserName like '%" + keyword + "%'"
	}
	if username != "" {
		where = where + " and  Realname like '%" + username + "%'"
	}
	if departmentname != "" {
		where = where + " and DepartmentName like '%" + departmentname + "%'"
	}
	total := svc.GetPagingEntitiesWithOrder(page.CurrentPage, page.Size, "Id", false, &users, where)

	var datainfo DataInfo
	datainfo.Items = users
	datainfo.CurrentItemCount = total
	this.Data["json"] = &datainfo
	this.ServeJSON()
}

// @Title 用户角色设置
// @Description 用户角色设置
// @Success	200	{object} controllers.Request
// @router /setuserrole/:id [put]
func (this *UserController) UserPowerPostRole() {
	inputstr := this.Ctx.Input.Param(":id")
	serial := strings.Split(inputstr, "_")
	userid := serial[0]
	var errinfo ErrorInfo
	if userid == "" || userid == "0" {
		errinfo.Message = "操作失败！请求信息不完整"
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}
	roleids := strings.Split(serial[1], ",")
	utils.RBAC.DeleteRolesForUser("uid_" + userid)
	var err error = nil
	for i := 0; i < len(roleids); i++ {
		if roleids[i] != "0" && roleids[i] != "" {
			//err = svc.AddUserToRole(userid, roleids[i], entity[0])
			utils.RBAC.AddRoleForUserInDomain("uid_"+userid, "rid_"+roleids[i], utils.DOMAIN)
		}
	}
	if err == nil {
		errinfo.Message = utils.AlertProcess("用户角色调整成功！")
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = utils.AlertProcess("用户角色调整失败！" + err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Title 创建用户
// @Description 创建用户
// @Param	body	body	business.device.DeviceChannels	"传感器信息"
// @Success	200	{object} controllers.Request
// @router / [post]
func (this *UserController) AddUser() {
	var model UserModel
	var jsonblob = this.Ctx.Input.RequestBody
	json.Unmarshal(jsonblob, &model)
	var errinfo ErrorDataInfo
	departidint, _ := utils.StrTo(model.DepartmentId).Int()
	if departidint < 1 {
		errinfo.Message = "请选择所属组织！"
		errinfo.Code = -3
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}

	//	获取组织名称
	svcorg := organize.GetOrganizeService(utils.DBE)
	model.DepartmentName = svcorg.GetNameById(model.DepartmentId)
	//获取组织上级组织
	//var orginizeentity organize.Base_Organize
	//svcorg.GetEntityById(model.DepartmentId, &orginizeentity)
	var userentity userRole.Base_User
	userentity.Companyid = "0"
	userentity.Superior = model.Superior
	userentity.Roleid, _ = utils.StrTo(model.Role).Int()
	if userentity.Roleid == 0 {
		//userentity.Roleid = 10000123 //普通用户
	}
	if model.IsCompanyUser == 1 {
		parameterSvc := baseparameter.GetBaseparameterService(utils.DBE) //取出外部门ID
		extOrganizeId := parameterSvc.GetBaseparameterMessage("GFGL", "paramset", "ExtRoleId")
		model.RoleId, _ = strconv.Atoi(extOrganizeId)
		userentity.Roleid = model.RoleId
		userentity.IsCompanyUser = model.IsCompanyUser
	}
	userentity.Username = model.Username
	userentity.Realname = model.Realname
	userentity.Telephone = model.Telephone
	userentity.Mobile = model.Mobile
	if model.Sign == "" {
		userentity.Description = model.Description
	} else {
		userentity.Description = model.Sign
	}
	userentity.Photo = model.Photo
	currentuser := this.User
	userentity.Createuserid, _ = utils.StrTo(currentuser.Id).Int()
	userentity.Createby = currentuser.Realname
	userentity.AccCode = this.GetAccode()

	userentity.QRCode = utils.GetGuid()
	userentity.Departmentid = model.DepartmentId
	userentity.Departmentname = model.DepartmentName

	//salt := utils.GetRandomString(5)
	//userentity.Userpassword = fmt.Sprintf("%s$%s", salt, utils.EncodePassword("123456", salt))
	//更改密码算法2014-11-21
	pwd, key, errrk := utils.TripleDesEncrypt("123456")
	if errrk != nil {
		errinfo.Message = "添加失败！" + utils.AlertProcess(errrk.Error())
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}
	userentity.Userpassword = pwd
	userentity.Publickey = key
	userentity.Auditstatus = 1
	userentity.Email = userentity.Username

	svc := userRole.GetUserService(utils.DBE)
	err := svc.AddUser(&userentity)

	if err == nil {
		errinfo.Message = "添加用户成功，初始密码为123456！"
		errinfo.Code = 0
		errinfo.Item = userentity.Id
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	} else {
		errinfo.Message = "添加失败！" + utils.AlertProcess(err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}
}

// @Title 编辑用户
// @Description 编辑用户
// @Param	id	path	string	true		"需要修改的传感器编号"
// @Param	body	body	business.device.DeviceChannels	"传感器信息"
// @Success	200	{object} controllers.Request
// @router /:id [put]
func (this *UserController) EditUser() {
	id := this.Ctx.Input.Param(":id")
	var errinfo ErrorInfo
	if id == "" {
		errinfo.Message = "操作失败！请求信息不完整"
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}
	var model UserModel
	var jsonblob = this.Ctx.Input.RequestBody
	json.Unmarshal(jsonblob, &model)

	var userentity userRole.Base_User
	var userentityempty userRole.Base_User
	svc := userRole.GetUserService(utils.DBE)
	has := svc.GetEntityById(id, &userentity)
	if has {
		//获取组织名称
		svcorg := organize.GetOrganizeService(utils.DBE)
		model.DepartmentName = svcorg.GetNameById(model.DepartmentId)
		//获取组织上级组织
		//var orginizeentity organize.Base_Organize
		//svcorg.GetEntityById(model.DepartmentId, &orginizeentity)
		userentity.Superior = model.Superior
		userentity.Realname = model.Realname
		userentity.Telephone = model.Telephone
		userentity.Mobile = model.Mobile
		if model.Sign == "" {
			userentity.Description = model.Description
		} else {
			userentity.Description = model.Sign
		}
		userentity.Photo = model.Photo
		//		userentity.Roleid = roleid
		userentity.Modifieduserid, _ = utils.StrTo(this.User.Id).Int()
		userentity.Modifiedby = this.User.Realname
		userentity.Departmentid = model.DepartmentId
		userentity.Departmentname = model.DepartmentName

		var cols []string = []string{"Realname", "CompanyId", "DepartmentId", "DepartmentName", "Telephone", "Mobile", "Description", "Photo", "Modifieduserid", "Modifiedby", "Superior"}

		err := svc.UpdateEntityAndBackupByCols(id, &userentity, &userentityempty, cols, utils.ToStr(this.User.Id), this.User.Realname)

		if err == nil {
			errinfo.Message = "保存成功！"
			errinfo.Code = 0
			this.Data["json"] = &errinfo
			this.ServeJSON()
		} else {
			errinfo.Message = "操作失败！" + utils.AlertProcess(err.Error())
			errinfo.Code = -1
			this.Data["json"] = &errinfo
			this.ServeJSON()
		}
	} else {
		errinfo.Message = "操作失败！操作数据不存在"
		errinfo.Code = -3
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}

}

// @Title 删除用户
// @Description 删除用户
// @Param	id		path 	string	true		"需要删除的用户编号"
// @Success 200 {object} ErrorInfo
// @Failure 403 :id 为空
// @router /:id [delete]
func (this *UserController) Delete() {
	id := this.Ctx.Input.Param(":id")
	var errinfo ErrorInfo
	if id == "" {
		errinfo.Message = "操作失败！请求信息不完整"
		errinfo.Code = -2
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}
	var entity userRole.Base_User
	var entityempty userRole.Base_User
	svc := userRole.GetUserService(utils.DBE)
	err := svc.DeleteEntityAndBackup(id, &entity, &entityempty, utils.ToStr(this.User.Id), this.User.Username)
	if err == nil {
		svc.ClearUserRole(id) //清除角色
		errinfo.Message = "删除成功"
		errinfo.Code = 0
		this.Data["json"] = &errinfo
		this.ServeJSON()
	} else {
		errinfo.Message = "删除失败！" + utils.AlertProcess(err.Error())
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
	}
}

// @Title 修改密码
// @Description 修改密码
// @Param	body	body	business.device.DeviceChannels	"传感器信息"
// @Success	200	{object} controllers.Request
// @router /userchangepwd [put]
func (this *UserController) UserChangePWD() {
	var model ChangePwdModel
	var jsonblob = this.Ctx.Input.RequestBody
	json.Unmarshal(jsonblob, &model)
	var errinfo ErrorInfo

	svcauth := auth.GetAuthServic(utils.DBE)
	var user userRole.Base_User

	if svcauth.VerifyUser3DES(this.User.Username, model.Pwd, &user) {
		var entitypaw1, entitypaw2 logsinfo.Userpassword
		idint, _ := utils.StrTo(this.User.Id).Int()
		var umodel userRole.Base_User = userRole.Base_User{Id: idint}
		svcauth.UpdateLog(this.User.Id, &entitypaw1, &entitypaw2, this.User.Id, this.User.Realname)
		err := svcauth.SetNewPassword3DES(&umodel, model.NwePwd)
		if err != nil {
			errinfo.Message = "修改失败！" + err.Error()
			errinfo.Code = -2
			this.Data["json"] = &errinfo
			this.ServeJSON()
		} else {
			errinfo.Message = "密码修改成功"
			errinfo.Code = 0
			this.Data["json"] = &errinfo
			this.ServeJSON()
		}
	} else {
		errinfo.Message = "修改失败！当前密码输入错误"
		errinfo.Code = -1
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}

}

// @Title 注册管理账号
// @Description 注册管理账号
// @Param	body	body	business.device.DeviceChannels	"传感器信息"
// @Success	200	{object} controllers.Request
// @router /registemanage [put]
func (this *UserController) Registerput() {

	var model RegisteModel
	var jsonblob = this.Ctx.Input.RequestBody
	json.Unmarshal(jsonblob, &model)
	var errinfo ErrorInfo

	var user userRole.Base_User
	user.Username = model.Username
	user.Realname = model.Companyname
	//	this.ParseForm(&user) //去页面数值
	svc := company.GetCompanyService(utils.DBE)
	err, comacccode := svc.AddCompany(user.Realname, user.Username) //这两个参数传到company库，返回id
	if err == nil {
		svcuser := userRole.GetUserService(utils.DBE)
		user.AccCode = comacccode //id传到 user库的acccode
		pass := model.Password    //取到前台密码
		//更改密码算法2014-11-21
		pwd, key, errrk := utils.TripleDesEncrypt(pass)
		if errrk != nil {
			errinfo.Message = "添加失败！" + utils.AlertProcess(errrk.Error())
			errinfo.Code = -2
			this.Data["json"] = &errinfo
			this.ServeJSON()
			return
		}
		user.Roleid = 10000120 //企业用户
		user.Auditstatus = 1
		user.Userpassword = pwd
		user.Publickey = key
		user.Email = user.Username
		err = svcuser.AddUser(&user)

		//svcSampleOrgan := sampleorgan.GetSampleOrganService(utils.DBE)
		//var entityOrgan sampleorgan.SampleOrgan
		//entityOrgan.AccCode = comacccode
		//entityOrgan.TNode = "SystemInner"
		//entityOrgan.TNodeParent = "0"
		//entityOrgan.Item = 1
		//entityOrgan.Code = "ALL"
		//entityOrgan.Name = "全部"
		//entityOrgan.CreateBy = user.Username
		//entityOrgan.CreateUserId = user.Id
		//_, err = svcSampleOrgan.InsertEntity(&entityOrgan)
		svcPrintScheme := printscheme.GetPrintSchemeService(utils.DBE)
		var listPrintScheme []printscheme.PrintScheme
		var listPrintScheme_new []printscheme.PrintScheme
		listPrintScheme = svcPrintScheme.GetPrintSchemeList("IsSystem=2")
		for i := 0; i < len(listPrintScheme); i++ {
			listPrintScheme[i].IsSystem = 1
			listPrintScheme[i].CreateBy = user.Username
			listPrintScheme[i].CreateUserId = user.Id
			listPrintScheme[i].AccCode = user.AccCode
			listPrintScheme_new = append(listPrintScheme_new, listPrintScheme[i])
		}
		svc.InsertEntity(&listPrintScheme_new)
		if err == nil {
			//创建表结构
			err := svc.CreateSampleDonorTable(user.AccCode, model.Source)
			if err != nil {
				fmt.Println(err.Error())
			}
			//写入账户信息,赠送短信
			var accountinfo accountinfo.AccountInfo
			accountinfo.ProjectSourse = "biobank"
			accountinfo.ProjectAccount = user.AccCode
			accountinfo.ProjectAccountName = user.Realname
			accountinfo.SurplusCount = 50
			accountinfo.ActionType = "sms"
			u, p := this.GetuAndp()
			strUrl := utils.Cfg.MustValue("server", "apiurl") + "/accountinfos/?u=" + u + "&p=" + p
			Apipost(strUrl, "POST", accountinfo)

			//添加一条组织根节点
			var entityorg organize.Base_Organize
			// 编辑后添加一条数据
			entityorg.Fullname = model.Companyname
			entityorg.Parentid = 0
			entityorg.Createuserid = user.Id
			entityorg.Createby = user.Realname
			entityorg.AccCode = user.AccCode
			svcuser.InsertEntity(&entityorg)

			//修改用户的组织id
			user.Departmentid = utils.ToStr(entityorg.Id)
			user.Departmentname = entityorg.Fullname
			var usercols []string = []string{"Departmentid", "Departmentname"}
			svcuser.UpdateEntityByIdCols(user.Id, &user, usercols)

			errinfo.Message = "注册用户成功！"
			errinfo.Code = 0
			this.Data["json"] = &errinfo
			this.ServeJSON()
		} else {
			errinfo.Message = "注册失败！" + utils.AlertProcess(err.Error())
			errinfo.Code = -2
			this.Data["json"] = &errinfo
			this.ServeJSON()
			return
		}
	} else {
		errinfo.Message = "注册失败！" + utils.AlertProcess(err.Error())
		errinfo.Code = -3
		this.Data["json"] = &errinfo
		this.ServeJSON()
		return
	}

}