long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b3374dccf4537e858259ff8272cc21594e6f360e
user-system/internal/api/handler/permission_handler.go
long-agent 9b1cea246e feat: permissions CRUD browser integration + E2E enhancements 
Backend:
- permission_handler: 完善权限 CRUD 接口(列表/创建/更新/删除)
- auth_handler: 修复认证处理逻辑
- router: 新增权限管理路由
- handler_test: 新增权限 handler 测试覆盖

Frontend:
- permissions.ts/test.ts: 权限服务层完整实现
- profile/settings/service_tests: 服务适配器修正
- client.ts: HTTP 客户端健壮性增强
- vite.config.js: 构建配置优化
- E2E 脚本: run-playwright-cdp-e2e 大幅增强(权限流程覆盖)

Docs:
- REAL_PROJECT_STATUS: 状态更新
- PRODUCTION_CHECKLIST/QUALITY_STANDARD/TECHNICAL_GUIDE/PROJECT_EXPERIENCE_SUMMARY: 团队规范完善
- plans/2026-04-23: 权限浏览器 CRUD 设计方案

验证: go build 0错误
2026-04-24 07:30:18 +08:00

302 lines
8.4 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package handler
import (
"encoding/json"
"net/http"
"strconv"
"github.com/gin-gonic/gin"
"github.com/user-management-system/internal/domain"
"github.com/user-management-system/internal/service"
)
// PermissionHandler handles permission management requests
type PermissionHandler struct {
permissionService *service.PermissionService
}
// NewPermissionHandler creates a new PermissionHandler
func NewPermissionHandler(permissionService *service.PermissionService) *PermissionHandler {
return &PermissionHandler{permissionService: permissionService}
}
// CreatePermission 创建权限
// @Summary 创建权限
// @Description 创建新的权限定义(仅管理员)
// @Tags 权限管理
// @Accept json
// @Produce json
// @Security BearerAuth
// @Param request body service.CreatePermissionRequest true "权限信息"
// @Success 201 {object} Response{data=domain.Permission} "创建成功"
// @Failure 400 {object} Response "请求参数错误"
// @Failure 403 {object} Response "无权限"
// @Router /api/v1/permissions [post]
func (h *PermissionHandler) CreatePermission(c *gin.Context) {
var req struct {
Name string `json:"name" binding:"required"`
Code string `json:"code" binding:"required"`
Type *int `json:"type" binding:"required"`
Description string `json:"description"`
ParentID *int64 `json:"parent_id"`
Path string `json:"path"`
Method string `json:"method"`
Sort int `json:"sort"`
Icon string `json:"icon"`
}
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
return
}
if req.Type == nil || *req.Type < 0 || *req.Type > 2 {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission type"})
return
}
serviceReq := service.CreatePermissionRequest{
Name: req.Name,
Code: req.Code,
Type: *req.Type,
Description: req.Description,
ParentID: req.ParentID,
Path: req.Path,
Method: req.Method,
Sort: req.Sort,
Icon: req.Icon,
}
perm, err := h.permissionService.CreatePermission(c.Request.Context(), &serviceReq)
if err != nil {
handleError(c, err)
return
}
c.JSON(http.StatusCreated, gin.H{
"code": 0,
"message": "success",
"data": perm,
})
}
// ListPermissions 获取权限列表
// @Summary 获取权限列表
// @Description 获取系统权限列表
// @Tags 权限管理
// @Produce json
// @Security BearerAuth
// @Success 200 {object} Response{data=[]domain.Permission} "权限列表"
// @Router /api/v1/permissions [get]
func (h *PermissionHandler) ListPermissions(c *gin.Context) {
var req service.ListPermissionRequest
if err := c.ShouldBindQuery(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
return
}
perms, _, err := h.permissionService.ListPermissions(c.Request.Context(), &req)
if err != nil {
handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "success",
"data": perms,
})
}
// GetPermission 获取权限详情
// @Summary 获取权限详情
// @Description 根据ID获取权限详细信息
// @Tags 权限管理
// @Produce json
// @Security BearerAuth
// @Param id path int true "权限ID"
// @Success 200 {object} Response{data=domain.Permission} "权限信息"
// @Failure 404 {object} Response "权限不存在"
// @Router /api/v1/permissions/{id} [get]
func (h *PermissionHandler) GetPermission(c *gin.Context) {
id, err := strconv.ParseInt(c.Param("id"), 10, 64)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission id"})
return
}
perm, err := h.permissionService.GetPermission(c.Request.Context(), id)
if err != nil {
handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "success",
"data": perm,
})
}
// UpdatePermission 更新权限
// @Summary 更新权限
// @Description 更新权限信息(仅管理员)
// @Tags 权限管理
// @Accept json
// @Produce json
// @Security BearerAuth
// @Param id path int true "权限ID"
// @Param request body service.UpdatePermissionRequest true "更新信息"
// @Success 200 {object} Response{data=domain.Permission} "更新成功"
// @Failure 400 {object} Response "请求参数错误"
// @Failure 403 {object} Response "无权限"
// @Failure 404 {object} Response "权限不存在"
// @Router /api/v1/permissions/{id} [put]
func (h *PermissionHandler) UpdatePermission(c *gin.Context) {
id, err := strconv.ParseInt(c.Param("id"), 10, 64)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission id"})
return
}
var req service.UpdatePermissionRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
return
}
perm, err := h.permissionService.UpdatePermission(c.Request.Context(), id, &req)
if err != nil {
handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "success",
"data": perm,
})
}
// DeletePermission 删除权限
// @Summary 删除权限
// @Description 删除权限定义(仅管理员)
// @Tags 权限管理
// @Produce json
// @Security BearerAuth
// @Param id path int true "权限ID"
// @Success 200 {object} Response "删除成功"
// @Failure 403 {object} Response "无权限"
// @Failure 404 {object} Response "权限不存在"
// @Router /api/v1/permissions/{id} [delete]
func (h *PermissionHandler) DeletePermission(c *gin.Context) {
id, err := strconv.ParseInt(c.Param("id"), 10, 64)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission id"})
return
}
if err := h.permissionService.DeletePermission(c.Request.Context(), id); err != nil {
handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "permission deleted",
})
}
// UpdatePermissionStatus 更新权限状态
// @Summary 更新权限状态
// @Description 更新权限状态enabled/disabled仅管理员
// @Tags 权限管理
// @Accept json
// @Produce json
// @Security BearerAuth
// @Param id path int true "权限ID"
// @Param request body UpdatePermissionStatusRequest true "状态信息"
// @Success 200 {object} Response "状态更新成功"
// @Failure 400 {object} Response "无效的状态值"
// @Failure 403 {object} Response "无权限"
// @Failure 404 {object} Response "权限不存在"
// @Router /api/v1/permissions/{id}/status [put]
func (h *PermissionHandler) UpdatePermissionStatus(c *gin.Context) {
id, err := strconv.ParseInt(c.Param("id"), 10, 64)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission id"})
return
}
var req struct {
Status json.RawMessage `json:"status" binding:"required"`
}
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
return
}
status, ok := parsePermissionStatus(req.Status)
if !ok {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid status"})
return
}
if err := h.permissionService.UpdatePermissionStatus(c.Request.Context(), id, status); err != nil {
handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "status updated",
})
}
// GetPermissionTree 获取权限树
// @Summary 获取权限树
// @Description 获取系统权限的树形结构
// @Tags 权限管理
// @Produce json
// @Security BearerAuth
// @Success 200 {object} Response{data=[]domain.Permission} "权限树"
// @Router /api/v1/permissions/tree [get]
func parsePermissionStatus(raw json.RawMessage) (domain.PermissionStatus, bool) {
var statusText string
if err := json.Unmarshal(raw, &statusText); err == nil {
switch statusText {
case "enabled", "1":
return domain.PermissionStatusEnabled, true
case "disabled", "0":
return domain.PermissionStatusDisabled, true
}
}
var statusNumber int
if err := json.Unmarshal(raw, &statusNumber); err == nil {
switch statusNumber {
case 1:
return domain.PermissionStatusEnabled, true
case 0:
return domain.PermissionStatusDisabled, true
}
}
return domain.PermissionStatusDisabled, false
}
func (h *PermissionHandler) GetPermissionTree(c *gin.Context) {
tree, err := h.permissionService.GetPermissionTree(c.Request.Context())
if err != nil {
handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "success",
"data": tree,
})
}
Reference in New Issue View Git Blame Copy Permalink