perms-system-server/internal/model/perm/sysPermModel.go

package perm

import (
	"context"
	"database/sql"
	"fmt"
	"strings"

	"perms-system-server/internal/consts"

	"github.com/zeromicro/go-zero/core/stores/cache"
	"github.com/zeromicro/go-zero/core/stores/sqlx"
)

var _ SysPermModel = (*customSysPermModel)(nil)

type (
	SysPermModel interface {
		sysPermModel
		FindListByProductCode(ctx context.Context, productCode string, page, pageSize int64) ([]*SysPerm, int64, error)
		FindAllCodesByProductCode(ctx context.Context, productCode string) ([]string, error)
		FindByIds(ctx context.Context, ids []int64) ([]*SysPerm, error)
		// FindMapByProductCodeWithTx 在事务内查询权限快照；配合 SysProductModel.LockByCodeTx 锁住
		// product 行，可把"读取现有权限 → 增/改/禁用"这段与其他 SyncPermissions 串行化，
		// 避免两次并发同步都认为 code X 不存在并并发 INSERT 导致 1062（见审计 M-6）。
		FindMapByProductCodeWithTx(ctx context.Context, session sqlx.Session, productCode string) (map[string]*SysPerm, error)
		DisableNotInCodesWithTx(ctx context.Context, session sqlx.Session, productCode string, codes []string, now int64) (int64, error)
	}

	customSysPermModel struct {
		*defaultSysPermModel
	}
)

func NewSysPermModel(conn sqlx.SqlConn, c cache.CacheConf, cachePrefix string, opts ...cache.Option) SysPermModel {
	return &customSysPermModel{
		defaultSysPermModel: newSysPermModel(conn, c, cachePrefix, opts...),
	}
}

func (m *customSysPermModel) FindListByProductCode(ctx context.Context, productCode string, page, pageSize int64) ([]*SysPerm, int64, error) {
	var total int64
	countQuery := fmt.Sprintf("SELECT COUNT(*) FROM %s WHERE `productCode` = ?", m.table)
	if err := m.QueryRowNoCacheCtx(ctx, &total, countQuery, productCode); err != nil {
		return nil, 0, err
	}

	var list []*SysPerm
	query := fmt.Sprintf("SELECT %s FROM %s WHERE `productCode` = ? ORDER BY id DESC LIMIT ?,?", sysPermRows, m.table)
	if err := m.QueryRowsNoCacheCtx(ctx, &list, query, productCode, (page-1)*pageSize, pageSize); err != nil {
		return nil, 0, err
	}

	return list, total, nil
}

func (m *customSysPermModel) FindAllCodesByProductCode(ctx context.Context, productCode string) ([]string, error) {
	// 审计 L-1：第 7 轮 L-4 已经统一走 prepared statement 占位符，这里对齐同一口径，避免未来把
	// StatusEnabled 从 int 改成 int8/枚举时 %d 悄悄不匹配；另一层收益是 SQL 指纹更稳定，慢查询
	// 日志 / DBA 审计能按参数化查询稳定归并。
	var codes []string
	query := fmt.Sprintf("SELECT `code` FROM %s WHERE `productCode` = ? AND `status` = ?", m.table)
	if err := m.QueryRowsNoCacheCtx(ctx, &codes, query, productCode, consts.StatusEnabled); err != nil {
		return nil, err
	}
	return codes, nil
}

func (m *customSysPermModel) FindByIds(ctx context.Context, ids []int64) ([]*SysPerm, error) {
	if len(ids) == 0 {
		return nil, nil
	}
	placeholders := make([]string, len(ids))
	args := make([]interface{}, len(ids))
	for i, id := range ids {
		placeholders[i] = "?"
		args[i] = id
	}
	var list []*SysPerm
	query := fmt.Sprintf("SELECT %s FROM %s WHERE `id` IN (%s)", sysPermRows, m.table, strings.Join(placeholders, ","))
	if err := m.QueryRowsNoCacheCtx(ctx, &list, query, args...); err != nil {
		return nil, err
	}
	return list, nil
}

func (m *customSysPermModel) FindMapByProductCodeWithTx(ctx context.Context, session sqlx.Session, productCode string) (map[string]*SysPerm, error) {
	var list []*SysPerm
	query := fmt.Sprintf("SELECT %s FROM %s WHERE `productCode` = ?", sysPermRows, m.table)
	if err := session.QueryRowsCtx(ctx, &list, query, productCode); err != nil {
		return nil, err
	}
	result := make(map[string]*SysPerm, len(list))
	for _, p := range list {
		result[p.Code] = p
	}
	return result, nil
}

func (m *customSysPermModel) DisableNotInCodesWithTx(ctx context.Context, session sqlx.Session, productCode string, codes []string, now int64) (int64, error) {
	// 审计 L-1：把 status = %d 全部换成参数占位符，与 sysUserRole / sysUserPerm / sysRole
	// L-4 修复风格对齐。占位符顺序：
	//   SELECT：productCode, statusEnabled, [codes...]
	//   UPDATE：statusDisabled, now, productCode, statusEnabled, [codes...]
	// 先查出将被禁用的行，构建缓存 key
	var findQuery string
	var findArgs []interface{}
	if len(codes) == 0 {
		findQuery = fmt.Sprintf("SELECT %s FROM %s WHERE `productCode` = ? AND `status` = ?", sysPermRows, m.table)
		findArgs = []interface{}{productCode, consts.StatusEnabled}
	} else {
		placeholders := make([]string, len(codes))
		findArgs = make([]interface{}, 0, len(codes)+2)
		findArgs = append(findArgs, productCode, consts.StatusEnabled)
		for i, code := range codes {
			placeholders[i] = "?"
			findArgs = append(findArgs, code)
		}
		findQuery = fmt.Sprintf("SELECT %s FROM %s WHERE `productCode` = ? AND `status` = ? AND `code` NOT IN (%s)",
			sysPermRows, m.table, strings.Join(placeholders, ","))
	}

	var affected []*SysPerm
	if err := session.QueryRowsCtx(ctx, &affected, findQuery+" FOR UPDATE", findArgs...); err != nil {
		return 0, err
	}
	if len(affected) == 0 {
		return 0, nil
	}

	keys := make([]string, 0, len(affected)*2)
	for _, data := range affected {
		keys = append(keys,
			fmt.Sprintf("%s%v", cacheSysPermIdPrefix, data.Id),
			fmt.Sprintf("%s%v:%v", cacheSysPermProductCodeCodePrefix, data.ProductCode, data.Code),
		)
	}

	var updateQuery string
	var updateArgs []interface{}
	if len(codes) == 0 {
		updateQuery = fmt.Sprintf("UPDATE %s SET `status` = ?, `updateTime` = ? WHERE `productCode` = ? AND `status` = ?", m.table)
		updateArgs = []interface{}{consts.StatusDisabled, now, productCode, consts.StatusEnabled}
	} else {
		placeholders := make([]string, len(codes))
		updateArgs = make([]interface{}, 0, len(codes)+4)
		updateArgs = append(updateArgs, consts.StatusDisabled, now, productCode, consts.StatusEnabled)
		for i, code := range codes {
			placeholders[i] = "?"
			updateArgs = append(updateArgs, code)
		}
		updateQuery = fmt.Sprintf("UPDATE %s SET `status` = ?, `updateTime` = ? WHERE `productCode` = ? AND `status` = ? AND `code` NOT IN (%s)",
			m.table, strings.Join(placeholders, ","))
	}

	res, err := m.ExecCtx(ctx, func(ctx context.Context, conn sqlx.SqlConn) (sql.Result, error) {
		return session.ExecCtx(ctx, updateQuery, updateArgs...)
	}, keys...)
	if err != nil {
		return 0, err
	}
	rows, _ := res.RowsAffected()
	return rows, nil
}