| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 |
- package member
- import (
- "context"
- "time"
- "perms-system-server/internal/consts"
- authHelper "perms-system-server/internal/logic/auth"
- "perms-system-server/internal/response"
- "perms-system-server/internal/svc"
- "perms-system-server/internal/types"
- "github.com/zeromicro/go-zero/core/logx"
- "github.com/zeromicro/go-zero/core/stores/sqlx"
- )
- type UpdateMemberLogic struct {
- logx.Logger
- ctx context.Context
- svcCtx *svc.ServiceContext
- }
- func NewUpdateMemberLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UpdateMemberLogic {
- return &UpdateMemberLogic{
- Logger: logx.WithContext(ctx),
- ctx: ctx,
- svcCtx: svcCtx,
- }
- }
- // UpdateMember 更新产品成员。修改成员类型或启用/禁用状态。降级最后一个 ADMIN 时会被拒绝以保证产品始终有管理员。
- func (l *UpdateMemberLogic) UpdateMember(req *types.UpdateMemberReq) error {
- member, err := l.svcCtx.SysProductMemberModel.FindOne(l.ctx, req.Id)
- if err != nil {
- return response.ErrNotFound("成员不存在")
- }
- if req.MemberType != consts.MemberTypeAdmin &&
- req.MemberType != consts.MemberTypeDeveloper &&
- req.MemberType != consts.MemberTypeMember {
- return response.ErrBadRequest("无效的成员类型")
- }
- if err := authHelper.CheckManageAccess(l.ctx, l.svcCtx, member.UserId, member.ProductCode); err != nil {
- return err
- }
- if err := authHelper.CheckMemberTypeAssignment(l.ctx, req.MemberType); err != nil {
- return err
- }
- nextType := req.MemberType
- nextStatus := member.Status
- if req.Status != 0 {
- if req.Status != consts.StatusEnabled && req.Status != consts.StatusDisabled {
- return response.ErrBadRequest("状态值无效,仅支持 1(启用) 和 2(禁用)")
- }
- nextStatus = req.Status
- }
- if err := l.svcCtx.SysProductMemberModel.TransactCtx(l.ctx, func(ctx context.Context, session sqlx.Session) error {
- locked, err := l.svcCtx.SysProductMemberModel.FindOneForUpdateTx(ctx, session, req.Id)
- if err != nil {
- return response.ErrNotFound("成员不存在")
- }
- wasActiveAdmin := locked.MemberType == consts.MemberTypeAdmin && locked.Status == consts.StatusEnabled
- willBeActiveAdmin := nextType == consts.MemberTypeAdmin && nextStatus == consts.StatusEnabled
- if wasActiveAdmin && !willBeActiveAdmin {
- // 排除当前正在降级/禁用的这一行后还有几个 active admin;为 0 时即为最后一个(见审计 L-5)。
- otherAdminCount, err := l.svcCtx.SysProductMemberModel.CountOtherActiveAdminsTx(ctx, session, member.ProductCode, locked.Id)
- if err != nil {
- return err
- }
- if otherAdminCount == 0 {
- return response.ErrBadRequest("不能降级或禁用该产品的最后一个管理员")
- }
- }
- locked.MemberType = nextType
- locked.Status = nextStatus
- locked.UpdateTime = time.Now().Unix()
- return l.svcCtx.SysProductMemberModel.UpdateWithTx(ctx, session, locked)
- }); err != nil {
- return err
- }
- l.svcCtx.UserDetailsLoader.Del(l.ctx, member.UserId, member.ProductCode)
- return nil
- }
|
