weiym
/
perms-system-server


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
							package role

import (
	"context"
	"fmt"
	"time"

	"perms-system-server/internal/consts"
	authHelper "perms-system-server/internal/logic/auth"
	"perms-system-server/internal/model/roleperm"
	"perms-system-server/internal/response"
	"perms-system-server/internal/svc"
	"perms-system-server/internal/types"

	"github.com/zeromicro/go-zero/core/logx"
	"github.com/zeromicro/go-zero/core/stores/sqlx"
)

type BindRolePermsLogic struct {
	logx.Logger
	ctx    context.Context
	svcCtx *svc.ServiceContext
}

func NewBindRolePermsLogic(ctx context.Context, svcCtx *svc.ServiceContext) *BindRolePermsLogic {
	return &BindRolePermsLogic{
		Logger: logx.WithContext(ctx),
		ctx:    ctx,
		svcCtx: svcCtx,
	}
}

func (l *BindRolePermsLogic) BindRolePerms(req *types.BindPermsReq) error {
	role, err := l.svcCtx.SysRoleModel.FindOne(l.ctx, req.RoleId)
	if err != nil {
		return response.ErrNotFound("角色不存在")
	}

	if err := authHelper.RequireProductAdminFor(l.ctx, role.ProductCode); err != nil {
		return err
	}

	if len(req.PermIds) > 0 {
		seen := make(map[int64]bool, len(req.PermIds))
		uniqueIds := make([]int64, 0, len(req.PermIds))
		for _, id := range req.PermIds {
			if !seen[id] {
				seen[id] = true
				uniqueIds = append(uniqueIds, id)
			}
		}
		req.PermIds = uniqueIds
	}

	if len(req.PermIds) > 0 {
		perms, err := l.svcCtx.SysPermModel.FindByIds(l.ctx, req.PermIds)
		if err != nil {
			return err
		}
		if len(perms) != len(req.PermIds) {
			return response.ErrBadRequest("包含无效的权限ID")
		}
		for _, p := range perms {
			if p.ProductCode != role.ProductCode {
				return response.ErrBadRequest("不能绑定其他产品的权限")
			}
			if p.Status != consts.StatusEnabled {
				return response.ErrBadRequest(fmt.Sprintf("权限 %s 已被禁用，无法绑定", p.Code))
			}
		}
	}

	if err := l.svcCtx.SysRolePermModel.TransactCtx(l.ctx, func(ctx context.Context, session sqlx.Session) error {
		if err := l.svcCtx.SysRolePermModel.DeleteByRoleIdTx(ctx, session, req.RoleId); err != nil {
			return err
		}
		if len(req.PermIds) == 0 {
			return nil
		}
		now := time.Now().Unix()
		data := make([]*roleperm.SysRolePerm, 0, len(req.PermIds))
		for _, permId := range req.PermIds {
			data = append(data, &roleperm.SysRolePerm{
				RoleId:     req.RoleId,
				PermId:     permId,
				CreateTime: now,
				UpdateTime: now,
			})
		}
		return l.svcCtx.SysRolePermModel.BatchInsertWithTx(ctx, session, data)
	}); err != nil {
		return err
	}

	affectedUserIds, _ := l.svcCtx.SysUserRoleModel.FindUserIdsByRoleId(l.ctx, req.RoleId)
	l.svcCtx.UserDetailsLoader.BatchDel(l.ctx, affectedUserIds, role.ProductCode)
	return nil
}