feat(auth): 完成租户用户角色资源核心模块

backend/internal/handlers/role.go

@@ -0,0 +1,240 @@
+package handlers
+
+import (
+	"encoding/json"
+	"net/http"
+	"strconv"
+
+	"smart-customer-service/internal/models"
+)
+
+// RoleHandler 角色处理器
+type RoleHandler struct{}
+
+// Create 创建角色
+func (h *RoleHandler) Create(w http.ResponseWriter, r *http.Request) {
+	var role models.Role
+	if err := json.NewDecoder(r.Body).Decode(&role); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	// 验证必填字段
+	if role.Name == "" || role.Code == "" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(map[string]string{
+			"error": "name and code are required",
+		})
+		return
+	}
+
+	// 检查角色代码是否已存在
+	// if exists := checkRoleExists(role.Code); exists {
+	//     http.Error(w, `{"error": "role code already exists"}`, http.StatusConflict)
+	//     return
+	// }
+
+	// TODO: 保存到数据库
+	// db.Create(&role)
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "角色创建成功",
+		"data":    role,
+	})
+}
+
+// List 获取角色列表
+func (h *RoleHandler) List(w http.ResponseWriter, r *http.Request) {
+	page := getPageParam(r, 1)
+	perPage := getPageParam(r, 20)
+
+	// 获取过滤参数
+	tenantIDStr := r.URL.Query().Get("tenant_id")
+	status := r.URL.Query().Get("status")
+	isGlobal := r.URL.Query().Get("is_global")
+
+	// TODO: 查询数据库
+	// var roles []models.Role
+	// query := db.Where("tenant_id = ?", tenantID)
+	// if status != "" {
+	//     query = query.Where("status = ?", status)
+	// }
+	// if isGlobal == "true" {
+	//     query = query.Where("is_global = ?", true)
+	// }
+	// query.Preload("Users").Find(&roles)
+
+	var roles []models.Role
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"total":      0,
+		"page":       page,
+		"per_page":   perPage,
+		"total_pages": 0,
+		"data":       roles,
+	})
+}
+
+// Get 获取单个角色
+func (h *RoleHandler) Get(w http.ResponseWriter, r *http.Request) {
+	idStr := r.URL.Query().Get("id")
+	if idStr == "" {
+		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
+		return
+	}
+
+	id, err := strconv.ParseUint(idStr, 10, 32)
+	if err != nil {
+		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
+		return
+	}
+
+	// TODO: 查询数据库 (包含关联数据)
+	// var role models.Role
+	// db.Preload("Resources").Preload("Users").First(&role, id)
+
+	var role models.Role
+
+	if role.ID == 0 {
+		http.Error(w, `{"error": "role not found"}`, http.StatusNotFound)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(role)
+}
+
+// Update 更新角色
+func (h *RoleHandler) Update(w http.ResponseWriter, r *http.Request) {
+	idStr := r.URL.Query().Get("id")
+	if idStr == "" {
+		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
+		return
+	}
+
+	id, err := strconv.ParseUint(idStr, 10, 32)
+	if err != nil {
+		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
+		return
+	}
+
+	var role models.Role
+	if err := json.NewDecoder(r.Body).Decode(&role); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	// TODO: 更新数据库
+	// db.Model(&role).Where("id = ?", id).Updates(role)
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "角色更新成功",
+		"data":    role,
+	})
+}
+
+// Delete 删除角色
+func (h *RoleHandler) Delete(w http.ResponseWriter, r *http.Request) {
+	idStr := r.URL.Query().Get("id")
+	if idStr == "" {
+		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
+		return
+	}
+
+	id, err := strconv.ParseUint(idStr, 10, 32)
+	if err != nil {
+		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
+		return
+	}
+
+	// 检查是否有用户使用该角色
+	// userCount := countUsersWithRole(id)
+	// if userCount > 0 {
+	//     http.Error(w, `{"error": "cannot delete role with associated users"}`, http.StatusBadRequest)
+	//     return
+	// }
+
+	// TODO: 软删除
+	// db.Where("id = ?", id).Update("deleted_at", time.Now())
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "角色删除成功",
+		"id":      id,
+	})
+}
+
+// AssignResources 分配资源给角色
+func (h *RoleHandler) AssignResources(w http.ResponseWriter, r *http.Request) {
+	idStr := r.URL.Query().Get("id")
+	if idStr == "" {
+		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
+		return
+	}
+
+	id, err := strconv.ParseUint(idStr, 10, 32)
+	if err != nil {
+		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
+		return
+	}
+
+	type resourceAssignment struct {
+		ResourceIDs  []uint   `json:"resource_ids"`
+		ResourceCode []string `json:"resource_codes"` // 也可以通过代码分配
+	}
+
+	var req resourceAssignment
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	// TODO: 分配资源
+	// 1. 验证资源是否存在
+	// 2. 更新 role_resources 关联表
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"message": "资源分配成功",
+		"data":    req,
+	})
+}
+
+// GetPermissions 获取角色的权限列表
+func (h *RoleHandler) GetPermissions(w http.ResponseWriter, r *http.Request) {
+	idStr := r.URL.Query().Get("id")
+	if idStr == "" {
+		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
+		return
+	}
+
+	id, err := strconv.ParseUint(idStr, 10, 32)
+	if err != nil {
+		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
+		return
+	}
+
+	// TODO: 查询数据库
+	// 1. 查询角色
+	// 2. 查询角色关联的资源
+	// 3. 提取所有资源的操作权限
+
+	type PermissionResult struct {
+		ResourceCode string   `json:"resource_code"`
+		Actions      []string `json:"actions"`
+		Description  string   `json:"description"`
+	}
+
+	var permissions []PermissionResult
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"role_id":       id,
+		"permissions":   permissions,
+	})
+}