smart-customer-service/backend/internal/handlers/role.go

package handlers

import (
	"encoding/json"
	"net/http"
	"strconv"

	"smart-customer-service/internal/models"
)

// RoleHandler 角色处理器
type RoleHandler struct{}

// Create 创建角色
func (h *RoleHandler) Create(w http.ResponseWriter, r *http.Request) {
	var role models.Role
	if err := json.NewDecoder(r.Body).Decode(&role); err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	// 验证必填字段
	if role.Name == "" || role.Code == "" {
		w.Header().Set("Content-Type", "application/json")
		w.WriteHeader(http.StatusBadRequest)
		json.NewEncoder(w).Encode(map[string]string{
			"error": "name and code are required",
		})
		return
	}

	// 检查角色代码是否已存在
	// if exists := checkRoleExists(role.Code); exists {
	//     http.Error(w, `{"error": "role code already exists"}`, http.StatusConflict)
	//     return
	// }

	// TODO: 保存到数据库
	// db.Create(&role)

	w.Header().Set("Content-Type", "application/json")
	w.WriteHeader(http.StatusCreated)
	json.NewEncoder(w).Encode(map[string]interface{}{
		"message": "角色创建成功",
		"data":    role,
	})
}

// List 获取角色列表
func (h *RoleHandler) List(w http.ResponseWriter, r *http.Request) {
	page := getPageParam(r, 1)
	perPage := getPageParam(r, 20)

	// 获取过滤参数
	tenantIDStr := r.URL.Query().Get("tenant_id")
	status := r.URL.Query().Get("status")
	isGlobal := r.URL.Query().Get("is_global")

	// TODO: 查询数据库
	// var roles []models.Role
	// query := db.Where("tenant_id = ?", tenantID)
	// if status != "" {
	//     query = query.Where("status = ?", status)
	// }
	// if isGlobal == "true" {
	//     query = query.Where("is_global = ?", true)
	// }
	// query.Preload("Users").Find(&roles)

	var roles []models.Role

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(map[string]interface{}{
		"total":      0,
		"page":       page,
		"per_page":   perPage,
		"total_pages": 0,
		"data":       roles,
	})
}

// Get 获取单个角色
func (h *RoleHandler) Get(w http.ResponseWriter, r *http.Request) {
	idStr := r.URL.Query().Get("id")
	if idStr == "" {
		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
		return
	}

	id, err := strconv.ParseUint(idStr, 10, 32)
	if err != nil {
		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
		return
	}

	// TODO: 查询数据库 (包含关联数据)
	// var role models.Role
	// db.Preload("Resources").Preload("Users").First(&role, id)

	var role models.Role

	if role.ID == 0 {
		http.Error(w, `{"error": "role not found"}`, http.StatusNotFound)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(role)
}

// Update 更新角色
func (h *RoleHandler) Update(w http.ResponseWriter, r *http.Request) {
	idStr := r.URL.Query().Get("id")
	if idStr == "" {
		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
		return
	}

	id, err := strconv.ParseUint(idStr, 10, 32)
	if err != nil {
		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
		return
	}

	var role models.Role
	if err := json.NewDecoder(r.Body).Decode(&role); err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	// TODO: 更新数据库
	// db.Model(&role).Where("id = ?", id).Updates(role)

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(map[string]interface{}{
		"message": "角色更新成功",
		"data":    role,
	})
}

// Delete 删除角色
func (h *RoleHandler) Delete(w http.ResponseWriter, r *http.Request) {
	idStr := r.URL.Query().Get("id")
	if idStr == "" {
		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
		return
	}

	id, err := strconv.ParseUint(idStr, 10, 32)
	if err != nil {
		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
		return
	}

	// 检查是否有用户使用该角色
	// userCount := countUsersWithRole(id)
	// if userCount > 0 {
	//     http.Error(w, `{"error": "cannot delete role with associated users"}`, http.StatusBadRequest)
	//     return
	// }

	// TODO: 软删除
	// db.Where("id = ?", id).Update("deleted_at", time.Now())

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(map[string]interface{}{
		"message": "角色删除成功",
		"id":      id,
	})
}

// AssignResources 分配资源给角色
func (h *RoleHandler) AssignResources(w http.ResponseWriter, r *http.Request) {
	idStr := r.URL.Query().Get("id")
	if idStr == "" {
		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
		return
	}

	id, err := strconv.ParseUint(idStr, 10, 32)
	if err != nil {
		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
		return
	}

	type resourceAssignment struct {
		ResourceIDs  []uint   `json:"resource_ids"`
		ResourceCode []string `json:"resource_codes"` // 也可以通过代码分配
	}

	var req resourceAssignment
	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	// TODO: 分配资源
	// 1. 验证资源是否存在
	// 2. 更新 role_resources 关联表

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(map[string]interface{}{
		"message": "资源分配成功",
		"data":    req,
	})
}

// GetPermissions 获取角色的权限列表
func (h *RoleHandler) GetPermissions(w http.ResponseWriter, r *http.Request) {
	idStr := r.URL.Query().Get("id")
	if idStr == "" {
		http.Error(w, `{"error": "id is required"}`, http.StatusBadRequest)
		return
	}

	id, err := strconv.ParseUint(idStr, 10, 32)
	if err != nil {
		http.Error(w, `{"error": "invalid id"}`, http.StatusBadRequest)
		return
	}

	// TODO: 查询数据库
	// 1. 查询角色
	// 2. 查询角色关联的资源
	// 3. 提取所有资源的操作权限

	type PermissionResult struct {
		ResourceCode string   `json:"resource_code"`
		Actions      []string `json:"actions"`
		Description  string   `json:"description"`
	}

	var permissions []PermissionResult

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(map[string]interface{}{
		"role_id":       id,
		"permissions":   permissions,
	})
}