authorization-service/domain/service/admin_permission.go

package service

import (
	"context"
	"fmt"
	"github.com/pkg/errors"
	"gorm.io/gorm"
	"sghgogs.com/sghblog/authorization-service/domain/model/base"
	req "sghgogs.com/sghblog/authorization-service/domain/model/request"
	pb "sghgogs.com/sghblog/authorization-service/proto"
	"sghgogs.com/sghblog/authorization-service/utils/authutil"
	"sghgogs.com/sghblog/common"
	"sghgogs.com/sghblog/common/errorcode"
	"time"
)

func (s *Service) GetAdminPermissionList(query *pb.GetAdminPermissionListRequest) ([]*pb.AdminPermission, int64, error) {
	permissions := make([]*pb.AdminPermission, 0)
	list, count, err := s.Repository.GetAdminPermissionList(query)
	if err != nil {
		if errors.Is(err, gorm.ErrRecordNotFound) {
			return permissions, 0, nil
		}
		return permissions, 0, errorcode.New("authorization service", err.Error(), 500)
	}
	for _, item := range list {
		var res *pb.AdminPermission
		common.SwapTo(item, &res)
		res.UpdatedAt = ConvertTimeToInt64(*item.UpdatedAt)
		res.CreatedAt = ConvertTimeToInt64(item.CreatedAt)
		res.Status = item.Status
		res.Roles = base.RolesProto(item.Roles)
		res.Endpoint = item.Endpoint
		permissions = append(permissions, res)
	}
	return permissions, count, nil
}

func (s *Service) GetAdminPermissionAll() ([]req.AdminPermission, error) {
	return s.Repository.GetAdminPermissionAll()
}

func (s *Service) GetAdminPermission(query *pb.GetAdminPermissionRequest) (pb.AdminPermission, error) {
	if exists, err := s.Repository.IsAdminPermissionExists(query.Id); err != nil {
		return pb.AdminPermission{}, errorcode.New("authorization service", err.Error(), 500)
	} else {
		if !exists {
			return pb.AdminPermission{}, errorcode.New("authorization service", common.ErrorMessage[common.InvalidRoleID], 400)
		}
	}
	fmt.Println("进入了")
	permission, err := s.Repository.GetAdminPermission(query)
	if err != nil {
		return pb.AdminPermission{}, errorcode.New("authorization service", err.Error(), 500)
	}
	return pb.AdminPermission{
		Id:          permission.ID,
		Name:        permission.Name,
		Description: permission.Description,
		Roles:       base.RolesProto(permission.Roles),
		CreatedAt:   ConvertTimeToInt64(permission.CreatedAt),
		CreatedBy:   permission.CreatedBy,
		UpdatedAt:   ConvertTimeToInt64(*permission.UpdatedAt),
		Status:      permission.Status,
		Endpoint:    permission.Endpoint,
		IsReserved:  permission.IsReserved,
	}, nil
}

func (s *Service) CreateAdminPermission(ctx context.Context, permission *pb.CreateAdminPermissionRequest) error {
	_, createdBy, _, _ := ParseMetadata(ctx)
	adminPermission := req.AdminPermission{
		Name:        permission.Name,
		Description: permission.Description,
		CreatedAt:   time.Now(),
		CreatedBy:   createdBy,
		UpdatedAt:   nil,
		Endpoint:    permission.Endpoint,
		Status:      permission.Status,
		IsReserved:  false,
	}
	if err := s.Repository.CreateAdminPermission(adminPermission, permission.Roles); err != nil {
		return errorcode.New("authorization service", err.Error(), 500)
	}
	return nil
}

func (s *Service) UpdateAdminPermission(ctx context.Context, permission *pb.UpdateAdminPermissionRequest) error {
	// 获取权限ID作为锁的键
	lockKey := fmt.Sprintf("update_admin_permission_%d", permission.PermissionId)
	lock := authutil.JWTAuthService.Mu.NewMutex(lockKey)
	// 获取锁，保证原子性
	if err := lock.Lock(); err != nil {
		return err
	}
	defer lock.Unlock()
	// 1.查询角色是否存在
	if exists, err := s.Repository.IsAdminPermissionExists(permission.PermissionId); err != nil {
		return errorcode.New("authorization service", err.Error(), 500)
	} else {
		if !exists {
			return errorcode.New("authorization service", common.ErrorMessage[common.InvalidRoleID], 400)
		}
	}
	_, createdBy, _, _ := ParseMetadata(ctx)
	m := map[string]interface{}{
		"updated_by": createdBy,
	}
	if permission.Description != "" {
		m["description"] = permission.Description
	}
	if permission.Endpoint != "" {
		m["endpoint"] = permission.Endpoint
	}
	if err := s.Repository.UpdateAdminPermission(permission.PermissionId, m, permission.Roles); err != nil {
		return errorcode.New("authorization service", err.Error(), 500)
	}
	return nil
}

func (s *Service) DeleteAdminPermission(permission *pb.DeleteAdminPermissionRequest) error {
	// 获取权限ID作为锁的键
	lockKey := fmt.Sprintf("delete_admin_permission_%d", permission.PermissionId)
	lock := authutil.JWTAuthService.Mu.NewMutex(lockKey)
	// 获取锁，保证原子性
	if err := lock.Lock(); err != nil {
		return err
	}
	defer lock.Unlock()
	// 1.查询角色是否存在
	if exists, err := s.Repository.IsAdminPermissionExists(permission.PermissionId); err != nil {
		return errorcode.New("authorization service", err.Error(), 500)
	} else {
		if !exists {
			return errorcode.New("authorization service", common.ErrorMessage[common.InvalidRoleID], 400)
		}
	}
	// 彻底删除角色
	if err := s.Repository.DeleteAdminPermission(permission.PermissionId); err != nil {
		return errorcode.New("authorization service", err.Error(), 500)
	}
	return nil
}

func (s *Service) ToggleAdminPermission(query *pb.ToggleAdminPermissionRequest) error {
	// 获取权限ID作为锁的键
	lockKey := fmt.Sprintf("toggle_admin_permission_%d", query.PermissionId)
	lock := authutil.JWTAuthService.Mu.NewMutex(lockKey)
	// 获取锁，保证原子性
	if err := lock.Lock(); err != nil {
		return err
	}
	defer lock.Unlock()

	if exists, err := s.Repository.IsAdminPermissionExists(query.PermissionId); err != nil {
		return errorcode.New("authorization service", err.Error(), 500)
	} else {
		if !exists {
			return errorcode.New("authorization service", common.ErrorMessage[common.AccountDoesNotExist], 400)
		}
	}
	if err := s.Repository.ToggleAdminPermission(query); err != nil {
		return errorcode.New("authorization service", err.Error(), 500)
	}
	return nil
}