package controller import ( "Medical_OAuth/app/admin/model" "Medical_OAuth/app/admin/service" "Medical_OAuth/app/admin/service/dto" "Medical_OAuth/common/actions" "Medical_OAuth/common/middleware/handler" "Medical_OAuth/conf" "errors" "fmt" "github.com/gin-gonic/gin" "github.com/gin-gonic/gin/binding" "go.uber.org/zap" "gogs.baozhida.cn/zoie/OAuth-core/api" "gogs.baozhida.cn/zoie/OAuth-core/pkg" "gogs.baozhida.cn/zoie/OAuth-core/pkg/jwtauth/user" _ "gogs.baozhida.cn/zoie/OAuth-core/pkg/response" "gogs.baozhida.cn/zoie/OAuth-core/pkg/sms" "golang.org/x/crypto/bcrypt" "net/http" ) // SysUser 定义用户控制器 type SysUser struct { api.Api } // GetPage 获取系统用户列表 // @Summary 获取系统用户列表 // @Description 获取系统用户列表 // @Tags 用户 // @Param username query string false "用户名" // @Param deptId query int false "部门id" // @Param roleId query string false "角色id" // @Param postId query string false "岗位id" // @Param status query string false "状态 1-停用 2-正常" // @Param pageSize query int false "页条数" // @Param pageIndex query int false "页码" // @Success 200 {object} response.Response{data=response.Page{list=[]model.SysUser}} "{"code": 200, "data": [...]}" // @Router /api/sys-user [get] // @Security Bearer func (e SysUser) GetPage(c *gin.Context) { s := service.SysUser{} req := dto.SysUserGetPageReq{} err := e.MakeContext(c). MakeOrm(). Bind(&req, binding.Query). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } //数据权限检查 p := actions.GetPermissionFromContext(c) list := make([]model.SysUser, 0) var count int64 err = s.GetPage(&req, p, &list, &count) if err != nil { e.Error(500, err, err.Error()) return } e.PageOK(list, int(count), req.GetPageIndex(), req.GetPageSize(), "查询成功") } // Get 通过id获取用户 // @Summary 通过id获取用户 // @Description 通过id获取用户 // @Tags 用户 // @Param id path int true "用户id" // @Success 200 {object} response.Response{data=model.SysUser} "{"code": 200, "data": [...]}" // @Router /api/sys-user/{id} [get] // @Security Bearer func (e SysUser) Get(c *gin.Context) { s := service.SysUser{} req := dto.SysUserGetReq{} err := e.MakeContext(c). MakeOrm(). Bind(&req, nil). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } //数据权限检查 p := actions.GetPermissionFromContext(c) var object model.SysUser err = s.Get(&req, p, &object) if err != nil { e.Error(http.StatusUnprocessableEntity, err, err.Error()) return } e.OK(object, "查询成功") } // Insert 创建用户 // @Summary 创建用户 // @Description 创建用户 // @Tags 用户 // @Accept application/json // @Product application/json // @Param data body dto.SysUserInsertReq true "用户数据" // @Success 200 {object} response.Response "{"code": 200, "data": [...]}" // @Router /api/sys-user [post] // @Security Bearer func (e SysUser) Insert(c *gin.Context) { s := service.SysUser{} req := dto.SysUserInsertReq{} err := e.MakeContext(c). MakeOrm(). Bind(&req, binding.JSON). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } p := actions.GetPermissionFromContext(c) req.DeptId = p.DeptId req.RoleId = 1 req.Status = "2" // 设置创建人 req.SetCreateBy(user.GetUserId(c)) err = s.Insert(&req) if err != nil { e.Error(500, err, err.Error()) return } e.OK(req.GetId(), "创建成功") } // Update 修改用户数据 // @Summary 修改用户数据 // @Description 修改用户数据 // @Tags 用户 // @Accept application/json // @Product application/json // @Param id path int true "用户id" // @Param data body dto.SysUserUpdateReq true "body" // @Success 200 {object} response.Response "{"code": 200, "data": [...]}" // @Router /api/sys-user [put] // @Security Bearer func (e SysUser) Update(c *gin.Context) { s := service.SysUser{} req := dto.SysUserUpdateReq{} err := e.MakeContext(c). MakeOrm(). Bind(&req). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } req.SetUpdateBy(user.GetUserId(c)) //数据权限检查 p := actions.GetPermissionFromContext(c) err = s.Update(&req, p) if err != nil { e.Error(500, err, err.Error()) return } e.OK(req.GetId(), "更新成功") } // Delete 通过id删除用户数据 // @Summary 通过id删除用户数据 // @Description 通过id删除用户数据 // @Tags 用户 // @Param data body dto.SysUserDeleteReq true "body" // @Success 200 {object} response.Response "{"code": 200, "data": [...]}" // @Router /api/sys-user [delete] // @Security Bearer func (e SysUser) Delete(c *gin.Context) { s := service.SysUser{} req := dto.SysUserDeleteReq{} err := e.MakeContext(c). MakeOrm(). Bind(&req, binding.JSON). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } userId := user.GetUserId(c) if userId == req.Id { err := errors.New("禁止删除自己") e.Error(500, err, err.Error()) return } // 设置编辑人 req.SetUpdateBy(userId) //数据权限检查 p := actions.GetPermissionFromContext(c) err = s.Remove(&req, p) if err != nil { e.Error(500, err, err.Error()) return } e.OK(req.GetId(), "删除成功") } // UpdateStatus 修改用户状态 // @Summary 修改用户状态 // @Description 修改用户状态 // @Tags 用户 // @Accept application/json // @Product application/json // @Param data body dto.UpdateSysUserStatusReq true "body" // @Success 200 {object} response.Response "{"code": 200, "data": [...]}" // @Router /api/user/status [put] // @Security Bearer func (e SysUser) UpdateStatus(c *gin.Context) { s := service.SysUser{} req := dto.UpdateSysUserStatusReq{} err := e.MakeContext(c). MakeOrm(). Bind(&req, binding.JSON, nil). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } req.SetUpdateBy(user.GetUserId(c)) //数据权限检查 p := actions.GetPermissionFromContext(c) err = s.UpdateStatus(&req, p) if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } e.OK(req.GetId(), "更新成功") } // ResetPwd 重置用户密码 // @Summary 重置用户密码 // @Description 重置用户密码 // @Tags 用户 // @Accept application/json // @Product application/json // @Param data body dto.ResetSysUserPwdReq true "body" // @Success 200 {object} response.Response "{"code": 200, "data": [...]}" // @Router /api/user/pwd/reset [put] // @Security Bearer func (e SysUser) ResetPwd(c *gin.Context) { s := service.SysUser{} req := dto.ResetSysUserPwdReq{} err := e.MakeContext(c). MakeOrm(). Bind(&req, binding.JSON). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } req.SetUpdateBy(user.GetUserId(c)) //数据权限检查 p := actions.GetPermissionFromContext(c) err = s.ResetPwd(&req, p) if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } e.OK(req.GetId(), "更新成功") } // UpdatePwd 修改密码 // @Summary 修改密码 // @Description 修改密码 // @Tags 个人中心 // @Accept application/json // @Product application/json // @Param data body dto.PassWord true "body" // @Success 200 {object} response.Response "{"code": 200, "data": [...]}" // @Router /api/user/pwd/set [put] // @Security Bearer func (e SysUser) UpdatePwd(c *gin.Context) { s := service.SysUser{} req := dto.PassWord{} err := e.MakeContext(c). MakeOrm(). Bind(&req). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } var hash []byte if hash, err = bcrypt.GenerateFromPassword([]byte(req.NewPassword), bcrypt.DefaultCost); err != nil { req.NewPassword = string(hash) } err = s.UpdatePwd(user.GetUserId(c), req.OldPassword, req.NewPassword) if err != nil { e.Error(http.StatusForbidden, err, err.Error()) return } e.OK(nil, "密码修改成功") } // GetProfile 获取个人中心用户 // @Summary 获取个人中心用户 // @Description 获取个人中心用户 // @Tags 个人中心 // @Success 200 {object} response.Response{user=model.SysUser,role=model.SysRole} "{"code": 200, "data": {"user":[...],"role":[...]}}" // @Router /api/user/profile [get] // @Security Bearer func (e SysUser) GetProfile(c *gin.Context) { s := service.SysUser{} req := dto.SysUserById{} err := e.MakeContext(c). MakeOrm(). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } req.Id = user.GetUserId(c) sysUser := model.SysUser{} err = s.GetProfile(&req, &sysUser) if err != nil { e.Logger.Errorf("get user profile error, %s", err.Error()) e.Error(500, err, "获取用户信息失败") return } e.OK(gin.H{ "user": sysUser, }, "查询成功") } // GetInfo 获取个人信息 // @Summary 获取个人信息 // @Description 获取个人信息 // @Tags 个人中心 // @Success 200 {object} response.Response "{"code": 200, "data": [...]}" // @Router /api/user/info [get] // @Security Bearer func (e SysUser) GetInfo(c *gin.Context) { req := dto.SysUserGetReq{} s := service.SysUser{} r := service.SysRole{} err := e.MakeContext(c). MakeOrm(). MakeService(&r.Service). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } var roles = make([]string, 1) roles[0] = user.GetRoleName(c) var permissions = make([]string, 1) permissions[0] = "*:*:*" var buttons = make([]string, 1) buttons[0] = "*:*:*" var mp = make(map[string]interface{}) mp["roles"] = roles list, _ := r.GetById(user.GetRoleId(c)) mp["permissions"] = list mp["buttons"] = list sysUser := model.SysUser{} req.Id = user.GetUserId(c) err = s.Get(&req, nil, &sysUser) if err != nil { e.Logger.Errorf("get user info error, %s", err.Error()) e.Error(http.StatusUnauthorized, err, err.Error()) return } mp["userName"] = sysUser.Username mp["userId"] = sysUser.Id mp["deptId"] = sysUser.DeptId mp["name"] = sysUser.NickName mp["code"] = 200 e.OK(mp, "查询成功") } // Register 公开用户注册 // @Summary 公开用户注册 // @Description 公开用户注册 // @Tags 用户 // @Accept application/json // @Product application/json // @Param id body dto.SysUserRegisterReq true "请求参数" // @Success 200 {object} response.Response "{"code": 200, "data": [...]}" // @Router /api/user/register [post] // @Security Bearer func (e SysUser) Register(c *gin.Context) { s := service.SysUser{} req := dto.SysUserRegisterReq{} err := e.MakeContext(c). MakeOrm(). Bind(&req, binding.JSON). MakeService(&s.Service). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } req.SetUpdateBy(user.GetUserId(c)) err = s.Register(&req) if err != nil { e.Error(500, err, err.Error()) return } e.OK(req.GetId(), "注册成功") } // VerifyCode 获取短信验证码 // @Summary 获取短信验证码 // @Description 获取短信验证码 // @Tags 登录 // @Accept application/json // @Product application/json // @Success 200 {string} string "{"code": 200, "data": "18888888888"}" // @Router /verify-code [post] // @Security Bearer func (e SysUser) VerifyCode(c *gin.Context) { s := service.SysUser{} req := dto.SysUserGetSMSVerifyCodeReq{} err := e.MakeContext(c). MakeService(&s.Service). Bind(&req, binding.Query). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } key := model.GetVerifyCodeCacheKey(req.Phone) _, err = e.Cache.Get(key) // 验证吗缓存已存在 if err == nil { e.Error(500, err, "验证吗已发送,请注意查收") return } code := pkg.GenerateRandomFigureKey6() ss := sms.NewSMS(conf.ExtConfig.SubMail.Appid, conf.ExtConfig.SubMail.Signature) content := fmt.Sprintf("【宝智达统一身份认证】您的短信验证码:%s,请在10分钟内输入", code) res, err := ss.Send(req.Phone, content) if err != nil || res.Status != sms.SUCCESS { e.Logger.Error("发送短信验证码出现异常", zap.Any("res", res), zap.Error(err)) e.Error(500, err, "验证吗发送失败,请重试") return } _ = e.Cache.Set(key, code, 600) e.OK(req.Phone, "发送成功") } // GetNewestToken 获取最新token // @Summary 获取最新token // @Description 获取最新token,提供给接入服务访问,用于单一认证检查 // @Tags 用户 // @Param serviceId header int true "服务id" // @Param userId path int true "用户id" // @Success 200 {string} string "{"code": 200, "data": "...token..."}" // @Router /newest-token [get] func (e SysUser) GetNewestToken(c *gin.Context) { s := service.SysUser{} req := dto.GetNewestTokenReq{} err := e.MakeContext(c). MakeService(&s.Service). Bind(&req, nil). Errors if err != nil { e.Logger.Error(err) e.Error(500, err, err.Error()) return } key, err := handler.GetNewestToken(c, req.UserId) if err != nil { e.Error(500, err, err.Error()) return } e.OK(key, "查询成功") }