manta/gofaster/backend/internal/auth/controller/permission_controller.go

package controller

import (
	"net/http"
	"strconv"

	"gofaster/internal/auth/model"
	"gofaster/internal/auth/service"
	"gofaster/internal/shared/response"

	"github.com/gin-gonic/gin"
)

type PermissionController struct {
	permissionService *service.PermissionService
}

func NewPermissionController(permissionService *service.PermissionService) *PermissionController {
	return &PermissionController{
		permissionService: permissionService,
	}
}

// CreatePermission 创建权限
func (c *PermissionController) CreatePermission(ctx *gin.Context) {
	var permission model.Permission
	if err := ctx.ShouldBindJSON(&permission); err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", err.Error())
		return
	}

	if err := c.permissionService.CreatePermission(ctx.Request.Context(), &permission); err != nil {
		response.Error(ctx, http.StatusInternalServerError, "创建权限失败", err.Error())
		return
	}

	response.Success(ctx, "权限创建成功", permission)
}

// UpdatePermission 更新权限
func (c *PermissionController) UpdatePermission(ctx *gin.Context) {
	idStr := ctx.Param("id")
	id, err := strconv.ParseUint(idStr, 10, 32)
	if err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", "无效的权限ID")
		return
	}

	var permission model.Permission
	if err := ctx.ShouldBindJSON(&permission); err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", err.Error())
		return
	}

	permission.ID = uint(id)

	if err := c.permissionService.UpdatePermission(ctx.Request.Context(), &permission); err != nil {
		response.Error(ctx, http.StatusInternalServerError, "更新权限失败", err.Error())
		return
	}

	response.Success(ctx, "权限更新成功", permission)
}

// DeletePermission 删除权限
func (c *PermissionController) DeletePermission(ctx *gin.Context) {
	idStr := ctx.Param("id")
	id, err := strconv.ParseUint(idStr, 10, 32)
	if err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", "无效的权限ID")
		return
	}

	if err := c.permissionService.DeletePermission(ctx.Request.Context(), uint(id)); err != nil {
		response.Error(ctx, http.StatusInternalServerError, "删除权限失败", err.Error())
		return
	}

	response.Success(ctx, "权限删除成功", nil)
}

// GetPermission 获取权限详情
func (c *PermissionController) GetPermission(ctx *gin.Context) {
	idStr := ctx.Param("id")
	id, err := strconv.ParseUint(idStr, 10, 32)
	if err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", "无效的权限ID")
		return
	}

	permission, err := c.permissionService.GetPermission(ctx.Request.Context(), uint(id))
	if err != nil {
		response.Error(ctx, http.StatusNotFound, "权限不存在", err.Error())
		return
	}

	response.Success(ctx, "获取权限成功", permission)
}

// ListPermissions 获取权限列表
func (c *PermissionController) ListPermissions(ctx *gin.Context) {
	pageStr := ctx.DefaultQuery("page", "1")
	pageSizeStr := ctx.DefaultQuery("pageSize", "10")

	page, err := strconv.Atoi(pageStr)
	if err != nil || page < 1 {
		page = 1
	}

	pageSize, err := strconv.Atoi(pageSizeStr)
	if err != nil || pageSize < 1 || pageSize > 100 {
		pageSize = 10
	}

	permissions, total, err := c.permissionService.ListPermissions(ctx.Request.Context(), page, pageSize)
	if err != nil {
		response.Error(ctx, http.StatusInternalServerError, "获取权限列表失败", err.Error())
		return
	}

	response.Success(ctx, "获取权限列表成功", gin.H{
		"data":  permissions,
		"page":  page,
		"size":  pageSize,
		"total": total,
	})
}

// GetPermissionsByResource 根据资源获取权限列表
func (c *PermissionController) GetPermissionsByResource(ctx *gin.Context) {
	resource := ctx.Param("resource")
	if resource == "" {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", "资源名称不能为空")
		return
	}

	permissions, err := c.permissionService.GetPermissionsByResource(ctx.Request.Context(), resource)
	if err != nil {
		response.Error(ctx, http.StatusInternalServerError, "获取资源权限失败", err.Error())
		return
	}

	response.Success(ctx, "获取资源权限成功", permissions)
}

// AssignPermissionsToRole 为角色分配权限
func (c *PermissionController) AssignPermissionsToRole(ctx *gin.Context) {
	roleIDStr := ctx.Param("roleId")
	roleID, err := strconv.ParseUint(roleIDStr, 10, 32)
	if err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", "无效的角色ID")
		return
	}

	var request struct {
		PermissionIDs []uint `json:"permission_ids" binding:"required"`
	}

	if err := ctx.ShouldBindJSON(&request); err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", err.Error())
		return
	}

	if err := c.permissionService.AssignPermissionsToRole(ctx.Request.Context(), uint(roleID), request.PermissionIDs); err != nil {
		response.Error(ctx, http.StatusInternalServerError, "分配权限失败", err.Error())
		return
	}

	response.Success(ctx, "权限分配成功", nil)
}

// GetRolePermissions 获取角色的权限列表
func (c *PermissionController) GetRolePermissions(ctx *gin.Context) {
	roleIDStr := ctx.Param("roleId")
	roleID, err := strconv.ParseUint(roleIDStr, 10, 32)
	if err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", "无效的角色ID")
		return
	}

	permissions, err := c.permissionService.GetRolePermissions(ctx.Request.Context(), uint(roleID))
	if err != nil {
		response.Error(ctx, http.StatusInternalServerError, "获取角色权限失败", err.Error())
		return
	}

	response.Success(ctx, "获取角色权限成功", permissions)
}

// RemovePermissionsFromRole 从角色移除权限
func (c *PermissionController) RemovePermissionsFromRole(ctx *gin.Context) {
	roleIDStr := ctx.Param("roleId")
	roleID, err := strconv.ParseUint(roleIDStr, 10, 32)
	if err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", "无效的角色ID")
		return
	}

	var request struct {
		PermissionIDs []uint `json:"permission_ids" binding:"required"`
	}

	if err := ctx.ShouldBindJSON(&request); err != nil {
		response.Error(ctx, http.StatusBadRequest, "请求参数错误", err.Error())
		return
	}

	if err := c.permissionService.RemovePermissionsFromRole(ctx.Request.Context(), uint(roleID), request.PermissionIDs); err != nil {
		response.Error(ctx, http.StatusInternalServerError, "移除权限失败", err.Error())
		return
	}

	response.Success(ctx, "权限移除成功", nil)
}