package dao import ( "context" "fmt" "strings" "time" "git.x2erp.com/qdy/go-svc-configure/internal/tables" "github.com/jmoiron/sqlx" "golang.org/x/crypto/bcrypt" ) // CreateUser 创建用户 func CreateUser(ctx context.Context, tx *sqlx.Tx, userID, tenantID, name, mobile, password, email, creator string) (int64, error) { // 加密密码 hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) if err != nil { return -1, fmt.Errorf("密码加密失败: %v", err) } id := fmt.Sprintf("user.%s.%s", tenantID, userID) query := ` INSERT INTO config_user (id, user_id, tenant_id, name, mobile, password, status, email, creator, created_at) VALUES (?, ?, ?, ?, ?, ?, 1, ?, ?, CURRENT_TIMESTAMP) ` result, err := tx.ExecContext(ctx, query, id, userID, tenantID, name, mobile, string(hashedPassword), email, creator) if err != nil { return -1, fmt.Errorf("创建用户失败: %v", err) } return ValidateResultRowsAffected(result, err, 1) } // GetUserByUserID 根据用户ID查询用户(需指定租户) func GetUserByUserID(ctx context.Context, db *sqlx.DB, userID, tenantID string) (*tables.UserDB, error) { var user tables.UserDB query := ` SELECT id, user_id, tenant_id, name, mobile, password, status, email, creator, created_at FROM config_user WHERE user_id = ? AND tenant_id = ? ` err := db.GetContext(ctx, &user, query, userID, tenantID) if err != nil { return nil, fmt.Errorf("查询用户失败: %v", err) } return &user, nil } // ValidateUserPassword 验证用户密码 func ValidateUserPassword(ctx context.Context, db *sqlx.DB, userID, tenantID, password string) (bool, error) { user, err := GetUserByUserID(ctx, db, userID, tenantID) if err != nil { return false, fmt.Errorf("查询用户失败: %v", err) } if user.Status != 1 { return false, fmt.Errorf("用户已被禁用") } err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) if err != nil { return false, fmt.Errorf("密码错误") } return true, nil } // CheckUserExists 检查用户是否存在 func CheckUserExists(ctx context.Context, db *sqlx.DB, userID, tenantID string) (bool, error) { var count int query := `SELECT COUNT(*) FROM config_user WHERE user_id = ? AND tenant_id = ?` err := db.GetContext(ctx, &count, query, userID, tenantID) if err != nil { return false, fmt.Errorf("检查用户存在性失败: %v", err) } return count > 0, nil } // GetUserRoles 获取用户角色列表 func GetUserRoles(ctx context.Context, db *sqlx.DB, userID, tenantID string) ([]string, error) { var roles []string query := ` SELECT r.role_id FROM config_user_role ur JOIN config_role r ON ur.role_id = r.role_id WHERE ur.user_id = ? ` err := db.SelectContext(ctx, &roles, query, userID) if err != nil { return nil, fmt.Errorf("查询用户角色失败: %v", err) } return roles, nil } // AssignUserRole 为用户分配角色 func AssignUserRole(ctx context.Context, tx *sqlx.Tx, userID, roleID, creator string) (int64, error) { id := fmt.Sprintf("user_role.%s.%s", userID, roleID) query := ` INSERT INTO config_user_role (id, user_id, role_id, creator, created_at) VALUES (?, ?, ?, ?, CURRENT_TIMESTAMP) ON DUPLICATE KEY UPDATE creator = ? ` result, err := tx.ExecContext(ctx, query, id, userID, roleID, creator, creator) if err != nil { return -1, fmt.Errorf("分配用户角色失败: %v", err) } return ValidateResultRowsAffected(result, err, 1) } // UpdateUserPassword 更新用户密码 func UpdateUserPassword(ctx context.Context, tx *sqlx.Tx, userID, tenantID, newPassword string) (int64, error) { hashedPassword, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost) if err != nil { return -1, fmt.Errorf("密码加密失败: %v", err) } query := ` UPDATE config_user SET password = ? WHERE user_id = ? AND tenant_id = ? ` result, err := tx.ExecContext(ctx, query, string(hashedPassword), userID, tenantID) if err != nil { return -1, fmt.Errorf("更新用户密码失败: %v", err) } return ValidateResultRowsAffected(result, err, 1) } // UpdateUserStatus 更新用户状态 func UpdateUserStatus(ctx context.Context, tx *sqlx.Tx, userID, tenantID string, status int8) (int64, error) { query := ` UPDATE config_user SET status = ? WHERE user_id = ? AND tenant_id = ? ` result, err := tx.ExecContext(ctx, query, status, userID, tenantID) if err != nil { return -1, fmt.Errorf("更新用户状态失败: %v", err) } return ValidateResultRowsAffected(result, err, 1) } // ListUsersByTenant 按租户查询用户列表 func ListUsersByTenant(ctx context.Context, db *sqlx.DB, tenantID string) ([]tables.UserDB, error) { var users []tables.UserDB query := ` SELECT id, user_id, tenant_id, name, mobile, password, status, email, creator, created_at FROM config_user WHERE tenant_id = ? ORDER BY created_at DESC ` err := db.SelectContext(ctx, &users, query, tenantID) if err != nil { return nil, fmt.Errorf("查询用户列表失败: %v", err) } return users, nil } // GenerateUserID 生成用户ID(如果用户没有提供) func GenerateUserID(name string) string { // 简单实现:使用名称小写+时间戳 // 实际项目中应根据需求调整 cleaned := strings.ToLower(strings.ReplaceAll(name, " ", "")) return fmt.Sprintf("%s_%d", cleaned, time.Now().Unix()) } // 辅助函数:检查密码强度 func ValidatePasswordStrength(password string) error { if len(password) < 6 { return fmt.Errorf("密码长度至少6位") } // 可添加更多复杂度检查 return nil }