qdy
/
go-svc-configure


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197
							package dao

import (
	"context"
	"fmt"
	"strings"
	"time"

	"git.x2erp.com/qdy/go-svc-configure/internal/tables"
	"github.com/jmoiron/sqlx"
	"golang.org/x/crypto/bcrypt"
)

// CreateUser 创建用户
func CreateUser(ctx context.Context, tx *sqlx.Tx, userID, tenantID, name, mobile, password, email, creator string) (int64, error) {
	// 加密密码
	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
	if err != nil {
		return -1, fmt.Errorf("密码加密失败: %v", err)
	}

	id := fmt.Sprintf("user.%s.%s", tenantID, userID)

	query := `
		INSERT INTO config_user 
		(id, user_id, tenant_id, name, mobile, password, status, email, creator, created_at)
		VALUES (?, ?, ?, ?, ?, ?, 1, ?, ?, CURRENT_TIMESTAMP)
	`

	result, err := tx.ExecContext(ctx, query, id, userID, tenantID, name, mobile, string(hashedPassword), email, creator)
	if err != nil {
		return -1, fmt.Errorf("创建用户失败: %v", err)
	}

	return ValidateResultRowsAffected(result, err, 1)
}

// GetUserByUserID 根据用户ID查询用户（需指定租户）
func GetUserByUserID(ctx context.Context, db *sqlx.DB, userID, tenantID string) (*tables.UserDB, error) {
	var user tables.UserDB

	query := `
		SELECT id, user_id, tenant_id, name, mobile, password, status, email, creator, created_at
		FROM config_user 
		WHERE user_id = ? AND tenant_id = ?
	`

	err := db.GetContext(ctx, &user, query, userID, tenantID)
	if err != nil {
		return nil, fmt.Errorf("查询用户失败: %v", err)
	}

	return &user, nil
}

// ValidateUserPassword 验证用户密码
func ValidateUserPassword(ctx context.Context, db *sqlx.DB, userID, tenantID, password string) (bool, error) {
	user, err := GetUserByUserID(ctx, db, userID, tenantID)
	if err != nil {
		return false, fmt.Errorf("查询用户失败: %v", err)
	}

	if user.Status != 1 {
		return false, fmt.Errorf("用户已被禁用")
	}

	err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
	if err != nil {
		return false, fmt.Errorf("密码错误")
	}

	return true, nil
}

// CheckUserExists 检查用户是否存在
func CheckUserExists(ctx context.Context, db *sqlx.DB, userID, tenantID string) (bool, error) {
	var count int
	query := `SELECT COUNT(*) FROM config_user WHERE user_id = ? AND tenant_id = ?`

	err := db.GetContext(ctx, &count, query, userID, tenantID)
	if err != nil {
		return false, fmt.Errorf("检查用户存在性失败: %v", err)
	}

	return count > 0, nil
}

// GetUserRoles 获取用户角色列表
func GetUserRoles(ctx context.Context, db *sqlx.DB, userID, tenantID string) ([]string, error) {
	var roles []string

	query := `
		SELECT r.role_id
		FROM config_user_role ur
		JOIN config_role r ON ur.role_id = r.role_id
		WHERE ur.user_id = ?
	`

	err := db.SelectContext(ctx, &roles, query, userID)
	if err != nil {
		return nil, fmt.Errorf("查询用户角色失败: %v", err)
	}

	return roles, nil
}

// AssignUserRole 为用户分配角色
func AssignUserRole(ctx context.Context, tx *sqlx.Tx, userID, roleID, creator string) (int64, error) {
	id := fmt.Sprintf("user_role.%s.%s", userID, roleID)

	query := `
		INSERT INTO config_user_role 
		(id, user_id, role_id, creator, created_at)
		VALUES (?, ?, ?, ?, CURRENT_TIMESTAMP)
		ON DUPLICATE KEY UPDATE creator = ?
	`

	result, err := tx.ExecContext(ctx, query, id, userID, roleID, creator, creator)
	if err != nil {
		return -1, fmt.Errorf("分配用户角色失败: %v", err)
	}

	return ValidateResultRowsAffected(result, err, 1)
}

// UpdateUserPassword 更新用户密码
func UpdateUserPassword(ctx context.Context, tx *sqlx.Tx, userID, tenantID, newPassword string) (int64, error) {
	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost)
	if err != nil {
		return -1, fmt.Errorf("密码加密失败: %v", err)
	}

	query := `
		UPDATE config_user 
		SET password = ?
		WHERE user_id = ? AND tenant_id = ?
	`

	result, err := tx.ExecContext(ctx, query, string(hashedPassword), userID, tenantID)
	if err != nil {
		return -1, fmt.Errorf("更新用户密码失败: %v", err)
	}

	return ValidateResultRowsAffected(result, err, 1)
}

// UpdateUserStatus 更新用户状态
func UpdateUserStatus(ctx context.Context, tx *sqlx.Tx, userID, tenantID string, status int8) (int64, error) {
	query := `
		UPDATE config_user 
		SET status = ?
		WHERE user_id = ? AND tenant_id = ?
	`

	result, err := tx.ExecContext(ctx, query, status, userID, tenantID)
	if err != nil {
		return -1, fmt.Errorf("更新用户状态失败: %v", err)
	}

	return ValidateResultRowsAffected(result, err, 1)
}

// ListUsersByTenant 按租户查询用户列表
func ListUsersByTenant(ctx context.Context, db *sqlx.DB, tenantID string) ([]tables.UserDB, error) {
	var users []tables.UserDB

	query := `
		SELECT id, user_id, tenant_id, name, mobile, password, status, email, creator, created_at
		FROM config_user 
		WHERE tenant_id = ?
		ORDER BY created_at DESC
	`

	err := db.SelectContext(ctx, &users, query, tenantID)
	if err != nil {
		return nil, fmt.Errorf("查询用户列表失败: %v", err)
	}

	return users, nil
}

// GenerateUserID 生成用户ID（如果用户没有提供）
func GenerateUserID(name string) string {
	// 简单实现：使用名称小写+时间戳
	// 实际项目中应根据需求调整
	cleaned := strings.ToLower(strings.ReplaceAll(name, " ", ""))
	return fmt.Sprintf("%s_%d", cleaned, time.Now().Unix())
}

// 辅助函数：检查密码强度
func ValidatePasswordStrength(password string) error {
	if len(password) < 6 {
		return fmt.Errorf("密码长度至少6位")
	}
	// 可添加更多复杂度检查
	return nil
}