227 lines
7.7 KiB
Go
227 lines
7.7 KiB
Go
package hr
|
||
|
||
import (
|
||
"WiiCITMS/models/hr"
|
||
"WiiGenerates/WiiCITMS/generates/v1/go/types"
|
||
"WiiGoLibrary/apply/middle/process/v1"
|
||
"WiiGoLibrary/framework/db/v1/utils/mssql/unique"
|
||
"WiiGoLibrary/framework/hub/v1/dblib"
|
||
"errors"
|
||
)
|
||
|
||
// PositionPermissionRequest 岗位权限分配请求
|
||
type PositionPermissionRequest struct {
|
||
PositionGuid string `json:"positionGuid"` // 岗位GUID
|
||
PermissionGuid string `json:"permissionGuid"` // 权限GUID
|
||
GrantType int `json:"grantType"` // 授权类型:0-直接授权,1-继承授权
|
||
}
|
||
|
||
// CheckPermissionRequest 权限检查请求
|
||
type CheckPermissionRequest struct {
|
||
StaffGuid string `json:"staffGuid"` // 员工GUID
|
||
PermissionID int `json:"permissionId"` // 权限ID
|
||
OrganizationGuid string `json:"organizationGuid"` // 相关组织GUID(可选)
|
||
}
|
||
|
||
// AssignPermissionToPosition 为岗位分配权限
|
||
func AssignPermissionToPosition(params PositionPermissionRequest) (*hr.PositionPermissionModel, *process.Process) {
|
||
// 验证岗位是否存在
|
||
positionGuid, err := unique.FromString(params.PositionGuid)
|
||
if err != nil {
|
||
return nil, process.FailError(types.InvalidParamError, err)
|
||
}
|
||
|
||
position := &hr.PositionModel{}
|
||
r := dblib.DBIns.DB.Where("RecordGuid = ? AND (RecordStatus & 524288) = 0", positionGuid).First(position)
|
||
if r.Error != nil {
|
||
return nil, process.FailError(types.PositionNotFoundError, r.Error)
|
||
}
|
||
|
||
// 验证权限是否存在
|
||
permissionGuid, err := unique.FromString(params.PermissionGuid)
|
||
if err != nil {
|
||
return nil, process.FailError(types.InvalidParamError, err)
|
||
}
|
||
|
||
permission := &hr.PermissionModel{}
|
||
r = dblib.DBIns.DB.Where("RecordGuid = ? AND (RecordStatus & 524288) = 0", permissionGuid).First(permission)
|
||
if r.Error != nil {
|
||
return nil, process.FailError(types.PermissionNotFoundError, r.Error)
|
||
}
|
||
|
||
// 检查是否已存在相同的岗位权限关系
|
||
var count int64
|
||
r = dblib.DBIns.DB.Model(&hr.PositionPermissionModel{}).
|
||
Where("PositionGuid = ? AND PermissionGuid = ? AND (RecordStatus & 524288) = 0",
|
||
positionGuid, permissionGuid).Count(&count)
|
||
if r.Error != nil {
|
||
return nil, process.FailError(types.QueryPermissionError, r.Error)
|
||
}
|
||
|
||
if count > 0 {
|
||
return nil, process.FailError(types.DuplicatePermissionError, errors.New("该岗位已拥有此权限"))
|
||
}
|
||
|
||
// 创建岗位权限关系
|
||
relation := hr.PositionPermissionInstance()
|
||
relation.PositionGuid = positionGuid
|
||
relation.PermissionGuid = permissionGuid
|
||
relation.PositionID = position.PositionID
|
||
relation.PermissionID = permission.PermissionID
|
||
relation.GrantType = int16(params.GrantType)
|
||
|
||
// 保存到数据库
|
||
r = dblib.DBIns.DB.Create(relation)
|
||
if r.Error != nil {
|
||
return nil, process.FailError(types.CreatePermissionError, r.Error)
|
||
}
|
||
|
||
return relation, process.Success(200)
|
||
}
|
||
|
||
// RemovePermissionFromPosition 从岗位中移除权限
|
||
func RemovePermissionFromPosition(relationGuid string) *process.Process {
|
||
// 验证关系ID
|
||
guid, err := unique.FromString(relationGuid)
|
||
if err != nil {
|
||
return process.FailError(types.InvalidParamError, err)
|
||
}
|
||
|
||
// 查询岗位权限关系
|
||
relation := &hr.PositionPermissionModel{}
|
||
r := dblib.DBIns.DB.Where("RecordGuid = ? AND (RecordStatus & 524288) = 0", guid).First(relation)
|
||
if r.Error != nil {
|
||
return process.FailError(types.PositionPermNotFoundError, r.Error)
|
||
}
|
||
|
||
// 使用原生SQL执行删除操作(设置删除标记)
|
||
sql := "UPDATE " + hr.PositionPermissionTable + " SET RecordStatus = RecordStatus | 524288 WHERE RecordGuid = ?"
|
||
r = dblib.DBIns.DB.Exec(sql, guid)
|
||
if r.Error != nil {
|
||
return process.FailError(types.DeletePermissionError, r.Error)
|
||
}
|
||
|
||
return process.Success(200)
|
||
}
|
||
|
||
// QueryPositionPermissions 查询岗位的权限列表
|
||
func QueryPositionPermissions(positionGuid string) ([]*hr.PermissionModel, *process.Process) {
|
||
// 验证岗位ID
|
||
guid, err := unique.FromString(positionGuid)
|
||
if err != nil {
|
||
return nil, process.FailError(types.InvalidParamError, err)
|
||
}
|
||
|
||
// 查询岗位是否存在
|
||
position := &hr.PositionModel{}
|
||
r := dblib.DBIns.DB.Where("RecordGuid = ? AND (RecordStatus & 524288) = 0", guid).First(position)
|
||
if r.Error != nil {
|
||
return nil, process.FailError(types.PositionNotFoundError, r.Error)
|
||
}
|
||
|
||
// 查询岗位权限
|
||
result := make([]*hr.PermissionModel, 0)
|
||
r = dblib.DBIns.DB.Table(hr.PermissionTable+" p").
|
||
Select("p.*").
|
||
Joins("JOIN "+hr.PositionPermissionTable+" pp ON p.RecordGuid = pp.PermissionGuid").
|
||
Where("pp.PositionGuid = ? AND (p.RecordStatus & 524288) = 0 AND (pp.RecordStatus & 524288) = 0", guid).
|
||
Find(&result)
|
||
|
||
if r.Error != nil {
|
||
return nil, process.FailError(types.QueryPermissionError, r.Error)
|
||
}
|
||
|
||
return result, process.Success(200)
|
||
}
|
||
|
||
// HasPermission 检查岗位是否拥有特定权限
|
||
func HasPermission(positionGuid string, permissionID int) (bool, *process.Process) {
|
||
// 验证岗位ID
|
||
guid, err := unique.FromString(positionGuid)
|
||
if err != nil {
|
||
return false, process.FailError(types.InvalidParamError, err)
|
||
}
|
||
|
||
// 查询岗位是否拥有指定权限
|
||
var count int64
|
||
r := dblib.DBIns.DB.Model(&hr.PositionPermissionModel{}).
|
||
Where("PositionGuid = ? AND PermissionID = ? AND (RecordStatus & 524288) = 0", guid, permissionID).
|
||
Count(&count)
|
||
|
||
if r.Error != nil {
|
||
return false, process.FailError(types.QueryPermissionError, r.Error)
|
||
}
|
||
|
||
// 如果找到记录,则表示有权限
|
||
return count > 0, process.Success(200)
|
||
}
|
||
|
||
// CheckStaffPermission 检查员工是否拥有特定权限
|
||
// 该方法会检查员工在指定组织下的岗位是否拥有相关权限
|
||
func CheckStaffPermission(params CheckPermissionRequest) (bool, *process.Process) {
|
||
// 验证员工ID
|
||
staffGuid, err := unique.FromString(params.StaffGuid)
|
||
if err != nil {
|
||
return false, process.FailError(types.InvalidParamError, err)
|
||
}
|
||
|
||
// 构建查询条件
|
||
query := dblib.DBIns.DB.Table(hr.PositionPermissionTable+" pp").
|
||
Joins("JOIN "+hr.Staff2OrganizationTable+" so ON pp.PositionGuid = so.PositionGuid").
|
||
Where("so.ObjectGuid = ? AND pp.PermissionID = ? AND (pp.RecordStatus & 524288) = 0 AND (so.RecordStatus & 524288) = 0", staffGuid, params.PermissionID)
|
||
|
||
// 如果指定了组织,则限定在该组织范围内
|
||
if params.OrganizationGuid != "" {
|
||
orgGuid, err := unique.FromString(params.OrganizationGuid)
|
||
if err != nil {
|
||
return false, process.FailError(types.InvalidParamError, err)
|
||
}
|
||
query = query.Where("so.TargetGuid = ?", orgGuid)
|
||
}
|
||
|
||
// 执行查询
|
||
var count int64
|
||
r := query.Count(&count)
|
||
if r.Error != nil {
|
||
return false, process.FailError(types.QueryPermissionError, r.Error)
|
||
}
|
||
|
||
// 如果找到记录,则表示有权限
|
||
return count > 0, process.Success(200)
|
||
}
|
||
|
||
// GetPermissionsByStaff 获取员工的所有权限
|
||
func GetPermissionsByStaff(staffGuid string) ([]*hr.PermissionModel, *process.Process) {
|
||
// 验证员工ID
|
||
guid, err := unique.FromString(staffGuid)
|
||
if err != nil {
|
||
return nil, process.FailError(types.InvalidParamError, err)
|
||
}
|
||
|
||
// 查询员工的所有权限
|
||
result := make([]*hr.PermissionModel, 0)
|
||
r := dblib.DBIns.DB.Table(hr.PermissionTable+" p").
|
||
Select("DISTINCT p.*").
|
||
Joins("JOIN "+hr.PositionPermissionTable+" pp ON p.RecordGuid = pp.PermissionGuid").
|
||
Joins("JOIN "+hr.Staff2OrganizationTable+" so ON pp.PositionGuid = so.PositionGuid").
|
||
Where("so.ObjectGuid = ? AND (p.RecordStatus & 524288) = 0 AND (pp.RecordStatus & 524288) = 0 AND (so.RecordStatus & 524288) = 0", guid).
|
||
Find(&result)
|
||
|
||
if r.Error != nil {
|
||
return nil, process.FailError(types.QueryPermissionError, r.Error)
|
||
}
|
||
|
||
return result, process.Success(200)
|
||
}
|
||
|
||
// IsSystemAdmin 检查员工是否是系统管理员
|
||
func IsSystemAdmin(staffGuid string) (bool, *process.Process) {
|
||
// 系统管理员权限特殊处理
|
||
params := CheckPermissionRequest{
|
||
StaffGuid: staffGuid,
|
||
PermissionID: hr.PermSystemAdmin,
|
||
}
|
||
|
||
return CheckStaffPermission(params)
|
||
}
|