OneAuth/api/user/permissions.go

package user

import (
	"github.com/veypi/vbase/cfg"
	"github.com/veypi/vbase/models"
	"github.com/veypi/vigo"
	"gorm.io/gorm"
)

// User specific permissions (data-level or direct assignment)

type GetPermissionsReq struct {
	UserID string `src:"path@user_id" desc:"User ID"`
}

func getPermissions(x *vigo.X, req *GetPermissionsReq) ([]models.UserPermission, error) {
	var userPermissions []models.UserPermission
	if err := cfg.DB().Where("user_id = ?", req.UserID).Find(&userPermissions).Error; err != nil {
		return nil, vigo.ErrDatabase.WithError(err)
	}
	return userPermissions, nil
}

type UpdatePermissionsReq struct {
	UserID      string `src:"path@user_id" desc:"User ID"`
	Permissions []struct {
		PermissionID string `json:"permission_id"`
		ResourceID   string `json:"resource_id"`
	} `json:"permissions" src:"json" desc:"List of User Permissions"`
}

func updatePermissions(x *vigo.X, req *UpdatePermissionsReq) error {
	var user models.User
	if err := cfg.DB().First(&user, "id = ?", req.UserID).Error; err != nil {
		return vigo.ErrNotFound
	}
    
    grantor := ""
    if uid := x.Get("user_id"); uid != nil {
        if s, ok := uid.(string); ok {
            grantor = s
        }
    }

	return cfg.DB().Transaction(func(tx *gorm.DB) error {
		if err := tx.Where("user_id = ?", req.UserID).Delete(&models.UserPermission{}).Error; err != nil {
			return err
		}

		if len(req.Permissions) > 0 {
			userPermissions := make([]models.UserPermission, 0, len(req.Permissions))
			for _, p := range req.Permissions {
				userPermissions = append(userPermissions, models.UserPermission{
					UserID:       req.UserID,
					PermissionID: p.PermissionID,
					ResourceID:   p.ResourceID,
					GrantedBy:    grantor,
				})
			}
			if err := tx.Create(&userPermissions).Error; err != nil {
				return err
			}
		}
		return nil
	})
}
feat: 添加角色管理模块（API + UI） 1 week ago			`package user`

			`import (`
			`"github.com/veypi/vbase/cfg"`
			`"github.com/veypi/vbase/models"`
			`"github.com/veypi/vigo"`
			`"gorm.io/gorm"`
			`)`

			`// User specific permissions (data-level or direct assignment)`

			`type GetPermissionsReq struct {`
			UserID string `src:"path@user_id" desc:"User ID"`
			`}`

			`func getPermissions(x vigo.X, req GetPermissionsReq) ([]models.UserPermission, error) {`
			`var userPermissions []models.UserPermission`
			`if err := cfg.DB().Where("user_id = ?", req.UserID).Find(&userPermissions).Error; err != nil {`
			`return nil, vigo.ErrDatabase.WithError(err)`
			`}`
			`return userPermissions, nil`
			`}`

			`type UpdatePermissionsReq struct {`
			UserID string `src:"path@user_id" desc:"User ID"`
			`Permissions []struct {`
			PermissionID string `json:"permission_id"`
			ResourceID string `json:"resource_id"`
			} `json:"permissions" src:"json" desc:"List of User Permissions"`
			`}`

			`func updatePermissions(x vigo.X, req UpdatePermissionsReq) error {`
			`var user models.User`
			`if err := cfg.DB().First(&user, "id = ?", req.UserID).Error; err != nil {`
			`return vigo.ErrNotFound`
			`}`

			`grantor := ""`
			`if uid := x.Get("user_id"); uid != nil {`
			`if s, ok := uid.(string); ok {`
			`grantor = s`
			`}`
			`}`

			`return cfg.DB().Transaction(func(tx *gorm.DB) error {`
			`if err := tx.Where("user_id = ?", req.UserID).Delete(&models.UserPermission{}).Error; err != nil {`
			`return err`
			`}`

			`if len(req.Permissions) > 0 {`
			`userPermissions := make([]models.UserPermission, 0, len(req.Permissions))`
			`for _, p := range req.Permissions {`
			`userPermissions = append(userPermissions, models.UserPermission{`
			`UserID: req.UserID,`
			`PermissionID: p.PermissionID,`
			`ResourceID: p.ResourceID,`
			`GrantedBy: grantor,`
			`})`
			`}`
			`if err := tx.Create(&userPermissions).Error; err != nil {`
			`return err`
			`}`
			`}`
			`return nil`
			`})`
			`}`