feat(api): Enhance /auth/me endpoint with permissions and roles

- Add UserPermissionInfo and UserInfoWithPerms structs for detailed user info - Extend /auth/me to return user permissions and global roles - Remove unused isAdmin helper method from auth.go - Update updateMe to return UserInfoWithPerms for consistency
7 days ago · fba42193cf
parent 7f7591cf6d
commit fba42193cf
2 changed files with 51 additions and 33 deletions
--- a/api/auth/me.go
+++ b/api/auth/me.go
@ -14,8 +14,25 @@ import (
 	"github.com/veypi/vigo"
 )
 // UserPermissionInfo 用户权限信息
 type UserPermissionInfo struct {
 	PermissionID string `json:"permission_id"`
 	ResourceID   string `json:"resource_id"`
 }
 // UserInfoWithPerms 带权限的用户信息
 type UserInfoWithPerms struct {
 	ID          string               `json:"id"`
 	Username    string               `json:"username"`
 	Nickname    string               `json:"nickname"`
 	Email       *string              `json:"email"`
 	Avatar      string               `json:"avatar"`
 	Permissions []UserPermissionInfo `json:"permissions"`
 	Roles       []string             `json:"roles"`
 }
 // me 获取当前用户信息
-func me(x *vigo.X) (*UserInfo, error) {
+func me(x *vigo.X) (*UserInfoWithPerms, error) {
 	userID := baseAuth.GetUserID(x)
 	if userID == "" {
 		return nil, vigo.ErrUnauthorized
@ -26,12 +43,38 @@ func me(x *vigo.X) (*UserInfo, error) {
 		return nil, vigo.ErrNotFound
 	}
-	return &UserInfo{
+	orgID := baseAuth.GetOrgID(x)
-		ID:       user.ID,
+
-		Username: user.Username,
+	// 获取用户权限列表
-		Nickname: user.Nickname,
+	perms, err := baseAuth.VBaseAuth.ListUserPermissions(x.Context(), userID, orgID)
-		Email:    user.Email,
+	if err != nil {
-		Avatar:   user.Avatar,
+		return nil, vigo.ErrInternalServer.WithError(err)
 	}
 	// 转换权限格式
 	userPerms := make([]UserPermissionInfo, 0, len(perms))
 	for _, p := range perms {
 		userPerms = append(userPerms, UserPermissionInfo{
 			PermissionID: p.PermissionID,
 			ResourceID:   p.ResourceID,
 		})
 	}
 	// 获取用户角色 (仅全局角色)
 	roles := make([]string, 0)
 	cfg.DB().Model(&models.UserRole{}).
 		Joins("JOIN roles ON user_roles.role_id = roles.id").
 		Where("user_roles.user_id = ? AND user_roles.org_id IS NULL", userID).
 		Pluck("roles.code", &roles)
 	return &UserInfoWithPerms{
 		ID:          user.ID,
 		Username:    user.Username,
 		Nickname:    user.Nickname,
 		Email:       user.Email,
 		Avatar:      user.Avatar,
 		Permissions: userPerms,
 		Roles:       roles,
 	}, nil
 }
@ -43,7 +86,7 @@ type UpdateMeRequest struct {
 }
 // updateMe 更新当前用户信息
-func updateMe(x *vigo.X, req *UpdateMeRequest) (*UserInfo, error) {
+func updateMe(x *vigo.X, req *UpdateMeRequest) (*UserInfoWithPerms, error) {
 	userID := baseAuth.GetUserID(x)
 	if userID == "" {
 		return nil, vigo.ErrUnauthorized
--- a/auth/auth.go
+++ b/auth/auth.go
@ -925,31 +925,6 @@ func (a *appAuth) ListResourceUsers(ctx context.Context, orgID, permissionID, re
 	return result, nil
 }
 // ========== 辅助方法 ==========
 func (a *appAuth) isAdmin(ctx context.Context, userID, orgID string) (bool, error) {
 	// 检查用户是否有管理员角色
 	var adminRoleIDs []string
 	if err := cfg.DB().Model(&models.Role{}).
 		Where("code = ?", RoleCodeAdmin).
 		Pluck("id", &adminRoleIDs).Error; err != nil {
 		return false, err
 	}
 	if len(adminRoleIDs) == 0 {
 		return false, nil
 	}
 	var count int64
 	if err := cfg.DB().Model(&models.UserRole{}).
 		Where("user_id = ? AND org_id = ? AND role_id IN ?", userID, orgID, adminRoleIDs).
 		Count(&count).Error; err != nil {
 		return false, err
 	}
 	return count > 0, nil
 }
 // ========== Cache Helpers ==========
 func getUserPermVersion(userID string) string {