OneAuth/api/user/get.go

//
// Copyright (C) 2024 veypi <i@veypi.com>
// 2025-03-04 16:08:06
// Distributed under terms of the MIT license.
//

package user

import (
	"github.com/veypi/vbase/auth"
	"github.com/veypi/vbase/cfg"
	"github.com/veypi/vbase/models"
	"github.com/veypi/vigo"
)

// GetRequest 获取用户请求
type GetRequest struct {
	UserID string `src:"path@user_id" desc:"用户ID"`
}

// get 获取用户详情
func get(x *vigo.X, req *GetRequest) (*models.User, error) {
	// 手动鉴权: 只能查看自己的信息，或者是管理员
	uid := auth.VBaseAuth.UserID(x)
	if uid != req.UserID {
		if !auth.VBaseAuth.CheckPerm(x.Context(), uid, auth.VBaseAuth.OrgID(x), "user:read", "") {
			return nil, vigo.ErrForbidden
		}
	}

	var user models.User
	if err := cfg.DB().First(&user, "id = ?", req.UserID).Error; err != nil {
		return nil, vigo.ErrNotFound
	}
	return &user, nil
}