feat():learning后台管理项目初始化

internal/storage/rbac_storage.go

@@ -0,0 +1,117 @@
+package storage
+
+import (
+	"fmt"
+	"goalfymax-admin/internal/models"
+	"gorm.io/gorm"
+)
+
+// RBACStorage 简化的RBAC存储接口
+type RBACStorage interface {
+	// 角色页面权限管理
+	AssignRolePagePermissions(roleID uint, pageIDs []uint) error
+	RemoveRolePagePermissions(roleID uint, pageIDs []uint) error
+	GetRolePagePermissions(roleID uint) ([]models.Page, error)
+	GetRolePagePermissionIDs(roleID uint) ([]uint, error)
+
+	// 页面权限检查
+	CheckUserRolePagePermission(userID uint, pagePath string) (bool, error)
+	GetUserRoleAccessiblePages(userID uint) ([]string, error)
+
+	// 角色管理
+	GetDefaultRoleID(roleID *uint) error
+	GetRoleByID(roleID uint) (*models.Role, error)
+}
+
+type rbacStorage struct {
+	db *gorm.DB
+}
+
+// NewRBACStorage 创建RBAC存储实例
+func NewRBACStorage() RBACStorage {
+	return &rbacStorage{db: DB}
+}
+
+// AssignRolePagePermissions 分配角色页面权限
+func (s *rbacStorage) AssignRolePagePermissions(roleID uint, pageIDs []uint) error {
+	var rolePagePermissions []models.RolePagePermission
+	for _, pageID := range pageIDs {
+		rolePagePermissions = append(rolePagePermissions, models.RolePagePermission{
+			RoleID: roleID,
+			PageID: pageID,
+		})
+	}
+	return s.db.Create(&rolePagePermissions).Error
+}
+
+// RemoveRolePagePermissions 移除角色页面权限
+func (s *rbacStorage) RemoveRolePagePermissions(roleID uint, pageIDs []uint) error {
+	return s.db.Where("role_id = ? AND page_id IN ?", roleID, pageIDs).Delete(&models.RolePagePermission{}).Error
+}
+
+// GetRolePagePermissions 获取角色页面权限
+func (s *rbacStorage) GetRolePagePermissions(roleID uint) ([]models.Page, error) {
+	var pages []models.Page
+	err := s.db.Table("admin_pages").
+		Joins("JOIN admin_role_page_permissions ON admin_pages.id = admin_role_page_permissions.page_id").
+		Where("admin_role_page_permissions.role_id = ? AND admin_role_page_permissions.deleted_at IS NULL", roleID).
+		Find(&pages).Error
+	return pages, err
+}
+
+// GetRolePagePermissionIDs 获取角色页面权限ID列表
+func (s *rbacStorage) GetRolePagePermissionIDs(roleID uint) ([]uint, error) {
+	var pageIDs []uint
+	err := s.db.Model(&models.RolePagePermission{}).
+		Where("role_id = ?", roleID).
+		Pluck("page_id", &pageIDs).Error
+	return pageIDs, err
+}
+
+// CheckUserRolePagePermission 检查用户基于角色的页面权限
+func (s *rbacStorage) CheckUserRolePagePermission(userID uint, pagePath string) (bool, error) {
+	var count int64
+	err := s.db.Table("admin_users").
+		Joins("JOIN admin_role_page_permissions ON admin_users.role_id = admin_role_page_permissions.role_id").
+		Joins("JOIN admin_pages ON admin_role_page_permissions.page_id = admin_pages.id").
+		Where("admin_users.id = ? AND admin_pages.path = ? AND admin_pages.is_active = TRUE AND admin_users.deleted_at IS NULL AND admin_role_page_permissions.deleted_at IS NULL", userID, pagePath).
+		Count(&count).Error
+	return count > 0, err
+}
+
+// GetUserRoleAccessiblePages 获取用户基于角色的可访问页面
+func (s *rbacStorage) GetUserRoleAccessiblePages(userID uint) ([]string, error) {
+	var pages []string
+
+	// 添加调试日志
+	fmt.Printf("🔍 [RBACStorage] 查询用户 %d 的可访问页面\n", userID)
+
+	err := s.db.Table("admin_users").
+		Joins("JOIN admin_role_page_permissions ON admin_users.role_id = admin_role_page_permissions.role_id").
+		Joins("JOIN admin_pages ON admin_role_page_permissions.page_id = admin_pages.id").
+		Where("admin_users.id = ? AND admin_pages.is_active = TRUE AND admin_users.deleted_at IS NULL AND admin_role_page_permissions.deleted_at IS NULL", userID).
+		Select("DISTINCT admin_pages.path").
+		Pluck("admin_pages.path", &pages).Error
+
+	fmt.Printf("🔍 [RBACStorage] 用户 %d 可访问页面: %v\n", userID, pages)
+
+	return pages, err
+}
+
+// GetDefaultRoleID 获取默认角色ID
+func (s *rbacStorage) GetDefaultRoleID(roleID *uint) error {
+	return s.db.Table("admin_roles").
+		Where("is_default = TRUE AND deleted_at IS NULL").
+		Select("id").
+		First(roleID).Error
+}
+
+// GetRoleByID 根据ID获取角色
+func (s *rbacStorage) GetRoleByID(roleID uint) (*models.Role, error) {
+	var role models.Role
+	err := s.db.Where("id = ? AND deleted_at IS NULL", roleID).First(&role).Error
+	if err != nil {
+		return nil, err
+	}
+	return &role, nil
+}