feat(admin): add comprehensive admin management system

- Add admin handlers and services for users, posts, comments, groups, and dashboard
- Implement role permission management with ability to view and update permissions
- Add database seeding for roles and Casbin permission policies
- Upgrade Casbin from v2 to v3 with GORM adapter for persistent policy storage
- Add admin-specific repository methods with filtering and pagination
- Register new admin API routes under /api/v1/admin/*
This commit is contained in:
2026-03-14 18:01:55 +08:00
parent ae5b997924
commit d3065b30cc
28 changed files with 4018 additions and 107 deletions

View File

@@ -202,3 +202,128 @@ func (h *RoleHandler) handleError(c *gin.Context, err error) {
})
}
}
// GetRoleDetail 获取角色详情
// GET /api/v1/admin/roles/:name
func (h *RoleHandler) GetRoleDetail(c *gin.Context) {
name := c.Param("name")
if name == "" {
c.JSON(http.StatusBadRequest, gin.H{
"code": "BAD_REQUEST",
"message": "缺少角色名称",
})
return
}
detail, err := h.roleService.GetRoleDetail(c.Request.Context(), name)
if err != nil {
h.handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
"data": detail,
})
}
// GetRolePermissions 获取角色权限
// GET /api/v1/admin/roles/:name/permissions
func (h *RoleHandler) GetRolePermissions(c *gin.Context) {
name := c.Param("name")
if name == "" {
c.JSON(http.StatusBadRequest, gin.H{
"code": "BAD_REQUEST",
"message": "缺少角色名称",
})
return
}
permissions, err := h.roleService.GetRolePermissions(c.Request.Context(), name)
if err != nil {
h.handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
"data": permissions,
})
}
// GetAllPermissions 获取所有权限定义
// GET /api/v1/admin/permissions
func (h *RoleHandler) GetAllPermissions(c *gin.Context) {
permissions, err := h.roleService.GetAllPermissions(c.Request.Context())
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{
"code": "INTERNAL_ERROR",
"message": "获取权限列表失败",
})
return
}
c.JSON(http.StatusOK, gin.H{
"data": permissions,
})
}
// UpdateRolePermissionsRequest 更新角色权限请求
type UpdateRolePermissionsRequest struct {
Permissions []PermissionInput `json:"permissions" binding:"required"`
}
// PermissionInput 权限输入
type PermissionInput struct {
Resource string `json:"resource" binding:"required"`
Action string `json:"action" binding:"required"`
}
// UpdateRolePermissions 更新角色权限
// PUT /api/v1/admin/roles/:name/permissions
func (h *RoleHandler) UpdateRolePermissions(c *gin.Context) {
name := c.Param("name")
if name == "" {
c.JSON(http.StatusBadRequest, gin.H{
"code": "BAD_REQUEST",
"message": "缺少角色名称",
})
return
}
var req UpdateRolePermissionsRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{
"code": "BAD_REQUEST",
"message": "请求参数错误",
})
return
}
// 转换权限格式
var permissions []service.Permission
for _, p := range req.Permissions {
permissions = append(permissions, service.Permission{
Resource: p.Resource,
Action: p.Action,
})
}
err := h.roleService.UpdateRolePermissions(c.Request.Context(), name, permissions)
if err != nil {
h.handleError(c, err)
return
}
// 返回更新后的角色信息
detail, err := h.roleService.GetRoleDetail(c.Request.Context(), name)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"message": "权限更新成功",
})
return
}
c.JSON(http.StatusOK, gin.H{
"message": "权限更新成功",
"data": detail,
})
}