feat(admin): add comprehensive admin management system
- Add admin handlers and services for users, posts, comments, groups, and dashboard - Implement role permission management with ability to view and update permissions - Add database seeding for roles and Casbin permission policies - Upgrade Casbin from v2 to v3 with GORM adapter for persistent policy storage - Add admin-specific repository methods with filtering and pagination - Register new admin API routes under /api/v1/admin/*
This commit is contained in:
@@ -155,6 +155,128 @@ func autoMigrate(db *gorm.DB) error {
|
||||
return err
|
||||
}
|
||||
|
||||
// 初始化角色种子数据
|
||||
if err := seedRoles(db); err != nil {
|
||||
return fmt.Errorf("failed to seed roles: %w", err)
|
||||
}
|
||||
|
||||
// 初始化权限策略种子数据
|
||||
if err := seedPermissions(db); err != nil {
|
||||
return fmt.Errorf("failed to seed permissions: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// seedRoles 初始化角色种子数据
|
||||
func seedRoles(db *gorm.DB) error {
|
||||
// 检查是否已有角色数据
|
||||
var count int64
|
||||
if err := db.Model(&Role{}).Count(&count).Error; err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// 如果已有数据,跳过种子初始化
|
||||
if count > 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
// 预定义角色数据
|
||||
roles := []Role{
|
||||
{
|
||||
Name: RoleSuperAdmin,
|
||||
DisplayName: "超级管理员",
|
||||
Description: "拥有系统最高权限,可以管理所有用户和内容",
|
||||
Priority: 100,
|
||||
},
|
||||
{
|
||||
Name: RoleAdmin,
|
||||
DisplayName: "管理员",
|
||||
Description: "系统管理员,可以管理用户和内容",
|
||||
Priority: 80,
|
||||
},
|
||||
{
|
||||
Name: RoleModerator,
|
||||
DisplayName: "版主",
|
||||
Description: "内容审核员,可以审核和管理内容",
|
||||
Priority: 60,
|
||||
},
|
||||
{
|
||||
Name: RoleUser,
|
||||
DisplayName: "普通用户",
|
||||
Description: "注册用户,拥有基本权限",
|
||||
Priority: 40,
|
||||
},
|
||||
{
|
||||
Name: RoleBanned,
|
||||
DisplayName: "被封禁用户",
|
||||
Description: "被禁止访问的用户",
|
||||
Priority: 0,
|
||||
},
|
||||
}
|
||||
|
||||
// 批量插入角色
|
||||
if err := db.Create(&roles).Error; err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
log.Printf("Seeded %d roles successfully", len(roles))
|
||||
return nil
|
||||
}
|
||||
|
||||
// seedPermissions 初始化权限策略种子数据
|
||||
func seedPermissions(db *gorm.DB) error {
|
||||
// 检查是否已有权限策略数据
|
||||
var count int64
|
||||
if err := db.Model(&CasbinRule{}).Where("ptype = ?", "p").Count(&count).Error; err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// 如果已有数据,跳过种子初始化
|
||||
if count > 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
// 预定义权限策略数据
|
||||
// p = sub, obj, act (角色, 资源, 操作)
|
||||
permissions := []CasbinRule{
|
||||
// 超级管理员 - 拥有所有权限
|
||||
{Ptype: "p", V0: RoleSuperAdmin, V1: "/*", V2: "*"},
|
||||
|
||||
// 管理员 - 拥有管理权限
|
||||
{Ptype: "p", V0: RoleAdmin, V1: "/api/v1/admin/*", V2: "*"},
|
||||
{Ptype: "p", V0: RoleAdmin, V1: "/api/v1/users/*", V2: "GET"},
|
||||
{Ptype: "p", V0: RoleAdmin, V1: "/api/v1/posts/*", V2: "*"},
|
||||
{Ptype: "p", V0: RoleAdmin, V1: "/api/v1/comments/*", V2: "*"},
|
||||
{Ptype: "p", V0: RoleAdmin, V1: "/api/v1/groups/*", V2: "*"},
|
||||
|
||||
// 版主 - 拥有内容审核权限
|
||||
{Ptype: "p", V0: RoleModerator, V1: "/api/v1/posts/*", V2: "GET"},
|
||||
{Ptype: "p", V0: RoleModerator, V1: "/api/v1/posts/*", V2: "DELETE"},
|
||||
{Ptype: "p", V0: RoleModerator, V1: "/api/v1/comments/*", V2: "GET"},
|
||||
{Ptype: "p", V0: RoleModerator, V1: "/api/v1/comments/*", V2: "DELETE"},
|
||||
{Ptype: "p", V0: RoleModerator, V1: "/api/v1/groups/*", V2: "GET"},
|
||||
|
||||
// 普通用户 - 拥有基本权限
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/posts", V2: "GET"},
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/posts/*", V2: "GET"},
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/posts", V2: "POST"},
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/comments/*", V2: "GET"},
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/comments", V2: "POST"},
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/users/me", V2: "GET"},
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/users/me", V2: "PUT"},
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/groups", V2: "GET"},
|
||||
{Ptype: "p", V0: RoleUser, V1: "/api/v1/groups/*", V2: "GET"},
|
||||
|
||||
// 被封禁用户 - 无权限
|
||||
}
|
||||
|
||||
// 批量插入权限策略
|
||||
if err := db.Create(&permissions).Error; err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
log.Printf("Seeded %d permissions successfully", len(permissions))
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -46,9 +46,10 @@ type Post struct {
|
||||
HotScore float64 `json:"hot_score" gorm:"column:hot_score;default:0;index:idx_posts_hot_score_created,priority:1"`
|
||||
|
||||
// 置顶/锁定
|
||||
IsPinned bool `json:"is_pinned" gorm:"default:false"`
|
||||
IsLocked bool `json:"is_locked" gorm:"default:false"`
|
||||
IsDeleted bool `json:"-" gorm:"default:false"`
|
||||
IsPinned bool `json:"is_pinned" gorm:"default:false"`
|
||||
IsFeatured bool `json:"is_featured" gorm:"default:false"` // 加精
|
||||
IsLocked bool `json:"is_locked" gorm:"default:false"`
|
||||
IsDeleted bool `json:"-" gorm:"default:false"`
|
||||
|
||||
// 投票
|
||||
IsVote bool `json:"is_vote" gorm:"column:is_vote;default:false"`
|
||||
|
||||
Reference in New Issue
Block a user