long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
28012140cb3dbd383cb2c9ce2cfa874c097374eb
user-system/internal/api/handler/permission_handler.go

302 lines
8.4 KiB
Go
Raw Normal View History

feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
package handler
import (
feat: permissions CRUD browser integration + E2E enhancements Backend: - permission_handler: 完善权限 CRUD 接口(列表/创建/更新/删除) - auth_handler: 修复认证处理逻辑 - router: 新增权限管理路由 - handler_test: 新增权限 handler 测试覆盖 Frontend: - permissions.ts/test.ts: 权限服务层完整实现 - profile/settings/service_tests: 服务适配器修正 - client.ts: HTTP 客户端健壮性增强 - vite.config.js: 构建配置优化 - E2E 脚本: run-playwright-cdp-e2e 大幅增强(权限流程覆盖) Docs: - REAL_PROJECT_STATUS: 状态更新 - PRODUCTION_CHECKLIST/QUALITY_STANDARD/TECHNICAL_GUIDE/PROJECT_EXPERIENCE_SUMMARY: 团队规范完善 - plans/2026-04-23: 权限浏览器 CRUD 设计方案 验证: go build 0错误
2026-04-24 07:30:18 +08:00
"encoding/json"
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
"net/http"
"strconv"
"github.com/gin-gonic/gin"
"github.com/user-management-system/internal/domain"
"github.com/user-management-system/internal/service"
)
// PermissionHandler handles permission management requests
type PermissionHandler struct {
permissionService *service.PermissionService
}
// NewPermissionHandler creates a new PermissionHandler
func NewPermissionHandler(permissionService *service.PermissionService) *PermissionHandler {
return &PermissionHandler{permissionService: permissionService}
}
docs: add Swagger annotations to 13 API handlers Added @Summary, @Description, @Tags, @Param, @Success, @Failure, @Router annotations to all major handler endpoints for OpenAPI/Swagger auto-generation. Covers 86 annotations across: - auth_handler.go (25): all auth endpoints - user_handler.go (14): CRUD + roles + admin management - device_handler.go (13): device CRUD + trust management - role_handler.go (8): role CRUD + permissions - custom_field_handler.go (7): field CRUD + user values - permission_handler.go (7): permission CRUD + tree - log_handler.go (3): login/operation logs - captcha_handler.go (3): generate/verify - stats_handler.go (2): dashboard + user stats - avatar_handler.go (1): upload avatar - totp_handler.go (1): totp status - password_reset_handler.go (1): forgot password Partially addresses P2: missing Swagger annotations (PRODUCTION_GAP_ANALYSIS_2026-04-08)
2026-04-11 21:23:52 +08:00
// CreatePermission 创建权限
// @Summary 创建权限
// @Description 创建新的权限定义(仅管理员)
// @Tags 权限管理
// @Accept json
// @Produce json
// @Security BearerAuth
// @Param request body service.CreatePermissionRequest true "权限信息"
// @Success 201 {object} Response{data=domain.Permission} "创建成功"
// @Failure 400 {object} Response "请求参数错误"
// @Failure 403 {object} Response "无权限"
// @Router /api/v1/permissions [post]
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
func (h *PermissionHandler) CreatePermission(c *gin.Context) {
feat: permissions CRUD browser integration + E2E enhancements Backend: - permission_handler: 完善权限 CRUD 接口(列表/创建/更新/删除) - auth_handler: 修复认证处理逻辑 - router: 新增权限管理路由 - handler_test: 新增权限 handler 测试覆盖 Frontend: - permissions.ts/test.ts: 权限服务层完整实现 - profile/settings/service_tests: 服务适配器修正 - client.ts: HTTP 客户端健壮性增强 - vite.config.js: 构建配置优化 - E2E 脚本: run-playwright-cdp-e2e 大幅增强(权限流程覆盖) Docs: - REAL_PROJECT_STATUS: 状态更新 - PRODUCTION_CHECKLIST/QUALITY_STANDARD/TECHNICAL_GUIDE/PROJECT_EXPERIENCE_SUMMARY: 团队规范完善 - plans/2026-04-23: 权限浏览器 CRUD 设计方案 验证: go build 0错误
2026-04-24 07:30:18 +08:00
var req struct {
Name string `json:"name" binding:"required"`
Code string `json:"code" binding:"required"`
Type *int `json:"type" binding:"required"`
Description string `json:"description"`
ParentID *int64 `json:"parent_id"`
Path string `json:"path"`
Method string `json:"method"`
Sort int `json:"sort"`
Icon string `json:"icon"`
}
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
if err := c.ShouldBindJSON(&req); err != nil {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
feat: permissions CRUD browser integration + E2E enhancements Backend: - permission_handler: 完善权限 CRUD 接口(列表/创建/更新/删除) - auth_handler: 修复认证处理逻辑 - router: 新增权限管理路由 - handler_test: 新增权限 handler 测试覆盖 Frontend: - permissions.ts/test.ts: 权限服务层完整实现 - profile/settings/service_tests: 服务适配器修正 - client.ts: HTTP 客户端健壮性增强 - vite.config.js: 构建配置优化 - E2E 脚本: run-playwright-cdp-e2e 大幅增强(权限流程覆盖) Docs: - REAL_PROJECT_STATUS: 状态更新 - PRODUCTION_CHECKLIST/QUALITY_STANDARD/TECHNICAL_GUIDE/PROJECT_EXPERIENCE_SUMMARY: 团队规范完善 - plans/2026-04-23: 权限浏览器 CRUD 设计方案 验证: go build 0错误
2026-04-24 07:30:18 +08:00
if req.Type == nil || *req.Type < 0 || *req.Type > 2 {
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission type"})
return
}
serviceReq := service.CreatePermissionRequest{
Name: req.Name,
Code: req.Code,
Type: *req.Type,
Description: req.Description,
ParentID: req.ParentID,
Path: req.Path,
Method: req.Method,
Sort: req.Sort,
Icon: req.Icon,
}
perm, err := h.permissionService.CreatePermission(c.Request.Context(), &serviceReq)
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
if err != nil {
handleError(c, err)
return
}
fix: 统一API响应格式并修复前端测试 - 所有Handler方法使用标准{code:0,message:"success",data:...}响应格式 - 修复Cursor分页响应包装(GetAllDevices,GetLoginLogs,ListUsers等) - 修复AuthHandler和SMSHandler认证方法响应格式 - 修复operation_log.go admin用户operation_type前缀问题 - 修复DashboardPage嵌套stats结构 - 修复LoginLogsPage reset功能stale closure问题 - 修复UsersPage批量操作API调用 - 修复多个前端测试(mock格式、按钮选择、断言逻辑) - 添加OAuth测试域名白名单 - 新增代码审查流程文档
2026-04-08 20:06:54 +08:00
c.JSON(http.StatusCreated, gin.H{
"code": 0,
"message": "success",
"data": perm,
})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
}
docs: add Swagger annotations to 13 API handlers Added @Summary, @Description, @Tags, @Param, @Success, @Failure, @Router annotations to all major handler endpoints for OpenAPI/Swagger auto-generation. Covers 86 annotations across: - auth_handler.go (25): all auth endpoints - user_handler.go (14): CRUD + roles + admin management - device_handler.go (13): device CRUD + trust management - role_handler.go (8): role CRUD + permissions - custom_field_handler.go (7): field CRUD + user values - permission_handler.go (7): permission CRUD + tree - log_handler.go (3): login/operation logs - captcha_handler.go (3): generate/verify - stats_handler.go (2): dashboard + user stats - avatar_handler.go (1): upload avatar - totp_handler.go (1): totp status - password_reset_handler.go (1): forgot password Partially addresses P2: missing Swagger annotations (PRODUCTION_GAP_ANALYSIS_2026-04-08)
2026-04-11 21:23:52 +08:00
// ListPermissions 获取权限列表
// @Summary 获取权限列表
// @Description 获取系统权限列表
// @Tags 权限管理
// @Produce json
// @Security BearerAuth
// @Success 200 {object} Response{data=[]domain.Permission} "权限列表"
// @Router /api/v1/permissions [get]
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
func (h *PermissionHandler) ListPermissions(c *gin.Context) {
var req service.ListPermissionRequest
if err := c.ShouldBindQuery(&req); err != nil {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
fix: 统一API响应格式并修复前端测试 - 所有Handler方法使用标准{code:0,message:"success",data:...}响应格式 - 修复Cursor分页响应包装(GetAllDevices,GetLoginLogs,ListUsers等) - 修复AuthHandler和SMSHandler认证方法响应格式 - 修复operation_log.go admin用户operation_type前缀问题 - 修复DashboardPage嵌套stats结构 - 修复LoginLogsPage reset功能stale closure问题 - 修复UsersPage批量操作API调用 - 修复多个前端测试(mock格式、按钮选择、断言逻辑) - 添加OAuth测试域名白名单 - 新增代码审查流程文档
2026-04-08 20:06:54 +08:00
perms, _, err := h.permissionService.ListPermissions(c.Request.Context(), &req)
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
if err != nil {
handleError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{
fix: 统一API响应格式并修复前端测试 - 所有Handler方法使用标准{code:0,message:"success",data:...}响应格式 - 修复Cursor分页响应包装(GetAllDevices,GetLoginLogs,ListUsers等) - 修复AuthHandler和SMSHandler认证方法响应格式 - 修复operation_log.go admin用户operation_type前缀问题 - 修复DashboardPage嵌套stats结构 - 修复LoginLogsPage reset功能stale closure问题 - 修复UsersPage批量操作API调用 - 修复多个前端测试(mock格式、按钮选择、断言逻辑) - 添加OAuth测试域名白名单 - 新增代码审查流程文档
2026-04-08 20:06:54 +08:00
"code": 0,
"message": "success",
"data": perms,
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
})
}
docs: add Swagger annotations to 13 API handlers Added @Summary, @Description, @Tags, @Param, @Success, @Failure, @Router annotations to all major handler endpoints for OpenAPI/Swagger auto-generation. Covers 86 annotations across: - auth_handler.go (25): all auth endpoints - user_handler.go (14): CRUD + roles + admin management - device_handler.go (13): device CRUD + trust management - role_handler.go (8): role CRUD + permissions - custom_field_handler.go (7): field CRUD + user values - permission_handler.go (7): permission CRUD + tree - log_handler.go (3): login/operation logs - captcha_handler.go (3): generate/verify - stats_handler.go (2): dashboard + user stats - avatar_handler.go (1): upload avatar - totp_handler.go (1): totp status - password_reset_handler.go (1): forgot password Partially addresses P2: missing Swagger annotations (PRODUCTION_GAP_ANALYSIS_2026-04-08)
2026-04-11 21:23:52 +08:00
// GetPermission 获取权限详情
// @Summary 获取权限详情
// @Description 根据ID获取权限详细信息
// @Tags 权限管理
// @Produce json
// @Security BearerAuth
// @Param id path int true "权限ID"
// @Success 200 {object} Response{data=domain.Permission} "权限信息"
// @Failure 404 {object} Response "权限不存在"
// @Router /api/v1/permissions/{id} [get]
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
func (h *PermissionHandler) GetPermission(c *gin.Context) {
id, err := strconv.ParseInt(c.Param("id"), 10, 64)
if err != nil {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission id"})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
perm, err := h.permissionService.GetPermission(c.Request.Context(), id)
if err != nil {
handleError(c, err)
return
}
fix: 统一API响应格式并修复前端测试 - 所有Handler方法使用标准{code:0,message:"success",data:...}响应格式 - 修复Cursor分页响应包装(GetAllDevices,GetLoginLogs,ListUsers等) - 修复AuthHandler和SMSHandler认证方法响应格式 - 修复operation_log.go admin用户operation_type前缀问题 - 修复DashboardPage嵌套stats结构 - 修复LoginLogsPage reset功能stale closure问题 - 修复UsersPage批量操作API调用 - 修复多个前端测试(mock格式、按钮选择、断言逻辑) - 添加OAuth测试域名白名单 - 新增代码审查流程文档
2026-04-08 20:06:54 +08:00
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "success",
"data": perm,
})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
}
docs: add Swagger annotations to 13 API handlers Added @Summary, @Description, @Tags, @Param, @Success, @Failure, @Router annotations to all major handler endpoints for OpenAPI/Swagger auto-generation. Covers 86 annotations across: - auth_handler.go (25): all auth endpoints - user_handler.go (14): CRUD + roles + admin management - device_handler.go (13): device CRUD + trust management - role_handler.go (8): role CRUD + permissions - custom_field_handler.go (7): field CRUD + user values - permission_handler.go (7): permission CRUD + tree - log_handler.go (3): login/operation logs - captcha_handler.go (3): generate/verify - stats_handler.go (2): dashboard + user stats - avatar_handler.go (1): upload avatar - totp_handler.go (1): totp status - password_reset_handler.go (1): forgot password Partially addresses P2: missing Swagger annotations (PRODUCTION_GAP_ANALYSIS_2026-04-08)
2026-04-11 21:23:52 +08:00
// UpdatePermission 更新权限
// @Summary 更新权限
// @Description 更新权限信息(仅管理员)
// @Tags 权限管理
// @Accept json
// @Produce json
// @Security BearerAuth
// @Param id path int true "权限ID"
// @Param request body service.UpdatePermissionRequest true "更新信息"
// @Success 200 {object} Response{data=domain.Permission} "更新成功"
// @Failure 400 {object} Response "请求参数错误"
// @Failure 403 {object} Response "无权限"
// @Failure 404 {object} Response "权限不存在"
// @Router /api/v1/permissions/{id} [put]
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
func (h *PermissionHandler) UpdatePermission(c *gin.Context) {
id, err := strconv.ParseInt(c.Param("id"), 10, 64)
if err != nil {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission id"})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
var req service.UpdatePermissionRequest
if err := c.ShouldBindJSON(&req); err != nil {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
perm, err := h.permissionService.UpdatePermission(c.Request.Context(), id, &req)
if err != nil {
handleError(c, err)
return
}
fix: 统一API响应格式并修复前端测试 - 所有Handler方法使用标准{code:0,message:"success",data:...}响应格式 - 修复Cursor分页响应包装(GetAllDevices,GetLoginLogs,ListUsers等) - 修复AuthHandler和SMSHandler认证方法响应格式 - 修复operation_log.go admin用户operation_type前缀问题 - 修复DashboardPage嵌套stats结构 - 修复LoginLogsPage reset功能stale closure问题 - 修复UsersPage批量操作API调用 - 修复多个前端测试(mock格式、按钮选择、断言逻辑) - 添加OAuth测试域名白名单 - 新增代码审查流程文档
2026-04-08 20:06:54 +08:00
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "success",
"data": perm,
})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
}
docs: add Swagger annotations to 13 API handlers Added @Summary, @Description, @Tags, @Param, @Success, @Failure, @Router annotations to all major handler endpoints for OpenAPI/Swagger auto-generation. Covers 86 annotations across: - auth_handler.go (25): all auth endpoints - user_handler.go (14): CRUD + roles + admin management - device_handler.go (13): device CRUD + trust management - role_handler.go (8): role CRUD + permissions - custom_field_handler.go (7): field CRUD + user values - permission_handler.go (7): permission CRUD + tree - log_handler.go (3): login/operation logs - captcha_handler.go (3): generate/verify - stats_handler.go (2): dashboard + user stats - avatar_handler.go (1): upload avatar - totp_handler.go (1): totp status - password_reset_handler.go (1): forgot password Partially addresses P2: missing Swagger annotations (PRODUCTION_GAP_ANALYSIS_2026-04-08)
2026-04-11 21:23:52 +08:00
// DeletePermission 删除权限
// @Summary 删除权限
// @Description 删除权限定义(仅管理员)
// @Tags 权限管理
// @Produce json
// @Security BearerAuth
// @Param id path int true "权限ID"
// @Success 200 {object} Response "删除成功"
// @Failure 403 {object} Response "无权限"
// @Failure 404 {object} Response "权限不存在"
// @Router /api/v1/permissions/{id} [delete]
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
func (h *PermissionHandler) DeletePermission(c *gin.Context) {
id, err := strconv.ParseInt(c.Param("id"), 10, 64)
if err != nil {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission id"})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
if err := h.permissionService.DeletePermission(c.Request.Context(), id); err != nil {
handleError(c, err)
return
}
fix: 统一API响应格式并修复前端测试 - 所有Handler方法使用标准{code:0,message:"success",data:...}响应格式 - 修复Cursor分页响应包装(GetAllDevices,GetLoginLogs,ListUsers等) - 修复AuthHandler和SMSHandler认证方法响应格式 - 修复operation_log.go admin用户operation_type前缀问题 - 修复DashboardPage嵌套stats结构 - 修复LoginLogsPage reset功能stale closure问题 - 修复UsersPage批量操作API调用 - 修复多个前端测试(mock格式、按钮选择、断言逻辑) - 添加OAuth测试域名白名单 - 新增代码审查流程文档
2026-04-08 20:06:54 +08:00
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "permission deleted",
})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
}
docs: add Swagger annotations to 13 API handlers Added @Summary, @Description, @Tags, @Param, @Success, @Failure, @Router annotations to all major handler endpoints for OpenAPI/Swagger auto-generation. Covers 86 annotations across: - auth_handler.go (25): all auth endpoints - user_handler.go (14): CRUD + roles + admin management - device_handler.go (13): device CRUD + trust management - role_handler.go (8): role CRUD + permissions - custom_field_handler.go (7): field CRUD + user values - permission_handler.go (7): permission CRUD + tree - log_handler.go (3): login/operation logs - captcha_handler.go (3): generate/verify - stats_handler.go (2): dashboard + user stats - avatar_handler.go (1): upload avatar - totp_handler.go (1): totp status - password_reset_handler.go (1): forgot password Partially addresses P2: missing Swagger annotations (PRODUCTION_GAP_ANALYSIS_2026-04-08)
2026-04-11 21:23:52 +08:00
// UpdatePermissionStatus 更新权限状态
// @Summary 更新权限状态
// @Description 更新权限状态enabled/disabled仅管理员
// @Tags 权限管理
// @Accept json
// @Produce json
// @Security BearerAuth
// @Param id path int true "权限ID"
// @Param request body UpdatePermissionStatusRequest true "状态信息"
// @Success 200 {object} Response "状态更新成功"
// @Failure 400 {object} Response "无效的状态值"
// @Failure 403 {object} Response "无权限"
// @Failure 404 {object} Response "权限不存在"
// @Router /api/v1/permissions/{id}/status [put]
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
func (h *PermissionHandler) UpdatePermissionStatus(c *gin.Context) {
id, err := strconv.ParseInt(c.Param("id"), 10, 64)
if err != nil {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid permission id"})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
var req struct {
feat: permissions CRUD browser integration + E2E enhancements Backend: - permission_handler: 完善权限 CRUD 接口(列表/创建/更新/删除) - auth_handler: 修复认证处理逻辑 - router: 新增权限管理路由 - handler_test: 新增权限 handler 测试覆盖 Frontend: - permissions.ts/test.ts: 权限服务层完整实现 - profile/settings/service_tests: 服务适配器修正 - client.ts: HTTP 客户端健壮性增强 - vite.config.js: 构建配置优化 - E2E 脚本: run-playwright-cdp-e2e 大幅增强(权限流程覆盖) Docs: - REAL_PROJECT_STATUS: 状态更新 - PRODUCTION_CHECKLIST/QUALITY_STANDARD/TECHNICAL_GUIDE/PROJECT_EXPERIENCE_SUMMARY: 团队规范完善 - plans/2026-04-23: 权限浏览器 CRUD 设计方案 验证: go build 0错误
2026-04-24 07:30:18 +08:00
Status json.RawMessage `json:"status" binding:"required"`
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
}
if err := c.ShouldBindJSON(&req); err != nil {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
feat: permissions CRUD browser integration + E2E enhancements Backend: - permission_handler: 完善权限 CRUD 接口(列表/创建/更新/删除) - auth_handler: 修复认证处理逻辑 - router: 新增权限管理路由 - handler_test: 新增权限 handler 测试覆盖 Frontend: - permissions.ts/test.ts: 权限服务层完整实现 - profile/settings/service_tests: 服务适配器修正 - client.ts: HTTP 客户端健壮性增强 - vite.config.js: 构建配置优化 - E2E 脚本: run-playwright-cdp-e2e 大幅增强(权限流程覆盖) Docs: - REAL_PROJECT_STATUS: 状态更新 - PRODUCTION_CHECKLIST/QUALITY_STANDARD/TECHNICAL_GUIDE/PROJECT_EXPERIENCE_SUMMARY: 团队规范完善 - plans/2026-04-23: 权限浏览器 CRUD 设计方案 验证: go build 0错误
2026-04-24 07:30:18 +08:00
status, ok := parsePermissionStatus(req.Status)
if !ok {
fix: unify handler response format in log, permission, webhook handlers - log_handler.go: Fix GetMyLoginLogs/GetMyOperationLogs/GetLoginLogs/GetOperationLogs to use {code, message, data} - permission_handler.go: Fix all error responses to use {code, message} - webhook_handler.go: Add missing "message" field in success responses, wrap data in data object with list/total/page/page_size - webhook_handler_test.go: Update test to match new response format Standardize all JSON responses to {code: 0, message: "success", data: ...} for success and {code: XXX, message: "..."} for errors.
2026-04-11 13:12:27 +08:00
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "invalid status"})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
return
}
if err := h.permissionService.UpdatePermissionStatus(c.Request.Context(), id, status); err != nil {
handleError(c, err)
return
}
fix: 统一API响应格式并修复前端测试 - 所有Handler方法使用标准{code:0,message:"success",data:...}响应格式 - 修复Cursor分页响应包装(GetAllDevices,GetLoginLogs,ListUsers等) - 修复AuthHandler和SMSHandler认证方法响应格式 - 修复operation_log.go admin用户operation_type前缀问题 - 修复DashboardPage嵌套stats结构 - 修复LoginLogsPage reset功能stale closure问题 - 修复UsersPage批量操作API调用 - 修复多个前端测试(mock格式、按钮选择、断言逻辑) - 添加OAuth测试域名白名单 - 新增代码审查流程文档
2026-04-08 20:06:54 +08:00
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "status updated",
})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
}
docs: add Swagger annotations to 13 API handlers Added @Summary, @Description, @Tags, @Param, @Success, @Failure, @Router annotations to all major handler endpoints for OpenAPI/Swagger auto-generation. Covers 86 annotations across: - auth_handler.go (25): all auth endpoints - user_handler.go (14): CRUD + roles + admin management - device_handler.go (13): device CRUD + trust management - role_handler.go (8): role CRUD + permissions - custom_field_handler.go (7): field CRUD + user values - permission_handler.go (7): permission CRUD + tree - log_handler.go (3): login/operation logs - captcha_handler.go (3): generate/verify - stats_handler.go (2): dashboard + user stats - avatar_handler.go (1): upload avatar - totp_handler.go (1): totp status - password_reset_handler.go (1): forgot password Partially addresses P2: missing Swagger annotations (PRODUCTION_GAP_ANALYSIS_2026-04-08)
2026-04-11 21:23:52 +08:00
// GetPermissionTree 获取权限树
// @Summary 获取权限树
// @Description 获取系统权限的树形结构
// @Tags 权限管理
// @Produce json
// @Security BearerAuth
// @Success 200 {object} Response{data=[]domain.Permission} "权限树"
// @Router /api/v1/permissions/tree [get]
feat: permissions CRUD browser integration + E2E enhancements Backend: - permission_handler: 完善权限 CRUD 接口(列表/创建/更新/删除) - auth_handler: 修复认证处理逻辑 - router: 新增权限管理路由 - handler_test: 新增权限 handler 测试覆盖 Frontend: - permissions.ts/test.ts: 权限服务层完整实现 - profile/settings/service_tests: 服务适配器修正 - client.ts: HTTP 客户端健壮性增强 - vite.config.js: 构建配置优化 - E2E 脚本: run-playwright-cdp-e2e 大幅增强(权限流程覆盖) Docs: - REAL_PROJECT_STATUS: 状态更新 - PRODUCTION_CHECKLIST/QUALITY_STANDARD/TECHNICAL_GUIDE/PROJECT_EXPERIENCE_SUMMARY: 团队规范完善 - plans/2026-04-23: 权限浏览器 CRUD 设计方案 验证: go build 0错误
2026-04-24 07:30:18 +08:00
func parsePermissionStatus(raw json.RawMessage) (domain.PermissionStatus, bool) {
var statusText string
if err := json.Unmarshal(raw, &statusText); err == nil {
switch statusText {
case "enabled", "1":
return domain.PermissionStatusEnabled, true
case "disabled", "0":
return domain.PermissionStatusDisabled, true
}
}
var statusNumber int
if err := json.Unmarshal(raw, &statusNumber); err == nil {
switch statusNumber {
case 1:
return domain.PermissionStatusEnabled, true
case 0:
return domain.PermissionStatusDisabled, true
}
}
return domain.PermissionStatusDisabled, false
}
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
func (h *PermissionHandler) GetPermissionTree(c *gin.Context) {
tree, err := h.permissionService.GetPermissionTree(c.Request.Context())
if err != nil {
handleError(c, err)
return
}
fix: 统一API响应格式并修复前端测试 - 所有Handler方法使用标准{code:0,message:"success",data:...}响应格式 - 修复Cursor分页响应包装(GetAllDevices,GetLoginLogs,ListUsers等) - 修复AuthHandler和SMSHandler认证方法响应格式 - 修复operation_log.go admin用户operation_type前缀问题 - 修复DashboardPage嵌套stats结构 - 修复LoginLogsPage reset功能stale closure问题 - 修复UsersPage批量操作API调用 - 修复多个前端测试(mock格式、按钮选择、断言逻辑) - 添加OAuth测试域名白名单 - 新增代码审查流程文档
2026-04-08 20:06:54 +08:00
c.JSON(http.StatusOK, gin.H{
"code": 0,
"message": "success",
"data": tree,
})
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
}
Reference in New Issue Copy Permalink