package controllers import ( "github.com/jinzhu/gorm" "strconv" "strings" "time" "XT_New/enums" "XT_New/models" "XT_New/service" "github.com/astaxie/beego" ) func RoleAPIControllerRegistRouters() { beego.Router("/api/roles", &RoleAPIController{}, "get:GetRoles") beego.Router("/api/role/create", &RoleAPIController{}, "post:CreateRole") beego.Router("/api/role/modify", &RoleAPIController{}, "post:ModifyRole") beego.Router("/api/role/setstatus", &RoleAPIController{}, "post:ModifyRoleStatus") beego.Router("/role/purview/editinit", &RoleAPIController{}, "get:EditPurviewInitData") beego.Router("/role/purview/edit", &RoleAPIController{}, "post:EditPurview") beego.Router("/api/adminmain", &RoleAPIController{}, "get:AdminMainView") beego.Router("/api/admins", &RoleAPIController{}, "get:Admins") beego.Router("/api/admin/addinit", &RoleAPIController{}, "get:AddAdminInitData") beego.Router("/api/admin/add", &RoleAPIController{}, "post:AddAdmin") beego.Router("/api/admin/editinit", &RoleAPIController{}, "get:EditAdminInitData") beego.Router("/api/admin/edit", &RoleAPIController{}, "post:EditAdmin") beego.Router("/api/admin/setstatus", &RoleAPIController{}, "post:AdminSetStatus") beego.Router("/api/admin/specialpermission/initdata", &RoleAPIController{}, "get:SpecialPermissionInitData") beego.Router("/api/admin/specialpermission/dialysisrecord/submit", &RoleAPIController{}, "post:SubmitDialysisRecordPermission") beego.Router("/api/roles/list", &RoleAPIController{}, "get:GetAllOrgRole") beego.Router("/api/staff", &RoleAPIController{}, "get:GetAllOrgUser") beego.Router("/api/role/addStaff", &RoleAPIController{}, "post:AddRoleStaff") beego.Router("/api/role/staff", &RoleAPIController{}, "get:GetRoleStaff") beego.Router("/api/role", &RoleAPIController{}, "get:GetRoleInfo") } type RoleAPIController struct { BaseAuthAPIController } // /api/roles [get] // @param page?:int func (this *RoleAPIController) GetRoles() { page, _ := this.GetInt("page") adminUserInfo := this.GetAdminUserInfo() //beego.Alert(adminUserInfo.AdminUser) //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} if page <= 0 { page = 1 } roles, total, getRoleErr := service.GetRoles(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, page, 100) if getRoleErr != nil { //beego.Error("获取角色列表失败:", getRoleErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) } else { this.ServeSuccessJSON(map[string]interface{}{ "roles": roles, "total_count": total, }) } } // /api/role/create [post] // @param name:string // @param intro:string func (this *RoleAPIController) CreateRole() { name := this.GetString("name") intro := this.GetString("intro") if len(name) == 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} total := service.FindRoleRecordByRoleName(name, adminUserInfo.CurrentOrgId) if total > 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeRoleNameIsExist) return } role, createErr := service.CreateRole(adminUserInfo.AdminUser.Id, adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, name, intro) if createErr != nil { //beego.Error("创建角色失败:", createErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBCreate) } else { this.ServeSuccessJSON(map[string]interface{}{ "id": role.Id, "name": role.RoleName, "intro": role.RoleIntro, "status": role.Status, }) } } // /api/role/modify // @param role_id:int // @param name:string // @param intro:string func (this *RoleAPIController) ModifyRole() { roleID, _ := this.GetInt64("role_id") name := this.GetString("name") intro := this.GetString("intro") if roleID <= 0 || len(name) == 0 || len(intro) == 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } //adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} role, getRoleErr := service.GetRoleByRoleID(roleID) if getRoleErr != nil { //beego.Error("获取角色失败:", getRoleErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } else if role == nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeRoleNotExist) return } role.RoleName = name role.RoleIntro = intro role.ModifyTime = time.Now().Unix() saveErr := service.ModifyRole(role) if saveErr != nil { //beego.Error("修改角色失败:", role.Id, saveErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBUpdate) } else { this.ServeSuccessJSON(nil) } } // /api/role/setstatus // @param role_id:int // @param enable:bool func (this *RoleAPIController) ModifyRoleStatus() { roleID, _ := this.GetInt64("role_id") enable, _ := this.GetBool("enable") if roleID <= 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} role, getRoleErr := service.GetRoleByRoleID(roleID) if getRoleErr != nil { //beego.Error("获取角色失败:", getRoleErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } else if role == nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeRoleNotExist) return } if enable == false { if count, _ := service.RoleAdminUserCountTwo(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, roleID); count != 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeCannotRemoveRole) return } } if enable { role.Status = 1 } else { role.Status = 2 } role.ModifyTime = time.Now().Unix() saveErr := service.ModifyRole(role) if saveErr != nil { //beego.Error("修改角色失败:", role.Id, saveErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBUpdate) } else { this.ServeSuccessJSON(nil) } } // /role/purview/editinit [get] // @param role_id:int func (this *RoleAPIController) EditPurviewInitData() { //adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} roleId, _ := this.GetInt64("role_id") if roleId <= 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } role, _ := service.GetRoleByRoleID(roleId) purviews_xt, getPurviewsErr := service.GetAllGeneralPurviewVMsProcessed(3) purviews_scrm, getPurviewsErr := service.GetAllGeneralPurviewVMsProcessed(6) purviews_cdm, getPurviewsErr := service.GetAllGeneralPurviewVMsProcessed(4) purviews_mall, getPurviewsErr := service.GetAllGeneralPurviewVMsProcessed(7) purviews_func, getPurviewsErr := service.GetAllGeneralFuncPurviewVMsProcessed() for _, item := range purviews_xt { for _, childItem := range item.Childs { if childItem.Name == "透析记录" { childItem.Childs = purviews_func } } } scrm := &service.PurviewTreeViewModel{ ID: 0, PID: 0, Name: "SCRM", Number: 3, Childs: purviews_scrm, } cdm := &service.PurviewTreeViewModel{ ID: 0, PID: 0, Number: 3, Name: "慢病管理", Childs: purviews_cdm, } purviews_xt = append(purviews_xt, scrm) purviews_xt = append(purviews_xt, cdm) purviews_xt = append(purviews_xt, purviews_mall...) //purviews_xt = append(purviews_xt,purviews_cdm...) if getPurviewsErr != nil { //beego.Error("获取所有权限时出错:", getPurviewsErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } rolePurviewIdStr, getRPIdsErr := service.GetRolePurviewIds(roleId) if getRPIdsErr != nil { //beego.Error("获取角色的权限时出错:", getRPIdsErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } roleFuncPurview, getFuncRPIdsErr := service.GetRoleFuncPurview(roleId) if getFuncRPIdsErr == gorm.ErrRecordNotFound { //beego.Error("获取角色的权限时出错:", getRPIdsErr) if roleFuncPurview.ID == 0 { rolePurviewIdStr = rolePurviewIdStr } else { rolePurviewIdStr = rolePurviewIdStr + "," + roleFuncPurview.PurviewIds } } else if getFuncRPIdsErr != nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } else { if roleFuncPurview.ID == 0 { rolePurviewIdStr = rolePurviewIdStr } else { rolePurviewIdStr = rolePurviewIdStr + "," + roleFuncPurview.PurviewIds } } this.ServeSuccessJSON(map[string]interface{}{ "purviews": purviews_xt, "role": role, "role_purview_ids": rolePurviewIdStr + "," + roleFuncPurview.PurviewIds, }) } // /role/purview/edit [post] // @param role_id:int // @param purview_ids:string func (this *RoleAPIController) EditPurview() { adminUserInfo := this.GetAdminUserInfo() roleId, _ := this.GetInt64("role_id") purviewIds := this.GetString("purview_ids") funcPurviewIds := this.GetString("func_purview_ids") if roleId <= 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } err := service.SaveRolePurviewIds(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, roleId, purviewIds) err = service.SaveFuncRolePurviewIds(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, roleId, funcPurviewIds) if err != nil { //beego.Error("设置角色的权限时出错:", err) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBUpdate) } else { this.ServeSuccessJSON(nil) } } // func (this *RoleAPIController) doesUserHaveAccess(userID int64) bool { // adminUser, getAdminUserErr := service.GetAdminUserByUserID(userID) // if getAdminUserErr != nil { // beego.Error("获取用户信息失败:%v", getAdminUserErr) // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) // return false // } else if adminUser == nil { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeAdminUserNotExist) // return false // } else if adminUser.Status == 2 { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeUserWasForbidden) // return false // } else if adminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return false // } // return true // } // func (this *RoleAPIController) isAppRoleExist(orgID int64, appID int64, userID int64) bool { // appRole, getAppRoleErr := service.GetAppRole(orgID, appID, userID) // if getAppRoleErr != nil { // beego.Error("检查用户和机构应用对应关系时失败:%v", getAppRoleErr) // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) // return false // } else if appRole == nil { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return false // } // return true // } // /api/adminmain [get] func (this *RoleAPIController) AdminMainView() { adminUserInfo := this.GetAdminUserInfo() var isSubSuperAdmin bool = false adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id) if len(adminUserRole.RoleIds) > 0 { role_ids := strings.Split(adminUserRole.RoleIds, ",") org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) if adminUserInfo.AdminUser.Id != org.Creator { for _, item := range role_ids { id, _ := strconv.ParseInt(item, 10, 64) if id != 0 { role, _ := service.GetRoleByRoleID(id) if role != nil { if role.IsSystem == 1 && role.RoleName == "子管理员" { isSubSuperAdmin = true } } } } } } org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) viewModels, _, getAdminsErr := service.GetAdminUsersAndLoginInfo(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, 1, 100) if getAdminsErr != nil { //beego.Error("获取管理员列表失败:", getAdminsErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } this.ServeSuccessJSON(map[string]interface{}{ "admins": viewModels, "org": org, "isSubSuperAdmin": isSubSuperAdmin, }) } // /api/admins [get] // @param page?:int func (this *RoleAPIController) Admins() { adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} page, _ := this.GetInt("page") viewModels, total, getAdminsErr := service.GetAdminUsersAndLoginInfo(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, page, 100) if getAdminsErr != nil { //beego.Error("获取管理员列表失败:", getAdminsErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) } else { this.ServeSuccessJSON(map[string]interface{}{ "admins": viewModels, "total_count": total, }) } } // /api/admin/addinit [get] func (this *RoleAPIController) AddAdminInitData() { adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} var isSubSuperAdmin bool = false adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id) if len(adminUserRole.RoleIds) > 0 { //app_role, _ := service.GetAppRoleById(adminUserInfo.) role_ids := strings.Split(adminUserRole.RoleIds, ",") org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) if adminUserInfo.AdminUser.Id != org.Creator { for _, item := range role_ids { id, _ := strconv.ParseInt(item, 10, 64) if id != 0 { role, _ := service.GetRoleByRoleID(id) if role != nil { if role.IsSystem == 1 && role.RoleName == "子管理员" { isSubSuperAdmin = true } } } } } } org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) roles, getRoleErr := service.GetAllValidRoles(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId) if getRoleErr != nil { //beego.Error("获取所有角色失败:", getRoleErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } redisClient := service.RedisClient() defer redisClient.Close() qntoken, _ := redisClient.Get("qn_token").Result() this.ServeSuccessJSON(map[string]interface{}{ "roles": roles, "qntoken": qntoken, "isSubSuperAdmin": isSubSuperAdmin, "org": org, }) } // /api/admin/add [post] // @param mobile:string // @param name:string // @param type:int 管理员类型:2.医生 3.护士 4.运营 // @param title:int 用户职称(1.医士;2.医师;3.住院医师;4.主治医师;5.副主任医师;6.主任医师;7.护士;8.护师;9.主管护师;10.副主任护师;11.主任护师;12.运营专员;13.运营主管) // @param role:int // @param intro?:string func (this *RoleAPIController) AddAdmin() { adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} mobile := this.GetString("mobile") name := this.GetString("name") userType, _ := this.GetInt("type") userTitle, _ := this.GetInt("title") roleIds := this.GetString("role") user_title_name := this.GetString("user_title_name") if len(mobile) == 0 || len(name) == 0 || (userType != 2 && userType != 3 && userType != 4) || len(roleIds) <= 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } // 判断是否已存在该手机号 if adminUser, err := service.GetValidAdminUserByMobileReturnErr(mobile); err != nil { //beego.Error("查询用户是否已被添加为管理员时失败:", err) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } else { if adminUser == nil { //新增账号和用户 _, password, createErr := service.CreateGeneralAdminUser(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, mobile, name, user_title_name, roleIds, userType, userTitle) if createErr != nil { //beego.Error("创建管理员失败:", createErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBCreate) return } else { sendSMSErr := service.SMSSendInviteMobileToJoinOrgAdmin(name, mobile, password) if sendSMSErr != nil { } this.ServeSuccessJSON(nil) return } } else { total, _ := service.FindAdminUserByID(adminUser.Id, adminUserInfo.CurrentOrgId) if total <= 0 { //新增用户 app_role := &models.App_Role{ AdminUserId: adminUser.Id, OrgId: adminUserInfo.CurrentOrgId, AppId: adminUserInfo.CurrentAppId, Avatar: "", UserName: name, UserTitleName: user_title_name, Status: 1, UserType: int8(userType), UserTitle: int8(userTitle), CreateTime: time.Now().Unix(), ModifyTime: time.Now().Unix(), RoleIds: roleIds, } err := service.CreateUserRole(app_role) if err != nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBCreate) return } this.ServeSuccessJSON(nil) } else { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeRepeatCreateStaffException) return } return } } } // /api/admin/editinit [get] // @param uid:int func (this *RoleAPIController) EditAdminInitData() { adminUserInfo := this.GetAdminUserInfo() admin_user_id, _ := this.GetInt64("uid") if admin_user_id <= 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } appRole, getAppRoleErr := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, admin_user_id) if getAppRoleErr != nil { //beego.Error("查询管理员信息时失败:", getAppRoleErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } if appRole == nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeAdminUserNotExist) return } roles, getRoleErr := service.GetAllValidRoles(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId) if getRoleErr != nil { //beego.Error("获取所有角色失败:", getRoleErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } var isSubSuperAdmin bool = false adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id) if len(adminUserRole.RoleIds) > 0 { role_ids := strings.Split(adminUserRole.RoleIds, ",") org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) if adminUserInfo.AdminUser.Id != org.Creator { for _, item := range role_ids { id, _ := strconv.ParseInt(item, 10, 64) if id != 0 { role, _ := service.GetRoleByRoleID(id) if role.IsSystem == 1 && role.RoleName == "子管理员" { isSubSuperAdmin = true } } } } } org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) redisClient := service.RedisClient() defer redisClient.Close() qntoken, _ := redisClient.Get("qn_token").Result() this.ServeSuccessJSON(map[string]interface{}{ "admin": appRole, "roles": roles, "qntoken": qntoken, "isSubSuperAdmin": isSubSuperAdmin, "org": org, }) } // /api/admin/edit [post] // @param uid:int // @param name:string // @param type:int // @param title:int // @param role:int // @param intro?:string func (this *RoleAPIController) EditAdmin() { adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} adminUserId, _ := this.GetInt64("uid") name := this.GetString("name") userType, _ := this.GetInt("type") userTitle, _ := this.GetInt("title") roleIds := this.GetString("role") intro := this.GetString("intro") user_title_name := this.GetString("user_title_name") _, titleExist := models.UserTitle[userTitle] if adminUserId <= 0 || len(name) == 0 || (userType != 2 && userType != 3 && userType != 4) || !titleExist || len(roleIds) <= 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } appRole, getAppRoleErr := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserId) if getAppRoleErr != nil { //beego.Error("查询管理员信息时失败:", getAppRoleErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } if appRole == nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeAdminUserNotExist) return } appRole.UserName = name appRole.UserType = int8(userType) appRole.UserTitle = int8(userTitle) appRole.RoleIds = roleIds appRole.Intro = intro appRole.UserTitleName = user_title_name appRole.ModifyTime = time.Now().Unix() saveErr := service.SaveAppRole(appRole) if saveErr != nil { //beego.Error("修改App_Role失败:", saveErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBUpdate) } else { this.ServeSuccessJSON(nil) } } // /api/admin/setstatus [post] // @param uid:int // @param enable:bool func (this *RoleAPIController) AdminSetStatus() { adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} userID, _ := this.GetInt64("uid") if userID <= 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } appRole, getAppRoleErr := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, userID) if getAppRoleErr != nil { //beego.Error("查询管理员信息失败:", getAppRoleErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } else if appRole == nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeAdminUserNotExist) return } enable, _ := this.GetBool("enable") if enable { appRole.Status = 1 } else { appRole.Status = 0 } appRole.ModifyTime = time.Now().Unix() saveErr := service.SaveAppRole(appRole) if saveErr != nil { //beego.Error("保存AppRole失败:", saveErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBUpdate) } else { this.ServeSuccessJSON(nil) } } // /api/admin/specialpermission/initdata [get] func (this *RoleAPIController) SpecialPermissionInitData() { adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} adminUsers, getAdminUsersErr := service.GetAllGeneralAdminUsers(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId) if getAdminUsersErr != nil { this.ErrorLog("获取所有普通用户失败:%v", getAdminUsersErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } headNurses, getAllHeadNursesErr := service.GetAllValidAdminUsersWithSpecialPermission(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, models.SpecialPermissionTypeHeadNurse) if getAllHeadNursesErr != nil { this.ErrorLog("获取所有拥有护士长特殊权限的用户失败:%v", getAllHeadNursesErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } this.ServeSuccessJSON(map[string]interface{}{ "users": adminUsers, "head_nurses": headNurses, }) } // /api/admin/specialpermission/dialysisrecord/submit [post] // @param ids:string ("1,2,5") func (this *RoleAPIController) SubmitDialysisRecordPermission() { adminUserInfo := this.GetAdminUserInfo() //if adminUserInfo.AdminUser.IsSuperAdmin == false { // this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodePermissionDenied) // return //} idsString := this.GetString("ids") if len(idsString) == 0 { // 取消所有用户的护士长权限 cancelErr := service.CancelAllSpecialPermissionAdminUsers(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, models.SpecialPermissionTypeHeadNurse) if cancelErr != nil { this.ErrorLog("取消所有用户的护士长权限失败:%v", cancelErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } else { this.ServeSuccessJSON(nil) return } } else { ids := make([]int64, 0) idStrs := strings.Split(idsString, ",") for _, idStr := range idStrs { id, parseErr := strconv.Atoi(idStr) if parseErr != nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } ids = append(ids, int64(id)) } headNurses, getAllHeadNursesErr := service.GetAllSpecialPermissionAdminUsersWithoutStatus(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, models.SpecialPermissionTypeHeadNurse) if getAllHeadNursesErr != nil { this.ErrorLog("获取所有拥有或曾拥有护士长特殊权限的用户失败:%v", getAllHeadNursesErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } cancelList := make([]*models.AdminUserSpecialPermission, 0) addList := make([]*models.AdminUserSpecialPermission, 0) for _, id := range ids { exit := false for _, headNurse := range headNurses { if headNurse.AdminUserID == id { exit = true if headNurse.Status != 1 { headNurse.Status = 1 headNurse.ModifyTime = time.Now().Unix() addList = append(addList, headNurse) } break } } if exit == false { newHeadNurse := &models.AdminUserSpecialPermission{ OrgID: adminUserInfo.CurrentOrgId, AppID: adminUserInfo.CurrentAppId, AdminUserID: id, Permission: int64(models.SpecialPermissionTypeHeadNurse), Status: 1, CreateTime: time.Now().Unix(), ModifyTime: time.Now().Unix(), } addList = append(addList, newHeadNurse) } } for _, headNurse := range headNurses { cancel := true for _, willAdd := range addList { if willAdd.AdminUserID == headNurse.AdminUserID { cancel = false break } } if cancel { headNurse.Status = 0 headNurse.ModifyTime = time.Now().Unix() cancelList = append(cancelList, headNurse) } } addErr := service.BatchSaveSpecialPermissionAdminUsers(addList) if addErr != nil { this.ErrorLog("授权失败:%v", addErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } cancelErr := service.BatchSaveSpecialPermissionAdminUsers(cancelList) if cancelErr != nil { this.ErrorLog("取消授权失败:%v", cancelErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } this.ServeSuccessJSON(nil) } } func (this *RoleAPIController) GetAllOrgRole() { adminUserInfo := this.GetAdminUserInfo() var isSubSuperAdmin bool = false adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id) if len(adminUserRole.RoleIds) > 0 { //app_role, _ := service.GetAppRoleById(adminUserInfo.) role_ids := strings.Split(adminUserRole.RoleIds, ",") org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) if adminUserInfo.AdminUser.Id != org.Creator { for _, item := range role_ids { id, _ := strconv.ParseInt(item, 10, 64) if id != 0 { role, _ := service.GetRoleByRoleID(id) if role != nil { if role.IsSystem == 1 && role.RoleName == "子管理员" { isSubSuperAdmin = true } } } } } } org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) roles, err := service.GetAllOrgValidRoles(adminUserInfo.CurrentOrgId, isSubSuperAdmin) if err != nil { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } else { this.ServeSuccessJSON(map[string]interface{}{ "roles": roles, "isSubSuperAdmin": isSubSuperAdmin, "org": org, }) } } func (this *RoleAPIController) GetAllOrgUser() { adminUserInfo := this.GetAdminUserInfo() org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) var isSubSuperAdmin bool = false adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id) if len(adminUserRole.RoleIds) > 0 { //app_role, _ := service.GetAppRoleById(adminUserInfo.) role_ids := strings.Split(adminUserRole.RoleIds, ",") org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) if adminUserInfo.AdminUser.Id != org.Creator { for _, item := range role_ids { id, _ := strconv.ParseInt(item, 10, 64) if id != 0 { role, _ := service.GetRoleByRoleID(id) if role != nil { if role.IsSystem == 1 && role.RoleName == "子管理员" { isSubSuperAdmin = true } } } } } } viewModels, _, _ := service.GetAllAdminUsersAndRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, 1, 100) this.ServeSuccessJSON(map[string]interface{}{ "admins": viewModels, "org": org, "isSubSuperAdmin": isSubSuperAdmin, }) } func (this *RoleAPIController) AddRoleStaff() { //adminUserInfo := this.GetMobileAdminUserInfo() role_id, _ := this.GetInt64("id", 0) staff_ids := this.GetString("ids") ids := strings.Split(staff_ids, ",") for _, item := range ids { id, _ := strconv.ParseInt(item, 10, 64) role, _ := service.FindAdminUserID(id) role.RoleIds = role.RoleIds + "," + strconv.FormatInt(role_id, 10) service.SaveAdminUser(&role) } this.ServeSuccessJSON(map[string]interface{}{ "msg": "添加成功", }) } func (this *RoleAPIController) GetRoleStaff() { adminUserInfo := this.GetAdminUserInfo() var isSubSuperAdmin bool = false adminUserRole, _ := service.GetAppRole(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, adminUserInfo.AdminUser.Id) if len(adminUserRole.RoleIds) > 0 { role_ids := strings.Split(adminUserRole.RoleIds, ",") org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) if adminUserInfo.AdminUser.Id != org.Creator { for _, item := range role_ids { id, _ := strconv.ParseInt(item, 10, 64) if id != 0 { role, _ := service.GetRoleByRoleID(id) if role.IsSystem == 1 && role.RoleName == "子管理员" { isSubSuperAdmin = true } } } } } org, _ := service.GetOrgById(adminUserInfo.CurrentOrgId) viewModels, _, getAdminsErr := service.GetAdminUsersAndLoginInfo(adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, 1, 100) if getAdminsErr != nil { //beego.Error("获取管理员列表失败:", getAdminsErr) this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException) return } this.ServeSuccessJSON(map[string]interface{}{ "admins": viewModels, "org": org, "isSubSuperAdmin": isSubSuperAdmin, }) } func (this *RoleAPIController) GetRoleInfo() { roleId, _ := this.GetInt64("role_id") if roleId <= 0 { this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong) return } role, _ := service.GetRoleByRoleID(roleId) this.ServeSuccessJSON(map[string]interface{}{ "role": role, }) }