-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathcreate_org.go
168 lines (161 loc) · 4.43 KB
/
create_org.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
package kuu
import (
"fmt"
"github.com/imdario/mergo"
"github.com/jinzhu/gorm"
"gopkg.in/guregu/null.v3"
"strings"
)
type CreateOrgArgs struct {
Tx *gorm.DB
OrgCode string
OrgName string
ParentOrgID uint
ParentOrgCode string
AdminUID uint
AdminUsername string
AdminPassword string
GeneratePassword bool
ExtraAdminUserInfo User
ExtraAdminRoleInfo Role
ExtraAssignRoleCodes []string
}
type CreateOrgReply struct {
OrgID uint
Org *Org
AdminUID uint
AdminUser *User
GeneratedPlaintextPassword string
}
func CreateOrg(args *CreateOrgArgs) (reply *CreateOrgReply, err error) {
IgnoreAuth()
defer IgnoreAuth(true)
tx := args.Tx
if tx == nil {
tx = DB()
args.Tx = tx
}
reply = new(CreateOrgReply)
// 1.创建组织
var parentOrg Org
if args.ParentOrgID != 0 {
if err := tx.Model(&Org{}).Where(&Org{ID: args.ParentOrgID}).First(&parentOrg).Error; err != nil {
return nil, err
}
} else if args.ParentOrgCode != "" {
if err := tx.Model(&Org{}).Where(&Org{Code: args.ParentOrgCode}).First(&parentOrg).Error; err != nil {
return nil, err
}
}
org := Org{
OrgID: parentOrg.ID,
CreatedByID: RootUID(),
UpdatedByID: RootUID(),
Code: args.OrgCode,
Name: args.OrgName,
Pid: parentOrg.ID,
IsBuiltIn: null.BoolFrom(true),
}
if err := tx.Model(&Org{}).Create(&org).Error; err != nil {
return nil, err
}
reply.Org = &org
reply.OrgID = org.ID
if args.AdminUsername != "" || args.AdminUID > 0 {
var adminUser User
if args.AdminUID > 0 {
if err := tx.Model(&User{}).Where(&User{ID: args.AdminUID}).First(&adminUser).Error; err != nil && err != gorm.ErrRecordNotFound {
return nil, err
}
} else {
if err := tx.Model(&User{}).Where(&User{Username: args.AdminUsername}).First(&adminUser).Error; err != nil && err != gorm.ErrRecordNotFound {
return nil, err
}
}
// 2.创建管理用户
if adminUser.ID == 0 {
var password string
if args.GeneratePassword {
reply.GeneratedPlaintextPassword = GenPassword()
password = MD5(reply.GeneratedPlaintextPassword)
} else {
password = args.AdminPassword
}
adminUser = User{
OrgID: reply.OrgID,
CreatedByID: RootUID(),
UpdatedByID: RootUID(),
Username: args.AdminUsername,
Password: password,
IsBuiltIn: null.BoolFrom(true),
}
if err := mergo.Merge(&adminUser, args.ExtraAdminUserInfo); err != nil {
return nil, err
}
if err := tx.Model(&User{}).Create(&adminUser).Error; err != nil {
return nil, err
}
}
reply.AdminUID = adminUser.ID
reply.AdminUser = &adminUser
// 3.创建管理用户角色
adminRole := Role{
CreatedByID: adminUser.ID,
UpdatedByID: adminUser.ID,
OrgID: reply.OrgID,
Code: fmt.Sprintf("org_admin:%d", org.ID),
Name: strings.TrimSpace(fmt.Sprintf("%s (Admin)", org.Name)),
IsBuiltIn: null.BoolFrom(true),
}
if err := mergo.Merge(&adminRole, args.ExtraAdminRoleInfo); err != nil {
return nil, err
}
if err := tx.Model(&Role{}).Create(&adminRole).Error; err != nil {
return nil, err
}
// 4.创建数据权限记录
if err := tx.Model(&DataPrivileges{}).Create(&DataPrivileges{
Model: Model{
CreatedByID: reply.AdminUID,
UpdatedByID: reply.AdminUID,
OrgID: reply.OrgID,
},
RoleID: adminRole.ID,
TargetOrgID: reply.OrgID,
ReadableRange: DataScopeCurrentFollowing,
WritableRange: DataScopeCurrentFollowing,
}).Error; err != nil {
return nil, err
}
// 5.创建角色授权记录
if err := tx.Model(&RoleAssign{}).Create(&RoleAssign{
ModelExOrg: ModelExOrg{
CreatedByID: reply.AdminUID,
UpdatedByID: reply.AdminUID,
},
RoleID: adminRole.ID,
UserID: reply.AdminUID,
}).Error; err != nil {
return nil, err
}
if len(args.ExtraAssignRoleCodes) > 0 {
var extraRoles []Role
if err := tx.Model(&Role{}).Where(fmt.Sprintf("%s IN (?)", tx.Dialect().Quote("code")), args.ExtraAssignRoleCodes).Find(&extraRoles).Error; err != nil {
return nil, err
}
for _, role := range extraRoles {
if err := tx.Model(&RoleAssign{}).Create(&RoleAssign{
ModelExOrg: ModelExOrg{
CreatedByID: reply.AdminUID,
UpdatedByID: reply.AdminUID,
},
RoleID: role.ID,
UserID: adminUser.ID,
}).Error; err != nil {
return nil, err
}
}
}
}
return reply, nil
}