| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135 |
- "use strict";
- Object.defineProperty(exports, "__esModule", { value: true });
- exports.PermissionController = void 0;
- const errorHandler_1 = require("../middleware/errorHandler");
- const permission_1 = require("../models/permission");
- const helpers_1 = require("../utils/helpers");
- class PermissionController {
- static async getAllPages(req, res) {
- try {
- const currentUser = req.user;
- if (!currentUser || currentUser.role !== 'admin') {
- throw new errorHandler_1.AppError('权限不足,只有管理员可以访问', 403);
- }
- const pages = await permission_1.PermissionModel.getAllPages();
- res.status(200).json({
- success: true,
- message: '获取页面列表成功',
- data: pages
- });
- }
- catch (error) {
- throw error;
- }
- }
- static async getUserPermissions(req, res) {
- try {
- const currentUser = req.user;
- if (!currentUser || currentUser.role !== 'admin') {
- throw new errorHandler_1.AppError('权限不足,只有管理员可以访问', 403);
- }
- const userId = (0, helpers_1.toString)(req.params.userId);
- if (!userId) {
- throw new errorHandler_1.AppError('用户ID不能为空', 400);
- }
- const permissions = await permission_1.PermissionModel.getUserPermissions(userId);
- res.status(200).json({
- success: true,
- message: '获取用户权限列表成功',
- data: permissions
- });
- }
- catch (error) {
- throw error;
- }
- }
- static async assignPermission(req, res) {
- try {
- const currentUser = req.user;
- if (!currentUser || currentUser.role !== 'admin') {
- throw new errorHandler_1.AppError('权限不足,只有管理员可以分配权限', 403);
- }
- const userId = (0, helpers_1.toString)(req.params.userId);
- const { pageId } = req.body;
- if (!userId || !pageId) {
- throw new errorHandler_1.AppError('用户ID和页面ID不能为空', 400);
- }
- const permission = await permission_1.PermissionModel.assignPermission(userId, pageId);
- res.status(201).json({
- success: true,
- message: '权限分配成功',
- data: permission
- });
- }
- catch (error) {
- throw error;
- }
- }
- static async assignPermissions(req, res) {
- try {
- const currentUser = req.user;
- if (!currentUser || currentUser.role !== 'admin') {
- throw new errorHandler_1.AppError('权限不足,只有管理员可以分配权限', 403);
- }
- const userId = (0, helpers_1.toString)(req.params.userId);
- const { pageIds } = req.body;
- if (!userId || !Array.isArray(pageIds)) {
- throw new errorHandler_1.AppError('用户ID和页面ID列表不能为空', 400);
- }
- await permission_1.PermissionModel.assignPermissions(userId, pageIds);
- res.status(200).json({
- success: true,
- message: '权限分配成功'
- });
- }
- catch (error) {
- throw error;
- }
- }
- static async removePermission(req, res) {
- try {
- const currentUser = req.user;
- if (!currentUser || currentUser.role !== 'admin') {
- throw new errorHandler_1.AppError('权限不足,只有管理员可以移除权限', 403);
- }
- const userId = (0, helpers_1.toString)(req.params.userId);
- const pageId = (0, helpers_1.toString)(req.params.pageId);
- if (!userId || !pageId) {
- throw new errorHandler_1.AppError('用户ID和页面ID不能为空', 400);
- }
- const success = await permission_1.PermissionModel.removePermission(userId, parseInt(pageId));
- if (!success) {
- throw new errorHandler_1.AppError('移除权限失败,权限不存在', 404);
- }
- res.status(200).json({
- success: true,
- message: '权限移除成功'
- });
- }
- catch (error) {
- throw error;
- }
- }
- static async checkPermission(req, res) {
- try {
- const userId = (0, helpers_1.toString)(req.params.userId);
- const pagePath = (0, helpers_1.toString)(req.params.pagePath);
- if (!userId || !pagePath) {
- throw new errorHandler_1.AppError('用户ID和页面路径不能为空', 400);
- }
- const hasPermission = await permission_1.PermissionModel.checkUserPermission(userId, pagePath);
- res.status(200).json({
- success: true,
- message: '权限检查成功',
- data: {
- hasPermission
- }
- });
- }
- catch (error) {
- throw error;
- }
- }
- }
- exports.PermissionController = PermissionController;
- //# sourceMappingURL=permissionController.js.map
|
