2026-05-02 13:02:38 +08:00

59 lines
1.7 KiB
Go

package repository
import (
"fmt"
"hyapp-admin-server/internal/model"
"strings"
)
func (s *Store) Search(keyword string, permissionCodes []string) ([]SearchResult, error) {
return s.SearchWithAccess(keyword, permissionCodes, DataAccess{All: true})
}
func (s *Store) SearchWithAccess(keyword string, permissionCodes []string, access DataAccess) ([]SearchResult, error) {
value := strings.TrimSpace(keyword)
results := make([]SearchResult, 0, 12)
if value == "" {
value = "%"
}
like := "%" + strings.Trim(value, "%") + "%"
permissions := permissionSet(permissionCodes)
// 搜索是跨模块入口,结果必须先按权限裁剪,避免无菜单权限用户通过搜索发现业务数据。
if _, ok := permissions["user:view"]; ok {
var users []model.User
query := s.db.Model(&model.User{}).Where("username LIKE ? OR name LIKE ? OR team LIKE ?", like, like, like)
query = applyUserDataAccess(query, access)
if err := query.Limit(4).Find(&users).Error; err != nil {
return nil, err
}
for _, user := range users {
results = append(results, SearchResult{
Type: "user",
ID: fmt.Sprintf("%d", user.ID),
Title: user.Name,
Subtitle: fmt.Sprintf("%s / %s", user.Username, user.Team),
Target: "/system/users",
})
}
}
if _, ok := permissions["role:view"]; ok {
var roles []model.Role
if err := s.db.Where("name LIKE ? OR code LIKE ?", like, like).Limit(2).Find(&roles).Error; err != nil {
return nil, err
}
for _, role := range roles {
results = append(results, SearchResult{
Type: "role",
ID: fmt.Sprintf("%d", role.ID),
Title: role.Name,
Subtitle: role.Code,
Target: "/system/roles",
})
}
}
return results, nil
}