350 lines
11 KiB
Go
350 lines
11 KiB
Go
package appuser
|
|
|
|
import (
|
|
"database/sql"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"hyapp-admin-server/internal/config"
|
|
"hyapp-admin-server/internal/integration/activityclient"
|
|
"hyapp-admin-server/internal/integration/userclient"
|
|
"hyapp-admin-server/internal/middleware"
|
|
"hyapp-admin-server/internal/modules/shared"
|
|
"hyapp-admin-server/internal/response"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/status"
|
|
)
|
|
|
|
type Handler struct {
|
|
service *Service
|
|
cfg config.Config
|
|
audit shared.OperationLogger
|
|
}
|
|
|
|
func New(userClient userclient.Client, activityClient activityclient.Client, adminDB *sql.DB, userDB *sql.DB, walletDB *sql.DB, cfg config.Config, audit shared.OperationLogger, opts ...ServiceOption) *Handler {
|
|
return &Handler{
|
|
service: NewService(userClient, activityClient, adminDB, userDB, walletDB, opts...),
|
|
cfg: cfg,
|
|
audit: audit,
|
|
}
|
|
}
|
|
|
|
func (h *Handler) ListUsers(c *gin.Context) {
|
|
query := parseListQuery(c)
|
|
items, total, err := h.service.ListUsers(c.Request.Context(), query)
|
|
if err != nil {
|
|
response.ServerError(c, "获取 App 用户列表失败")
|
|
return
|
|
}
|
|
response.OK(c, response.Page{Items: items, Page: query.Page, PageSize: query.PageSize, Total: total})
|
|
}
|
|
|
|
func (h *Handler) ListLoginLogs(c *gin.Context) {
|
|
query := parseLoginLogQuery(c)
|
|
items, total, err := h.service.ListLoginLogs(c.Request.Context(), query)
|
|
if err != nil {
|
|
response.ServerError(c, "获取登录日志失败")
|
|
return
|
|
}
|
|
response.OK(c, response.Page{Items: items, Page: query.Page, PageSize: query.PageSize, Total: total})
|
|
}
|
|
|
|
func (h *Handler) ListBannedUsers(c *gin.Context) {
|
|
query := parseBanListQuery(c)
|
|
items, total, err := h.service.ListBannedUsers(c.Request.Context(), query)
|
|
if err != nil {
|
|
response.ServerError(c, "获取封禁列表失败")
|
|
return
|
|
}
|
|
response.OK(c, response.Page{Items: items, Page: query.Page, PageSize: query.PageSize, Total: total})
|
|
}
|
|
|
|
func (h *Handler) ListUserLoginLogs(c *gin.Context) {
|
|
userID, ok := parseInt64ID(c, "id")
|
|
if !ok {
|
|
return
|
|
}
|
|
query := parseLoginLogQuery(c)
|
|
query.UserID = userID
|
|
items, total, err := h.service.ListLoginLogs(c.Request.Context(), query)
|
|
if err != nil {
|
|
response.ServerError(c, "获取用户登录日志失败")
|
|
return
|
|
}
|
|
response.OK(c, response.Page{Items: items, Page: query.Page, PageSize: query.PageSize, Total: total})
|
|
}
|
|
|
|
func (h *Handler) GetUser(c *gin.Context) {
|
|
userID, ok := parseInt64ID(c, "id")
|
|
if !ok {
|
|
return
|
|
}
|
|
user, err := h.service.GetUser(c.Request.Context(), userID)
|
|
if err != nil {
|
|
writeReadError(c, err, "获取 App 用户失败")
|
|
return
|
|
}
|
|
response.OK(c, user)
|
|
}
|
|
|
|
func (h *Handler) UpdateUser(c *gin.Context) {
|
|
userID, ok := parseInt64ID(c, "id")
|
|
if !ok {
|
|
return
|
|
}
|
|
var req updateUserRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
response.BadRequest(c, "用户参数不正确")
|
|
return
|
|
}
|
|
user, err := h.service.UpdateUser(c.Request.Context(), userID, int64(middleware.CurrentUserID(c)), middleware.CurrentRequestID(c), req)
|
|
if err != nil {
|
|
writeMutationError(c, err, "更新 App 用户失败")
|
|
return
|
|
}
|
|
detail := "update profile"
|
|
if req.Country != nil {
|
|
detail = fmt.Sprintf("update country=%s region_id=%d", user.Country, user.RegionID)
|
|
}
|
|
writeAppUserAuditLog(c, h.audit, "update-app-user", "app_users", userID, "success", detail)
|
|
response.OK(c, user)
|
|
}
|
|
|
|
func (h *Handler) BanUser(c *gin.Context) {
|
|
userID, ok := parseInt64ID(c, "id")
|
|
if !ok {
|
|
return
|
|
}
|
|
var req banUserRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil && !errors.Is(err, io.EOF) {
|
|
response.BadRequest(c, "封禁参数不正确")
|
|
return
|
|
}
|
|
result, err := h.service.AdminBanUser(c.Request.Context(), userID, int64(middleware.CurrentUserID(c)), middleware.CurrentRequestID(c), req)
|
|
if err != nil {
|
|
writeMutationError(c, err, "封禁 App 用户失败")
|
|
return
|
|
}
|
|
detail := "permanent"
|
|
if req.ExpiresAtMs > 0 {
|
|
detail = fmt.Sprintf("expires_at_ms=%d", req.ExpiresAtMs)
|
|
}
|
|
writeAppUserAuditLog(c, h.audit, "ban-app-user", "app_users", userID, "success", detail)
|
|
response.OK(c, result)
|
|
}
|
|
|
|
func (h *Handler) UnbanUser(c *gin.Context) {
|
|
userID, ok := parseInt64ID(c, "id")
|
|
if !ok {
|
|
return
|
|
}
|
|
var req unbanUserRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil && !errors.Is(err, io.EOF) {
|
|
response.BadRequest(c, "解封参数不正确")
|
|
return
|
|
}
|
|
result, err := h.service.AdminUnbanUser(c.Request.Context(), userID, int64(middleware.CurrentUserID(c)), middleware.CurrentRequestID(c), req)
|
|
if err != nil {
|
|
writeMutationError(c, err, "解封 App 用户失败")
|
|
return
|
|
}
|
|
writeAppUserAuditLog(c, h.audit, "unban-app-user", "app_users", userID, "success", strings.TrimSpace(req.Reason))
|
|
response.OK(c, result)
|
|
}
|
|
|
|
func (h *Handler) AdjustTemporaryLevels(c *gin.Context) {
|
|
userID, ok := parseInt64ID(c, "id")
|
|
if !ok {
|
|
return
|
|
}
|
|
var req adjustTemporaryLevelsRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
response.BadRequest(c, "等级调整参数不正确")
|
|
return
|
|
}
|
|
user, err := h.service.AdjustTemporaryLevels(c.Request.Context(), userID, int64(middleware.CurrentUserID(c)), middleware.CurrentRequestID(c), req)
|
|
if err != nil {
|
|
writeMutationError(c, err, "调整用户等级失败")
|
|
return
|
|
}
|
|
writeAppUserAuditLog(c, h.audit, "adjust-app-user-level", "app_users", userID, "success", fmt.Sprintf("tracks=%d", len(req.Adjustments)))
|
|
response.OK(c, user)
|
|
}
|
|
|
|
func (h *Handler) SetPassword(c *gin.Context) {
|
|
userID, ok := parseInt64ID(c, "id")
|
|
if !ok {
|
|
return
|
|
}
|
|
var req setPasswordRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
response.BadRequest(c, "密码参数不正确")
|
|
return
|
|
}
|
|
if err := h.service.SetPassword(c.Request.Context(), userID, req.Password); err != nil {
|
|
writeMutationError(c, err, "设置 App 用户密码失败")
|
|
return
|
|
}
|
|
writeAppUserAuditLog(c, h.audit, "set-app-user-password", "app_users", userID, "success", "set password")
|
|
response.OK(c, gin.H{"passwordSet": true})
|
|
}
|
|
|
|
func (h *Handler) setUserStatus(c *gin.Context, status string, action string, successMessage string) {
|
|
userID, ok := parseInt64ID(c, "id")
|
|
if !ok {
|
|
return
|
|
}
|
|
result, err := h.service.SetUserStatus(c.Request.Context(), userID, status, int64(middleware.CurrentUserID(c)), middleware.CurrentRequestID(c))
|
|
if err != nil {
|
|
writeMutationError(c, err, successMessage+"失败")
|
|
return
|
|
}
|
|
writeAppUserAuditLog(c, h.audit, action, "app_users", userID, "success", fmt.Sprintf("status=%s", status))
|
|
response.OK(c, result)
|
|
}
|
|
|
|
func parseListQuery(c *gin.Context) listQuery {
|
|
options := shared.ListOptions(c)
|
|
regionID, regionIDSet := queryOptionalInt64(c, "region_id", "regionId")
|
|
return normalizeListQuery(listQuery{
|
|
Page: options.Page,
|
|
PageSize: options.PageSize,
|
|
Country: firstQuery(c, "country", "country_code", "countryCode"),
|
|
Keyword: options.Keyword,
|
|
UserFilter: shared.UserIdentityFilterFromQuery(c, ""),
|
|
RegionID: regionID,
|
|
RegionIDSet: regionIDSet,
|
|
Status: options.Status,
|
|
SortBy: firstQuery(c, "sort_by", "sortBy"),
|
|
SortDirection: firstQuery(c, "sort_direction", "sortDirection", "order"),
|
|
StartMs: queryInt64(c, "start_ms", "startMs", "start_at_ms", "startAtMs"),
|
|
EndMs: queryInt64(c, "end_ms", "endMs", "end_at_ms", "endAtMs"),
|
|
})
|
|
}
|
|
|
|
func parseLoginLogQuery(c *gin.Context) loginLogQuery {
|
|
options := shared.ListOptions(c)
|
|
regionID, regionIDSet := queryOptionalInt64(c, "region_id", "regionId")
|
|
return normalizeLoginLogQuery(loginLogQuery{
|
|
Page: options.Page,
|
|
PageSize: options.PageSize,
|
|
Keyword: options.Keyword,
|
|
UserFilter: shared.UserIdentityFilterFromQuery(c, ""),
|
|
UserID: queryInt64(c, "user_id", "userId"),
|
|
DisplayUserID: firstQuery(c, "display_user_id", "displayUserId"),
|
|
IP: firstQuery(c, "ip"),
|
|
IPCountryCode: firstQuery(c, "ip_country_code", "ipCountryCode"),
|
|
Channel: firstQuery(c, "channel"),
|
|
Platform: firstQuery(c, "platform"),
|
|
Result: firstQuery(c, "result"),
|
|
Blocked: firstQuery(c, "blocked"),
|
|
RegionID: regionID,
|
|
RegionIDSet: regionIDSet,
|
|
StartMs: queryInt64(c, "start_ms", "startMs"),
|
|
EndMs: queryInt64(c, "end_ms", "endMs"),
|
|
})
|
|
}
|
|
|
|
func parseBanListQuery(c *gin.Context) banListQuery {
|
|
options := shared.ListOptions(c)
|
|
return normalizeBanListQuery(banListQuery{
|
|
Page: options.Page,
|
|
PageSize: options.PageSize,
|
|
TargetKeyword: firstQuery(c, "target_keyword", "targetKeyword", "keyword"),
|
|
TargetFilter: shared.UserIdentityFilterFromQuery(c, "target"),
|
|
OperatorKeyword: firstQuery(c, "operator_keyword", "operatorKeyword"),
|
|
OperatorFilter: shared.UserIdentityFilterFromQuery(c, "operator"),
|
|
OperatorAdminKeyword: firstQuery(c, "operator_admin_keyword", "operatorAdminKeyword"),
|
|
StartMs: queryInt64(c, "start_ms", "startMs"),
|
|
EndMs: queryInt64(c, "end_ms", "endMs"),
|
|
})
|
|
}
|
|
|
|
func firstQuery(c *gin.Context, names ...string) string {
|
|
for _, name := range names {
|
|
if value := strings.TrimSpace(c.Query(name)); value != "" {
|
|
return value
|
|
}
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func queryInt64(c *gin.Context, names ...string) int64 {
|
|
value := firstQuery(c, names...)
|
|
if value == "" {
|
|
return 0
|
|
}
|
|
parsed, err := strconv.ParseInt(value, 10, 64)
|
|
if err != nil || parsed < 0 {
|
|
return 0
|
|
}
|
|
return parsed
|
|
}
|
|
|
|
func queryOptionalInt64(c *gin.Context, names ...string) (int64, bool) {
|
|
value := firstQuery(c, names...)
|
|
if value == "" {
|
|
return 0, false
|
|
}
|
|
parsed, err := strconv.ParseInt(value, 10, 64)
|
|
if err != nil || parsed < 0 {
|
|
return 0, false
|
|
}
|
|
return parsed, true
|
|
}
|
|
|
|
func parseInt64ID(c *gin.Context, name string) (int64, bool) {
|
|
raw := strings.TrimSpace(c.Param(name))
|
|
id, err := strconv.ParseInt(raw, 10, 64)
|
|
if err != nil || id <= 0 {
|
|
response.BadRequest(c, "ID 参数不正确")
|
|
return 0, false
|
|
}
|
|
return id, true
|
|
}
|
|
|
|
func writeReadError(c *gin.Context, err error, fallback string) {
|
|
if errors.Is(err, ErrNotFound) {
|
|
response.NotFound(c, "App 用户不存在")
|
|
return
|
|
}
|
|
response.ServerError(c, fallback)
|
|
}
|
|
|
|
func writeMutationError(c *gin.Context, err error, fallback string) {
|
|
if errors.Is(err, ErrNotFound) {
|
|
response.NotFound(c, "App 用户不存在")
|
|
return
|
|
}
|
|
if errors.Is(err, ErrInvalidArgument) {
|
|
response.BadRequest(c, err.Error())
|
|
return
|
|
}
|
|
if grpcStatus, ok := status.FromError(err); ok {
|
|
message := strings.TrimSpace(grpcStatus.Message())
|
|
if message == "" {
|
|
message = fallback
|
|
}
|
|
switch grpcStatus.Code() {
|
|
case codes.InvalidArgument, codes.AlreadyExists, codes.FailedPrecondition, codes.Aborted:
|
|
// 等级目标不高于真实等级、规则缺失或仍有其他封禁都属于可修正的业务拒绝,不能伪装成 500。
|
|
response.BadRequest(c, message)
|
|
case codes.NotFound:
|
|
response.NotFound(c, message)
|
|
default:
|
|
response.ServerError(c, fallback)
|
|
}
|
|
return
|
|
}
|
|
response.ServerError(c, fallback)
|
|
}
|
|
|
|
func writeAppUserAuditLog(c *gin.Context, logger shared.OperationLogger, action string, resource string, resourceID int64, status string, detail string) {
|
|
shared.OperationLogWithResourceID(c, logger, action, resource, fmt.Sprintf("%d", resourceID), status, detail)
|
|
}
|