package transport import ( "time" "github.com/gin-gonic/gin" "github.com/jackc/pgx/v5/pgxpool" "go.uber.org/zap" "github.com/geo-platform/tenant-api/internal/ops/app" sharedconfig "github.com/geo-platform/tenant-api/internal/shared/config" "github.com/geo-platform/tenant-api/internal/shared/middleware" "github.com/geo-platform/tenant-api/internal/shared/response" "github.com/geo-platform/tenant-api/internal/shared/swagger" tenantrepo "github.com/geo-platform/tenant-api/internal/tenant/repository" ) type Deps struct { Engine *gin.Engine Server sharedconfig.ServerConfig Logger *zap.Logger DB *pgxpool.Pool MonitoringDB *pgxpool.Pool Issuer *app.TokenIssuer Auth *app.AuthService Accounts *app.AccountService AdminUsers *app.AdminUserService Jobs *app.JobService KolSubs *app.KolSubscriptionService Audits *app.AuditService SiteDomains *app.SiteDomainMappingService Releases *app.DesktopClientReleaseService ObjectStorage *app.ObjectStorageService BugReports *app.DesktopBugReportService Compliance *app.ComplianceService Scheduler *app.SchedulerService MediaSupply *app.MediaSupplyService } func (d Deps) ServerAllowedOrigins() []string { return d.Server.AllowedOrigins } func (d Deps) ServerSecurityHeadersEnabled() bool { return d.Server.SecurityHeaders.Enabled } func RegisterRoutes(d Deps) { d.Engine.Use( middleware.Recovery(d.Logger), middleware.RequestID(), middleware.Logger(d.Logger), ) if d.ServerSecurityHeadersEnabled() { d.Engine.Use(middleware.SecurityHeaders()) } d.Engine.Use(middleware.CORSWithConfig(middleware.CORSConfig{ AllowedOrigins: d.ServerAllowedOrigins(), AllowAll: len(d.ServerAllowedOrigins()) == 0, })) d.Engine.GET("/api/health/live", func(c *gin.Context) { response.Success(c, gin.H{"status": "alive"}) }) d.Engine.GET("/api/health/ready", func(c *gin.Context) { if err := d.DB.Ping(c.Request.Context()); err != nil { response.Error(c, response.ErrServiceUnavailable(50301, "postgres_unavailable", "数据库不可达")) return } if d.MonitoringDB != nil { if err := d.MonitoringDB.Ping(c.Request.Context()); err != nil { response.Error(c, response.ErrServiceUnavailable(50303, "monitoring_postgres_unavailable", "监控数据库不可达")) return } } response.Success(c, gin.H{"status": "ready"}) }) d.Engine.GET("/api/desktop/releases/latest", checkDesktopClientReleaseHandler(d.Releases)) d.Engine.GET("/api/desktop/releases/download-url", resolveLatestDesktopClientReleaseDownloadURLHandler(d.Releases)) d.Engine.GET("/api/desktop/releases/updater/:platform/:arch/:channel/:version/:feed", desktopClientReleaseUpdaterFeedHandler(d.Releases)) d.Engine.GET("/api/desktop/releases/updater/:platform/:arch/:channel/:version", desktopClientReleaseUpdaterFeedHandler(d.Releases)) publicBugReportRateLimit := middleware.RateLimitByClientIP(10, time.Minute, 42961, "desktop_bug_report_rate_limited", "客户端 Bug 上报过于频繁,请稍后再试") d.Engine.POST("/api/desktop/bug-reports", publicBugReportRateLimit, uploadDesktopBugReportHandler(d.BugReports)) desktopAuthed := d.Engine.Group("/api/desktop") desktopAuthed.Use(desktopBugReportClientMiddleware(tenantrepo.NewDesktopClientRepository(d.DB))) desktopAuthed.POST("/clients/bug-reports", uploadDesktopBugReportForClientHandler(d.BugReports)) api := d.Engine.Group("/api/ops") { api.GET("/auth/password-key", passwordPublicKeyHandler(d.Auth)) api.POST("/auth/login", loginHandler(d.Auth)) } authed := api.Group("") authed.Use(authMiddleware(d.Issuer)) { authed.GET("/auth/me", meHandler(d.Accounts)) authed.POST("/auth/password", changeOwnPasswordHandler(d.Accounts)) authed.GET("/accounts", listAccountsHandler(d.Accounts)) authed.POST("/accounts", createAccountHandler(d.Accounts)) authed.GET("/accounts/:id", getAccountHandler(d.Accounts)) authed.PATCH("/accounts/:id", updateAccountProfileHandler(d.Accounts)) authed.POST("/accounts/:id/status", setAccountStatusHandler(d.Accounts)) authed.POST("/accounts/:id/password", resetAccountPasswordHandler(d.Accounts)) authed.GET("/plans", listPlansHandler(d.AdminUsers)) authed.GET("/roles", listRolesHandler(d.AdminUsers)) authed.GET("/admin-users", listAdminUsersHandler(d.AdminUsers)) authed.POST("/admin-users", createAdminUserHandler(d.AdminUsers)) authed.GET("/admin-users/:id", getAdminUserHandler(d.AdminUsers)) authed.PATCH("/admin-users/:id", updateAdminUserHandler(d.AdminUsers)) authed.POST("/admin-users/:id/plan", changeAdminUserPlanHandler(d.AdminUsers)) authed.POST("/admin-users/:id/subscription-expiry", updateAdminUserSubscriptionExpiryHandler(d.AdminUsers)) authed.POST("/admin-users/:id/reset-plan-usage", resetAdminUserPlanUsageHandler(d.AdminUsers)) authed.POST("/admin-users/:id/role", changeAdminUserRoleHandler(d.AdminUsers)) authed.POST("/admin-users/:id/kol", setAdminUserKOLHandler(d.AdminUsers)) authed.POST("/admin-users/:id/status", setAdminUserStatusHandler(d.AdminUsers)) authed.POST("/admin-users/:id/password", resetAdminUserPasswordHandler(d.AdminUsers)) authed.POST("/admin-users/:id/reset-login-lock", resetAdminUserLoginLockHandler(d.AdminUsers)) authed.GET("/kol/packages", listKolSubscriptionPackagesHandler(d.KolSubs)) authed.GET("/kol/subscriptions", listKolSubscriptionsHandler(d.KolSubs)) authed.POST("/kol/subscriptions/manual-bind", manualBindKolSubscriptionHandler(d.KolSubs)) authed.POST("/kol/subscriptions/:id/approve", approveKolSubscriptionHandler(d.KolSubs)) authed.POST("/kol/subscriptions/:id/revoke", revokeKolSubscriptionHandler(d.KolSubs)) authed.GET("/audits", listAuditsHandler(d.Audits)) authed.GET("/jobs", listJobsHandler(d.Jobs)) authed.GET("/jobs/:source/:id", getJobHandler(d.Jobs)) authed.POST("/jobs/:source/:id/retry", retryJobHandler(d.Jobs)) authed.POST("/jobs/:source/:id/cancel", cancelJobHandler(d.Jobs)) authed.GET("/media-supply/resources", listMediaSupplyResourcesHandler(d.MediaSupply)) authed.PUT("/media-supply/resources/:id/price", setMediaSupplyResourcePriceHandler(d.MediaSupply)) authed.PUT("/media-supply/resources/:id/visibility", setMediaSupplyResourceVisibilityHandler(d.MediaSupply)) authed.POST("/media-supply/sync-jobs", queueMediaSupplySyncHandler(d.MediaSupply)) authed.GET("/media-supply/wallets", listMediaSupplyWalletsHandler(d.MediaSupply)) authed.POST("/media-supply/wallets/adjustments", adjustMediaSupplyWalletHandler(d.MediaSupply)) authed.GET("/scheduler/jobs", listSchedulerJobsHandler(d.Scheduler)) authed.GET("/scheduler/jobs/:key", getSchedulerJobHandler(d.Scheduler)) authed.PATCH("/scheduler/jobs/:key", updateSchedulerJobHandler(d.Scheduler)) authed.POST("/scheduler/jobs/:key/enable", enableSchedulerJobHandler(d.Scheduler, true)) authed.POST("/scheduler/jobs/:key/disable", enableSchedulerJobHandler(d.Scheduler, false)) authed.POST("/scheduler/jobs/:key/run", triggerSchedulerJobHandler(d.Scheduler, "manual")) authed.POST("/scheduler/jobs/:key/dry-run", triggerSchedulerJobHandler(d.Scheduler, "dry_run")) authed.GET("/scheduler/jobs/:key/runs", listSchedulerRunsHandler(d.Scheduler)) authed.GET("/scheduler/instances", listSchedulerInstancesHandler(d.Scheduler)) authed.GET("/site-domain-mappings", listSiteDomainMappingsHandler(d.SiteDomains)) authed.GET("/site-domain-mappings/export", exportSiteDomainMappingsHandler(d.SiteDomains)) authed.POST("/site-domain-mappings/import", importSiteDomainMappingsHandler(d.SiteDomains)) authed.POST("/site-domain-mappings", createSiteDomainMappingHandler(d.SiteDomains)) authed.PATCH("/site-domain-mappings/:id", updateSiteDomainMappingHandler(d.SiteDomains)) authed.POST("/site-domain-mappings/:id/active", setSiteDomainMappingActiveHandler(d.SiteDomains)) authed.DELETE("/site-domain-mappings/:id", deleteSiteDomainMappingHandler(d.SiteDomains)) authed.GET("/object-storage/objects", listObjectStorageObjectsHandler(d.ObjectStorage)) authed.GET("/object-storage/usage", getObjectStorageUsageHandler(d.ObjectStorage)) authed.GET("/object-storage/objects/detail", getObjectStorageObjectHandler(d.ObjectStorage)) authed.GET("/object-storage/objects/url", resolveObjectStorageObjectURLHandler(d.ObjectStorage)) authed.GET("/object-storage/objects/download-url", resolveObjectStorageObjectDownloadURLHandler(d.ObjectStorage)) authed.GET("/object-storage/objects/download", downloadObjectStorageObjectHandler(d.ObjectStorage)) authed.POST("/object-storage/objects/upload", uploadObjectStorageObjectHandler(d.ObjectStorage)) authed.POST("/object-storage/objects/move", moveObjectStorageObjectHandler(d.ObjectStorage)) authed.DELETE("/object-storage/objects", deleteObjectStorageObjectHandler(d.ObjectStorage)) authed.POST("/object-storage/folders", createObjectStorageFolderHandler(d.ObjectStorage)) authed.DELETE("/object-storage/folders", deleteObjectStorageFolderHandler(d.ObjectStorage)) authed.GET("/desktop-client/releases", listDesktopClientReleasesHandler(d.Releases)) authed.POST("/desktop-client/releases/upload", uploadDesktopClientReleaseHandler(d.Releases)) authed.POST("/desktop-client/release-uploads", initiateDesktopClientReleaseUploadHandler(d.Releases)) authed.POST("/desktop-client/release-uploads/:upload_id/chunks/:chunk_index", uploadDesktopClientReleaseChunkHandler(d.Releases)) authed.POST("/desktop-client/release-uploads/:upload_id/complete", completeDesktopClientReleaseUploadHandler(d.Releases)) authed.DELETE("/desktop-client/release-uploads/:upload_id", abortDesktopClientReleaseUploadHandler(d.Releases)) authed.POST("/desktop-client/releases", createDesktopClientReleaseHandler(d.Releases)) authed.PATCH("/desktop-client/releases/:id", updateDesktopClientReleaseHandler(d.Releases)) authed.GET("/desktop-client/releases/:id/download-url", resolveDesktopClientReleaseDownloadURLHandler(d.Releases)) authed.POST("/desktop-client/releases/:id/enabled", setDesktopClientReleaseEnabledHandler(d.Releases)) authed.DELETE("/desktop-client/releases/:id", deleteDesktopClientReleaseHandler(d.Releases)) authed.GET("/desktop-client/bug-reports", listDesktopBugReportsHandler(d.BugReports)) authed.GET("/desktop-client/bug-reports/:id", getDesktopBugReportHandler(d.BugReports)) authed.PATCH("/desktop-client/bug-reports/:id", updateDesktopBugReportHandler(d.BugReports)) authed.GET("/desktop-client/bug-reports/:id/dump-url", resolveDesktopBugReportDumpURLHandler(d.BugReports)) compliance := authed.Group("/compliance") compliance.GET("/dictionaries", listComplianceDictionariesHandler(d.Compliance)) compliance.POST("/dictionaries", createComplianceDictionaryHandler(d.Compliance)) compliance.PUT("/dictionaries/:id", updateComplianceDictionaryHandler(d.Compliance)) compliance.DELETE("/dictionaries/:id", deleteComplianceDictionaryHandler(d.Compliance)) compliance.GET("/dictionaries/:id/terms", listComplianceTermsHandler(d.Compliance)) compliance.POST("/dictionaries/:id/terms", createComplianceTermHandler(d.Compliance)) compliance.POST("/dictionaries/:id/terms:batch-import", batchImportComplianceTermsHandler(d.Compliance)) compliance.DELETE("/dictionaries/:id/terms/:term_id", deleteComplianceTermHandler(d.Compliance)) compliance.POST("/dictionaries/:id/publish", publishComplianceDictionaryHandler(d.Compliance)) compliance.POST("/dictionaries/:id/rollback", rollbackComplianceDictionaryHandler(d.Compliance)) compliance.GET("/policy/global", getGlobalCompliancePolicyHandler(d.Compliance)) compliance.PUT("/policy/global", updateGlobalCompliancePolicyHandler(d.Compliance)) compliance.POST("/policy/global/master-switch", setGlobalComplianceMasterSwitchHandler(d.Compliance)) compliance.GET("/manual-reviews", listComplianceManualReviewsHandler(d.Compliance)) compliance.GET("/manual-reviews/:id", getComplianceManualReviewHandler(d.Compliance)) compliance.POST("/manual-reviews/:id/approve", approveComplianceManualReviewHandler(d.Compliance)) compliance.POST("/manual-reviews/:id/reject", rejectComplianceManualReviewHandler(d.Compliance)) compliance.GET("/stats", complianceStatsHandler(d.Compliance)) compliance.GET("/records", listComplianceRecordsHandler(d.Compliance)) } if swagger.EnabledForMode(d.Server.Mode) { swagger.Register(d.Engine, swagger.Config{ Title: "省心推 Ops API", Version: "dev", }) } }