Files
geo/server/internal/ops/transport/router.go
T
root 7be0de0614 feat(ops): add tenant admin user management module
Adds /admin-users CRUD on the ops backend, covering listing, plan/role/KOL
toggles, subscription expiry, status flips and password resets, with a
configurable default plan code. The ops console exposes a new top-level
"用户管理" view and reorganises the sidebar so 操作员管理 and 审计日志
move under a "系统设置" group; AccountsView is renamed accordingly.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-29 00:02:46 +08:00

79 lines
2.8 KiB
Go

package transport
import (
"github.com/gin-gonic/gin"
"github.com/jackc/pgx/v5/pgxpool"
"go.uber.org/zap"
"github.com/geo-platform/tenant-api/internal/ops/app"
"github.com/geo-platform/tenant-api/internal/shared/middleware"
"github.com/geo-platform/tenant-api/internal/shared/response"
)
type Deps struct {
Engine *gin.Engine
Logger *zap.Logger
DB *pgxpool.Pool
Issuer *app.TokenIssuer
Auth *app.AuthService
Accounts *app.AccountService
AdminUsers *app.AdminUserService
Audits *app.AuditService
}
func RegisterRoutes(d Deps) {
d.Engine.Use(
middleware.Recovery(d.Logger),
middleware.RequestID(),
middleware.Logger(d.Logger),
middleware.CORS(),
)
d.Engine.GET("/api/health/live", func(c *gin.Context) {
response.Success(c, gin.H{"status": "alive"})
})
d.Engine.GET("/api/health/ready", func(c *gin.Context) {
if err := d.DB.Ping(c.Request.Context()); err != nil {
response.Error(c, response.ErrServiceUnavailable(50301, "postgres_unavailable", "数据库不可达"))
return
}
response.Success(c, gin.H{"status": "ready"})
})
api := d.Engine.Group("/api/ops")
{
api.POST("/auth/login", loginHandler(d.Auth))
}
authed := api.Group("")
authed.Use(authMiddleware(d.Issuer))
{
authed.GET("/auth/me", meHandler(d.Accounts))
authed.POST("/auth/password", changeOwnPasswordHandler(d.Accounts))
authed.GET("/accounts", listAccountsHandler(d.Accounts))
authed.POST("/accounts", createAccountHandler(d.Accounts))
authed.GET("/accounts/:id", getAccountHandler(d.Accounts))
authed.PATCH("/accounts/:id", updateAccountProfileHandler(d.Accounts))
authed.POST("/accounts/:id/status", setAccountStatusHandler(d.Accounts))
authed.POST("/accounts/:id/password", resetAccountPasswordHandler(d.Accounts))
authed.GET("/plans", listPlansHandler(d.AdminUsers))
authed.GET("/roles", listRolesHandler(d.AdminUsers))
authed.GET("/admin-users", listAdminUsersHandler(d.AdminUsers))
authed.POST("/admin-users", createAdminUserHandler(d.AdminUsers))
authed.GET("/admin-users/:id", getAdminUserHandler(d.AdminUsers))
authed.PATCH("/admin-users/:id", updateAdminUserHandler(d.AdminUsers))
authed.POST("/admin-users/:id/plan", changeAdminUserPlanHandler(d.AdminUsers))
authed.POST("/admin-users/:id/subscription-expiry", updateAdminUserSubscriptionExpiryHandler(d.AdminUsers))
authed.POST("/admin-users/:id/reset-plan-usage", resetAdminUserPlanUsageHandler(d.AdminUsers))
authed.POST("/admin-users/:id/role", changeAdminUserRoleHandler(d.AdminUsers))
authed.POST("/admin-users/:id/kol", setAdminUserKOLHandler(d.AdminUsers))
authed.POST("/admin-users/:id/status", setAdminUserStatusHandler(d.AdminUsers))
authed.POST("/admin-users/:id/password", resetAdminUserPasswordHandler(d.AdminUsers))
authed.GET("/audits", listAuditsHandler(d.Audits))
}
}