修改bug

convenient/data_containers/auth/permission_group_and_permission.yaml

@@ -1,16 +1,16 @@
 kind: DataContainer
 spec:
-	namespace: # 替换
-	data_source: # 替换
-	name: # 替换.permission_group_and_permission
-	spec:
-		table_name: # 替换.permission_group_and_permission
-		columns:
-			- name: permission_group_id
-			  type: "varchar(32)"
-			  comment: 权限组ID
-			  primary_key: true
-			- name: permission_id
-			  type: "varchar(32)"
-			  comment: 权限ID
-			  primary_key: true
+  namespace: # 替换
+  data_source: # 替换
+  name: # 替换.permission_group_and_permission
+  spec:
+    table_name: # 替换.permission_group_and_permission
+    columns:
+      - name: permission_group_id
+        type: "varchar(32)"
+        comment: 权限组ID
+        primary_key: true
+      - name: permission_id
+        type: "varchar(32)"
+        comment: 权限ID
+        primary_key: true

convenient/data_containers/auth/role_and_permission.yaml

@@ -1,16 +1,16 @@
 kind: DataContainer
 spec:
-	namespace: # 替换
-	data_source: # 替换
-	name: # 替换.role_and_permission
-	spec:
-		table_name: # 替换.role_and_permission
-		columns:
-			- name: role_id
-			  type: "varchar(32)"
-			  comment: 角色ID
-			  primary_key: true
-			- name: permission_id
-			  type: "varchar(32)"
-			  comment: 权限ID
-			  primary_key: true
+  namespace: # 替换
+  data_source: # 替换
+  name: # 替换.role_and_permission
+  spec:
+    table_name: # 替换.role_and_permission
+    columns:
+      - name: role_id
+        type: "varchar(32)"
+        comment: 角色ID
+        primary_key: true
+      - name: permission_id
+        type: "varchar(32)"
+        comment: 权限ID
+        primary_key: true

convenient/data_containers/auth/user_and_role.yaml

@@ -1,16 +1,16 @@
 kind: DataContainer
 spec:
-	namespace: # 替换
-	data_source: # 替换
-	name: # 替换.user_and_role
-	spec:
-		table_name: # 替换.user_and_role
-		columns:
-			- name: user_id
-			  type: "varchar(32)"
-			  comment: 用户ID
-			  primary_key: true
-			- name: role_id
-			  type: "varchar(32)"
-			  comment: 角色ID
-			  primary_key: true
+  namespace: # 替换
+  data_source: # 替换
+  name: # 替换.user_and_role
+  spec:
+    table_name: # 替换.user_and_role
+    columns:
+      - name: user_id
+        type: "varchar(32)"
+        comment: 用户ID
+        primary_key: true
+      - name: role_id
+        type: "varchar(32)"
+        comment: 角色ID
+        primary_key: true

convenient/domain/auth/auth.go

@@ -11,13 +11,17 @@ import (
 	"git.sxidc.com/go-framework/baize/framework/core/api"
 	"git.sxidc.com/go-framework/baize/framework/core/api/request"
 	"git.sxidc.com/go-framework/baize/framework/core/api/response"
+	"git.sxidc.com/go-framework/baize/framework/core/application"
 	"git.sxidc.com/go-framework/baize/framework/core/domain"
 	"git.sxidc.com/go-framework/baize/framework/core/domain/entity"
 	"git.sxidc.com/go-framework/baize/framework/core/infrastructure"
 	"git.sxidc.com/go-framework/baize/framework/core/infrastructure/database"
 	"git.sxidc.com/go-framework/baize/framework/core/infrastructure/database/sql"
 	"git.sxidc.com/go-tools/utils/encoding"
+	"git.sxidc.com/go-tools/utils/strutils"
 	"github.com/pkg/errors"
+	"net/http"
+	"time"
 )
 
 // Simple Bind参数
@@ -36,6 +40,167 @@ type Simple struct {
 
 	// 鉴权中间件
 	AuthMiddleware binding.Middleware
+
+	// 管理员用户密码
+	AdminUserPassword string
+}
+
+const (
+	adminUserName = "admin"
+	adminRoleName = "管理员"
+)
+
+var permissionGroups = map[string][][]string{
+	"权限管理": {
+		{"创建权限", "/permission/create", http.MethodPost},
+		{"删除权限", "/permission/delete", http.MethodDelete},
+		{"修改权限", "/permission/update", http.MethodPut},
+		{"查询权限", "/permission/query", http.MethodGet},
+		{"根据ID获取权限", "/permission/get", http.MethodGet},
+		{"更新权限的权限组", "/permission/permissionGroup/update", http.MethodPost},
+		{"查询权限的权限组", "/permission/permissionGroup/query", http.MethodGet},
+	},
+	"权限组管理": {
+		{"创建权限组", "/permissionGroup/create", http.MethodPost},
+		{"删除权限组", "/permissionGroup/delete", http.MethodDelete},
+		{"修改权限组", "/permissionGroup/update", http.MethodPut},
+		{"查询权限组", "/permissionGroup/query", http.MethodGet},
+		{"根据ID获取权限组", "/permissionGroup/get", http.MethodGet},
+		{"更新权限组的权限", "/permissionGroup/permission/update", http.MethodPost},
+		{"查询权限组的权限", "/permissionGroup/permission/query", http.MethodGet},
+		{"更新权限的角色", "/permission/role/update", http.MethodPost},
+		{"查询权限的角色", "/permission/role/query", http.MethodGet},
+	},
+	"角色管理": {
+		{"创建角色", "/role/create", http.MethodPost},
+		{"删除角色", "/role/delete", http.MethodDelete},
+		{"修改角色", "/role/update", http.MethodPut},
+		{"查询角色", "/role/query", http.MethodGet},
+		{"根据ID获取角色", "/role/get", http.MethodGet},
+		{"更新角色的权限", "/role/permission/update", http.MethodPost},
+		{"查询角色的权限", "/role/permission/query", http.MethodGet},
+		{"更新角色的用户", "/role/user/update", http.MethodPost},
+		{"查询角色的用户", "/role/user/query", http.MethodGet},
+	},
+	"用户管理": {
+		{"创建用户", "/user/create", http.MethodPost},
+		{"删除用户", "/user/delete", http.MethodDelete},
+		{"修改用户", "/user/update", http.MethodPut},
+		{"查询用户", "/user/query", http.MethodGet},
+		{"根据ID获取用户", "/user/get", http.MethodGet},
+		{"更新用户的角色", "/user/role/update", http.MethodPost},
+		{"查询用户的角色", "/user/role/query", http.MethodGet},
+	},
+	"Token管理": {
+		{"注销", "/logout", http.MethodPost},
+		{"Challenge", "/challenge", http.MethodPost},
+	},
+}
+
+func (simple *Simple) init(i *infrastructure.Infrastructure) {
+	dbExecutor := i.DBExecutor()
+
+	adminUserExist, err := database.CheckExist(dbExecutor, &sql.CheckExistExecuteParams{
+		TableName:  domain.TableName(simple.Schema, &user.Entity{}),
+		Conditions: sql.NewConditions().Equal(user.ColumnUserName, adminUserName),
+	})
+	if err != nil {
+		panic(err)
+	}
+
+	if adminUserExist {
+		return
+	}
+
+	adminUserID := strutils.SimpleUUID()
+	adminRoleID := strutils.SimpleUUID()
+
+	permissionGroupEntities := make([]any, 0)
+	permissionEntities := make([]any, 0)
+	permissionGroupIDs := make([]string, 0)
+	permissionIDs := make([]string, 0)
+
+	for permissionGroupName, permissions := range permissionGroups {
+		permissionInGroupIDs := make([]string, 0)
+
+		for _, perm := range permissions {
+			permissionID := strutils.SimpleUUID()
+			permissionInGroupIDs = append(permissionInGroupIDs, permissionID)
+			permissionEntities = append(permissionEntities, permission.Entity{
+				Base:         entity.Base{ID: permissionID},
+				Name:         perm[0],
+				Description:  perm[0],
+				Resource:     perm[1],
+				Action:       perm[2],
+				UserIDFields: entity.UserIDFields{CreateUserID: adminUserID},
+			})
+		}
+
+		permissionIDs = append(permissionIDs, permissionInGroupIDs...)
+
+		permissionGroupID := strutils.SimpleUUID()
+		permissionGroupIDs = append(permissionGroupIDs, permissionGroupID)
+		permissionGroupEntities = append(permissionGroupEntities, permission_group.Entity{
+			Base:          entity.Base{ID: permissionGroupID},
+			Name:          permissionGroupName,
+			Description:   permissionGroupName,
+			PermissionIDs: permissionInGroupIDs,
+			UserIDFields:  entity.UserIDFields{CreateUserID: adminUserID},
+		})
+	}
+
+	encryptedAdminUserPassword, err := encoding.AESEncrypt(simple.AdminUserPassword, simple.AESKey)
+	if err != nil {
+		panic(err)
+	}
+
+	adminUserEntity := &user.Entity{
+		Base:     entity.Base{ID: adminUserID},
+		UserName: adminUserName,
+		Password: encryptedAdminUserPassword,
+		Name:     adminUserName,
+		RoleIDs:  []string{adminRoleID},
+	}
+
+	adminRoleEntity := &role.Entity{
+		Base:          entity.Base{ID: adminRoleID},
+		Name:          adminRoleName,
+		Description:   adminRoleName,
+		UserIDs:       []string{adminUserID},
+		PermissionIDs: permissionIDs,
+		UserIDFields:  entity.UserIDFields{CreateUserID: adminUserID},
+	}
+
+	err = database.Transaction(dbExecutor, func(tx database.Executor) error {
+		// 创建权限
+		err := database.InsertEntityBatch(tx, domain.TableName(simple.Schema, &permission.Entity{}), permissionEntities)
+		if err != nil {
+			return err
+		}
+
+		// 创建权限组
+		err = database.InsertEntityBatch(tx, domain.TableName(simple.Schema, &permission_group.Entity{}), permissionEntities)
+		if err != nil {
+			return err
+		}
+
+		// 创建管理员角色
+		err = database.InsertEntity(tx, domain.TableName(simple.Schema, &role.Entity{}), adminRoleEntity)
+		if err != nil {
+			return err
+		}
+
+		// 创建管理员用户
+		err = database.InsertEntity(tx, domain.TableName(simple.Schema, &user.Entity{}), adminUserEntity)
+		if err != nil {
+			return err
+		}
+
+		return nil
+	})
+	if err != nil {
+		panic(err)
+	}
 }
 
 func (simple *Simple) bind(binder *binding.Binder) {
@@ -95,8 +260,9 @@ func (simple *Simple) bind(binder *binding.Binder) {
 			}
 
 			err = database.Update(dbExecutor, &sql.UpdateExecuteParams{
-				TableName:  userTableName,
-				TableRow:   sql.NewTableRow().Add(user.ColumnToken, token),
+				TableName: userTableName,
+				TableRow: sql.NewTableRow().Add(user.ColumnToken, token).
+					Add(user.FieldLastLoginTime, time.Now()),
 				Conditions: sql.NewConditions().Equal(entity.ColumnID, existUser.ID),
 			})
 			if err != nil {
@@ -203,6 +369,9 @@ func (simple *Simple) bind(binder *binding.Binder) {
 	}, simple.AuthMiddleware)
 }
 
-func BindAuth(binder *binding.Binder, simple *Simple) {
+func BindAuth(app *application.App, simple *Simple) {
+	binder := binding.NewBinder(app.ChooseRouter(api.RouterPrefix, ""), app.Infrastructure())
+
+	simple.init(app.Infrastructure())
 	simple.bind(binder)
 }