ManageUser Only admin user can do this
(c *gin.Context)
| 672 | |
| 673 | // ManageUser Only admin user can do this |
| 674 | func ManageUser(c *gin.Context) { |
| 675 | var req ManageRequest |
| 676 | err := json.NewDecoder(c.Request.Body).Decode(&req) |
| 677 | |
| 678 | if err != nil { |
| 679 | c.JSON(http.StatusOK, gin.H{ |
| 680 | "success": false, |
| 681 | "message": "无效的参数", |
| 682 | }) |
| 683 | return |
| 684 | } |
| 685 | user := model.User{ |
| 686 | Id: req.Id, |
| 687 | } |
| 688 | // Fill attributes |
| 689 | model.DB.Unscoped().Where(&user).First(&user) |
| 690 | if user.Id == 0 { |
| 691 | c.JSON(http.StatusOK, gin.H{ |
| 692 | "success": false, |
| 693 | "message": "用户不存在", |
| 694 | }) |
| 695 | return |
| 696 | } |
| 697 | myRole := c.GetInt("role") |
| 698 | if myRole <= user.Role && myRole != common.RoleRootUser { |
| 699 | c.JSON(http.StatusOK, gin.H{ |
| 700 | "success": false, |
| 701 | "message": "无权更新同权限等级或更高权限等级的用户信息", |
| 702 | }) |
| 703 | return |
| 704 | } |
| 705 | switch req.Action { |
| 706 | case "disable": |
| 707 | user.Status = common.UserStatusDisabled |
| 708 | if user.Role == common.RoleRootUser { |
| 709 | c.JSON(http.StatusOK, gin.H{ |
| 710 | "success": false, |
| 711 | "message": "无法禁用超级管理员用户", |
| 712 | }) |
| 713 | return |
| 714 | } |
| 715 | case "enable": |
| 716 | user.Status = common.UserStatusEnabled |
| 717 | case "delete": |
| 718 | if user.Role == common.RoleRootUser { |
| 719 | c.JSON(http.StatusOK, gin.H{ |
| 720 | "success": false, |
| 721 | "message": "无法删除超级管理员用户", |
| 722 | }) |
| 723 | return |
| 724 | } |
| 725 | if err := user.Delete(); err != nil { |
| 726 | c.JSON(http.StatusOK, gin.H{ |
| 727 | "success": false, |
| 728 | "message": err.Error(), |
| 729 | }) |
| 730 | return |
| 731 | } |