tyapi-server/internal/domains/api/entities/query_whitelist_entry.go

package entities

import (
	"database/sql/driver"
	"encoding/json"
	"errors"
	"time"

	"github.com/google/uuid"
	"gorm.io/gorm"
)

const (
	QueryWhitelistGlobalUserID   = "*" // 全局规则：对所有用户生效
	QueryWhitelistWildcardName     = "*" // 仅匹配身份证，不校验姓名（兼容历史硬编码）
	QueryWhitelistStatusEnabled    = "enabled"
	QueryWhitelistStatusDisabled   = "disabled"
	QueryWhitelistTableName        = "query_whitelist_entries"
)

// APICodeList 生效的 API 编码列表，["*"] 表示全部「身份证必填」类接口
type APICodeList []string

func (a APICodeList) Value() (driver.Value, error) {
	if a == nil {
		return "[]", nil
	}
	data, err := json.Marshal(a)
	if err != nil {
		return nil, err
	}
	return string(data), nil
}

func (a *APICodeList) Scan(value interface{}) error {
	if value == nil {
		*a = APICodeList{}
		return nil
	}
	var bytes []byte
	switch v := value.(type) {
	case []byte:
		bytes = v
	case string:
		bytes = []byte(v)
	default:
		return errors.New("无法扫描 APICodeList 类型")
	}
	if len(bytes) == 0 || string(bytes) == "null" {
		*a = APICodeList{}
		return nil
	}
	return json.Unmarshal(bytes, a)
}

// QueryWhitelistEntry 查询白名单：命中后返回「查询为空」，不调用上游
type QueryWhitelistEntry struct {
	ID           string         `gorm:"type:varchar(36);primaryKey" json:"id"`
	UserID       string         `gorm:"type:varchar(36);not null;index:idx_qwl_user_id_card_hash,priority:1" json:"user_id"`
	Name         string         `gorm:"type:varchar(100);not null" json:"name"`
	IDCardHash   string         `gorm:"type:varchar(64);not null;index:idx_qwl_user_id_card_hash,priority:2" json:"-"`
	IDCardMasked string         `gorm:"type:varchar(32);not null" json:"id_card_masked"`
	APICodes     APICodeList    `gorm:"type:json;not null" json:"api_codes"`
	Status       string         `gorm:"type:varchar(20);not null;default:'enabled'" json:"status"`
	Remark       string         `gorm:"type:varchar(500)" json:"remark"`
	CreatedBy    *string        `gorm:"type:varchar(36)" json:"created_by,omitempty"`
	UpdatedBy    *string        `gorm:"type:varchar(36)" json:"updated_by,omitempty"`
	CreatedAt    time.Time      `json:"created_at"`
	UpdatedAt    time.Time      `json:"updated_at"`
	DeletedAt    gorm.DeletedAt `gorm:"index" json:"-"`
}

func (QueryWhitelistEntry) TableName() string {
	return QueryWhitelistTableName
}

func (e *QueryWhitelistEntry) BeforeCreate(tx *gorm.DB) error {
	if e.ID == "" {
		e.ID = uuid.New().String()
	}
	if e.Status == "" {
		e.Status = QueryWhitelistStatusEnabled
	}
	if e.APICodes == nil {
		e.APICodes = APICodeList{"*"}
	}
	return nil
}

func (e *QueryWhitelistEntry) IsGlobal() bool {
	return e.UserID == QueryWhitelistGlobalUserID
}

func (e *QueryWhitelistEntry) IsEnabled() bool {
	return e.Status == QueryWhitelistStatusEnabled
}

func (e *QueryWhitelistEntry) MatchesAPICode(apiCode string) bool {
	for _, code := range e.APICodes {
		if code == "*" || code == apiCode {
			return true
		}
	}
	return false
}

func (e *QueryWhitelistEntry) MatchesName(name string) bool {
	if e.Name == QueryWhitelistWildcardName {
		return true
	}
	return e.Name == name
}