diff --git a/app/main/api/desc/admin/admin_query_whitelist.api b/app/main/api/desc/admin/admin_query_whitelist.api new file mode 100644 index 0000000..73c710d --- /dev/null +++ b/app/main/api/desc/admin/admin_query_whitelist.api @@ -0,0 +1,85 @@ +syntax = "v1" + +info ( + title: "查询白名单管理" + desc: "代理天远查询白名单配置接口" + version: "v1" +) + +@server ( + prefix: /api/v1/admin/query-whitelist + group: admin_query_whitelist + middleware: AdminAuthInterceptor +) +service main { + @doc "创建查询白名单规则" + @handler AdminQueryWhitelistCreate + post /create (AdminQueryWhitelistCreateReq) returns (AdminQueryWhitelistOpResp) + + @doc "追加查询白名单产品编码" + @handler AdminQueryWhitelistAppend + post /append (AdminQueryWhitelistAppendReq) returns (AdminQueryWhitelistOpResp) + + @doc "查询白名单操作记录列表" + @handler AdminGetQueryWhitelistOpLogList + get /op-log/list (AdminGetQueryWhitelistOpLogListReq) returns (AdminGetQueryWhitelistOpLogListResp) +} + +type ( + AdminQueryWhitelistCreateReq { + Name string `json:"name"` // 姓名,* 表示只按身份证匹配 + IdCard string `json:"id_card"` // 18位身份证号 + ApiCodes []string `json:"api_codes"` // 产品编码列表 + Remark string `json:"remark,optional"` // 备注 + } + AdminQueryWhitelistAppendReq { + Name string `json:"name"` // 姓名,* 表示只按身份证匹配 + IdCard string `json:"id_card"` // 18位身份证号 + ApiCodes []string `json:"api_codes"` // 追加的产品编码列表 + Remark string `json:"remark,optional"` // 备注,非空会覆盖原备注 + } + AdminQueryWhitelistOpResp { + TianyuanCode int `json:"tianyuan_code"` // 天远业务码 + TianyuanMessage string `json:"tianyuan_message"` // 天远返回描述 + TransactionId string `json:"transaction_id,optional"` // 天远流水号 + Entry *QueryWhitelistEntryResult `json:"entry,optional"` // 成功时规则详情 + } + QueryWhitelistEntryResult { + Id string `json:"id"` // 规则ID + Name string `json:"name"` // 姓名规则 + IdCardMasked string `json:"id_card_masked"` // 脱敏身份证号 + ApiCodes []string `json:"api_codes"` // 当前产品编码列表 + Status string `json:"status"` // 规则状态 + Remark string `json:"remark"` // 备注 + CreatedAt string `json:"created_at"` // 创建时间 + UpdatedAt string `json:"updated_at"` // 更新时间 + } + AdminGetQueryWhitelistOpLogListReq { + Page int64 `form:"page,default=1"` // 页码 + PageSize int64 `form:"page_size,default=20"` // 每页数量 + IdCard string `form:"id_card,optional"` // 身份证号 + Action string `form:"action,optional"` // 操作类型:create / append + TianyuanResult string `form:"tianyuan_result,optional"` // 业务结果:success / fail + } + AdminGetQueryWhitelistOpLogListResp { + Total int64 `json:"total"` // 总数 + Items []QueryWhitelistOpLogListItem `json:"items"` // 列表 + } + QueryWhitelistOpLogListItem { + Id int64 `json:"id"` // 主键ID + AdminUserId int64 `json:"admin_user_id"` // 操作管理员ID + Action string `json:"action"` // 操作类型 + Name string `json:"name"` // 姓名规则 + IdCard string `json:"id_card"` // 身份证号 + IdCardMasked string `json:"id_card_masked"` // 脱敏身份证号 + ApiCodes []string `json:"api_codes"` // 本次提交的产品编码 + Remark string `json:"remark"` // 备注 + TianyuanCode int64 `json:"tianyuan_code"` // 天远业务码 + TianyuanMessage string `json:"tianyuan_message"` // 天远返回描述 + TransactionId string `json:"transaction_id"` // 天远流水号 + EntryId string `json:"entry_id"` // 规则ID + EntryStatus string `json:"entry_status"` // 规则状态 + EntryApiCodes []string `json:"entry_api_codes"` // 规则当前产品编码 + CreateTime string `json:"create_time"` // 创建时间 + } +) diff --git a/app/main/api/desc/front/toolbox.api b/app/main/api/desc/front/toolbox.api index 5b80c44..30ea5a8 100644 --- a/app/main/api/desc/front/toolbox.api +++ b/app/main/api/desc/front/toolbox.api @@ -6,9 +6,15 @@ info ( version: "v1" ) -// ==================== 通用请求/响应 ==================== - type ( + ToolInfo { + Key string `json:"key"` // 工具标识 + Name string `json:"name"` // 工具名称 + Desc string `json:"desc"` // 工具描述 + } + ToolboxListResp { + Tools []ToolInfo `json:"tools"` // 工具列表 + } ToolboxQueryReq { ToolKey string `json:"tool_key" validate:"required"` Params map[string]interface{} `json:"params"` @@ -19,14 +25,16 @@ type ( } ) -// ==================== 免费接口(无需登录) ==================== - @server ( prefix: api/v1 group: toolbox ) service main { + @doc "获取工具列表" + @handler ToolboxList + get /toolbox/list returns (ToolboxListResp) + @doc "通用工具查询" - @handler toolboxQuery + @handler ToolboxQuery post /toolbox/query (ToolboxQueryReq) returns (ToolboxQueryResp) } diff --git a/app/main/api/desc/main.api b/app/main/api/desc/main.api index e8a13d2..5265648 100644 --- a/app/main/api/desc/main.api +++ b/app/main/api/desc/main.api @@ -16,6 +16,7 @@ import "./front/app.api" import "./front/authorization.api" import "./front/upload.api" import "./front/tianyuan.api" +import "./front/toolbox.api" // 后台 import "./admin/auth.api" import "./admin/menu.api" @@ -32,3 +33,4 @@ import "./admin/admin_agent.api" import "./admin/admin_api.api" import "./admin/admin_role_api.api" import "./admin/admin_queue.api" +import "./admin/admin_query_whitelist.api" diff --git a/app/main/api/etc/main.dev.yaml b/app/main/api/etc/main.dev.yaml index 7aff4fd..70ebeca 100644 --- a/app/main/api/etc/main.dev.yaml +++ b/app/main/api/etc/main.dev.yaml @@ -91,6 +91,7 @@ Tianyuanapi: Key: "04c6b4c559be6d5ba5351c04c8713a64" BaseURL: "https://api.tianyuanapi.com" Timeout: 60 + WhitelistMgmtKey: "2R12TmEc1e8P3p69RdIoN5Ykjk%H@4orPy7DZv7MXpGByoEL" Authorization: FileBaseURL: "https://www.tianyuancha.cn/api/v1/auth-docs" # 授权书文件访问基础URL Upload: diff --git a/app/main/api/etc/main.yaml b/app/main/api/etc/main.yaml index 69b1706..ab21f5d 100644 --- a/app/main/api/etc/main.yaml +++ b/app/main/api/etc/main.yaml @@ -106,6 +106,7 @@ Tianyuanapi: Key: "74902aff197d72d1caa5593560cb281e" BaseURL: "https://api.tianyuanapi.com" Timeout: 60 + WhitelistMgmtKey: "2R12TmEc1e8P3p69RdIoN5Ykjk%H@4orPy7DZv7MXpGByoEL" tianxingjuhe: url: "https://apis.tianapi.com" key: "4ceffb1ffb95b83230b9a9c9df2467e1" diff --git a/app/main/api/internal/config/config.go b/app/main/api/internal/config/config.go index 64484cd..2fd3b64 100644 --- a/app/main/api/internal/config/config.go +++ b/app/main/api/internal/config/config.go @@ -139,10 +139,11 @@ type TaxConfig struct { TaxExemptionAmount float64 } type TianyuanapiConfig struct { - AccessID string - Key string - BaseURL string - Timeout int64 + AccessID string + Key string + BaseURL string + Timeout int64 + WhitelistMgmtKey string // 查询白名单管理密钥 Whitelist-Mgmt-Key } type AuthorizationConfig struct { diff --git a/app/main/api/internal/handler/admin_query_whitelist/admingetquerywhitelistoploglisthandler.go b/app/main/api/internal/handler/admin_query_whitelist/admingetquerywhitelistoploglisthandler.go new file mode 100644 index 0000000..44920b7 --- /dev/null +++ b/app/main/api/internal/handler/admin_query_whitelist/admingetquerywhitelistoploglisthandler.go @@ -0,0 +1,29 @@ +package admin_query_whitelist + +import ( + "net/http" + + "github.com/zeromicro/go-zero/rest/httpx" + "tyc-server/app/main/api/internal/logic/admin_query_whitelist" + "tyc-server/app/main/api/internal/svc" + "tyc-server/app/main/api/internal/types" + "tyc-server/common/result" + "tyc-server/pkg/lzkit/validator" +) + +func AdminGetQueryWhitelistOpLogListHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.AdminGetQueryWhitelistOpLogListReq + if err := httpx.Parse(r, &req); err != nil { + result.ParamErrorResult(r, w, err) + return + } + if err := validator.Validate(req); err != nil { + result.ParamValidateErrorResult(r, w, err) + return + } + l := admin_query_whitelist.NewAdminGetQueryWhitelistOpLogListLogic(r.Context(), svcCtx) + resp, err := l.AdminGetQueryWhitelistOpLogList(&req) + result.HttpResult(r, w, resp, err) + } +} diff --git a/app/main/api/internal/handler/admin_query_whitelist/adminquerywhitelistappendhandler.go b/app/main/api/internal/handler/admin_query_whitelist/adminquerywhitelistappendhandler.go new file mode 100644 index 0000000..02e88fc --- /dev/null +++ b/app/main/api/internal/handler/admin_query_whitelist/adminquerywhitelistappendhandler.go @@ -0,0 +1,29 @@ +package admin_query_whitelist + +import ( + "net/http" + + "github.com/zeromicro/go-zero/rest/httpx" + "tyc-server/app/main/api/internal/logic/admin_query_whitelist" + "tyc-server/app/main/api/internal/svc" + "tyc-server/app/main/api/internal/types" + "tyc-server/common/result" + "tyc-server/pkg/lzkit/validator" +) + +func AdminQueryWhitelistAppendHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.AdminQueryWhitelistAppendReq + if err := httpx.Parse(r, &req); err != nil { + result.ParamErrorResult(r, w, err) + return + } + if err := validator.Validate(req); err != nil { + result.ParamValidateErrorResult(r, w, err) + return + } + l := admin_query_whitelist.NewAdminQueryWhitelistAppendLogic(r.Context(), svcCtx) + resp, err := l.AdminQueryWhitelistAppend(&req) + result.HttpResult(r, w, resp, err) + } +} diff --git a/app/main/api/internal/handler/admin_query_whitelist/adminquerywhitelistcreatehandler.go b/app/main/api/internal/handler/admin_query_whitelist/adminquerywhitelistcreatehandler.go new file mode 100644 index 0000000..09a72ab --- /dev/null +++ b/app/main/api/internal/handler/admin_query_whitelist/adminquerywhitelistcreatehandler.go @@ -0,0 +1,29 @@ +package admin_query_whitelist + +import ( + "net/http" + + "github.com/zeromicro/go-zero/rest/httpx" + "tyc-server/app/main/api/internal/logic/admin_query_whitelist" + "tyc-server/app/main/api/internal/svc" + "tyc-server/app/main/api/internal/types" + "tyc-server/common/result" + "tyc-server/pkg/lzkit/validator" +) + +func AdminQueryWhitelistCreateHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var req types.AdminQueryWhitelistCreateReq + if err := httpx.Parse(r, &req); err != nil { + result.ParamErrorResult(r, w, err) + return + } + if err := validator.Validate(req); err != nil { + result.ParamValidateErrorResult(r, w, err) + return + } + l := admin_query_whitelist.NewAdminQueryWhitelistCreateLogic(r.Context(), svcCtx) + resp, err := l.AdminQueryWhitelistCreate(&req) + result.HttpResult(r, w, resp, err) + } +} diff --git a/app/main/api/internal/handler/routes.go b/app/main/api/internal/handler/routes.go index daa2f54..8f78bc1 100644 --- a/app/main/api/internal/handler/routes.go +++ b/app/main/api/internal/handler/routes.go @@ -15,6 +15,7 @@ import ( admin_product "tyc-server/app/main/api/internal/handler/admin_product" admin_promotion "tyc-server/app/main/api/internal/handler/admin_promotion" admin_query "tyc-server/app/main/api/internal/handler/admin_query" + admin_query_whitelist "tyc-server/app/main/api/internal/handler/admin_query_whitelist" admin_role "tyc-server/app/main/api/internal/handler/admin_role" admin_role_api "tyc-server/app/main/api/internal/handler/admin_role_api" admin_user "tyc-server/app/main/api/internal/handler/admin_user" @@ -607,6 +608,33 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) { rest.WithPrefix("/api/v1/admin/query"), ) + server.AddRoutes( + rest.WithMiddlewares( + []rest.Middleware{serverCtx.AdminAuthInterceptor}, + []rest.Route{ + { + // 追加查询白名单产品编码 + Method: http.MethodPost, + Path: "/append", + Handler: admin_query_whitelist.AdminQueryWhitelistAppendHandler(serverCtx), + }, + { + // 创建查询白名单规则 + Method: http.MethodPost, + Path: "/create", + Handler: admin_query_whitelist.AdminQueryWhitelistCreateHandler(serverCtx), + }, + { + // 查询白名单操作记录列表 + Method: http.MethodGet, + Path: "/op-log/list", + Handler: admin_query_whitelist.AdminGetQueryWhitelistOpLogListHandler(serverCtx), + }, + }..., + ), + rest.WithPrefix("/api/v1/admin/query-whitelist"), + ) + server.AddRoutes( rest.WithMiddlewares( []rest.Middleware{serverCtx.AdminAuthInterceptor}, diff --git a/app/main/api/internal/logic/admin_query_whitelist/admingetquerywhitelistoploglistlogic.go b/app/main/api/internal/logic/admin_query_whitelist/admingetquerywhitelistoploglistlogic.go new file mode 100644 index 0000000..f5dacdc --- /dev/null +++ b/app/main/api/internal/logic/admin_query_whitelist/admingetquerywhitelistoploglistlogic.go @@ -0,0 +1,108 @@ +package admin_query_whitelist + +import ( + "context" + + "tyc-server/app/main/api/internal/svc" + "tyc-server/app/main/api/internal/types" + "tyc-server/app/main/model" + "tyc-server/common/globalkey" + "tyc-server/common/xerr" + + "github.com/pkg/errors" + "github.com/zeromicro/go-zero/core/logx" + "github.com/zeromicro/go-zero/core/mr" +) + +type AdminGetQueryWhitelistOpLogListLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewAdminGetQueryWhitelistOpLogListLogic(ctx context.Context, svcCtx *svc.ServiceContext) *AdminGetQueryWhitelistOpLogListLogic { + return &AdminGetQueryWhitelistOpLogListLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *AdminGetQueryWhitelistOpLogListLogic) AdminGetQueryWhitelistOpLogList(req *types.AdminGetQueryWhitelistOpLogListReq) (resp *types.AdminGetQueryWhitelistOpLogListResp, err error) { + builder := l.svcCtx.QueryWhitelistOpLogModel.SelectBuilder(). + Where("del_state = ?", globalkey.DelStateNo) + + if req.IdCard != "" { + builder = builder.Where("id_card = ?", req.IdCard) + } + if req.Action != "" { + builder = builder.Where("action = ?", req.Action) + } + switch req.TianyuanResult { + case "success": + builder = builder.Where("tianyuan_code = ?", 0) + case "fail": + builder = builder.Where("tianyuan_code != ?", 0) + } + + var total int64 + var logs []*model.QueryWhitelistOpLog + err = mr.Finish(func() error { + var err error + total, err = l.svcCtx.QueryWhitelistOpLogModel.FindCount(l.ctx, builder, "id") + if err != nil { + return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询操作记录总数失败: %v", err) + } + return nil + }, func() error { + var err error + logs, err = l.svcCtx.QueryWhitelistOpLogModel.FindPageListByPage(l.ctx, builder, req.Page, req.PageSize, "id DESC") + if err != nil { + return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "查询操作记录列表失败: %v", err) + } + return nil + }) + if err != nil { + return nil, err + } + + resp = &types.AdminGetQueryWhitelistOpLogListResp{ + Total: total, + Items: make([]types.QueryWhitelistOpLogListItem, 0, len(logs)), + } + + for _, log := range logs { + item := types.QueryWhitelistOpLogListItem{ + Id: log.Id, + AdminUserId: log.AdminUserId, + Action: log.Action, + Name: log.Name, + IdCard: log.IdCard, + ApiCodes: parseApiCodesJSON(log.ApiCodes), + TianyuanCode: log.TianyuanCode, + CreateTime: log.CreateTime.Format("2006-01-02 15:04:05"), + EntryApiCodes: parseApiCodesJSON(log.EntryApiCodes.String), + } + if log.IdCardMasked.Valid { + item.IdCardMasked = log.IdCardMasked.String + } + if log.Remark.Valid { + item.Remark = log.Remark.String + } + if log.TianyuanMessage.Valid { + item.TianyuanMessage = log.TianyuanMessage.String + } + if log.TransactionId.Valid { + item.TransactionId = log.TransactionId.String + } + if log.EntryId.Valid { + item.EntryId = log.EntryId.String + } + if log.EntryStatus.Valid { + item.EntryStatus = log.EntryStatus.String + } + resp.Items = append(resp.Items, item) + } + + return resp, nil +} diff --git a/app/main/api/internal/logic/admin_query_whitelist/adminquerywhitelistappendlogic.go b/app/main/api/internal/logic/admin_query_whitelist/adminquerywhitelistappendlogic.go new file mode 100644 index 0000000..c35b5bd --- /dev/null +++ b/app/main/api/internal/logic/admin_query_whitelist/adminquerywhitelistappendlogic.go @@ -0,0 +1,33 @@ +package admin_query_whitelist + +import ( + "context" + + "tyc-server/app/main/api/internal/svc" + "tyc-server/app/main/api/internal/types" + + "github.com/zeromicro/go-zero/core/logx" +) + +type AdminQueryWhitelistAppendLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewAdminQueryWhitelistAppendLogic(ctx context.Context, svcCtx *svc.ServiceContext) *AdminQueryWhitelistAppendLogic { + return &AdminQueryWhitelistAppendLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *AdminQueryWhitelistAppendLogic) AdminQueryWhitelistAppend(req *types.AdminQueryWhitelistAppendReq) (resp *types.AdminQueryWhitelistOpResp, err error) { + return callAndRecord(l.ctx, l.svcCtx, actionAppend, opParams{ + Name: req.Name, + IdCard: req.IdCard, + ApiCodes: req.ApiCodes, + Remark: req.Remark, + }, l.svcCtx.TianyuanapiClient.AppendQueryWhitelistEntry) +} diff --git a/app/main/api/internal/logic/admin_query_whitelist/adminquerywhitelistcreatelogic.go b/app/main/api/internal/logic/admin_query_whitelist/adminquerywhitelistcreatelogic.go new file mode 100644 index 0000000..3c9c46f --- /dev/null +++ b/app/main/api/internal/logic/admin_query_whitelist/adminquerywhitelistcreatelogic.go @@ -0,0 +1,33 @@ +package admin_query_whitelist + +import ( + "context" + + "tyc-server/app/main/api/internal/svc" + "tyc-server/app/main/api/internal/types" + + "github.com/zeromicro/go-zero/core/logx" +) + +type AdminQueryWhitelistCreateLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewAdminQueryWhitelistCreateLogic(ctx context.Context, svcCtx *svc.ServiceContext) *AdminQueryWhitelistCreateLogic { + return &AdminQueryWhitelistCreateLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +func (l *AdminQueryWhitelistCreateLogic) AdminQueryWhitelistCreate(req *types.AdminQueryWhitelistCreateReq) (resp *types.AdminQueryWhitelistOpResp, err error) { + return callAndRecord(l.ctx, l.svcCtx, actionCreate, opParams{ + Name: req.Name, + IdCard: req.IdCard, + ApiCodes: req.ApiCodes, + Remark: req.Remark, + }, l.svcCtx.TianyuanapiClient.CreateQueryWhitelistEntry) +} diff --git a/app/main/api/internal/logic/admin_query_whitelist/helper.go b/app/main/api/internal/logic/admin_query_whitelist/helper.go new file mode 100644 index 0000000..f511442 --- /dev/null +++ b/app/main/api/internal/logic/admin_query_whitelist/helper.go @@ -0,0 +1,195 @@ +package admin_query_whitelist + +import ( + "context" + "database/sql" + "encoding/json" + "fmt" + "regexp" + "strings" + + tianyuanapi "tyc-server/app/main/api/internal/service/tianyuanapi_sdk" + "tyc-server/app/main/api/internal/svc" + "tyc-server/app/main/api/internal/types" + "tyc-server/app/main/model" + "tyc-server/common/ctxdata" + "tyc-server/common/xerr" + + "github.com/pkg/errors" +) + +const ( + actionCreate = "create" + actionAppend = "append" +) + +var idCardPattern = regexp.MustCompile(`^\d{17}[\dXx]$`) + +type opParams struct { + Name string + IdCard string + ApiCodes []string + Remark string +} + +func validateOpParams(p opParams) error { + if strings.TrimSpace(p.Name) == "" { + return fmt.Errorf("姓名不能为空") + } + idCard := strings.TrimSpace(p.IdCard) + if idCard == "" { + return fmt.Errorf("身份证号不能为空") + } + if !idCardPattern.MatchString(idCard) { + return fmt.Errorf("身份证号格式不正确") + } + if len(p.ApiCodes) == 0 { + return fmt.Errorf("产品编码不能为空") + } + for _, code := range p.ApiCodes { + if strings.TrimSpace(code) == "" { + return fmt.Errorf("产品编码不能包含空值") + } + if code == "*" { + return fmt.Errorf("产品编码不支持通配符 *") + } + } + if len(p.Remark) > 500 { + return fmt.Errorf("备注最长 500 字符") + } + return nil +} + +func toTianyuanParams(p opParams) tianyuanapi.QueryWhitelistParams { + name := strings.TrimSpace(p.Name) + if name == "" { + name = "*" + } + return tianyuanapi.QueryWhitelistParams{ + Name: name, + IdCard: strings.ToUpper(strings.TrimSpace(p.IdCard)), + ApiCodes: p.ApiCodes, + Remark: strings.TrimSpace(p.Remark), + } +} + +func toEntryResult(entry *tianyuanapi.QueryWhitelistEntry) *types.QueryWhitelistEntryResult { + if entry == nil { + return nil + } + return &types.QueryWhitelistEntryResult{ + Id: entry.ID, + Name: entry.Name, + IdCardMasked: entry.IdCardMasked, + ApiCodes: entry.ApiCodes, + Status: entry.Status, + Remark: entry.Remark, + CreatedAt: entry.CreatedAt, + UpdatedAt: entry.UpdatedAt, + } +} + +func toOpResp(result *tianyuanapi.QueryWhitelistResult) *types.AdminQueryWhitelistOpResp { + if result == nil { + return &types.AdminQueryWhitelistOpResp{} + } + return &types.AdminQueryWhitelistOpResp{ + TianyuanCode: result.Code, + TianyuanMessage: result.Message, + TransactionId: result.TransactionID, + Entry: toEntryResult(result.Entry), + } +} + +func saveOpLog(ctx context.Context, svcCtx *svc.ServiceContext, action string, params opParams, result *tianyuanapi.QueryWhitelistResult) error { + adminUserID, err := ctxdata.GetUidFromCtx(ctx) + if err != nil { + return errors.Wrapf(xerr.NewErrCode(xerr.TOKEN_EXPIRE_ERROR), "获取管理员ID失败: %v", err) + } + + apiCodesJSON, err := json.Marshal(params.ApiCodes) + if err != nil { + return err + } + + log := &model.QueryWhitelistOpLog{ + AdminUserId: adminUserID, + Action: action, + Name: strings.TrimSpace(params.Name), + IdCard: strings.ToUpper(strings.TrimSpace(params.IdCard)), + ApiCodes: string(apiCodesJSON), + TianyuanCode: int64(result.Code), + } + + if params.Remark != "" { + log.Remark = sql.NullString{String: params.Remark, Valid: true} + } + if result.Message != "" { + log.TianyuanMessage = sql.NullString{String: result.Message, Valid: true} + } + if result.TransactionID != "" { + log.TransactionId = sql.NullString{String: result.TransactionID, Valid: true} + } + if result.Entry != nil { + if result.Entry.IdCardMasked != "" { + log.IdCardMasked = sql.NullString{String: result.Entry.IdCardMasked, Valid: true} + } + if result.Entry.ID != "" { + log.EntryId = sql.NullString{String: result.Entry.ID, Valid: true} + } + if result.Entry.Status != "" { + log.EntryStatus = sql.NullString{String: result.Entry.Status, Valid: true} + } + if len(result.Entry.ApiCodes) > 0 { + entryCodesJSON, err := json.Marshal(result.Entry.ApiCodes) + if err != nil { + return err + } + log.EntryApiCodes = sql.NullString{String: string(entryCodesJSON), Valid: true} + } + } + + _, err = svcCtx.QueryWhitelistOpLogModel.Insert(ctx, nil, log) + if err != nil { + return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "保存操作记录失败: %v", err) + } + return nil +} + +func callAndRecord( + ctx context.Context, + svcCtx *svc.ServiceContext, + action string, + params opParams, + call func(tianyuanapi.QueryWhitelistParams) (*tianyuanapi.QueryWhitelistResult, error), +) (*types.AdminQueryWhitelistOpResp, error) { + if err := validateOpParams(params); err != nil { + return nil, errors.Wrapf(xerr.NewErrCode(xerr.REUQEST_PARAM_ERROR), "%s", err.Error()) + } + + if svcCtx.TianyuanapiClient == nil { + return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "天远 API 客户端未初始化") + } + + result, err := call(toTianyuanParams(params)) + if err != nil { + return nil, errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "调用天远 API 失败: %v", err) + } + + if err := saveOpLog(ctx, svcCtx, action, params, result); err != nil { + return nil, err + } + + return toOpResp(result), nil +} + +func parseApiCodesJSON(raw string) []string { + if raw == "" { + return []string{} + } + var codes []string + if err := json.Unmarshal([]byte(raw), &codes); err != nil { + return []string{} + } + return codes +} diff --git a/app/main/api/internal/service/tianyuanapi_sdk/client.go b/app/main/api/internal/service/tianyuanapi_sdk/client.go index cdb699c..ea1a845 100644 --- a/app/main/api/internal/service/tianyuanapi_sdk/client.go +++ b/app/main/api/internal/service/tianyuanapi_sdk/client.go @@ -63,6 +63,7 @@ type Client struct { baseURL string timeout time.Duration client *http.Client + mgmtKey string // 查询白名单管理密钥 Whitelist-Mgmt-Key } // Config 客户端配置 diff --git a/app/main/api/internal/service/tianyuanapi_sdk/query_whitelist.go b/app/main/api/internal/service/tianyuanapi_sdk/query_whitelist.go new file mode 100644 index 0000000..6c70339 --- /dev/null +++ b/app/main/api/internal/service/tianyuanapi_sdk/query_whitelist.go @@ -0,0 +1,124 @@ +package tianyuanapi + +import ( + "bytes" + "encoding/json" + "fmt" + "io" + "net/http" + "time" +) + +// QueryWhitelistParams 查询白名单请求参数(加密前明文) +type QueryWhitelistParams struct { + Name string `json:"name"` + IdCard string `json:"id_card"` + ApiCodes []string `json:"api_codes"` + Remark string `json:"remark,omitempty"` +} + +// QueryWhitelistEntry 查询白名单规则详情(解密后) +type QueryWhitelistEntry struct { + ID string `json:"id"` + Name string `json:"name"` + IdCardMasked string `json:"id_card_masked"` + ApiCodes []string `json:"api_codes"` + Status string `json:"status"` + Remark string `json:"remark"` + CreatedAt string `json:"created_at"` + UpdatedAt string `json:"updated_at"` +} + +// QueryWhitelistResult 查询白名单 API 调用结果 +type QueryWhitelistResult struct { + Code int `json:"code"` + Message string `json:"message"` + TransactionID string `json:"transaction_id"` + Entry *QueryWhitelistEntry `json:"entry,omitempty"` + RequestTimeMs int64 `json:"request_time_ms"` +} + +// SetWhitelistMgmtKey 设置白名单管理密钥 +func (c *Client) SetWhitelistMgmtKey(key string) { + c.mgmtKey = key +} + +// CreateQueryWhitelistEntry 创建查询白名单规则 +func (c *Client) CreateQueryWhitelistEntry(params QueryWhitelistParams) (*QueryWhitelistResult, error) { + return c.callQueryWhitelist("/api/v1/query-whitelist/entries", params) +} + +// AppendQueryWhitelistEntry 向已有规则追加产品编码 +func (c *Client) AppendQueryWhitelistEntry(params QueryWhitelistParams) (*QueryWhitelistResult, error) { + return c.callQueryWhitelist("/api/v1/query-whitelist/entries/append", params) +} + +func (c *Client) callQueryWhitelist(path string, params QueryWhitelistParams) (*QueryWhitelistResult, error) { + if c.mgmtKey == "" { + return nil, fmt.Errorf("Whitelist-Mgmt-Key 未配置") + } + + startTime := time.Now() + + jsonData, err := json.Marshal(params) + if err != nil { + return nil, fmt.Errorf("参数序列化失败: %v", err) + } + + encryptedData, err := c.encrypt(string(jsonData)) + if err != nil { + return nil, fmt.Errorf("数据加密失败: %v", err) + } + + requestBody := map[string]string{"data": encryptedData} + requestBodyBytes, err := json.Marshal(requestBody) + if err != nil { + return nil, fmt.Errorf("请求体序列化失败: %v", err) + } + + url := c.baseURL + path + httpReq, err := http.NewRequest(http.MethodPost, url, bytes.NewBuffer(requestBodyBytes)) + if err != nil { + return nil, fmt.Errorf("创建HTTP请求失败: %v", err) + } + + httpReq.Header.Set("Content-Type", "application/json") + httpReq.Header.Set("Access-Id", c.accessID) + httpReq.Header.Set("Whitelist-Mgmt-Key", c.mgmtKey) + httpReq.Header.Set("User-Agent", "TianyuanAPI-Go-SDK/1.0.0") + + resp, err := c.client.Do(httpReq) + if err != nil { + return nil, fmt.Errorf("请求失败: %v", err) + } + defer resp.Body.Close() + + body, err := io.ReadAll(resp.Body) + if err != nil { + return nil, fmt.Errorf("读取响应失败: %v", err) + } + + var apiResp ApiResponse + if err := json.Unmarshal(body, &apiResp); err != nil { + return nil, fmt.Errorf("响应解析失败: %v", err) + } + + result := &QueryWhitelistResult{ + Code: apiResp.Code, + Message: apiResp.Message, + TransactionID: apiResp.TransactionID, + RequestTimeMs: time.Since(startTime).Milliseconds(), + } + + if apiResp.Data != "" { + decryptedData, err := c.decrypt(apiResp.Data) + if err == nil { + var entry QueryWhitelistEntry + if json.Unmarshal([]byte(decryptedData), &entry) == nil { + result.Entry = &entry + } + } + } + + return result, nil +} diff --git a/app/main/api/internal/svc/servicecontext.go b/app/main/api/internal/svc/servicecontext.go index 01230c3..384db6c 100644 --- a/app/main/api/internal/svc/servicecontext.go +++ b/app/main/api/internal/svc/servicecontext.go @@ -45,6 +45,7 @@ type ServiceContext struct { QueryCleanupDetailModel model.QueryCleanupDetailModel QueryCleanupConfigModel model.QueryCleanupConfigModel QueryUserRecordModel model.QueryUserRecordModel + QueryWhitelistOpLogModel model.QueryWhitelistOpLogModel // 代理相关模型 AgentModel model.AgentModel @@ -104,6 +105,7 @@ type ServiceContext struct { AuthorizationService *service.AuthorizationService ToolboxService *service.ToolboxService TianxingjuheService *tianxingjuhe.Client + TianyuanapiClient *tianyuanapi.Client } // NewServiceContext 创建服务上下文 @@ -138,6 +140,7 @@ func NewServiceContext(c config.Config) *ServiceContext { queryCleanupDetailModel := model.NewQueryCleanupDetailModel(db, cacheConf) queryCleanupConfigModel := model.NewQueryCleanupConfigModel(db, cacheConf) queryUserRecordModel := model.NewQueryUserRecordModel(db, cacheConf) + queryWhitelistOpLogModel := model.NewQueryWhitelistOpLogModel(db, cacheConf) // ============================== 代理相关模型 ============================== agentModel := model.NewAgentModel(db, cacheConf) @@ -189,6 +192,8 @@ func NewServiceContext(c config.Config) *ServiceContext { }) if err != nil { logx.Errorf("初始化天远API失败: %+v", err) + } else if c.Tianyuanapi.WhitelistMgmtKey != "" { + tianyuanapi.SetWhitelistMgmtKey(c.Tianyuanapi.WhitelistMgmtKey) } // 初始化天行聚合API客户端 @@ -262,6 +267,7 @@ func NewServiceContext(c config.Config) *ServiceContext { QueryCleanupDetailModel: queryCleanupDetailModel, QueryCleanupConfigModel: queryCleanupConfigModel, QueryUserRecordModel: queryUserRecordModel, + QueryWhitelistOpLogModel: queryWhitelistOpLogModel, // 代理相关模型 AgentModel: agentModel, @@ -321,6 +327,7 @@ func NewServiceContext(c config.Config) *ServiceContext { AuthorizationService: authorizationService, ToolboxService: toolboxService, TianxingjuheService: tianxingjuheService, + TianyuanapiClient: tianyuanapi, } } diff --git a/app/main/api/internal/types/types.go b/app/main/api/internal/types/types.go index abed634..199f222 100644 --- a/app/main/api/internal/types/types.go +++ b/app/main/api/internal/types/types.go @@ -688,6 +688,19 @@ type AdminGetQueryDetailByOrderIdResp struct { QueryState string `json:"query_state"` // 查询状态 } +type AdminGetQueryWhitelistOpLogListReq struct { + Page int64 `form:"page,default=1"` // 页码 + PageSize int64 `form:"page_size,default=20"` // 每页数量 + IdCard string `form:"id_card,optional"` // 身份证号 + Action string `form:"action,optional"` // 操作类型:create / append + TianyuanResult string `form:"tianyuan_result,optional"` // 业务结果:success / fail +} + +type AdminGetQueryWhitelistOpLogListResp struct { + Total int64 `json:"total"` // 总数 + Items []QueryWhitelistOpLogListItem `json:"items"` // 列表 +} + type AdminGetRefundStatisticsReq struct { } @@ -773,6 +786,27 @@ type AdminQueryItem struct { Data interface{} `json:"data"` // 这里可以是 map 或 具体的 struct } +type AdminQueryWhitelistAppendReq struct { + Name string `json:"name"` // 姓名,* 表示只按身份证匹配 + IdCard string `json:"id_card"` // 18位身份证号 + ApiCodes []string `json:"api_codes"` // 追加的产品编码列表 + Remark string `json:"remark,optional"` // 备注,非空会覆盖原备注 +} + +type AdminQueryWhitelistCreateReq struct { + Name string `json:"name"` // 姓名,* 表示只按身份证匹配 + IdCard string `json:"id_card"` // 18位身份证号 + ApiCodes []string `json:"api_codes"` // 产品编码列表 + Remark string `json:"remark,optional"` // 备注 +} + +type AdminQueryWhitelistOpResp struct { + TianyuanCode int `json:"tianyuan_code"` // 天远业务码 + TianyuanMessage string `json:"tianyuan_message"` // 天远返回描述 + TransactionId string `json:"transaction_id,optional"` // 天远流水号 + Entry *QueryWhitelistEntryResult `json:"entry,optional"` // 成功时规则详情 +} + type AdminRefundOrderReq struct { Id int64 `path:"id"` // 订单ID RefundAmount float64 `json:"refund_amount"` // 退款金额 @@ -2017,9 +2051,9 @@ type QueryItem struct { } type QueryListReq struct { - Page int64 `form:"page"` // 页码 - PageSize int64 `form:"page_size"` // 每页数据量 - Source string `form:"source,optional"` // 来源: miniapp 小程序过滤非车辆产品 + Page int64 `form:"page"` // 页码 + PageSize int64 `form:"page_size"` // 每页数据量 + Source string `form:"source,optional"` // 来源: miniapp 小程序过滤非车辆产品 } type QueryListResp struct { @@ -2088,6 +2122,35 @@ type QuerySingleTestResp struct { Api string `json:"api"` } +type QueryWhitelistEntryResult struct { + Id string `json:"id"` // 规则ID + Name string `json:"name"` // 姓名规则 + IdCardMasked string `json:"id_card_masked"` // 脱敏身份证号 + ApiCodes []string `json:"api_codes"` // 当前产品编码列表 + Status string `json:"status"` // 规则状态 + Remark string `json:"remark"` // 备注 + CreatedAt string `json:"created_at"` // 创建时间 + UpdatedAt string `json:"updated_at"` // 更新时间 +} + +type QueryWhitelistOpLogListItem struct { + Id int64 `json:"id"` // 主键ID + AdminUserId int64 `json:"admin_user_id"` // 操作管理员ID + Action string `json:"action"` // 操作类型 + Name string `json:"name"` // 姓名规则 + IdCard string `json:"id_card"` // 身份证号 + IdCardMasked string `json:"id_card_masked"` // 脱敏身份证号 + ApiCodes []string `json:"api_codes"` // 本次提交的产品编码 + Remark string `json:"remark"` // 备注 + TianyuanCode int64 `json:"tianyuan_code"` // 天远业务码 + TianyuanMessage string `json:"tianyuan_message"` // 天远返回描述 + TransactionId string `json:"transaction_id"` // 天远流水号 + EntryId string `json:"entry_id"` // 规则ID + EntryStatus string `json:"entry_status"` // 规则状态 + EntryApiCodes []string `json:"entry_api_codes"` // 规则当前产品编码 + CreateTime string `json:"create_time"` // 创建时间 +} + type RecordLinkClickReq struct { Path string `path:"path"` // 链接路径 } @@ -2135,6 +2198,16 @@ type TimeRangeReport struct { Report int `json:"report"` // 报告量 } +type ToolInfo struct { + Key string `json:"key"` // 工具标识 + Name string `json:"name"` // 工具名称 + Desc string `json:"desc"` // 工具描述 +} + +type ToolboxListResp struct { + Tools []ToolInfo `json:"tools"` // 工具列表 +} + type ToolboxQueryReq struct { ToolKey string `json:"tool_key" validate:"required"` Params map[string]interface{} `json:"params"` @@ -2145,16 +2218,6 @@ type ToolboxQueryResp struct { Result map[string]interface{} `json:"result"` } -type ToolInfo struct { - Key string `json:"key"` - Name string `json:"name"` - Desc string `json:"desc"` -} - -type ToolboxListResp struct { - Tools []ToolInfo `json:"tools"` -} - type UpdateMenuReq struct { Id int64 `path:"id"` // 菜单ID Pid int64 `json:"pid,optional"` // 父菜单ID diff --git a/app/main/model/queryWhitelistOpLogModel.go b/app/main/model/queryWhitelistOpLogModel.go new file mode 100644 index 0000000..992256d --- /dev/null +++ b/app/main/model/queryWhitelistOpLogModel.go @@ -0,0 +1,27 @@ +package model + +import ( + "github.com/zeromicro/go-zero/core/stores/cache" + "github.com/zeromicro/go-zero/core/stores/sqlx" +) + +var _ QueryWhitelistOpLogModel = (*customQueryWhitelistOpLogModel)(nil) + +type ( + // QueryWhitelistOpLogModel is an interface to be customized, add more methods here, + // and implement the added methods in customQueryWhitelistOpLogModel. + QueryWhitelistOpLogModel interface { + queryWhitelistOpLogModel + } + + customQueryWhitelistOpLogModel struct { + *defaultQueryWhitelistOpLogModel + } +) + +// NewQueryWhitelistOpLogModel returns a model for the database table. +func NewQueryWhitelistOpLogModel(conn sqlx.SqlConn, c cache.CacheConf) QueryWhitelistOpLogModel { + return &customQueryWhitelistOpLogModel{ + defaultQueryWhitelistOpLogModel: newQueryWhitelistOpLogModel(conn, c), + } +} diff --git a/app/main/model/queryWhitelistOpLogModel_gen.go b/app/main/model/queryWhitelistOpLogModel_gen.go new file mode 100644 index 0000000..a102c48 --- /dev/null +++ b/app/main/model/queryWhitelistOpLogModel_gen.go @@ -0,0 +1,379 @@ +// Code generated by goctl. DO NOT EDIT! + +package model + +import ( + "context" + "database/sql" + "fmt" + "strings" + + "time" + + "github.com/Masterminds/squirrel" + "github.com/pkg/errors" + "github.com/zeromicro/go-zero/core/stores/builder" + "github.com/zeromicro/go-zero/core/stores/cache" + "github.com/zeromicro/go-zero/core/stores/sqlc" + "github.com/zeromicro/go-zero/core/stores/sqlx" + "github.com/zeromicro/go-zero/core/stringx" + "tyc-server/common/globalkey" +) + +var ( + queryWhitelistOpLogFieldNames = builder.RawFieldNames(&QueryWhitelistOpLog{}) + queryWhitelistOpLogRows = strings.Join(queryWhitelistOpLogFieldNames, ",") + queryWhitelistOpLogRowsExpectAutoSet = strings.Join(stringx.Remove(queryWhitelistOpLogFieldNames, "`id`", "`create_time`", "`update_time`"), ",") + queryWhitelistOpLogRowsWithPlaceHolder = strings.Join(stringx.Remove(queryWhitelistOpLogFieldNames, "`id`", "`create_time`", "`update_time`"), "=?,") + "=?" + + cacheQueryWhitelistOpLogIdPrefix = "cache:queryWhitelistOpLog:id:" +) + +type ( + queryWhitelistOpLogModel interface { + Insert(ctx context.Context, session sqlx.Session, data *QueryWhitelistOpLog) (sql.Result, error) + FindOne(ctx context.Context, id int64) (*QueryWhitelistOpLog, error) + Update(ctx context.Context, session sqlx.Session, data *QueryWhitelistOpLog) (sql.Result, error) + UpdateWithVersion(ctx context.Context, session sqlx.Session, data *QueryWhitelistOpLog) error + Trans(ctx context.Context, fn func(context context.Context, session sqlx.Session) error) error + SelectBuilder() squirrel.SelectBuilder + DeleteSoft(ctx context.Context, session sqlx.Session, data *QueryWhitelistOpLog) error + FindSum(ctx context.Context, sumBuilder squirrel.SelectBuilder, field string) (float64, error) + FindCount(ctx context.Context, countBuilder squirrel.SelectBuilder, field string) (int64, error) + FindAll(ctx context.Context, rowBuilder squirrel.SelectBuilder, orderBy string) ([]*QueryWhitelistOpLog, error) + FindPageListByPage(ctx context.Context, rowBuilder squirrel.SelectBuilder, page, pageSize int64, orderBy string) ([]*QueryWhitelistOpLog, error) + FindPageListByPageWithTotal(ctx context.Context, rowBuilder squirrel.SelectBuilder, page, pageSize int64, orderBy string) ([]*QueryWhitelistOpLog, int64, error) + FindPageListByIdDESC(ctx context.Context, rowBuilder squirrel.SelectBuilder, preMinId, pageSize int64) ([]*QueryWhitelistOpLog, error) + FindPageListByIdASC(ctx context.Context, rowBuilder squirrel.SelectBuilder, preMaxId, pageSize int64) ([]*QueryWhitelistOpLog, error) + Delete(ctx context.Context, session sqlx.Session, id int64) error + } + + defaultQueryWhitelistOpLogModel struct { + sqlc.CachedConn + table string + } + + QueryWhitelistOpLog struct { + Id int64 `db:"id"` + CreateTime time.Time `db:"create_time"` + UpdateTime time.Time `db:"update_time"` + DeleteTime sql.NullTime `db:"delete_time"` // 删除时间 + DelState int64 `db:"del_state"` + Version int64 `db:"version"` // 版本号 + AdminUserId int64 `db:"admin_user_id"` // 操作管理员ID + Action string `db:"action"` // 操作类型:create=创建规则,append=追加接口 + Name string `db:"name"` // 姓名规则 + IdCard string `db:"id_card"` // 身份证号(明文,供后台审计) + IdCardMasked sql.NullString `db:"id_card_masked"` // 天远返回的脱敏身份证号 + ApiCodes string `db:"api_codes"` // 本次提交的产品编码(JSON数组) + Remark sql.NullString `db:"remark"` // 备注 + TianyuanCode int64 `db:"tianyuan_code"` // 天远 API 业务码 + TianyuanMessage sql.NullString `db:"tianyuan_message"` // 天远 API 返回描述 + TransactionId sql.NullString `db:"transaction_id"` // 天远 API 流水号 + EntryId sql.NullString `db:"entry_id"` // 天远规则ID(成功时) + EntryStatus sql.NullString `db:"entry_status"` // 规则状态(成功时) + EntryApiCodes sql.NullString `db:"entry_api_codes"` // 规则当前产品编码列表(JSON数组,成功时) + } +) + +func newQueryWhitelistOpLogModel(conn sqlx.SqlConn, c cache.CacheConf) *defaultQueryWhitelistOpLogModel { + return &defaultQueryWhitelistOpLogModel{ + CachedConn: sqlc.NewConn(conn, c), + table: "`query_whitelist_op_log`", + } +} + +func (m *defaultQueryWhitelistOpLogModel) Insert(ctx context.Context, session sqlx.Session, data *QueryWhitelistOpLog) (sql.Result, error) { + data.DelState = globalkey.DelStateNo + queryWhitelistOpLogIdKey := fmt.Sprintf("%s%v", cacheQueryWhitelistOpLogIdPrefix, data.Id) + return m.ExecCtx(ctx, func(ctx context.Context, conn sqlx.SqlConn) (result sql.Result, err error) { + query := fmt.Sprintf("insert into %s (%s) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", m.table, queryWhitelistOpLogRowsExpectAutoSet) + if session != nil { + return session.ExecCtx(ctx, query, data.DeleteTime, data.DelState, data.Version, data.AdminUserId, data.Action, data.Name, data.IdCard, data.IdCardMasked, data.ApiCodes, data.Remark, data.TianyuanCode, data.TianyuanMessage, data.TransactionId, data.EntryId, data.EntryStatus, data.EntryApiCodes) + } + return conn.ExecCtx(ctx, query, data.DeleteTime, data.DelState, data.Version, data.AdminUserId, data.Action, data.Name, data.IdCard, data.IdCardMasked, data.ApiCodes, data.Remark, data.TianyuanCode, data.TianyuanMessage, data.TransactionId, data.EntryId, data.EntryStatus, data.EntryApiCodes) + }, queryWhitelistOpLogIdKey) +} + +func (m *defaultQueryWhitelistOpLogModel) FindOne(ctx context.Context, id int64) (*QueryWhitelistOpLog, error) { + queryWhitelistOpLogIdKey := fmt.Sprintf("%s%v", cacheQueryWhitelistOpLogIdPrefix, id) + var resp QueryWhitelistOpLog + err := m.QueryRowCtx(ctx, &resp, queryWhitelistOpLogIdKey, func(ctx context.Context, conn sqlx.SqlConn, v interface{}) error { + query := fmt.Sprintf("select %s from %s where `id` = ? and del_state = ? limit 1", queryWhitelistOpLogRows, m.table) + return conn.QueryRowCtx(ctx, v, query, id, globalkey.DelStateNo) + }) + switch err { + case nil: + return &resp, nil + case sqlc.ErrNotFound: + return nil, ErrNotFound + default: + return nil, err + } +} + +func (m *defaultQueryWhitelistOpLogModel) Update(ctx context.Context, session sqlx.Session, data *QueryWhitelistOpLog) (sql.Result, error) { + queryWhitelistOpLogIdKey := fmt.Sprintf("%s%v", cacheQueryWhitelistOpLogIdPrefix, data.Id) + return m.ExecCtx(ctx, func(ctx context.Context, conn sqlx.SqlConn) (result sql.Result, err error) { + query := fmt.Sprintf("update %s set %s where `id` = ?", m.table, queryWhitelistOpLogRowsWithPlaceHolder) + if session != nil { + return session.ExecCtx(ctx, query, data.DeleteTime, data.DelState, data.Version, data.AdminUserId, data.Action, data.Name, data.IdCard, data.IdCardMasked, data.ApiCodes, data.Remark, data.TianyuanCode, data.TianyuanMessage, data.TransactionId, data.EntryId, data.EntryStatus, data.EntryApiCodes, data.Id) + } + return conn.ExecCtx(ctx, query, data.DeleteTime, data.DelState, data.Version, data.AdminUserId, data.Action, data.Name, data.IdCard, data.IdCardMasked, data.ApiCodes, data.Remark, data.TianyuanCode, data.TianyuanMessage, data.TransactionId, data.EntryId, data.EntryStatus, data.EntryApiCodes, data.Id) + }, queryWhitelistOpLogIdKey) +} + +func (m *defaultQueryWhitelistOpLogModel) UpdateWithVersion(ctx context.Context, session sqlx.Session, data *QueryWhitelistOpLog) error { + + oldVersion := data.Version + data.Version += 1 + + var sqlResult sql.Result + var err error + + queryWhitelistOpLogIdKey := fmt.Sprintf("%s%v", cacheQueryWhitelistOpLogIdPrefix, data.Id) + sqlResult, err = m.ExecCtx(ctx, func(ctx context.Context, conn sqlx.SqlConn) (result sql.Result, err error) { + query := fmt.Sprintf("update %s set %s where `id` = ? and version = ? ", m.table, queryWhitelistOpLogRowsWithPlaceHolder) + if session != nil { + return session.ExecCtx(ctx, query, data.DeleteTime, data.DelState, data.Version, data.AdminUserId, data.Action, data.Name, data.IdCard, data.IdCardMasked, data.ApiCodes, data.Remark, data.TianyuanCode, data.TianyuanMessage, data.TransactionId, data.EntryId, data.EntryStatus, data.EntryApiCodes, data.Id, oldVersion) + } + return conn.ExecCtx(ctx, query, data.DeleteTime, data.DelState, data.Version, data.AdminUserId, data.Action, data.Name, data.IdCard, data.IdCardMasked, data.ApiCodes, data.Remark, data.TianyuanCode, data.TianyuanMessage, data.TransactionId, data.EntryId, data.EntryStatus, data.EntryApiCodes, data.Id, oldVersion) + }, queryWhitelistOpLogIdKey) + if err != nil { + return err + } + updateCount, err := sqlResult.RowsAffected() + if err != nil { + return err + } + if updateCount == 0 { + return ErrNoRowsUpdate + } + + return nil +} + +func (m *defaultQueryWhitelistOpLogModel) DeleteSoft(ctx context.Context, session sqlx.Session, data *QueryWhitelistOpLog) error { + data.DelState = globalkey.DelStateYes + data.DeleteTime = sql.NullTime{Time: time.Now(), Valid: true} + if err := m.UpdateWithVersion(ctx, session, data); err != nil { + return errors.Wrapf(errors.New("delete soft failed "), "QueryWhitelistOpLogModel delete err : %+v", err) + } + return nil +} + +func (m *defaultQueryWhitelistOpLogModel) FindSum(ctx context.Context, builder squirrel.SelectBuilder, field string) (float64, error) { + + if len(field) == 0 { + return 0, errors.Wrapf(errors.New("FindSum Least One Field"), "FindSum Least One Field") + } + + builder = builder.Columns("IFNULL(SUM(" + field + "),0)") + + query, values, err := builder.Where("del_state = ?", globalkey.DelStateNo).ToSql() + if err != nil { + return 0, err + } + + var resp float64 + err = m.QueryRowNoCacheCtx(ctx, &resp, query, values...) + switch err { + case nil: + return resp, nil + default: + return 0, err + } +} + +func (m *defaultQueryWhitelistOpLogModel) FindCount(ctx context.Context, builder squirrel.SelectBuilder, field string) (int64, error) { + + if len(field) == 0 { + return 0, errors.Wrapf(errors.New("FindCount Least One Field"), "FindCount Least One Field") + } + + builder = builder.Columns("COUNT(" + field + ")") + + query, values, err := builder.Where("del_state = ?", globalkey.DelStateNo).ToSql() + if err != nil { + return 0, err + } + + var resp int64 + err = m.QueryRowNoCacheCtx(ctx, &resp, query, values...) + switch err { + case nil: + return resp, nil + default: + return 0, err + } +} + +func (m *defaultQueryWhitelistOpLogModel) FindAll(ctx context.Context, builder squirrel.SelectBuilder, orderBy string) ([]*QueryWhitelistOpLog, error) { + + builder = builder.Columns(queryWhitelistOpLogRows) + + if orderBy == "" { + builder = builder.OrderBy("id DESC") + } else { + builder = builder.OrderBy(orderBy) + } + + query, values, err := builder.Where("del_state = ?", globalkey.DelStateNo).ToSql() + if err != nil { + return nil, err + } + + var resp []*QueryWhitelistOpLog + err = m.QueryRowsNoCacheCtx(ctx, &resp, query, values...) + switch err { + case nil: + return resp, nil + default: + return nil, err + } +} + +func (m *defaultQueryWhitelistOpLogModel) FindPageListByPage(ctx context.Context, builder squirrel.SelectBuilder, page, pageSize int64, orderBy string) ([]*QueryWhitelistOpLog, error) { + + builder = builder.Columns(queryWhitelistOpLogRows) + + if orderBy == "" { + builder = builder.OrderBy("id DESC") + } else { + builder = builder.OrderBy(orderBy) + } + + if page < 1 { + page = 1 + } + offset := (page - 1) * pageSize + + query, values, err := builder.Where("del_state = ?", globalkey.DelStateNo).Offset(uint64(offset)).Limit(uint64(pageSize)).ToSql() + if err != nil { + return nil, err + } + + var resp []*QueryWhitelistOpLog + err = m.QueryRowsNoCacheCtx(ctx, &resp, query, values...) + switch err { + case nil: + return resp, nil + default: + return nil, err + } +} + +func (m *defaultQueryWhitelistOpLogModel) FindPageListByPageWithTotal(ctx context.Context, builder squirrel.SelectBuilder, page, pageSize int64, orderBy string) ([]*QueryWhitelistOpLog, int64, error) { + + total, err := m.FindCount(ctx, builder, "id") + if err != nil { + return nil, 0, err + } + + builder = builder.Columns(queryWhitelistOpLogRows) + + if orderBy == "" { + builder = builder.OrderBy("id DESC") + } else { + builder = builder.OrderBy(orderBy) + } + + if page < 1 { + page = 1 + } + offset := (page - 1) * pageSize + + query, values, err := builder.Where("del_state = ?", globalkey.DelStateNo).Offset(uint64(offset)).Limit(uint64(pageSize)).ToSql() + if err != nil { + return nil, total, err + } + + var resp []*QueryWhitelistOpLog + err = m.QueryRowsNoCacheCtx(ctx, &resp, query, values...) + switch err { + case nil: + return resp, total, nil + default: + return nil, total, err + } +} + +func (m *defaultQueryWhitelistOpLogModel) FindPageListByIdDESC(ctx context.Context, builder squirrel.SelectBuilder, preMinId, pageSize int64) ([]*QueryWhitelistOpLog, error) { + + builder = builder.Columns(queryWhitelistOpLogRows) + + if preMinId > 0 { + builder = builder.Where(" id < ? ", preMinId) + } + + query, values, err := builder.Where("del_state = ?", globalkey.DelStateNo).OrderBy("id DESC").Limit(uint64(pageSize)).ToSql() + if err != nil { + return nil, err + } + + var resp []*QueryWhitelistOpLog + err = m.QueryRowsNoCacheCtx(ctx, &resp, query, values...) + switch err { + case nil: + return resp, nil + default: + return nil, err + } +} + +func (m *defaultQueryWhitelistOpLogModel) FindPageListByIdASC(ctx context.Context, builder squirrel.SelectBuilder, preMaxId, pageSize int64) ([]*QueryWhitelistOpLog, error) { + + builder = builder.Columns(queryWhitelistOpLogRows) + + if preMaxId > 0 { + builder = builder.Where(" id > ? ", preMaxId) + } + + query, values, err := builder.Where("del_state = ?", globalkey.DelStateNo).OrderBy("id ASC").Limit(uint64(pageSize)).ToSql() + if err != nil { + return nil, err + } + + var resp []*QueryWhitelistOpLog + err = m.QueryRowsNoCacheCtx(ctx, &resp, query, values...) + switch err { + case nil: + return resp, nil + default: + return nil, err + } +} + +func (m *defaultQueryWhitelistOpLogModel) Trans(ctx context.Context, fn func(ctx context.Context, session sqlx.Session) error) error { + + return m.TransactCtx(ctx, func(ctx context.Context, session sqlx.Session) error { + return fn(ctx, session) + }) + +} + +func (m *defaultQueryWhitelistOpLogModel) SelectBuilder() squirrel.SelectBuilder { + return squirrel.Select().From(m.table) +} +func (m *defaultQueryWhitelistOpLogModel) Delete(ctx context.Context, session sqlx.Session, id int64) error { + queryWhitelistOpLogIdKey := fmt.Sprintf("%s%v", cacheQueryWhitelistOpLogIdPrefix, id) + _, err := m.ExecCtx(ctx, func(ctx context.Context, conn sqlx.SqlConn) (result sql.Result, err error) { + query := fmt.Sprintf("delete from %s where `id` = ?", m.table) + if session != nil { + return session.ExecCtx(ctx, query, id) + } + return conn.ExecCtx(ctx, query, id) + }, queryWhitelistOpLogIdKey) + return err +} +func (m *defaultQueryWhitelistOpLogModel) formatPrimary(primary interface{}) string { + return fmt.Sprintf("%s%v", cacheQueryWhitelistOpLogIdPrefix, primary) +} +func (m *defaultQueryWhitelistOpLogModel) queryPrimary(ctx context.Context, conn sqlx.SqlConn, v, primary interface{}) error { + query := fmt.Sprintf("select %s from %s where `id` = ? and del_state = ? limit 1", queryWhitelistOpLogRows, m.table) + return conn.QueryRowCtx(ctx, v, query, primary, globalkey.DelStateNo) +} + +func (m *defaultQueryWhitelistOpLogModel) tableName() string { + return m.table +} diff --git a/deploy/sql/query_whitelist_op_log.sql b/deploy/sql/query_whitelist_op_log.sql new file mode 100644 index 0000000..913605d --- /dev/null +++ b/deploy/sql/query_whitelist_op_log.sql @@ -0,0 +1,111 @@ +-- 查询白名单功能部署 SQL +-- 数据库:tyc +-- 执行后请重新登录管理后台 + +-- ============================================ +-- 1. 创建操作记录表 +-- ============================================ +CREATE TABLE IF NOT EXISTS `query_whitelist_op_log` ( + `id` bigint NOT NULL AUTO_INCREMENT, + `create_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, + `update_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + `delete_time` datetime DEFAULT NULL COMMENT '删除时间', + `del_state` tinyint NOT NULL DEFAULT '0', + `version` bigint NOT NULL DEFAULT '0' COMMENT '版本号', + + `admin_user_id` bigint NOT NULL COMMENT '操作管理员ID', + `action` varchar(20) NOT NULL COMMENT '操作类型:create=创建规则,append=追加接口', + `name` varchar(50) NOT NULL DEFAULT '*' COMMENT '姓名规则', + `id_card` varchar(50) NOT NULL COMMENT '身份证号(明文,供后台审计)', + `id_card_masked` varchar(50) DEFAULT NULL COMMENT '天远返回的脱敏身份证号', + `api_codes` varchar(2000) NOT NULL COMMENT '本次提交的产品编码(JSON数组)', + `remark` varchar(500) DEFAULT NULL COMMENT '备注', + `tianyuan_code` int NOT NULL DEFAULT 0 COMMENT '天远 API 业务码', + `tianyuan_message` varchar(500) DEFAULT NULL COMMENT '天远 API 返回描述', + `transaction_id` varchar(64) DEFAULT NULL COMMENT '天远 API 流水号', + `entry_id` varchar(64) DEFAULT NULL COMMENT '天远规则ID(成功时)', + `entry_status` varchar(20) DEFAULT NULL COMMENT '规则状态(成功时)', + `entry_api_codes` varchar(2000) DEFAULT NULL COMMENT '规则当前产品编码列表(JSON数组,成功时)', + + PRIMARY KEY (`id`), + KEY `idx_admin_user_id` (`admin_user_id`), + KEY `idx_id_card` (`id_card`), + KEY `idx_action` (`action`), + KEY `idx_tianyuan_code` (`tianyuan_code`), + KEY `idx_create_time` (`create_time`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='查询白名单操作记录表'; + +-- ============================================ +-- 2. 新增「查询白名单」菜单 +-- ============================================ +INSERT INTO `admin_menu` ( + `pid`, `name`, `path`, `component`, `redirect`, `meta`, `status`, `type`, `sort`, `del_state`, `version` +) +SELECT + 20, + 'queryWhitelist', + '/product-manage/query-whitelist/list', + '/product-manage/query-whitelist/list', + NULL, + JSON_OBJECT('icon', 'lucide:shield-off', 'title', '查询白名单'), + 1, + 1, + 0, + 0, + 0 +FROM DUAL +WHERE NOT EXISTS ( + SELECT 1 FROM `admin_menu` + WHERE `path` = '/product-manage/query-whitelist/list' AND `del_state` = 0 +); + +-- ============================================ +-- 3. 给超级管理员(role_id=1)授权菜单 +-- ============================================ +INSERT INTO `admin_role_menu` (`role_id`, `menu_id`, `del_state`, `version`) +SELECT + 1, + m.`id`, + 0, + 0 +FROM `admin_menu` m +WHERE m.`path` = '/product-manage/query-whitelist/list' + AND m.`del_state` = 0 + AND NOT EXISTS ( + SELECT 1 FROM `admin_role_menu` rm + WHERE rm.`role_id` = 1 + AND rm.`menu_id` = m.`id` + AND rm.`del_state` = 0 + ); + +-- ============================================ +-- 4. 注册 admin_api 权限 +-- ============================================ +INSERT INTO `admin_api` (`api_name`, `api_code`, `method`, `url`, `status`, `description`, `del_state`, `version`) +SELECT 'query-whitelist-create', 'post__api_v1_admin_query-whitelist_create', 'POST', '/api/v1/admin/query-whitelist/create', 1, '创建查询白名单规则', 0, 0 +FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/create' AND `del_state` = 0); + +INSERT INTO `admin_api` (`api_name`, `api_code`, `method`, `url`, `status`, `description`, `del_state`, `version`) +SELECT 'query-whitelist-append', 'post__api_v1_admin_query-whitelist_append', 'POST', '/api/v1/admin/query-whitelist/append', 1, '追加查询白名单产品编码', 0, 0 +FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/append' AND `del_state` = 0); + +INSERT INTO `admin_api` (`api_name`, `api_code`, `method`, `url`, `status`, `description`, `del_state`, `version`) +SELECT 'query-whitelist-op-log-list', 'get__api_v1_admin_query-whitelist_op-log_list', 'GET', '/api/v1/admin/query-whitelist/op-log/list', 1, '查询白名单操作记录列表', 0, 0 +FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/op-log/list' AND `del_state` = 0); + +-- ============================================ +-- 5. 给超级管理员(role_id=1)授权 API +-- ============================================ +INSERT INTO `admin_role_api` (`role_id`, `api_id`, `del_state`, `version`) +SELECT 1, a.`id`, 0, 0 +FROM `admin_api` a +WHERE a.`url` IN ( + '/api/v1/admin/query-whitelist/create', + '/api/v1/admin/query-whitelist/append', + '/api/v1/admin/query-whitelist/op-log/list' +) +AND a.`del_state` = 0 +AND NOT EXISTS ( + SELECT 1 FROM `admin_role_api` ra + WHERE ra.`role_id` = 1 AND ra.`api_id` = a.`id` AND ra.`del_state` = 0 +);