feat: 用户管理后端与日志库迁移

src/Api/TakeoutSaaS.AdminApi/Controllers/UsersController.cs

@@ -0,0 +1,212 @@
+using MediatR;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.ComponentModel.DataAnnotations;
+using TakeoutSaaS.Application.Identity.Commands;
+using TakeoutSaaS.Application.Identity.Contracts;
+using TakeoutSaaS.Application.Identity.Queries;
+using TakeoutSaaS.Module.Authorization.Attributes;
+using TakeoutSaaS.Shared.Abstractions.Constants;
+using TakeoutSaaS.Shared.Abstractions.Results;
+using TakeoutSaaS.Shared.Web.Api;
+
+namespace TakeoutSaaS.AdminApi.Controllers;
+
+/// <summary>
+/// 用户管理。
+/// </summary>
+[ApiVersion("1.0")]
+[Authorize]
+[Route("api/admin/v{version:apiVersion}/users")]
+public sealed class UsersController(IMediator mediator) : BaseApiController
+{
+    /// <summary>
+    /// 用户分页列表。
+    /// </summary>
+    [HttpGet]
+    [PermissionAuthorize("identity:user:read")]
+    [ProducesResponseType(typeof(ApiResponse<PagedResult<UserListItemDto>>), StatusCodes.Status200OK)]
+    public async Task<ApiResponse<PagedResult<UserListItemDto>>> List(
+        [FromQuery] SearchIdentityUsersQuery query,
+        CancellationToken cancellationToken)
+    {
+        // 1. 查询用户分页
+        var result = await mediator.Send(query, cancellationToken);
+
+        // 2. 返回分页数据
+        return ApiResponse<PagedResult<UserListItemDto>>.Ok(result);
+    }
+
+    /// <summary>
+    /// 用户详情。
+    /// </summary>
+    [HttpGet("{userId:long}")]
+    [PermissionAuthorize("identity:user:read")]
+    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status404NotFound)]
+    public async Task<ApiResponse<UserDetailDto>> Detail(long userId, [FromQuery] bool includeDeleted, CancellationToken cancellationToken)
+    {
+        // 1. 查询用户详情
+        var result = await mediator.Send(new GetIdentityUserDetailQuery
+        {
+            UserId = userId,
+            IncludeDeleted = includeDeleted
+        }, cancellationToken);
+
+        // 2. 返回详情或 404
+        return result == null
+            ? ApiResponse<UserDetailDto>.Error(ErrorCodes.NotFound, "用户不存在")
+            : ApiResponse<UserDetailDto>.Ok(result);
+    }
+
+    /// <summary>
+    /// 用户权限明细。
+    /// </summary>
+    [HttpGet("{userId:long}/permissions")]
+    [PermissionAuthorize("identity:user:read")]
+    [ProducesResponseType(typeof(ApiResponse<IReadOnlyList<string>>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(ApiResponse<IReadOnlyList<string>>), StatusCodes.Status404NotFound)]
+    public async Task<ApiResponse<IReadOnlyList<string>>> Permissions(long userId, CancellationToken cancellationToken)
+    {
+        // 1. 查询用户详情并提取权限
+        var detail = await mediator.Send(new GetIdentityUserDetailQuery { UserId = userId }, cancellationToken);
+        if (detail == null)
+        {
+            return ApiResponse<IReadOnlyList<string>>.Error(ErrorCodes.NotFound, "用户不存在");
+        }
+
+        // 2. 返回权限编码列表
+        return ApiResponse<IReadOnlyList<string>>.Ok(detail.Permissions);
+    }
+
+    /// <summary>
+    /// 创建用户。
+    /// </summary>
+    [HttpPost]
+    [PermissionAuthorize("identity:user:create")]
+    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status200OK)]
+    public async Task<ApiResponse<UserDetailDto>> Create([FromBody, Required] CreateIdentityUserCommand command, CancellationToken cancellationToken)
+    {
+        // 1. 创建用户
+        var result = await mediator.Send(command, cancellationToken);
+
+        // 2. 返回创建结果
+        return ApiResponse<UserDetailDto>.Ok(result);
+    }
+
+    /// <summary>
+    /// 更新用户。
+    /// </summary>
+    [HttpPut("{userId:long}")]
+    [PermissionAuthorize("identity:user:update")]
+    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(ApiResponse<UserDetailDto>), StatusCodes.Status404NotFound)]
+    public async Task<ApiResponse<UserDetailDto>> Update(long userId, [FromBody, Required] UpdateIdentityUserCommand command, CancellationToken cancellationToken)
+    {
+        // 1. 绑定用户 ID
+        if (command.UserId == 0)
+        {
+            command = command with { UserId = userId };
+        }
+
+        // 2. (空行后) 执行更新
+        var result = await mediator.Send(command, cancellationToken);
+
+        // 3. (空行后) 返回结果或 404
+        return result == null
+            ? ApiResponse<UserDetailDto>.Error(ErrorCodes.NotFound, "用户不存在")
+            : ApiResponse<UserDetailDto>.Ok(result);
+    }
+
+    /// <summary>
+    /// 删除用户。
+    /// </summary>
+    [HttpDelete("{userId:long}")]
+    [PermissionAuthorize("identity:user:delete")]
+    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status404NotFound)]
+    public async Task<ApiResponse<object>> Delete(long userId, CancellationToken cancellationToken)
+    {
+        // 1. 执行删除
+        var result = await mediator.Send(new DeleteIdentityUserCommand { UserId = userId }, cancellationToken);
+
+        // 2. 返回结果或 404
+        return result
+            ? ApiResponse.Success()
+            : ApiResponse<object>.Error(ErrorCodes.NotFound, "用户不存在");
+    }
+
+    /// <summary>
+    /// 恢复用户。
+    /// </summary>
+    [HttpPost("{userId:long}/restore")]
+    [PermissionAuthorize("identity:user:update")]
+    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status404NotFound)]
+    public async Task<ApiResponse<object>> Restore(long userId, CancellationToken cancellationToken)
+    {
+        // 1. 执行恢复
+        var result = await mediator.Send(new RestoreIdentityUserCommand { UserId = userId }, cancellationToken);
+
+        // 2. 返回结果或 404
+        return result
+            ? ApiResponse.Success()
+            : ApiResponse<object>.Error(ErrorCodes.NotFound, "用户不存在");
+    }
+
+    /// <summary>
+    /// 更新用户状态。
+    /// </summary>
+    [HttpPut("{userId:long}/status")]
+    [PermissionAuthorize("identity:user:status")]
+    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status200OK)]
+    [ProducesResponseType(typeof(ApiResponse<object>), StatusCodes.Status404NotFound)]
+    public async Task<ApiResponse<object>> ChangeStatus(long userId, [FromBody, Required] ChangeIdentityUserStatusCommand command, CancellationToken cancellationToken)
+    {
+        // 1. 绑定用户 ID
+        if (command.UserId == 0)
+        {
+            command = command with { UserId = userId };
+        }
+
+        // 2. (空行后) 执行状态变更
+        var result = await mediator.Send(command, cancellationToken);
+
+        // 3. (空行后) 返回结果或 404
+        return result
+            ? ApiResponse.Success()
+            : ApiResponse<object>.Error(ErrorCodes.NotFound, "用户不存在");
+    }
+
+    /// <summary>
+    /// 生成重置密码链接。
+    /// </summary>
+    [HttpPost("{userId:long}/password-reset")]
+    [PermissionAuthorize("identity:user:reset-password")]
+    [ProducesResponseType(typeof(ApiResponse<ResetIdentityUserPasswordResult>), StatusCodes.Status200OK)]
+    public async Task<ApiResponse<ResetIdentityUserPasswordResult>> ResetPassword(long userId, CancellationToken cancellationToken)
+    {
+        // 1. 生成重置令牌
+        var result = await mediator.Send(new ResetIdentityUserPasswordCommand { UserId = userId }, cancellationToken);
+
+        // 2. 返回令牌信息
+        return ApiResponse<ResetIdentityUserPasswordResult>.Ok(result);
+    }
+
+    /// <summary>
+    /// 批量用户操作。
+    /// </summary>
+    [HttpPost("batch")]
+    [PermissionAuthorize("identity:user:batch")]
+    [ProducesResponseType(typeof(ApiResponse<BatchIdentityUserOperationResult>), StatusCodes.Status200OK)]
+    public async Task<ApiResponse<BatchIdentityUserOperationResult>> Batch(
+        [FromBody, Required] BatchIdentityUserOperationCommand command,
+        CancellationToken cancellationToken)
+    {
+        // 1. 执行批量操作
+        var result = await mediator.Send(command, cancellationToken);
+
+        // 2. 返回操作结果
+        return ApiResponse<BatchIdentityUserOperationResult>.Ok(result);
+    }
+}