Add user management for admin (CRUD + role + reset password)
Adds /api/users endpoints (admin only) plus /api/users/assignable (admin + technician) used by the aftersales reassign picker. Guards prevent self-demotion, self-deletion, and removing the last admin. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -74,6 +74,18 @@ func SetupAPIRoutes(r *gin.RouterGroup) {
|
||||
employeeSerialsRoutes.DELETE("/:serialNumber", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), employeeSerialsController.Delete)
|
||||
}
|
||||
|
||||
// 用户管理路由(仅管理员)
|
||||
usersController := controllers.NewUsersController()
|
||||
usersRoutes := r.Group("/users")
|
||||
{
|
||||
usersRoutes.GET("/assignable", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), usersController.FindAssignable)
|
||||
usersRoutes.POST("", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), usersController.Create)
|
||||
usersRoutes.GET("", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), usersController.FindAll)
|
||||
usersRoutes.PATCH("/:id", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), usersController.Update)
|
||||
usersRoutes.POST("/:id/reset-password", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), usersController.ResetPassword)
|
||||
usersRoutes.DELETE("/:id", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), usersController.Delete)
|
||||
}
|
||||
|
||||
// 售后工单路由
|
||||
aftersalesController := controllers.NewAftersalesController()
|
||||
aftersalesRoutes := r.Group("/aftersales")
|
||||
|
||||
Reference in New Issue
Block a user