package model import ( "encoding/json" "time" ) // PermissionLevel 权限级别 type PermissionLevel int const ( PermissionRead PermissionLevel = iota + 1 PermissionWrite PermissionExecute PermissionAdmin ) // Role 角色 type Role struct { ID string `json:"id" gorm:"primaryKey"` Name string `json:"name" gorm:"uniqueIndex"` Permissions string `json:"permissions" gorm:"type:text"` // 存储 JSON 格式的权限数组 CreatedAt time.Time `json:"created_at"` UpdatedAt time.Time `json:"updated_at"` } // User 用户 type User struct { ID string `json:"id" gorm:"primaryKey"` Username string `json:"username" gorm:"uniqueIndex;size:50;not null"` Password string `json:"-" gorm:"not null"` Email string `json:"email" gorm:"index"` RoleID string `json:"role_id" gorm:"size:50;not null"` Role *Role `json:"role,omitempty" gorm:"foreignKey:RoleID"` IsActive bool `json:"is_active" gorm:"default:true"` CreatedAt time.Time `json:"created_at"` UpdatedAt time.Time `json:"updated_at"` } // HasPermission 检查是否有权限 func (u *User) HasPermission(level PermissionLevel) bool { if u.Role == nil { return false } // 解析 JSON 格式的权限 var perms []int if err := json.Unmarshal([]byte(u.Role.Permissions), &perms); err != nil { return false } for _, p := range perms { if PermissionLevel(p) >= level { return true } } return false }