feat(shortUrl): 删除数据时验证用户, 非管理员仅可以删除自己创建的数据

internal/cmd/cmd.go

@@ -71,6 +71,7 @@ func mainFunc(ctx context.Context, parser *gcmd.Parser) (err error) {
 				login.NewV1().RefreshToken,
 				shortUrlCode.NewV1(),
 				common.NewV1().UploadFile,
+				shortUrl.NewV1(),
 			)
 		})
 
@@ -79,7 +80,7 @@ func mainFunc(ctx context.Context, parser *gcmd.Parser) (err error) {
 			group.Middleware(middlewares.UserIsAdmin)
 
 			group.Bind(
-				shortUrl.NewV1(),
+
 				user.NewV1(),
 			)
 		})

internal/controller/shortUrl/shortUrl_v1_delete.go

@@ -8,6 +8,16 @@ import (
 )
 
 func (c *ControllerV1) Delete(ctx context.Context, req *v1.DeleteReq) (res *v1.DeleteRes, err error) {
-	err = service.ShortUrl().Delete(ctx, req.Id)
+	loginUserInfo, err := service.Auth().GetLoginUserInfo(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	userId := ""
+	if loginUserInfo.Role == "01" {
+		userId = loginUserInfo.Id
+	}
+
+	err = service.ShortUrl().Delete(ctx, req.Id, userId)
 	return
 }

internal/logic/shortUrl/shortUrl.go

@@ -96,8 +96,15 @@ func (s *sShortUrl) GetList(ctx context.Context, in v1.GetListReq, userId string
 }
 
 // Delete 删除短链
-func (s *sShortUrl) Delete(ctx context.Context, id string) error {
-	res, err := dao.ShortUrl.Ctx(ctx).Where(dao.ShortUrl.Columns().Id, id).Delete()
+func (s *sShortUrl) Delete(ctx context.Context, id string, userId string) error {
+	db := dao.ShortUrl.Ctx(ctx).Where(dao.ShortUrl.Columns().Id, id)
+
+	// 用户 id 存在只查询当前用户的数据
+	if userId != "" {
+		db = db.Where(dao.ShortUrl.Columns().UserId, userId)
+	}
+
+	res, err := db.Delete()
 
 	if num, _ := res.RowsAffected(); num == 0 {
 		return gerror.New("需要删除的数据不存在！")