From 70250ce6e617c4efc6127bdb9fa4bf730955685a Mon Sep 17 00:00:00 2001
From: TsMask <340112800@qq.com>
Date: Tue, 29 Aug 2023 16:14:36 +0800
Subject: [PATCH] =?UTF-8?q?=E7=94=A8=E6=88=B7=E4=BF=A1=E6=81=AF=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 features/sys_user/api_sys_user.go             | 334 +++++++++++
 features/sys_user/model/sys_user.go           |  41 ++
 features/sys_user/service/repo_sys_user.go    | 525 ++++++++++++++++++
 features/sys_user/service/service_sys_user.go | 150 +++++
 4 files changed, 1050 insertions(+)
 create mode 100644 features/sys_user/api_sys_user.go
 create mode 100644 features/sys_user/model/sys_user.go
 create mode 100644 features/sys_user/service/repo_sys_user.go
 create mode 100644 features/sys_user/service/service_sys_user.go

diff --git a/features/sys_user/api_sys_user.go b/features/sys_user/api_sys_user.go
new file mode 100644
index 00000000..400f0a93
--- /dev/null
+++ b/features/sys_user/api_sys_user.go
@@ -0,0 +1,334 @@
+package sysuser
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+
+	sysRoleModel "ems.agt/features/sys_role/model"
+	sysRoleService "ems.agt/features/sys_role/service"
+	sysUserModel "ems.agt/features/sys_user/model"
+	"ems.agt/features/sys_user/service"
+	"ems.agt/lib/core/conf"
+	"ems.agt/lib/core/utils/ctx"
+	"ems.agt/lib/core/utils/parse"
+	"ems.agt/lib/core/vo/result"
+	"ems.agt/lib/midware"
+	"ems.agt/lib/services"
+	"ems.agt/restagent/config"
+)
+
+// 用户接口添加到路由
+func Routers() []services.RouterItem {
+	// 实例化控制层 SysUserApi 结构体
+	var apis = &SysUserApi{
+		sysUserService: service.NewServiceSysUser,
+		sysRoleService: sysRoleService.NewServiceSysRole,
+	}
+
+	rs := [...]services.RouterItem{
+		{
+			Method:  "GET",
+			Pattern: "/userManage/{apiVersion}/list",
+			Handler: apis.List,
+			Middleware: midware.Authorize(map[string][]string{
+				"hasPerms": {"system:user:list"},
+			}),
+		},
+		{
+			Method:  "GET",
+			Pattern: "/userManage/{apiVersion}/info/{userId}",
+			Handler: apis.Info,
+			Middleware: midware.Authorize(map[string][]string{
+				"hasPerms": {"system:user:query"},
+			}),
+		},
+		{
+			Method:  "POST",
+			Pattern: "/userManage/{apiVersion}/add",
+			Handler: apis.Add,
+			Middleware: midware.Authorize(map[string][]string{
+				"hasPerms": {"system:user:add"},
+			}),
+		},
+		{
+			Method:  "PUT",
+			Pattern: "/userManage/{apiVersion}/edit",
+			Handler: apis.Edit,
+			Middleware: midware.Authorize(map[string][]string{
+				"hasPerms": {"system:user:edit"},
+			}),
+		},
+		{
+			Method:  "DELETE",
+			Pattern: "/userManage/{apiVersion}/del/{userIds}",
+			Handler: apis.Remove,
+			Middleware: midware.Authorize(map[string][]string{
+				"hasPerms": {"system:user:edit"},
+			}),
+		},
+		// 添加更多的 Router 对象...
+	}
+
+	// 生成两组前缀路由
+	rsPrefix := []services.RouterItem{}
+	for _, v := range rs {
+		path := v.Pattern
+		// 固定前缀
+		v.Pattern = config.DefaultUriPrefix + path
+		rsPrefix = append(rsPrefix, v)
+		// 可配置
+		v.Pattern = config.UriPrefix + path
+		rsPrefix = append(rsPrefix, v)
+	}
+	return rsPrefix
+}
+
+// // 实例化控制层 SysUserApi 结构体
+// var NewSysUser = &SysUserApi{
+// 	sysUserService:     service.NewSysUserImpl,
+// 	sysRoleService:     service.NewSysRoleImpl,
+// 	sysPostService:     service.NewSysPostImpl,
+// 	sysDictDataService: service.NewSysDictDataImpl,
+// }
+
+// 用户信息
+//
+// PATH /system/user
+type SysUserApi struct {
+	// 用户服务
+	sysUserService *service.ServiceSysUser
+	// 角色服务
+	sysRoleService *sysRoleService.ServiceSysRole
+}
+
+// 用户信息列表
+//
+// GET /list
+func (s *SysUserApi) List(w http.ResponseWriter, r *http.Request) {
+	querys := ctx.QueryMap(r)
+	data := s.sysUserService.SelectUserPage(querys)
+	ctx.JSON(w, 200, result.Ok(data))
+}
+
+// 用户信息详情
+//
+// GET /:userId
+func (s *SysUserApi) Info(w http.ResponseWriter, r *http.Request) {
+	userId := ctx.Param(r, "userId")
+	if userId == "" {
+		ctx.JSON(w, 400, result.CodeMsg(400, "参数错误"))
+		return
+	}
+	// 查询系统角色列表
+	roles := s.sysRoleService.SelectRoleList(sysRoleModel.SysRole{})
+
+	// 不是系统指定管理员需要排除其角色
+	if !conf.IsAdmin(userId) {
+		rolesFilter := make([]sysRoleModel.SysRole, 0)
+		for _, r := range roles {
+			if r.RoleID != "1" {
+				rolesFilter = append(rolesFilter, r)
+			}
+		}
+		roles = rolesFilter
+	}
+
+	// 新增用户时，用户ID为0
+	if userId == "0" {
+		ctx.JSON(w, 200, result.OkData(map[string]any{
+			"user":    map[string]any{},
+			"roleIds": []string{},
+			"postIds": []string{},
+			"roles":   roles,
+		}))
+		return
+	}
+
+	// 检查用户是否存在
+	user := s.sysUserService.SelectUserById(userId)
+	if user.Id != userId {
+		ctx.JSON(w, 200, result.ErrMsg("没有权限访问用户数据！"))
+		return
+	}
+
+	// 角色ID组
+	roleIds := make([]string, 0)
+	for _, r := range user.Roles {
+		roleIds = append(roleIds, r.RoleID)
+	}
+
+	ctx.JSON(w, 200, result.OkData(map[string]any{
+		"user":    user,
+		"roleIds": roleIds,
+		"roles":   roles,
+	}))
+}
+
+// 用户信息新增
+//
+// POST /
+func (s *SysUserApi) Add(w http.ResponseWriter, r *http.Request) {
+	var body sysUserModel.SysUser
+	err := ctx.ShouldBindJSON(r, &body)
+	if err != nil || body.Id != "" {
+		ctx.JSON(w, 400, result.CodeMsg(400, "参数错误"))
+		return
+	}
+
+	// 检查用户登录账号是否唯一
+	uniqueUserName := s.sysUserService.CheckUniqueUserName(body.Name, "")
+	if !uniqueUserName {
+		msg := fmt.Sprintf("新增用户【%s】失败，登录账号已存在", body.Name)
+		ctx.JSON(w, 200, result.ErrMsg(msg))
+		return
+	}
+
+	insertId := s.sysUserService.InsertUser(body)
+	if insertId != "" {
+		ctx.JSON(w, 200, result.Ok(nil))
+		return
+	}
+	ctx.JSON(w, 200, result.Err(nil))
+}
+
+// 用户信息修改
+//
+// POST /
+func (s *SysUserApi) Edit(w http.ResponseWriter, r *http.Request) {
+	var body sysUserModel.SysUser
+	err := ctx.ShouldBindJSON(r, &body)
+	if err != nil || body.Id == "" {
+		ctx.JSON(w, 400, result.CodeMsg(400, "参数错误"))
+		return
+	}
+
+	// 检查是否管理员用户
+	if conf.IsAdmin(body.Id) {
+		ctx.JSON(w, 200, result.ErrMsg("不允许操作管理员用户"))
+		return
+	}
+
+	user := s.sysUserService.SelectUserById(body.Id)
+	if user.Id != body.Id {
+		ctx.JSON(w, 200, result.ErrMsg("没有权限访问用户数据！"))
+		return
+	}
+
+	// 检查用户登录账号是否唯一
+	uniqueUserName := s.sysUserService.CheckUniqueUserName(body.Name, body.Id)
+	if !uniqueUserName {
+		msg := fmt.Sprintf("修改用户【%s】失败，登录账号已存在", body.Name)
+		ctx.JSON(w, 200, result.ErrMsg(msg))
+		return
+	}
+
+	body.Name = ""     // 忽略修改登录用户名称
+	body.Password = "" // 忽略修改密码
+	rows := s.sysUserService.UpdateUserAndRolePost(body)
+	if rows > 0 {
+		ctx.JSON(w, 200, result.Ok(nil))
+		return
+	}
+	ctx.JSON(w, 200, result.Err(nil))
+}
+
+// 用户信息删除
+//
+// DELETE /:userIds
+func (s *SysUserApi) Remove(w http.ResponseWriter, r *http.Request) {
+	userIds := ctx.Param(r, "userIds")
+	if userIds == "" {
+		ctx.JSON(w, 400, result.CodeMsg(400, "参数错误"))
+		return
+	}
+	// 处理字符转id数组后去重
+	ids := strings.Split(userIds, ",")
+	uniqueIDs := parse.RemoveDuplicates(ids)
+	if len(uniqueIDs) <= 0 {
+		ctx.JSON(w, 200, result.Err(nil))
+		return
+	}
+	rows, err := s.sysUserService.DeleteUserByIds(uniqueIDs)
+	if err != nil {
+		ctx.JSON(w, 200, result.ErrMsg(err.Error()))
+		return
+	}
+	msg := fmt.Sprintf("删除成功：%d", rows)
+	ctx.JSON(w, 200, result.OkMsg(msg))
+}
+
+// 用户重置密码
+//
+// PUT /resetPwd
+func (s *SysUserApi) ResetPwd(w http.ResponseWriter, r *http.Request) {
+	var body struct {
+		UserID   string `json:"userId" binding:"required"`
+		Password string `json:"password" binding:"required"`
+	}
+	if err := ctx.ShouldBindJSON(r, &body); err != nil {
+		ctx.JSON(w, 400, result.CodeMsg(400, "参数错误"))
+		return
+	}
+
+	// 检查是否管理员用户
+	if conf.IsAdmin(body.UserID) {
+		ctx.JSON(w, 200, result.ErrMsg("不允许操作管理员用户"))
+		return
+	}
+
+	user := s.sysUserService.SelectUserById(body.UserID)
+	if user.Id != body.UserID {
+		ctx.JSON(w, 200, result.ErrMsg("没有权限访问用户数据！"))
+		return
+	}
+
+	SysUserApi := sysUserModel.SysUser{
+		Id:       body.UserID,
+		Password: body.Password,
+	}
+	rows := s.sysUserService.UpdateUser(SysUserApi)
+	if rows > 0 {
+		ctx.JSON(w, 200, result.Ok(nil))
+		return
+	}
+	ctx.JSON(w, 200, result.Err(nil))
+}
+
+// 用户状态修改
+//
+// PUT /changeStatus
+func (s *SysUserApi) Status(w http.ResponseWriter, r *http.Request) {
+	var body struct {
+		UserID string `json:"userId" binding:"required"`
+		Status string `json:"status" binding:"required"`
+	}
+	if err := ctx.ShouldBindJSON(r, &body); err != nil {
+		ctx.JSON(w, 400, result.CodeMsg(400, "参数错误"))
+		return
+	}
+
+	// 检查是否存在
+	user := s.sysUserService.SelectUserById(body.UserID)
+	if user.Id != body.UserID {
+		ctx.JSON(w, 200, result.ErrMsg("没有权限访问用户数据！"))
+		return
+	}
+
+	// 与旧值相等不变更
+	if user.Status == body.Status {
+		ctx.JSON(w, 200, result.ErrMsg("变更状态与旧值相等！"))
+		return
+	}
+
+	SysUserApi := sysUserModel.SysUser{
+		Id:     body.UserID,
+		Status: body.Status,
+	}
+	rows := s.sysUserService.UpdateUser(SysUserApi)
+	if rows > 0 {
+		ctx.JSON(w, 200, result.Ok(nil))
+		return
+	}
+	ctx.JSON(w, 200, result.Err(nil))
+}
diff --git a/features/sys_user/model/sys_user.go b/features/sys_user/model/sys_user.go
new file mode 100644
index 00000000..00fafda2
--- /dev/null
+++ b/features/sys_user/model/sys_user.go
@@ -0,0 +1,41 @@
+package model
+
+import "ems.agt/features/sys_role/model"
+
+type SysUser struct {
+	Id                 string `json:"id" xorm:"pk 'id' autoincr"`
+	AccountId          string `json:"accountId" xorm:"account_id"`
+	Name               string `json:"name" xorm:"name"`
+	Sn                 string `json:"sn"`
+	Gender             string `json:"gender"`
+	Description        string `json:"description"`
+	TelephoneNumber    string `json:"telephoneNumber" xorm:"telephone_number"`
+	Mobile             string `json:"mobile"`
+	Email              string `json:"email" xorm:"email"`
+	StartTime          string `json:"startTime" xorm:"start_time"`
+	EndTime            string `json:"endTime" xorm:"end_time"`
+	IdCardNumber       string `json:"idCardNumber"`
+	EmployeeNumber     string `json:"employeeNumber"`
+	Organize           string `json:"organize"`
+	EmployeeType       string `json:"employeeType"`
+	SupporterCorpName  string `json:"supporterCorpName"`
+	RealName           string `json:"realName" xorm:"real_name"`
+	Password           string `json:"password" xorm:"password"`
+	PasswordSha512     string `json:"passwordSha512"`
+	ChangePasswordFlag int    `json:"changePasswordFlag"`
+	PasswordExpiration string `json:"passwordExpiration"`
+	Status             string `json:"status"`
+	UserExpiration     string `json:"userExpiration"`
+	GroupName          string `json:"groupId" xorm:"group_name"`
+	Profile            string `json:"profile" xorm:"profile"`
+	Phone              string `json:"phone" xorm:"phone"`
+	CreateTime         string `json:"createTime" xorm:"create_time"`
+	UpdateTime         string `json:"updateTime" xorm:"update_time"`
+
+	// 角色对象组
+	Roles []model.SysRole `json:"roles"`
+	// 角色ID - 参数提交绑定
+	RoleID string `json:"roleId,omitempty"`
+	// 角色组 - 参数提交绑定
+	RoleIDs []string `json:"roleIds,omitempty"`
+}
diff --git a/features/sys_user/service/repo_sys_user.go b/features/sys_user/service/repo_sys_user.go
new file mode 100644
index 00000000..3be2623a
--- /dev/null
+++ b/features/sys_user/service/repo_sys_user.go
@@ -0,0 +1,525 @@
+package service
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	sysRoleModel "ems.agt/features/sys_role/model"
+	sysUserModel "ems.agt/features/sys_user/model"
+	"ems.agt/lib/core/datasource"
+	"ems.agt/lib/core/utils/crypto"
+	"ems.agt/lib/core/utils/date"
+	"ems.agt/lib/core/utils/parse"
+	"github.com/go-admin-team/go-admin-core/logger"
+)
+
+// 实例化数据层 RepoSysUser 结构体
+var NewRepoSysUser = &RepoSysUser{
+	selectSql: `select u.id,
+	u.account_id, u.name, u.sn, u.gender, u.description, u.telephone_number, u.mobile, u.email, 
+	u.start_time, u.end_time, u.id_card_number, u.employee_number, 
+	u.organize, u.employee_type, u.supporter_corp_name, u.real_name, u.password, u.password_sha512, 
+	u.change_password_flag,u.password_expiration, u.status, u.user_expiration, u.group_name,
+	u.profile, u.phone, u.create_time, u.update_time,
+	r.role_id, r.role_name, r.role_key, r.role_sort, r.data_scope, r.status as role_status
+	from user u 
+	left join sys_user_role ur on u.id = ur.user_id
+	left join sys_role r on r.role_id = ur.role_id`,
+
+	sysUserMap: map[string]string{
+		"id":                   "Id",
+		"account_id":           "AccountId",
+		"name":                 "Name",
+		"sn":                   "Sn",
+		"gender":               "Gender",
+		"description":          "Description",
+		"telephone_number":     "TelephoneNumber",
+		"mobile":               "Mobile",
+		"email":                "Email",
+		"start_time":           "StartTime",
+		"end_time":             "EndTime",
+		"id_card_number":       "IdCardNumber",
+		"employee_number":      "EmployeeNumber",
+		"organize":             "Organize",
+		"employee_type":        "EmployeeType",
+		"supporter_corp_name":  "SupporterCorpName",
+		"real_name":            "RealName",
+		"password":             "Password",
+		"password_sha512":      "PasswordSha512",
+		"change_password_flag": "ChangePasswordFlag",
+		"password_expiration":  "PasswordExpiration",
+		"status":               "Status",
+		"user_expiration":      "UserExpiration",
+		"group_name":           "GroupName",
+		"profile":              "Profile",
+		"phone":                "Phone",
+		"create_time":          "CreateTime",
+		"update_time":          "UpdateTime",
+	},
+
+	sysRoleMap: map[string]string{
+		"role_id":     "RoleID",
+		"role_name":   "RoleName",
+		"role_key":    "RoleKey",
+		"role_sort":   "RoleSort",
+		"data_scope":  "DataScope",
+		"role_status": "Status",
+	},
+}
+
+// RepoSysUser 用户表 数据层处理
+type RepoSysUser struct {
+	// 查询视图对象SQL
+	selectSql string
+	// 用户信息实体映射
+	sysUserMap map[string]string
+	// 用户角色实体映射 一对多
+	sysRoleMap map[string]string
+}
+
+// convertResultRows 将结果记录转实体结果组
+func (r *RepoSysUser) convertResultRows(rows []map[string]any) []sysUserModel.SysUser {
+	arr := make([]sysUserModel.SysUser, 0)
+
+	for _, row := range rows {
+		sysUser := sysUserModel.SysUser{}
+		sysRole := sysRoleModel.SysRole{}
+		sysUser.Roles = []sysRoleModel.SysRole{}
+
+		for key, value := range row {
+			if keyMapper, ok := r.sysUserMap[key]; ok {
+				datasource.SetFieldValue(&sysUser, keyMapper, value)
+			}
+			if keyMapper, ok := r.sysRoleMap[key]; ok {
+				datasource.SetFieldValue(&sysRole, keyMapper, value)
+			}
+		}
+
+		one := true
+		for i, a := range arr {
+			if a.Id == sysUser.Id {
+				arrUser := &arr[i]
+				arrUser.Roles = append(arrUser.Roles, sysUser.Roles...)
+				one = false
+				break
+			}
+		}
+		if one {
+			arr = append(arr, sysUser)
+		}
+	}
+
+	return arr
+}
+
+// SelectUserPage 根据条件分页查询用户列表
+func (r *RepoSysUser) SelectUserPage(query map[string]any) map[string]any {
+	selectUserSql := `select u.id,
+	u.account_id, u.name, u.sn, u.gender, u.description, u.telephone_number, u.mobile, u.email, 
+	u.start_time, u.end_time, u.id_card_number, u.employee_number, 
+	u.organize, u.employee_type, u.supporter_corp_name, u.real_name, 
+	u.change_password_flag,u.password_expiration, u.status, u.user_expiration, u.group_name,
+	u.profile, u.phone, u.create_time, u.update_time
+	from user u`
+	selectUserTotalSql := `select count(distinct u.id) as 'total' from sys_user u`
+
+	// 查询条件拼接
+	var conditions []string
+	var params []any
+	if v, ok := query["accountId"]; ok && v != "" {
+		conditions = append(conditions, "u.account_id = ?")
+		params = append(params, v)
+	}
+	if v, ok := query["name"]; ok && v != "" {
+		conditions = append(conditions, "u.name like concat(?, '%')")
+		params = append(params, v)
+	}
+	if v, ok := query["status"]; ok && v != "" {
+		conditions = append(conditions, "u.status = ?")
+		params = append(params, v)
+	}
+	if v, ok := query["phonenumber"]; ok && v != "" {
+		conditions = append(conditions, "u.phonenumber like concat(?, '%')")
+		params = append(params, v)
+	}
+	beginTime, ok := query["beginTime"]
+	if !ok {
+		beginTime, ok = query["params[beginTime]"]
+	}
+	if ok && beginTime != "" {
+		conditions = append(conditions, "u.login_date >= ?")
+		beginDate := date.ParseStrToDate(beginTime.(string), date.YYYY_MM_DD)
+		params = append(params, beginDate.UnixMilli())
+	}
+	endTime, ok := query["endTime"]
+	if !ok {
+		endTime, ok = query["params[endTime]"]
+	}
+	if ok && endTime != "" {
+		conditions = append(conditions, "u.login_date <= ?")
+		endDate := date.ParseStrToDate(endTime.(string), date.YYYY_MM_DD)
+		params = append(params, endDate.UnixMilli())
+	}
+	if v, ok := query["deptId"]; ok && v != "" {
+		conditions = append(conditions, "(u.dept_id = ? or u.dept_id in ( select t.dept_id from sys_dept t where find_in_set(?, ancestors) ))")
+		params = append(params, v)
+		params = append(params, v)
+	}
+
+	// 构建查询条件语句
+	whereSql := ""
+	if len(conditions) > 0 {
+		whereSql += " where " + strings.Join(conditions, " and ")
+	}
+
+	// 查询数量 长度为0直接返回
+	totalSql := selectUserTotalSql + whereSql
+	totalRows, err := datasource.RawDB("", totalSql, params)
+	if err != nil {
+		logger.Errorf("total err => %v", err)
+	}
+	total := parse.Number(totalRows[0]["total"])
+	if total == 0 {
+		return map[string]any{
+			"total": total,
+			"rows":  []sysUserModel.SysUser{},
+		}
+	}
+
+	// 分页
+	pageNum, pageSize := datasource.PageNumSize(query["pageNum"], query["pageSize"])
+	pageSql := " limit ?,? "
+	params = append(params, pageNum*pageSize)
+	params = append(params, pageSize)
+
+	// 查询数据
+	querySql := selectUserSql + whereSql + pageSql
+	results, err := datasource.RawDB("", querySql, params)
+	if err != nil {
+		logger.Errorf("query err => %v", err)
+	}
+
+	// 转换实体
+	rows := r.convertResultRows(results)
+	return map[string]any{
+		"total": total,
+		"rows":  rows,
+	}
+}
+
+// SelectAllocatedPage 根据条件分页查询分配用户角色列表
+func (r *RepoSysUser) SelectAllocatedPage(query map[string]any) map[string]any {
+	// 查询条件拼接
+	var conditions []string
+	var params []any
+	if v, ok := query["name"]; ok && v != "" {
+		conditions = append(conditions, "u.name like concat(?, '%')")
+		params = append(params, v)
+	}
+	if v, ok := query["phone"]; ok && v != "" {
+		conditions = append(conditions, "u.phone like concat(?, '%')")
+		params = append(params, v)
+	}
+	if v, ok := query["status"]; ok && v != "" {
+		conditions = append(conditions, "u.status = ?")
+		params = append(params, v)
+	}
+	// 分配角色用户
+	if allocated, ok := query["allocated"]; ok && allocated != "" {
+		if roleId, ok := query["roleId"]; ok && roleId != "" {
+			if parse.Boolean(allocated) {
+				conditions = append(conditions, "r.role_id = ?")
+				params = append(params, roleId)
+			} else {
+				conditions = append(conditions, `(r.role_id != ? or r.role_id IS NULL) 
+				and u.id not in (
+					select u.id from sys_user u 
+					inner join sys_user_role ur on u.id = ur.user_id 
+					and ur.role_id = ?
+				)`)
+				params = append(params, roleId)
+				params = append(params, roleId)
+			}
+
+		}
+	}
+
+	// 构建查询条件语句
+	whereSql := ""
+	if len(conditions) > 0 {
+		whereSql += " where " + strings.Join(conditions, " and ")
+	}
+
+	// 查询数量 长度为0直接返回
+	totalSql := `select count(distinct u.id) as 'total' from user u
+    left join sys_user_role ur on u.id = ur.user_id
+    left join sys_role r on r.role_id = ur.role_id`
+	totalRows, err := datasource.RawDB("", totalSql+whereSql, params)
+	if err != nil {
+		logger.Errorf("total err => %v", err)
+	}
+	total := parse.Number(totalRows[0]["total"])
+	if total == 0 {
+		return map[string]any{
+			"total": total,
+			"rows":  []sysUserModel.SysUser{},
+		}
+	}
+
+	// 分页
+	pageNum, pageSize := datasource.PageNumSize(query["pageNum"], query["pageSize"])
+	pageSql := " limit ?,? "
+	params = append(params, pageNum*pageSize)
+	params = append(params, pageSize)
+
+	// 查询数据
+	querySql := `select distinct 
+    u.id, u.account_id, u.name, u.gender, u.email, 
+    u.phone, u.status, u.create_time, u.real_name
+    from sys_user u
+    left join sys_user_role ur on u.id = ur.user_id
+    left join sys_role r on r.role_id = ur.role_id`
+	querySql = querySql + whereSql + pageSql
+	results, err := datasource.RawDB("", querySql, params)
+	if err != nil {
+		logger.Errorf("query err => %v", err)
+	}
+
+	// 转换实体
+	rows := r.convertResultRows(results)
+	return map[string]any{
+		"total": total,
+		"rows":  rows,
+	}
+}
+
+// SelectUserList 根据条件查询用户列表
+func (r *RepoSysUser) SelectUserList(sysUser sysUserModel.SysUser, dataScopeSQL string) []sysUserModel.SysUser {
+	selectUserSql := `select 
+    u.id, u.account_id, u.name, u.real_name, u.email, u.gender, u.phone, u.create_time, u.status, u.description 
+    from sys_user u`
+
+	// 查询条件拼接
+	var conditions []string
+	var params []any
+	if sysUser.AccountId != "" {
+		conditions = append(conditions, "u.account_id = ?")
+		params = append(params, sysUser.AccountId)
+	}
+	if sysUser.Name != "" {
+		conditions = append(conditions, "u.name like concat(?, '%')")
+		params = append(params, sysUser.Name)
+	}
+	if sysUser.Status != "" {
+		conditions = append(conditions, "u.status = ?")
+		params = append(params, sysUser.Status)
+	}
+	if sysUser.Phone != "" {
+		conditions = append(conditions, "u.phone like concat(?, '%')")
+		params = append(params, sysUser.Phone)
+	}
+
+	// 构建查询条件语句
+	whereSql := ""
+	if len(conditions) > 0 {
+		whereSql += " where " + strings.Join(conditions, " and ")
+	}
+
+	// 查询数据
+	querySql := selectUserSql + whereSql + dataScopeSQL
+	rows, err := datasource.RawDB("", querySql, params)
+	if err != nil {
+		logger.Errorf("query err => %v", err)
+		return []sysUserModel.SysUser{}
+	}
+	return r.convertResultRows(rows)
+}
+
+// SelectUserByIds 通过用户ID查询用户
+func (r *RepoSysUser) SelectUserByIds(userIds []string) []sysUserModel.SysUser {
+	placeholder := datasource.KeyPlaceholderByQuery(len(userIds))
+	querySql := r.selectSql + " where and u.id in (" + placeholder + ")"
+	parameters := datasource.ConvertIdsSlice(userIds)
+	results, err := datasource.RawDB("", querySql, parameters)
+	if err != nil {
+		logger.Errorf("query err => %v", err)
+		return []sysUserModel.SysUser{}
+	}
+	// 转换实体
+	return r.convertResultRows(results)
+}
+
+// SelectUserByUserName 通过用户登录账号查询用户
+func (r *RepoSysUser) SelectUserByUserName(userName string) sysUserModel.SysUser {
+	querySql := r.selectSql + " where u.name = ?"
+	results, err := datasource.RawDB("", querySql, []any{userName})
+	if err != nil {
+		logger.Errorf("query err => %v", err)
+		return sysUserModel.SysUser{}
+	}
+	// 转换实体
+	rows := r.convertResultRows(results)
+	if len(rows) > 0 {
+		return rows[0]
+	}
+	return sysUserModel.SysUser{}
+}
+
+// InsertUser 新增用户信息
+func (r *RepoSysUser) InsertUser(sysUser sysUserModel.SysUser) string {
+	// 参数拼接
+	params := make(map[string]any)
+	if sysUser.AccountId != "" {
+		params["account_id"] = sysUser.AccountId
+	}
+	if sysUser.Name != "" {
+		params["name"] = sysUser.Name
+	}
+	if sysUser.Status != "" {
+		params["status"] = sysUser.Status
+	}
+	if sysUser.Sn != "" {
+		params["sn"] = sysUser.Sn
+	}
+	if sysUser.Email != "" {
+		params["email"] = sysUser.Email
+	}
+	if sysUser.Phone != "" {
+		params["phone"] = sysUser.Phone
+	}
+	if sysUser.Gender != "" {
+		params["gender"] = sysUser.Gender
+	}
+	if sysUser.Password != "" {
+		password := crypto.BcryptHash(sysUser.Password)
+		params["password"] = password
+	}
+	if sysUser.Status != "" {
+		params["status"] = sysUser.Status
+	}
+	if sysUser.Description != "" {
+		params["description"] = sysUser.Description
+	}
+
+	// 构建执行语句
+	keys, placeholder, values := datasource.KeyPlaceholderValueByInsert(params)
+	sql := "insert into user (" + strings.Join(keys, ",") + ")values(" + placeholder + ")"
+
+	// 执行插入
+	rows, err := datasource.ExecDB("", sql, values)
+	if err != nil {
+		logger.Errorf("insert row : %v", err.Error())
+		return ""
+	}
+
+	return fmt.Sprint(rows)
+}
+
+// UpdateUser 修改用户信息
+func (r *RepoSysUser) UpdateUser(sysUser sysUserModel.SysUser) int64 {
+	// 参数拼接
+	params := make(map[string]any)
+	if sysUser.Name != "" {
+		params["name"] = sysUser.Name
+	}
+	if sysUser.RealName != "" {
+		params["real_name"] = sysUser.RealName
+	}
+	if sysUser.Gender != "" {
+		params["gender"] = sysUser.Gender
+	}
+	if sysUser.Sn != "" {
+		params["sn"] = sysUser.Sn
+	}
+	if sysUser.Email != "" {
+		if sysUser.Email == "nil" {
+			params["email"] = ""
+		} else {
+			params["email"] = sysUser.Email
+		}
+	}
+	if sysUser.Phone != "" {
+		if sysUser.Phone == "nil" {
+			params["phone"] = ""
+		} else {
+			params["phone"] = sysUser.Phone
+		}
+	}
+	if sysUser.Organize != "" {
+		params["organize"] = sysUser.Organize
+	}
+	if sysUser.Password != "" {
+		password := crypto.BcryptHash(sysUser.Password)
+		params["password"] = password
+	}
+	if sysUser.Status != "" {
+		params["status"] = sysUser.Status
+	}
+	if sysUser.GroupName != "" {
+		params["group_name"] = sysUser.GroupName
+	}
+	if sysUser.UpdateTime != "" {
+		params["update_time"] = time.Now().UnixMilli()
+	}
+
+	// 构建执行语句
+	keys, values := datasource.KeyValueByUpdate(params)
+	sql := "update user set " + strings.Join(keys, ",") + " where id = ?"
+
+	// 执行更新
+	values = append(values, sysUser.Id)
+	rows, err := datasource.ExecDB("", sql, values)
+	if err != nil {
+		logger.Errorf("update row : %v", err.Error())
+		return 0
+	}
+	return rows
+}
+
+// DeleteUserByIds 批量删除用户信息
+func (r *RepoSysUser) DeleteUserByIds(userIds []string) int64 {
+	placeholder := datasource.KeyPlaceholderByQuery(len(userIds))
+	sql := "update user set del_flag = '1' where id in (" + placeholder + ")"
+	parameters := datasource.ConvertIdsSlice(userIds)
+	results, err := datasource.ExecDB("", sql, parameters)
+	if err != nil {
+		logger.Errorf("update err => %v", err)
+		return 0
+	}
+	return results
+}
+
+// CheckUniqueUser 校验用户信息是否唯一
+func (r *RepoSysUser) CheckUniqueUser(sysUser sysUserModel.SysUser) string {
+	// 查询条件拼接
+	var conditions []string
+	var params []any
+	if sysUser.Name != "" {
+		conditions = append(conditions, "name = ?")
+		params = append(params, sysUser.Name)
+	}
+	if sysUser.AccountId != "" {
+		conditions = append(conditions, "account_id = ?")
+		params = append(params, sysUser.AccountId)
+	}
+
+	// 构建查询条件语句
+	whereSql := ""
+	if len(conditions) > 0 {
+		whereSql += " where " + strings.Join(conditions, " and ")
+	} else {
+		return ""
+	}
+
+	// 查询数据
+	querySql := "select id as 'str' from user " + whereSql + " limit 1"
+	results, err := datasource.RawDB("", querySql, params)
+	if err != nil {
+		logger.Errorf("query err %v", err)
+	}
+	if len(results) > 0 {
+		return fmt.Sprintf("%v", results[0]["str"])
+	}
+	return ""
+}
diff --git a/features/sys_user/service/service_sys_user.go b/features/sys_user/service/service_sys_user.go
new file mode 100644
index 00000000..5903376e
--- /dev/null
+++ b/features/sys_user/service/service_sys_user.go
@@ -0,0 +1,150 @@
+package service
+
+import (
+	"errors"
+	"fmt"
+
+	sysUserModel "ems.agt/features/sys_user/model"
+	sysuserrole "ems.agt/features/sys_user_role"
+)
+
+// 实例化服务层 ServiceSysUser 结构体
+var NewServiceSysUser = &ServiceSysUser{
+	sysUserRepository:     NewRepoSysUser,
+	sysUserRoleRepository: sysuserrole.NewRepoSysUserRole,
+}
+
+// ServiceSysUser 用户 服务层处理
+type ServiceSysUser struct {
+	// 用户服务
+	sysUserRepository *RepoSysUser
+	// 用户与角色服务
+	sysUserRoleRepository *sysuserrole.RepoSysUserRole
+}
+
+// SelectUserPage 根据条件分页查询用户列表
+func (r *ServiceSysUser) SelectUserPage(query map[string]any) map[string]any {
+	return r.sysUserRepository.SelectUserPage(query)
+}
+
+// SelectUserList 根据条件查询用户列表
+func (r *ServiceSysUser) SelectUserList(sysUser sysUserModel.SysUser) []sysUserModel.SysUser {
+	return []sysUserModel.SysUser{}
+}
+
+// SelectAllocatedPage 根据条件分页查询分配用户角色列表
+func (r *ServiceSysUser) SelectAllocatedPage(query map[string]any) map[string]any {
+	return r.sysUserRepository.SelectAllocatedPage(query)
+}
+
+// SelectUserByUserName 通过用户名查询用户
+func (r *ServiceSysUser) SelectUserByUserName(userName string) sysUserModel.SysUser {
+	return r.sysUserRepository.SelectUserByUserName(userName)
+}
+
+// SelectUserById 通过用户ID查询用户
+func (r *ServiceSysUser) SelectUserById(userId string) sysUserModel.SysUser {
+	if userId == "" {
+		return sysUserModel.SysUser{}
+	}
+	users := r.sysUserRepository.SelectUserByIds([]string{userId})
+	if len(users) > 0 {
+		return users[0]
+	}
+	return sysUserModel.SysUser{}
+}
+
+// InsertUser 新增用户信息
+func (r *ServiceSysUser) InsertUser(sysUser sysUserModel.SysUser) string {
+	// 新增用户信息
+	insertId := r.sysUserRepository.InsertUser(sysUser)
+	if insertId != "" {
+		// 新增用户角色信息
+		r.insertUserRole(insertId, sysUser.RoleIDs)
+	}
+	return insertId
+}
+
+// insertUserRole 新增用户角色信息
+func (r *ServiceSysUser) insertUserRole(userId string, roleIds []string) int64 {
+	if userId == "" || len(roleIds) <= 0 {
+		return 0
+	}
+
+	sysUserRoles := []sysuserrole.SysUserRole{}
+	for _, roleId := range roleIds {
+		// 管理员角色禁止操作，只能通过配置指定用户ID分配
+		if roleId == "" || roleId == "1" {
+			continue
+		}
+		sysUserRoles = append(sysUserRoles, sysuserrole.NewSysUserRole(userId, roleId))
+	}
+
+	return r.sysUserRoleRepository.BatchUserRole(sysUserRoles)
+}
+
+// UpdateUser 修改用户信息
+func (r *ServiceSysUser) UpdateUser(sysUser sysUserModel.SysUser) int64 {
+	return r.sysUserRepository.UpdateUser(sysUser)
+}
+
+// UpdateUserAndRolePost 修改用户信息同时更新角色和岗位
+func (r *ServiceSysUser) UpdateUserAndRolePost(sysUser sysUserModel.SysUser) int64 {
+	userId := fmt.Sprint(sysUser.Id)
+	// 删除用户与角色关联
+	r.sysUserRoleRepository.DeleteUserRole([]string{userId})
+	// 新增用户角色信息
+	r.insertUserRole(userId, sysUser.RoleIDs)
+	return r.sysUserRepository.UpdateUser(sysUser)
+}
+
+// DeleteUserByIds 批量删除用户信息
+func (r *ServiceSysUser) DeleteUserByIds(userIds []string) (int64, error) {
+	// 检查是否存在
+	users := r.sysUserRepository.SelectUserByIds(userIds)
+	if len(users) <= 0 {
+		return 0, errors.New("没有权限访问用户数据！")
+	}
+	if len(users) == len(userIds) {
+		// 删除用户与角色关联
+		r.sysUserRoleRepository.DeleteUserRole(userIds)
+		// ... 注意其他userId进行关联的表
+		// 删除用户
+		rows := r.sysUserRepository.DeleteUserByIds(userIds)
+		return rows, nil
+	}
+	return 0, errors.New("删除用户信息失败！")
+}
+
+// CheckUniqueUserName 校验用户名称是否唯一
+func (r *ServiceSysUser) CheckUniqueUserName(userName, userId string) bool {
+	uniqueId := r.sysUserRepository.CheckUniqueUser(sysUserModel.SysUser{
+		Name: userName,
+	})
+	if uniqueId == userId {
+		return true
+	}
+	return uniqueId == ""
+}
+
+// CheckUniquePhone 校验手机号码是否唯一
+func (r *ServiceSysUser) CheckUniquePhone(phonenumber, userId string) bool {
+	uniqueId := r.sysUserRepository.CheckUniqueUser(sysUserModel.SysUser{
+		Phone: phonenumber,
+	})
+	if uniqueId == userId {
+		return true
+	}
+	return uniqueId == ""
+}
+
+// CheckUniqueEmail 校验email是否唯一
+func (r *ServiceSysUser) CheckUniqueEmail(email, userId string) bool {
+	uniqueId := r.sysUserRepository.CheckUniqueUser(sysUserModel.SysUser{
+		Email: email,
+	})
+	if uniqueId == userId {
+		return true
+	}
+	return uniqueId == ""
+}