import { Controller, Get, Post, Put, Patch, Delete, Body, Param, Query, ParseUUIDPipe, UseGuards, HttpCode, HttpStatus, Req, } from '@nestjs/common'; import { ApiTags, ApiOperation, ApiResponse, ApiBearerAuth } from '@nestjs/swagger'; import { OrganizationsService } from './organizations.service'; import { CreateOrganizationDto, UpdateOrganizationDto, OrganizationQueryDto, OrganizationRegionDto, } from './dto'; import { PermissionsGuard } from '../auth/guards/permissions.guard'; import { RequirePermissions } from '@common/decorators/permissions.decorator'; import { Auditable, Sensitive } from '@core/observability/audit/decorators/auditable.decorator'; @ApiTags('Organizations') @ApiBearerAuth() @Controller('organizations') export class OrganizationsController { constructor(private readonly organizationsService: OrganizationsService) {} /** * 创建组织 * Scope: all - 需要全局权限(跨组织) */ @Post() @Auditable() @RequirePermissions('organization:create') @ApiOperation({ summary: '创建组织' }) @ApiResponse({ status: 201, description: '创建成功' }) async create(@Body() createDto: CreateOrganizationDto) { return this.organizationsService.create(createDto); } /** * 获取组织列表 * Scope: organization - 只能查看自己所属的组织 */ @Get() @RequirePermissions('organization:read') @ApiOperation({ summary: '获取组织列表' }) @ApiResponse({ status: 200, description: '查询成功' }) async findAll(@Query() query: OrganizationQueryDto, @Req() req: any) { // Service 层将根据用户的组织过滤数据 return this.organizationsService.findAll(query, req.user.id); } /** * 获取组织详情 * Scope: organization - 只能查看自己所属的组织 */ @Get(':id') @RequirePermissions('organization:read') @ApiOperation({ summary: '获取组织详情' }) @ApiResponse({ status: 200, description: '查询成功' }) async findOne(@Param('id', ParseUUIDPipe) id: string) { return this.organizationsService.findOne(id); } /** * 更新组织 * Scope: organization - 只能更新自己所属的组织 * * 修复: v2.1.1 - 使用 PATCH 而不是 PUT(符合文档) */ @Patch(':id') @Auditable() @RequirePermissions('organization:update') @ApiOperation({ summary: '更新组织' }) @ApiResponse({ status: 200, description: '更新成功' }) async update( @Param('id', ParseUUIDPipe) id: string, @Body() updateDto: UpdateOrganizationDto, ) { return this.organizationsService.update(id, updateDto); } /** * 删除组织(软删除) * Scope: all - 需要全局权限(跨组织) */ @Delete(':id') @Auditable() @Sensitive() @RequirePermissions('organization:delete') @ApiOperation({ summary: '删除组织' }) @ApiResponse({ status: 200, description: '删除成功' }) @HttpCode(HttpStatus.OK) async remove(@Param('id', ParseUUIDPipe) id: string) { return this.organizationsService.remove(id); } /** * 管理组织的运营区域 * * 修复: v2.1.1 - 使用 POST 而不是 PUT(符合文档 line 3176) */ @Post(':id/regions') @HttpCode(HttpStatus.OK) // 返回 200(添加关联,不是创建新资源) @Auditable() @RequirePermissions('organization:update') @ApiOperation({ summary: '为组织添加运营区域' }) @ApiResponse({ status: 200, description: '添加成功' }) async manageRegions( @Param('id', ParseUUIDPipe) id: string, @Body() dto: OrganizationRegionDto, ) { return this.organizationsService.addRegions(id, dto); } /** * 从组织移除区域 (v2.1 新增) */ @Delete(':id/regions/:regionId') @Auditable() @Sensitive() @RequirePermissions('organization:update') @ApiOperation({ summary: '从组织移除区域' }) @ApiResponse({ status: 200, description: '移除成功' }) async removeRegion( @Param('id', ParseUUIDPipe) id: string, @Param('regionId', ParseUUIDPipe) regionId: string, ) { return this.organizationsService.removeRegion(id, regionId); } /** * 获取组织统计信息 */ @Get(':id/stats') @RequirePermissions('organization:read') @ApiOperation({ summary: '获取组织统计' }) @ApiResponse({ status: 200, description: '查询成功' }) async getStats(@Param('id', ParseUUIDPipe) id: string) { return this.organizationsService.getStats(id); } /** * 获取用户的组织列表 */ @Get('users/:userId/organizations') @ApiOperation({ summary: '获取用户的组织列表' }) @ApiResponse({ status: 200, description: '查询成功' }) async getUserOrganizations(@Param('userId', ParseUUIDPipe) userId: string) { return this.organizationsService.getUserOrganizations(userId); } }