feat: add user group management

src/app/api/admin/user/route.ts

@@ -18,6 +18,8 @@ const ACTIONS = [
   'changePassword',
   'deleteUser',
   'updateUserApis',
+  'userGroup',
+  'updateUserGroups',
 ] as const;
 
 export async function POST(request: NextRequest) {
@@ -54,7 +56,8 @@ export async function POST(request: NextRequest) {
       return NextResponse.json({ error: '参数格式错误' }, { status: 400 });
     }
 
-    if (!targetUsername) {
+    // 用户组操作不需要targetUsername
+    if (!targetUsername && action !== 'userGroup') {
       return NextResponse.json({ error: '缺少目标用户名' }, { status: 400 });
     }
 
@@ -62,6 +65,8 @@ export async function POST(request: NextRequest) {
       action !== 'changePassword' &&
       action !== 'deleteUser' &&
       action !== 'updateUserApis' &&
+      action !== 'userGroup' &&
+      action !== 'updateUserGroups' &&
       username === targetUsername
     ) {
       return NextResponse.json(
@@ -87,22 +92,27 @@ export async function POST(request: NextRequest) {
       operatorRole = 'admin';
     }
 
-    // 查找目标用户条目
-    let targetEntry = adminConfig.UserConfig.Users.find(
-      (u) => u.username === targetUsername
-    );
+    // 查找目标用户条目（用户组操作不需要）
+    let targetEntry: any = null;
+    let isTargetAdmin = false;
 
-    if (
-      targetEntry &&
-      targetEntry.role === 'owner' &&
-      action !== 'changePassword'
-    ) {
-      return NextResponse.json({ error: '无法操作站长' }, { status: 400 });
+    if (action !== 'userGroup' && targetUsername) {
+      targetEntry = adminConfig.UserConfig.Users.find(
+        (u) => u.username === targetUsername
+      );
+
+      if (
+        targetEntry &&
+        targetEntry.role === 'owner' &&
+        action !== 'changePassword'
+      ) {
+        return NextResponse.json({ error: '无法操作站长' }, { status: 400 });
+      }
+
+      // 权限校验逻辑
+      isTargetAdmin = targetEntry?.role === 'admin';
     }
 
-    // 权限校验逻辑
-    const isTargetAdmin = targetEntry?.role === 'admin';
-
     switch (action) {
       case 'add': {
         if (targetEntry) {
@@ -115,11 +125,22 @@ export async function POST(request: NextRequest) {
           );
         }
         await db.registerUser(targetUsername!, targetPassword);
+
+        // 获取用户组信息
+        const { userGroup } = body as { userGroup?: string };
+
         // 更新配置
-        adminConfig.UserConfig.Users.push({
+        const newUser: any = {
           username: targetUsername!,
           role: 'user',
-        });
+        };
+
+        // 如果指定了用户组，添加到tags中
+        if (userGroup && userGroup.trim()) {
+          newUser.tags = [userGroup];
+        }
+
+        adminConfig.UserConfig.Users.push(newUser);
         targetEntry =
           adminConfig.UserConfig.Users[
           adminConfig.UserConfig.Users.length - 1
@@ -307,6 +328,97 @@ export async function POST(request: NextRequest) {
 
         break;
       }
+      case 'userGroup': {
+        // 用户组管理操作
+        const { groupAction, groupName, enabledApis } = body as {
+          groupAction: 'add' | 'edit' | 'delete';
+          groupName: string;
+          enabledApis?: string[];
+        };
+
+        if (!adminConfig.UserConfig.Tags) {
+          adminConfig.UserConfig.Tags = [];
+        }
+
+        switch (groupAction) {
+          case 'add': {
+            // 检查用户组是否已存在
+            if (adminConfig.UserConfig.Tags.find(t => t.name === groupName)) {
+              return NextResponse.json({ error: '用户组已存在' }, { status: 400 });
+            }
+            adminConfig.UserConfig.Tags.push({
+              name: groupName,
+              enabledApis: enabledApis || [],
+            });
+            break;
+          }
+          case 'edit': {
+            const groupIndex = adminConfig.UserConfig.Tags.findIndex(t => t.name === groupName);
+            if (groupIndex === -1) {
+              return NextResponse.json({ error: '用户组不存在' }, { status: 404 });
+            }
+            adminConfig.UserConfig.Tags[groupIndex].enabledApis = enabledApis || [];
+            break;
+          }
+          case 'delete': {
+            const groupIndex = adminConfig.UserConfig.Tags.findIndex(t => t.name === groupName);
+            if (groupIndex === -1) {
+              return NextResponse.json({ error: '用户组不存在' }, { status: 404 });
+            }
+
+            // 查找使用该用户组的所有用户
+            const affectedUsers: string[] = [];
+            adminConfig.UserConfig.Users.forEach(user => {
+              if (user.tags && user.tags.includes(groupName)) {
+                affectedUsers.push(user.username);
+                // 从用户的tags中移除该用户组
+                user.tags = user.tags.filter(tag => tag !== groupName);
+                // 如果用户没有其他标签了，删除tags字段
+                if (user.tags.length === 0) {
+                  delete user.tags;
+                }
+              }
+            });
+
+            // 删除用户组
+            adminConfig.UserConfig.Tags.splice(groupIndex, 1);
+
+            // 记录删除操作的影响
+            console.log(`删除用户组 "${groupName}"，影响用户: ${affectedUsers.length > 0 ? affectedUsers.join(', ') : '无'}`);
+
+            break;
+          }
+          default:
+            return NextResponse.json({ error: '未知的用户组操作' }, { status: 400 });
+        }
+        break;
+      }
+      case 'updateUserGroups': {
+        if (!targetEntry) {
+          return NextResponse.json({ error: '目标用户不存在' }, { status: 404 });
+        }
+
+        const { userGroups } = body as { userGroups: string[] };
+
+        // 权限检查：站长可配置所有人的用户组，管理员可配置普通用户和自己的用户组
+        if (
+          isTargetAdmin &&
+          operatorRole !== 'owner' &&
+          username !== targetUsername
+        ) {
+          return NextResponse.json({ error: '仅站长可配置其他管理员的用户组' }, { status: 400 });
+        }
+
+        // 更新用户的用户组
+        if (userGroups && userGroups.length > 0) {
+          targetEntry.tags = userGroups;
+        } else {
+          // 如果为空数组或未提供，则删除该字段，表示无用户组
+          delete targetEntry.tags;
+        }
+
+        break;
+      }
       default:
         return NextResponse.json({ error: '未知操作' }, { status: 400 });
     }