feat(sys_deploy_file_service):增加用户权限控制并优化部署文件操作

- 在 GetByID、Update、Delete 和 List 方法中添加用户权限控制，确保只能操作自己创建的部署文件
- 优化部署文件查询逻辑，提高数据安全性
- 改进错误处理，提升用户体验

internal/service/sys_deploy_file_service.go

@@ -65,8 +65,14 @@ func (s *SysDeployFileService) Create(c *gin.Context) serializer.Response {
 
 // GetByID 根据ID获取部署文件记录
 func (s *SysDeployFileService) GetByID(c *gin.Context) serializer.Response {
+	// 获取当前用户ID
+	currentUserId := c.GetString("id")
+	if currentUserId == "" {
+		return serializer.ParamErr("用户信息获取失败!", nil)
+	}
+
 	var deployFile model.SysDeployFile
-	if err := s.Db.Where("deploy_id = ? AND del_flag = ?", c.Param("id"), "0").First(&deployFile).Error; err != nil {
+	if err := s.Db.Where("deploy_id = ? AND del_flag = ? AND create_by = ?", c.Param("id"), "0", currentUserId).First(&deployFile).Error; err != nil {
 		logger.Error(c, "获取部署文件记录失败!")
 		return serializer.DBErr("获取部署文件记录失败!", err)
 	}
@@ -87,16 +93,29 @@ func (s *SysDeployFileService) UpdateByID(c *gin.Context) serializer.Response {
 		return serializer.ParamErr("id不可为空!", fmt.Errorf("id不可为空"))
 	}
 
+	// 获取当前用户ID
+	currentUserId := c.GetString("id")
+	if currentUserId == "" {
+		return serializer.ParamErr("用户信息获取失败!", nil)
+	}
+
+	// 检查权限：只能更新自己创建的数据
+	var existingDeployFile model.SysDeployFile
+	if err := s.Db.Where("deploy_id = ? AND del_flag = ? AND create_by = ?", id, "0", currentUserId).First(&existingDeployFile).Error; err != nil {
+		logger.Error(c, "部署文件记录不存在或无权限访问!")
+		return serializer.ParamErr("部署文件记录不存在或无权限访问!", err)
+	}
+
 	// 设置更新时间
 	now := time.Now()
 	deployFile.UpdateTime = &now
 
 	// 获取当前用户
-	if updateBy := c.GetString("id"); updateBy != "" {
+	if updateBy := currentUserId; updateBy != "" {
 		deployFile.UpdateBy = updateBy
 	}
 
-	if err := s.Db.Model(&deployFile).Where("deploy_id = ? AND del_flag = ?", id, "0").Updates(&deployFile).Error; err != nil {
+	if err := s.Db.Model(&deployFile).Where("deploy_id = ? AND del_flag = ? AND create_by = ?", id, "0", currentUserId).Updates(&deployFile).Error; err != nil {
 		logger.Error(c, "更新部署文件记录失败!")
 		return serializer.DBErr("更新部署文件记录失败!", err)
 	}
@@ -111,18 +130,24 @@ func (s *SysDeployFileService) DeleteByID(c *gin.Context) serializer.Response {
 		return serializer.ParamErr("id不可为空!", fmt.Errorf("id不可为空"))
 	}
 
+	// 获取当前用户ID
+	currentUserId := c.GetString("id")
+	if currentUserId == "" {
+		return serializer.ParamErr("用户信息获取失败!", nil)
+	}
+
 	// 软删除
 	data := map[string]any{
 		"del_flag":    "1",
 		"update_time": time.Now(),
-		"update_by":   c.GetString("id"),
+		"update_by":   currentUserId,
 	}
 
 	// 删除已经部署的文件夹
 	deployFile := model.SysDeployFile{}
-	if err := s.Db.Where("deploy_id = ?", id).First(&deployFile).Error; err != nil {
-		logger.Error(c, "获取部署文件记录失败!")
-		return serializer.DBErr("获取部署文件记录失败!", err)
+	if err := s.Db.Where("deploy_id = ? AND create_by = ?", id, currentUserId).First(&deployFile).Error; err != nil {
+		logger.Error(c, "获取部署文件记录失败或无权限访问!")
+		return serializer.DBErr("获取部署文件记录失败或无权限访问!", err)
 	}
 
 	// 删除 /home/:projectName
@@ -133,7 +158,7 @@ func (s *SysDeployFileService) DeleteByID(c *gin.Context) serializer.Response {
 	}
 
 	// 删除数据库记录
-	if err := s.Db.Model(&model.SysDeployFile{}).Where("deploy_id = ?", id).Updates(data).Error; err != nil {
+	if err := s.Db.Model(&model.SysDeployFile{}).Where("deploy_id = ? AND create_by = ?", id, currentUserId).Updates(data).Error; err != nil {
 		logger.Error(c, "删除部署文件记录失败!")
 		return serializer.DBErr("删除部署文件记录失败!", err)
 	}
@@ -158,6 +183,12 @@ func (s *SysDeployFileService) GetByCondition(c *gin.Context) serializer.Respons
 	var deployFiles []model.SysDeployFile
 	offset := (p.Page - 1) * p.Limit
 
+	// 获取当前用户ID
+	currentUserId := c.GetString("id")
+	if currentUserId == "" {
+		return serializer.ParamErr("用户信息获取失败!", nil)
+	}
+
 	// 构建基础查询
 	db := s.Db.Model(&model.SysDeployFile{})
 
@@ -166,6 +197,9 @@ func (s *SysDeployFileService) GetByCondition(c *gin.Context) serializer.Respons
 		db = db.Where(queryStr, args...)
 	}
 
+	// 添加用户权限过滤：只能查询自己创建的数据
+	db = db.Where("create_by = ?", currentUserId)
+
 	// 排序
 	if p.Sort != "" {
 		db = db.Order(p.Sort)