完善指令的授权

2021-01-16 01:27:24 +08:00
parent 1a3f7acd1e
commit 44110722b2
13 changed files with 440 additions and 102 deletions
--- a/pkg/api/asset.go
+++ b/pkg/api/asset.go
@ -15,6 +15,8 @@ func AssetCreateEndpoint(c echo.Context) error {
 		return err
 	}

+	account, _ := GetCurrentAccount(c)
+	item.Owner = account.ID
 	item.ID = utils.UUID()
 	item.Created = utils.NowJsonTime()

@ -32,17 +34,8 @@ func AssetPagingEndpoint(c echo.Context) error {
 	protocol := c.QueryParam("protocol")
 	tags := c.QueryParam("tags")

-	var (
-		total int64
-		items []model.AssetVo
-	)
-
 	account, _ := GetCurrentAccount(c)
-	if account.Role == model.RoleUser {
-		items, total, _ = model.FindPageAsset(pageIndex, pageSize, name, protocol, tags, account.ID)
-	} else {
-		items, total, _ = model.FindPageAsset(pageIndex, pageSize, name, protocol, tags, "")
-	}
+	items, total, _ := model.FindPageAsset(pageIndex, pageSize, name, protocol, tags, account)

 	return Success(c, H{
 		"total": total,
@ -52,7 +45,8 @@ func AssetPagingEndpoint(c echo.Context) error {

 func AssetAllEndpoint(c echo.Context) error {
 	protocol := c.QueryParam("protocol")
-	items, _ := model.FindAssetByConditions(protocol)
+	account, _ := GetCurrentAccount(c)
+	items, _ := model.FindAssetByConditions(protocol, account)
 	return Success(c, items)
 }

--- a/pkg/api/command.go
+++ b/pkg/api/command.go
@ -1,6 +1,7 @@
 package api

 import (
+	"errors"
 	"github.com/labstack/echo/v4"
 	"next-terminal/pkg/model"
 	"next-terminal/pkg/utils"
@ -14,6 +15,8 @@ func CommandCreateEndpoint(c echo.Context) error {
 		return err
 	}

+	account, _ := GetCurrentAccount(c)
+	item.Owner = account.ID
 	item.ID = utils.UUID()
 	item.Created = utils.NowJsonTime()

@ -29,8 +32,9 @@ func CommandPagingEndpoint(c echo.Context) error {
 	pageSize, _ := strconv.Atoi(c.QueryParam("pageSize"))
 	name := c.QueryParam("name")
 	content := c.QueryParam("content")
+	account, _ := GetCurrentAccount(c)

-	items, total, _ := model.FindPageCommand(pageIndex, pageSize, name, content)
+	items, total, _ := model.FindPageCommand(pageIndex, pageSize, name, content, account)

 	return Success(c, H{
 		"total": total,
@ -68,3 +72,27 @@ func CommandGetEndpoint(c echo.Context) (err error) {
 	}
 	return Success(c, item)
 }
+
+func CommandChangeOwnerEndpoint(c echo.Context) (err error) {
+	id := c.Param("id")
+
+	if err := PreCheckCommandPermission(c, id); err != nil {
+		return err
+	}
+
+	owner := c.QueryParam("owner")
+	model.UpdateCommandById(&model.Command{Owner: owner}, id)
+	return Success(c, "")
+}
+
+func PreCheckCommandPermission(c echo.Context, id string) error {
+	item, err := model.FindCommandById(id)
+	if err != nil {
+		return err
+	}
+
+	if !HasPermission(c, item.Owner) {
+		return errors.New("permission denied")
+	}
+	return nil
+}
--- a/pkg/api/credential.go
+++ b/pkg/api/credential.go
@ -10,7 +10,8 @@ import (
 )

 func CredentialAllEndpoint(c echo.Context) error {
-	items, _ := model.FindAllCredential()
+	account, _ := GetCurrentAccount(c)
+	items, _ := model.FindAllCredential(account)
 	return Success(c, items)
 }
 func CredentialCreateEndpoint(c echo.Context) error {
@ -19,6 +20,8 @@ func CredentialCreateEndpoint(c echo.Context) error {
 		return err
 	}

+	account, _ := GetCurrentAccount(c)
+	item.Owner = account.ID
 	item.ID = utils.UUID()
 	item.Created = utils.NowJsonTime()

@ -59,17 +62,8 @@ func CredentialPagingEndpoint(c echo.Context) error {
 	pageSize, _ := strconv.Atoi(c.QueryParam("pageSize"))
 	name := c.QueryParam("name")

-	var (
-		total int64
-		items []model.CredentialVo
-	)
-
 	account, _ := GetCurrentAccount(c)
-	if account.Role == model.RoleUser {
-		items, total, _ = model.FindPageCredential(pageIndex, pageSize, name, account.ID)
-	} else {
-		items, total, _ = model.FindPageCredential(pageIndex, pageSize, name, "")
-	}
+	items, total, _ := model.FindPageCredential(pageIndex, pageSize, name, account)

 	return Success(c, H{
 		"total": total,
--- a/pkg/api/routes.go
+++ b/pkg/api/routes.go
@ -72,6 +72,7 @@ func SetupRoutes() *echo.Echo {
 		commands.PUT("/:id", CommandUpdateEndpoint)
 		commands.DELETE("/:id", CommandDeleteEndpoint)
 		commands.GET("/:id", CommandGetEndpoint)
+		commands.POST("/:id/change-owner", CommandChangeOwnerEndpoint)
 	}

 	credentials := e.Group("/credentials")
--- a/pkg/model/asset.go
+++ b/pkg/model/asset.go
@ -48,21 +48,27 @@ func FindAllAsset() (o []Asset, err error) {
 	return
 }

-func FindAssetByConditions(protocol string) (o []Asset, err error) {
-	db := global.DB
+func FindAssetByConditions(protocol string, account User) (o []Asset, err error) {
+	db := global.DB.Table("assets").Select("assets.id,assets.name,assets.ip,assets.port,assets.protocol,assets.active,assets.owner,assets.created, users.nickname as owner_name,COUNT(resources.user_id) as sharer_count").Joins("left join users on assets.owner = users.id").Joins("left join resources on assets.id = resources.resource_id").Group("assets.id")
+
+	if RoleUser == account.Role {
+		owner := account.ID
+		db = db.Where("assets.owner = ? or resources.user_id = ?", owner, owner)
+	}

 	if len(protocol) > 0 {
-		db = db.Where("protocol = ?", protocol)
+		db = db.Where("assets.protocol = ?", protocol)
 	}
 	err = db.Find(&o).Error
 	return
 }

-func FindPageAsset(pageIndex, pageSize int, name, protocol, tags, owner string) (o []AssetVo, total int64, err error) {
+func FindPageAsset(pageIndex, pageSize int, name, protocol, tags string, account User) (o []AssetVo, total int64, err error) {
 	db := global.DB.Table("assets").Select("assets.id,assets.name,assets.ip,assets.port,assets.protocol,assets.active,assets.owner,assets.created, users.nickname as owner_name,COUNT(resources.user_id) as sharer_count").Joins("left join users on assets.owner = users.id").Joins("left join resources on assets.id = resources.resource_id").Group("assets.id")
-	dbCounter := global.DB.Table("assets").Select("DISTINCT assets.id,assets.name,assets.ip,assets.port,assets.protocol,assets.active,assets.owner,assets.created, users.nickname as owner_name").Joins("left join users on assets.owner = users.id").Joins("left join resources on assets.id = resources.resource_id")
+	dbCounter := global.DB.Table("assets").Select("DISTINCT assets.id").Joins("left join resources on assets.id = resources.resource_id")

-	if len(owner) > 0 {
+	if RoleUser == account.Role {
+		owner := account.ID
 		db = db.Where("assets.owner = ? or resources.user_id = ?", owner, owner)
 		dbCounter = dbCounter.Where("assets.owner = ? or resources.user_id = ?", owner, owner)
 	}
--- a/pkg/model/command.go
+++ b/pkg/model/command.go
@ -10,27 +10,52 @@ type Command struct {
 	Name    string         `json:"name"`
 	Content string         `json:"content"`
 	Created utils.JsonTime `json:"created"`
-	Creator string         `json:"creator"`
+	Owner   string         `json:"owner"`
+}
+
+type CommandVo struct {
+	ID          string         `gorm:"primary_key" json:"id"`
+	Name        string         `json:"name"`
+	Content     string         `json:"content"`
+	Created     utils.JsonTime `json:"created"`
+	Owner       string         `json:"owner"`
+	OwnerName   string         `json:"ownerName"`
+	SharerCount int64          `json:"sharerCount"`
 }

 func (r *Command) TableName() string {
 	return "commands"
 }

-func FindPageCommand(pageIndex, pageSize int, name, content string) (o []Command, total int64, err error) {
+func FindPageCommand(pageIndex, pageSize int, name, content string, account User) (o []CommandVo, total int64, err error) {
+
+	db := global.DB.Table("commands").Select("commands.id,commands.name,commands.content,commands.owner,commands.created, users.nickname as owner_name,COUNT(resources.user_id) as sharer_count").Joins("left join users on commands.owner = users.id").Joins("left join resources on commands.id = resources.resource_id").Group("commands.id")
+	dbCounter := global.DB.Table("commands").Select("DISTINCT commands.id").Joins("left join resources on commands.id = resources.resource_id")
+
+	if RoleUser == account.Role {
+		owner := account.ID
+		db = db.Where("commands.owner = ? or resources.user_id = ?", owner, owner)
+		dbCounter = dbCounter.Where("commands.owner = ? or resources.user_id = ?", owner, owner)
+	}

-	db := global.DB
 	if len(name) > 0 {
-		db = db.Where("name like ?", "%"+name+"%")
+		db = db.Where("commands.name like ?", "%"+name+"%")
+		dbCounter = dbCounter.Where("commands.name like ?", "%"+name+"%")
 	}

 	if len(content) > 0 {
-		db = db.Where("content like ?", "%"+content+"%")
+		db = db.Where("commands.content like ?", "%"+content+"%")
+		dbCounter = dbCounter.Where("commands.content like ?", "%"+content+"%")
 	}

-	err = db.Offset((pageIndex - 1) * pageSize).Limit(pageSize).Count(&total).Find(&o).Error
+	err = dbCounter.Count(&total).Error
+	if err != nil {
+		return nil, 0, err
+	}
+
+	err = db.Offset((pageIndex - 1) * pageSize).Limit(pageSize).Find(&o).Error
 	if o == nil {
-		o = make([]Command, 0)
+		o = make([]CommandVo, 0)
 	}
 	return
 }
--- a/pkg/model/credential.go
+++ b/pkg/model/credential.go
@ -43,16 +43,21 @@ type CredentialSimpleVo struct {
 	Name string `json:"name"`
 }

-func FindAllCredential() (o []CredentialSimpleVo, err error) {
-	err = global.DB.Find(&o).Error
+func FindAllCredential(account User) (o []CredentialSimpleVo, err error) {
+	db := global.DB.Table("credentials").Select("DISTINCT credentials.id,credentials.name").Joins("left join resources on credentials.id = resources.resource_id")
+	if account.Role == RoleUser {
+		db = db.Where("credentials.owner = ? or resources.user_id = ?", account.ID, account.ID)
+	}
+	err = db.Find(&o).Error
 	return
 }

-func FindPageCredential(pageIndex, pageSize int, name, owner string) (o []CredentialVo, total int64, err error) {
+func FindPageCredential(pageIndex, pageSize int, name string, account User) (o []CredentialVo, total int64, err error) {
 	db := global.DB.Table("credentials").Select("credentials.id,credentials.name,credentials.type,credentials.username,credentials.owner,credentials.created,users.nickname as owner_name,COUNT(resources.user_id) as sharer_count").Joins("left join users on credentials.owner = users.id").Joins("left join resources on credentials.id = resources.resource_id").Group("credentials.id")
-	dbCounter := global.DB.Table("credentials").Select("DISTINCT credentials.id,credentials.name,credentials.type,credentials.username,credentials.owner,credentials.created,users.nickname as owner_name").Joins("left join users on credentials.owner = users.id").Joins("left join resources on credentials.id = resources.resource_id")
+	dbCounter := global.DB.Table("credentials").Select("DISTINCT credentials.id").Joins("left join resources on credentials.id = resources.resource_id")

-	if len(owner) > 0 {
+	if RoleUser == account.Role {
+		owner := account.ID
 		db = db.Where("credentials.owner = ? or resources.user_id = ?", owner, owner)
 		dbCounter = dbCounter.Where("credentials.owner = ? or resources.user_id = ?", owner, owner)
 	}