普通用户执行动态命令时也增加权限校验
This commit is contained in:
dushixiang
@ -3,6 +3,7 @@ package api
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"github.com/gorilla/websocket"
|
"github.com/gorilla/websocket"
|
||||||
"github.com/labstack/echo/v4"
|
"github.com/labstack/echo/v4"
|
||||||
@ -11,6 +12,7 @@ import (
|
|||||||
"golang.org/x/crypto/ssh"
|
"golang.org/x/crypto/ssh"
|
||||||
"net/http"
|
"net/http"
|
||||||
"next-terminal/pkg/model"
|
"next-terminal/pkg/model"
|
||||||
|
"next-terminal/pkg/utils"
|
||||||
"strconv"
|
"strconv"
|
||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
@ -74,6 +76,19 @@ func SSHEndpoint(c echo.Context) error {
|
|||||||
width, _ := strconv.Atoi(c.QueryParam("width"))
|
width, _ := strconv.Atoi(c.QueryParam("width"))
|
||||||
height, _ := strconv.Atoi(c.QueryParam("height"))
|
height, _ := strconv.Atoi(c.QueryParam("height"))
|
||||||
|
|
||||||
|
user, _ := GetCurrentAccount(c)
|
||||||
|
if model.TypeUser == user.Type {
|
||||||
|
// 检测是否有访问权限
|
||||||
|
assetIds, err := model.FindAssetIdsByUserId(user.ID)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if !utils.Contains(assetIds, assetId) {
|
||||||
|
return errors.New("您没有权限访问此资产")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
sshClient, err := CreateSshClient(assetId)
|
sshClient, err := CreateSshClient(assetId)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logrus.Errorf("创建SSH客户端失败:%v", err.Error())
|
logrus.Errorf("创建SSH客户端失败:%v", err.Error())
|
||||||
|
|||||||
Reference in New Issue
Block a user