增加SysLockerService，修改用户相关的一些服务

internal/rpc/services/service_node_cluster.go

@@ -10,7 +10,9 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/tasks"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/dbs"
+	"github.com/iwind/TeaGo/lists"
 	"github.com/iwind/TeaGo/maps"
+	"github.com/iwind/TeaGo/rands"
 	"github.com/iwind/TeaGo/types"
 	"strconv"
 )
@@ -845,3 +847,61 @@ func (this *NodeClusterService) FindNodeClusterSystemService(ctx context.Context
 	}
 	return &pb.FindNodeClusterSystemServiceResponse{ParamsJSON: paramsJSON}, nil
 }
+
+// 获取集群中可以使用的端口
+func (this *NodeClusterService) FindFreePortInNodeCluster(ctx context.Context, req *pb.FindFreePortInNodeClusterRequest) (*pb.FindFreePortInNodeClusterResponse, error) {
+	_, _, err := this.ValidateAdminAndUser(ctx, 0, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	globalConfig, err := models.SharedSysSettingDAO.ReadGlobalConfig(tx)
+	if err != nil {
+		return nil, err
+	}
+
+	// 检查端口
+	portMin := globalConfig.TCPAll.PortRangeMin
+	portMax := globalConfig.TCPAll.PortRangeMax
+	denyPorts := globalConfig.TCPAll.DenyPorts
+
+	if portMin == 0 && portMax == 0 {
+		portMin = 10_000
+		portMax = 40_000
+	}
+	if portMin < 1024 {
+		portMin = 10_000
+	}
+	if portMin > 65534 {
+		portMin = 65534
+	}
+	if portMax < 1024 {
+		portMax = 30_000
+	}
+	if portMax > 65534 {
+		portMax = 65534
+	}
+
+	if portMin > portMax {
+		portMax, portMin = portMin, portMax
+	}
+
+	// 最多尝试N次
+	for i := 0; i < 60; i++ {
+		port := rands.Int(portMin, portMax)
+		if len(denyPorts) > 0 && lists.ContainsInt(denyPorts, port) {
+			continue
+		}
+
+		isUsing, err := models.SharedServerDAO.CheckPortIsUsing(tx, req.NodeClusterId, port)
+		if err != nil {
+			return nil, err
+		}
+		if !isUsing {
+			return &pb.FindFreePortInNodeClusterResponse{Port: int32(port)}, nil
+		}
+	}
+
+	return nil, errors.New("can not find random port")
+}

internal/rpc/services/service_server.go

@@ -43,6 +43,21 @@ func (this *ServerService) CreateServer(ctx context.Context, req *pb.CreateServe
 				}
 			}
 		}
+
+		// TLS
+		if len(req.TlsJSON) > 0 {
+			tlsConfig := &serverconfigs.TLSProtocolConfig{}
+			err = json.Unmarshal(req.TlsJSON, tlsConfig)
+			if err != nil {
+				return nil, err
+			}
+			if tlsConfig.SSLPolicyRef != nil && tlsConfig.SSLPolicyRef.SSLPolicyId > 0 {
+				err := models.SharedSSLPolicyDAO.CheckUserPolicy(tx, tlsConfig.SSLPolicyRef.SSLPolicyId, userId)
+				if err != nil {
+					return nil, err
+				}
+			}
+		}
 	}
 
 	// 是否需要审核
@@ -50,14 +65,17 @@ func (this *ServerService) CreateServer(ctx context.Context, req *pb.CreateServe
 	serverNamesJSON := req.ServerNamesJON
 	auditingServerNamesJSON := []byte("[]")
 	if userId > 0 {
-		globalConfig, err := models.SharedSysSettingDAO.ReadGlobalConfig(tx)
-		if err != nil {
-			return nil, err
-		}
-		if globalConfig != nil && globalConfig.HTTPAll.DomainAuditingIsOn {
-			isAuditing = true
-			serverNamesJSON = []byte("[]")
-			auditingServerNamesJSON = req.ServerNamesJON
+		// 如果域名不为空的时候需要审核
+		if len(serverNamesJSON) > 0 && string(serverNamesJSON) != "[]" {
+			globalConfig, err := models.SharedSysSettingDAO.ReadGlobalConfig(tx)
+			if err != nil {
+				return nil, err
+			}
+			if globalConfig != nil && globalConfig.HTTPAll.DomainAuditingIsOn {
+				isAuditing = true
+				serverNamesJSON = []byte("[]")
+				auditingServerNamesJSON = req.ServerNamesJON
+			}
 		}
 	}
 
@@ -487,7 +505,7 @@ func (this *ServerService) CountAllEnabledServersMatch(ctx context.Context, req
 
 	tx := this.NullTx()
 
-	count, err := models.SharedServerDAO.CountAllEnabledServersMatch(tx, req.GroupId, req.Keyword, req.UserId, req.ClusterId, types.Int8(req.AuditingFlag))
+	count, err := models.SharedServerDAO.CountAllEnabledServersMatch(tx, req.GroupId, req.Keyword, req.UserId, req.ClusterId, types.Int8(req.AuditingFlag), req.ProtocolFamily)
 	if err != nil {
 		return nil, err
 	}
@@ -505,7 +523,7 @@ func (this *ServerService) ListEnabledServersMatch(ctx context.Context, req *pb.
 
 	tx := this.NullTx()
 
-	servers, err := models.SharedServerDAO.ListEnabledServersMatch(tx, req.Offset, req.Size, req.GroupId, req.Keyword, req.UserId, req.ClusterId, req.AuditingFlag)
+	servers, err := models.SharedServerDAO.ListEnabledServersMatch(tx, req.Offset, req.Size, req.GroupId, req.Keyword, req.UserId, req.ClusterId, req.AuditingFlag, req.ProtocolFamily)
 	if err != nil {
 		return nil, err
 	}
@@ -1188,3 +1206,60 @@ func (this *ServerService) FindAllEnabledServerNamesWithUserId(ctx context.Conte
 	}
 	return &pb.FindAllEnabledServerNamesWithUserIdResponse{ServerNames: serverNames}, nil
 }
+
+// 查找服务基本信息
+func (this *ServerService) FindEnabledUserServerBasic(ctx context.Context, req *pb.FindEnabledUserServerBasicRequest) (*pb.FindEnabledUserServerBasicResponse, error) {
+	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+
+	if userId > 0 {
+		err = models.SharedServerDAO.CheckUserServer(tx, req.ServerId, userId)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	server, err := models.SharedServerDAO.FindEnabledServerBasic(tx, req.ServerId)
+	if err != nil {
+		return nil, err
+	}
+	if server == nil {
+		return &pb.FindEnabledUserServerBasicResponse{Server: nil}, nil
+	}
+
+	return &pb.FindEnabledUserServerBasicResponse{Server: &pb.Server{
+		Id:          int64(server.Id),
+		Name:        server.Name,
+		Description: server.Description,
+		IsOn:        server.IsOn == 1,
+		Type:        server.Type,
+	}}, nil
+}
+
+// 修改用户服务基本信息
+func (this *ServerService) UpdateEnabledUserServerBasic(ctx context.Context, req *pb.UpdateEnabledUserServerBasicRequest) (*pb.RPCSuccess, error) {
+	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+
+	if userId > 0 {
+		err = models.SharedServerDAO.CheckUserServer(tx, req.ServerId, userId)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	err = models.SharedServerDAO.UpdateUserServerBasic(tx, req.ServerId, req.Name)
+	if err != nil {
+		return nil, err
+	}
+
+	return this.Success()
+}

internal/rpc/services/service_sys_locker.go

@@ -0,0 +1,58 @@
+package services
+
+import (
+	"context"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+)
+
+// 互斥锁管理
+type SysLockerService struct {
+	BaseService
+}
+
+// 获得锁
+func (this *SysLockerService) SysLockerLock(ctx context.Context, req *pb.SysLockerLockRequest) (*pb.SysLockerLockResponse, error) {
+	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	key := req.Key
+	if userId > 0 {
+		key = "@user" // 这里不加入用户ID，防止多个用户间冲突
+	}
+
+	timeout := req.TimeoutSeconds
+	if timeout <= 0 {
+		timeout = 60
+	} else if timeout > 86400 { // 最多不能超过1天
+		timeout = 86400
+	}
+
+	var tx = this.NullTx()
+	ok, err := models.SharedSysLockerDAO.Lock(tx, key, timeout)
+	if err != nil {
+		return nil, err
+	}
+	return &pb.SysLockerLockResponse{Ok: ok}, nil
+}
+
+// 释放锁
+func (this *SysLockerService) SysLockerUnlock(ctx context.Context, req *pb.SysLockerUnlockRequest) (*pb.RPCSuccess, error) {
+	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	key := req.Key
+	if userId > 0 {
+		key = "@user"
+	}
+	var tx = this.NullTx()
+	err = models.SharedSysLockerDAO.Unlock(tx, key)
+	if err != nil {
+		return nil, err
+	}
+	return this.Success()
+}

internal/rpc/services/service_user.go

@@ -306,7 +306,7 @@ func (this *UserService) ComposeUserDashboard(ctx context.Context, req *pb.Compo
 	tx := this.NullTx()
 
 	// 网站数量
-	countServers, err := models.SharedServerDAO.CountAllEnabledServersMatch(tx, 0, "", req.UserId, 0, configutils.BoolStateAll)
+	countServers, err := models.SharedServerDAO.CountAllEnabledServersMatch(tx, 0, "", req.UserId, 0, configutils.BoolStateAll, "")
 	if err != nil {
 		return nil, err
 	}