阶段性提交

2026-01-04 06:16:35 +08:00 · 2021-06-17 21:17:53 +08:00
parent 1afaa0bc8d
commit 927b5b6fd3
11 changed files with 316 additions and 3 deletions
--- a/internal/db/models/http_auth_policy_dao.go
+++ b/internal/db/models/http_auth_policy_dao.go
@@ -0,0 +1,135 @@
+package models
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	_ "github.com/go-sql-driver/mysql"
+	"github.com/iwind/TeaGo/Tea"
+	"github.com/iwind/TeaGo/dbs"
+)
+
+const (
+	HTTPAuthPolicyStateEnabled  = 1 // 已启用
+	HTTPAuthPolicyStateDisabled = 0 // 已禁用
+)
+
+type HTTPAuthPolicyDAO dbs.DAO
+
+func NewHTTPAuthPolicyDAO() *HTTPAuthPolicyDAO {
+	return dbs.NewDAO(&HTTPAuthPolicyDAO{
+		DAOObject: dbs.DAOObject{
+			DB:     Tea.Env,
+			Table:  "edgeHTTPAuthPolicies",
+			Model:  new(HTTPAuthPolicy),
+			PkName: "id",
+		},
+	}).(*HTTPAuthPolicyDAO)
+}
+
+var SharedHTTPAuthPolicyDAO *HTTPAuthPolicyDAO
+
+func init() {
+	dbs.OnReady(func() {
+		SharedHTTPAuthPolicyDAO = NewHTTPAuthPolicyDAO()
+	})
+}
+
+// EnableHTTPAuthPolicy 启用条目
+func (this *HTTPAuthPolicyDAO) EnableHTTPAuthPolicy(tx *dbs.Tx, id int64) error {
+	_, err := this.Query(tx).
+		Pk(id).
+		Set("state", HTTPAuthPolicyStateEnabled).
+		Update()
+	return err
+}
+
+// DisableHTTPAuthPolicy 禁用条目
+func (this *HTTPAuthPolicyDAO) DisableHTTPAuthPolicy(tx *dbs.Tx, id int64) error {
+	_, err := this.Query(tx).
+		Pk(id).
+		Set("state", HTTPAuthPolicyStateDisabled).
+		Update()
+	return err
+}
+
+// FindEnabledHTTPAuthPolicy 查找启用中的条目
+func (this *HTTPAuthPolicyDAO) FindEnabledHTTPAuthPolicy(tx *dbs.Tx, id int64) (*HTTPAuthPolicy, error) {
+	result, err := this.Query(tx).
+		Pk(id).
+		Attr("state", HTTPAuthPolicyStateEnabled).
+		Find()
+	if result == nil {
+		return nil, err
+	}
+	return result.(*HTTPAuthPolicy), err
+}
+
+// CreateHTTPAuthPolicy 创建策略
+func (this *HTTPAuthPolicyDAO) CreateHTTPAuthPolicy(tx *dbs.Tx, name string, methodType string, paramsJSON []byte) (int64, error) {
+	op := NewHTTPAuthPolicyOperator()
+	op.Name = name
+	op.Type = methodType
+	op.Params = paramsJSON
+	op.IsOn = true
+	op.State = HTTPAuthPolicyStateEnabled
+	return this.SaveInt64(tx, op)
+}
+
+// UpdateHTTPAuthPolicy 修改策略
+func (this *HTTPAuthPolicyDAO) UpdateHTTPAuthPolicy(tx *dbs.Tx, policyId int64, name string, paramsJSON []byte, isOn bool) error {
+	if policyId <= 0 {
+		return errors.New("invalid policyId")
+	}
+	op := NewHTTPAuthPolicyOperator()
+	op.Id = policyId
+	op.Name = name
+	op.Params = paramsJSON
+	op.IsOn = isOn
+	err := this.Save(tx, op)
+	if err != nil {
+		return err
+	}
+	return this.NotifyUpdate(tx, policyId)
+}
+
+// ComposePolicyConfig 组合配置
+func (this *HTTPAuthPolicyDAO) ComposePolicyConfig(tx *dbs.Tx, policyId int64) (*serverconfigs.HTTPAuthPolicy, error) {
+	policy, err := this.FindEnabledHTTPAuthPolicy(tx, policyId)
+	if err != nil {
+		return nil, err
+	}
+	if policy == nil {
+		return nil, nil
+	}
+	var config = &serverconfigs.HTTPAuthPolicy{
+		Id:   int64(policy.Id),
+		Name: policy.Name,
+		IsOn: policy.IsOn == 1,
+		Type: policy.Type,
+	}
+
+	var params map[string]interface{}
+	if IsNotNull(policy.Params) {
+		err = json.Unmarshal([]byte(policy.Params), &params)
+		if err != nil {
+			return nil, err
+		}
+		config.Params = params
+	}
+	config.Params = params
+
+	return config, nil
+}
+
+// NotifyUpdate 通知更改
+func (this *HTTPAuthPolicyDAO) NotifyUpdate(tx *dbs.Tx, policyId int64) error {
+	webId, err := SharedHTTPWebDAO.FindEnabledWebIdWithHTTPAuthPolicyId(tx, policyId)
+	if err != nil {
+		return err
+	}
+	if webId > 0 {
+		return SharedHTTPWebDAO.NotifyUpdate(tx, webId)
+	}
+	return nil
+}
--- a/internal/db/models/http_auth_policy_dao_test.go
+++ b/internal/db/models/http_auth_policy_dao_test.go
@@ -0,0 +1,6 @@
+package models
+
+import (
+	_ "github.com/go-sql-driver/mysql"
+	_ "github.com/iwind/TeaGo/bootstrap"
+)
--- a/internal/db/models/http_auth_policy_model.go
+++ b/internal/db/models/http_auth_policy_model.go
@@ -0,0 +1,28 @@
+package models
+
+// HTTPAuthPolicy HTTP认证策略
+type HTTPAuthPolicy struct {
+	Id      uint64 `field:"id"`      // ID
+	AdminId uint32 `field:"adminId"` // 管理员ID
+	UserId  uint32 `field:"userId"`  // 用户ID
+	IsOn    uint8  `field:"isOn"`    // 是否启用
+	Name    string `field:"name"`    // 名称
+	Type    string `field:"type"`    // 类型
+	Params  string `field:"params"`  // 参数
+	State   uint8  `field:"state"`   // 状态
+}
+
+type HTTPAuthPolicyOperator struct {
+	Id      interface{} // ID
+	AdminId interface{} // 管理员ID
+	UserId  interface{} // 用户ID
+	IsOn    interface{} // 是否启用
+	Name    interface{} // 名称
+	Type    interface{} // 类型
+	Params  interface{} // 参数
+	State   interface{} // 状态
+}
+
+func NewHTTPAuthPolicyOperator() *HTTPAuthPolicyOperator {
+	return &HTTPAuthPolicyOperator{}
+}
--- a/internal/db/models/http_auth_policy_model_ext.go
+++ b/internal/db/models/http_auth_policy_model_ext.go
@@ -0,0 +1 @@
+package models
--- a/internal/db/models/http_web_dao.go
+++ b/internal/db/models/http_web_dao.go
@@ -347,6 +347,27 @@ func (this *HTTPWebDAO) ComposeWebConfig(tx *dbs.Tx, webId int64) (*serverconfig
 		}
 	}

+	// 认证
+	if IsNotNull(web.Auth) {
+		authConfig := &serverconfigs.HTTPAuthConfig{}
+		err = json.Unmarshal([]byte(web.Auth), authConfig)
+		if err != nil {
+			return nil, err
+		}
+		var newRefs []*serverconfigs.HTTPAuthPolicyRef
+		for _, ref := range authConfig.PolicyRefs {
+			policyConfig, err := SharedHTTPAuthPolicyDAO.ComposePolicyConfig(tx, ref.AuthPolicyId)
+			if err != nil {
+				return nil, err
+			}
+			if policyConfig != nil {
+				ref.AuthPolicy = policyConfig
+				newRefs = append(newRefs, ref)
+			}
+		}
+		config.Auth = authConfig
+	}
+
 	return config, nil
 }

@@ -622,6 +643,22 @@ func (this *HTTPWebDAO) UpdateWebRewriteRules(tx *dbs.Tx, webId int64, rewriteRu
 	return this.NotifyUpdate(tx, webId)
 }

+// UpdateWebAuth 修改认证信息
+func (this *HTTPWebDAO) UpdateWebAuth(tx *dbs.Tx, webId int64, authJSON []byte) error {
+	if webId <= 0 {
+		return errors.New("invalid webId")
+	}
+	op := NewHTTPWebOperator()
+	op.Id = webId
+	op.Auth = JSONBytes(authJSON)
+	err := this.Save(tx, op)
+	if err != nil {
+		return err
+	}
+
+	return this.NotifyUpdate(tx, webId)
+}
+
 // FindAllWebIdsWithCachePolicyId 根据缓存策略ID查找所有的WebId
 func (this *HTTPWebDAO) FindAllWebIdsWithCachePolicyId(tx *dbs.Tx, cachePolicyId int64) ([]int64, error) {
 	ones, err := this.Query(tx).
@@ -783,6 +820,16 @@ func (this *HTTPWebDAO) FindEnabledWebIdWithFastcgiId(tx *dbs.Tx, fastcgiId int6
 		FindInt64Col(0)
 }

+// FindEnabledWebIdWithHTTPAuthPolicyId 查找包含某个认证策略的Web
+func (this *HTTPWebDAO) FindEnabledWebIdWithHTTPAuthPolicyId(tx *dbs.Tx, httpAuthPolicyId int64) (webId int64, err error) {
+	return this.Query(tx).
+		State(HTTPWebStateEnabled).
+		ResultPk().
+		Where("JSON_CONTAINS(auth, :jsonQuery, '$.policyRefs')").
+		Param("jsonQuery", maps.Map{"authPolicyId": httpAuthPolicyId}.AsJSON()).
+		FindInt64Col(0)
+}
+
 // FindWebServerId 查找使用此Web的Server
 func (this *HTTPWebDAO) FindWebServerId(tx *dbs.Tx, webId int64) (serverId int64, err error) {
 	if webId <= 0 {
--- a/internal/db/models/http_web_model.go
+++ b/internal/db/models/http_web_model.go
@@ -28,6 +28,7 @@ type HTTPWeb struct {
 	RewriteRules       string `field:"rewriteRules"`       // 重写规则配置
 	HostRedirects      string `field:"hostRedirects"`      // 域名跳转
 	Fastcgi            string `field:"fastcgi"`            // Fastcgi配置
+	Auth               string `field:"auth"`               // 认证策略配置
 }

 type HTTPWebOperator struct {
@@ -57,6 +58,7 @@ type HTTPWebOperator struct {
 	RewriteRules       interface{} // 重写规则配置
 	HostRedirects      interface{} // 域名跳转
 	Fastcgi            interface{} // Fastcgi配置
+	Auth               interface{} // 认证策略配置
 }

 func NewHTTPWebOperator() *HTTPWebOperator {