TRKJ/EdgeAPI
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAPI.git synced 2025-11-15 09:10:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

兼容用户节点

Browse Source
This commit is contained in:
刘祥超
2020-12-18 21:18:53 +08:00
parent 1b6e2819e3
commit c81deef52d
22 changed files with 288 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
internal/rpc/services/service_ssl_cert.go
View File

@@ -4,7 +4,6 @@ import (
"context"
"encoding/json"
"github.com/TeaOSLab/EdgeAPI/internal/db/models"
rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
)
@@ -17,30 +16,36 @@ type SSLCertService struct {
// 创建Cert
func (this *SSLCertService) CreateSSLCert(ctx context.Context, req *pb.CreateSSLCertRequest) (*pb.CreateSSLCertResponse, error) {
// 校验请求
adminId, userId, err := this.ValidateAdminAndUser(ctx, 0)
adminId, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
if err != nil {
return nil, err
}
// TODO 校验权限
certId, err := models.SharedSSLCertDAO.CreateCert(adminId, userId, req.IsOn, req.Name, req.Description, req.ServerName, req.IsCA, req.CertData, req.KeyData, req.TimeBeginAt, req.TimeEndAt, req.DnsNames, req.CommonNames)
if err != nil {
return nil, err
}
return &pb.CreateSSLCertResponse{CertId: certId}, nil
return &pb.CreateSSLCertResponse{SslCertId: certId}, nil
}
// 修改Cert
func (this *SSLCertService) UpdateSSLCert(ctx context.Context, req *pb.UpdateSSLCertRequest) (*pb.RPCSuccess, error) {
// 校验请求
_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
if err != nil {
return nil, err
}
err = models.SharedSSLCertDAO.UpdateCert(req.CertId, req.IsOn, req.Name, req.Description, req.ServerName, req.IsCA, req.CertData, req.KeyData, req.TimeBeginAt, req.TimeEndAt, req.DnsNames, req.CommonNames)
// 检查权限
if userId > 0 {
err := models.SharedSSLCertDAO.CheckUserCert(req.SslCertId, userId)
if err != nil {
return nil, err
}
}
err = models.SharedSSLCertDAO.UpdateCert(req.SslCertId, req.IsOn, req.Name, req.Description, req.ServerName, req.IsCA, req.CertData, req.KeyData, req.TimeBeginAt, req.TimeEndAt, req.DnsNames, req.CommonNames)
if err != nil {
return nil, err
}
@@ -51,12 +56,20 @@ func (this *SSLCertService) UpdateSSLCert(ctx context.Context, req *pb.UpdateSSL
// 查找证书配置
func (this *SSLCertService) FindEnabledSSLCertConfig(ctx context.Context, req *pb.FindEnabledSSLCertConfigRequest) (*pb.FindEnabledSSLCertConfigResponse, error) {
// 校验请求
_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
if err != nil {
return nil, err
}
config, err := models.SharedSSLCertDAO.ComposeCertConfig(req.CertId)
// 检查权限
if userId > 0 {
err := models.SharedSSLCertDAO.CheckUserCert(req.SslCertId, userId)
if err != nil {
return nil, err
}
}
config, err := models.SharedSSLCertDAO.ComposeCertConfig(req.SslCertId)
if err != nil {
return nil, err
}
@@ -65,24 +78,32 @@ func (this *SSLCertService) FindEnabledSSLCertConfig(ctx context.Context, req *p
if err != nil {
return nil, err
}
return &pb.FindEnabledSSLCertConfigResponse{CertJSON: configJSON}, nil
return &pb.FindEnabledSSLCertConfigResponse{SslCertJSON: configJSON}, nil
}
// 删除证书
func (this *SSLCertService) DeleteSSLCert(ctx context.Context, req *pb.DeleteSSLCertRequest) (*pb.RPCSuccess, error) {
// 校验请求
_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
if err != nil {
return nil, err
}
err = models.SharedSSLCertDAO.DisableSSLCert(req.CertId)
// 检查权限
if userId > 0 {
err := models.SharedSSLCertDAO.CheckUserCert(req.SslCertId, userId)
if err != nil {
return nil, err
}
}
err = models.SharedSSLCertDAO.DisableSSLCert(req.SslCertId)
if err != nil {
return nil, err
}
// 停止相关ACME任务
err = models.SharedACMETaskDAO.DisableAllTasksWithCertId(req.CertId)
err = models.SharedACMETaskDAO.DisableAllTasksWithCertId(req.SslCertId)
if err != nil {
return nil, err
}
@@ -93,12 +114,12 @@ func (this *SSLCertService) DeleteSSLCert(ctx context.Context, req *pb.DeleteSSL
// 计算匹配的Cert数量
func (this *SSLCertService) CountSSLCerts(ctx context.Context, req *pb.CountSSLCertRequest) (*pb.RPCCountResponse, error) {
// 校验请求
_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
_, _, err := this.ValidateAdminAndUser(ctx, 0, req.UserId)
if err != nil {
return nil, err
}
count, err := models.SharedSSLCertDAO.CountCerts(req.IsCA, req.IsAvailable, req.IsExpired, int64(req.ExpiringDays), req.Keyword)
count, err := models.SharedSSLCertDAO.CountCerts(req.IsCA, req.IsAvailable, req.IsExpired, int64(req.ExpiringDays), req.Keyword, req.UserId)
if err != nil {
return nil, err
}
@@ -109,12 +130,12 @@ func (this *SSLCertService) CountSSLCerts(ctx context.Context, req *pb.CountSSLC
// 列出单页匹配的Cert
func (this *SSLCertService) ListSSLCerts(ctx context.Context, req *pb.ListSSLCertsRequest) (*pb.ListSSLCertsResponse, error) {
// 校验请求
_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
_, _, err := this.ValidateAdminAndUser(ctx, 0, req.UserId)
if err != nil {
return nil, err
}
certIds, err := models.SharedSSLCertDAO.ListCertIds(req.IsCA, req.IsAvailable, req.IsExpired, int64(req.ExpiringDays), req.Keyword, req.Offset, req.Size)
certIds, err := models.SharedSSLCertDAO.ListCertIds(req.IsCA, req.IsAvailable, req.IsExpired, int64(req.ExpiringDays), req.Keyword, req.UserId, req.Offset, req.Size)
if err != nil {
return nil, err
}
@@ -136,5 +157,5 @@ func (this *SSLCertService) ListSSLCerts(ctx context.Context, req *pb.ListSSLCer
if err != nil {
return nil, err
}
return &pb.ListSSLCertsResponse{CertsJSON: certConfigsJSON}, nil
return &pb.ListSSLCertsResponse{SslCertsJSON: certConfigsJSON}, nil
}