diff --git a/internal/db/models/admin_dao.go b/internal/db/models/admin_dao.go index e5e46664..9cf19f33 100644 --- a/internal/db/models/admin_dao.go +++ b/internal/db/models/admin_dao.go @@ -44,11 +44,17 @@ func (this *AdminDAO) EnableAdmin(tx *dbs.Tx, id int64) (rowsAffected int64, err } // DisableAdmin 禁用条目 -func (this *AdminDAO) DisableAdmin(tx *dbs.Tx, id int64) (rowsAffected int64, err error) { - return this.Query(tx). - Pk(id). +func (this *AdminDAO) DisableAdmin(tx *dbs.Tx, adminId int64) error { + err := this.Query(tx). + Pk(adminId). Set("state", AdminStateDisabled). - Update() + UpdateQuickly() + if err != nil { + return err + } + + // 删除AccessTokens + return SharedAPIAccessTokenDAO.DeleteAccessTokens(tx, adminId, 0) } // FindEnabledAdmin 查找启用中的条目 @@ -190,7 +196,19 @@ func (this *AdminDAO) UpdateAdmin(tx *dbs.Tx, adminId int64, username string, ca } op.IsOn = isOn err := this.Save(tx, op) - return err + if err != nil { + return err + } + + if !isOn { + // 删除AccessTokens + err = SharedAPIAccessTokenDAO.DeleteAccessTokens(tx, adminId, 0) + if err != nil { + return err + } + } + + return nil } // CheckAdminUsername 检查用户名是否存在 diff --git a/internal/db/models/api_access_token_dao.go b/internal/db/models/api_access_token_dao.go index 05a2c770..8c3f0a93 100644 --- a/internal/db/models/api_access_token_dao.go +++ b/internal/db/models/api_access_token_dao.go @@ -81,3 +81,16 @@ func (this *APIAccessTokenDAO) FindAccessToken(tx *dbs.Tx, token string) (*APIAc } return one.(*APIAccessToken), nil } + +// DeleteAccessTokens 删除用户的令牌 +func (this *APIAccessTokenDAO) DeleteAccessTokens(tx *dbs.Tx, adminId int64, userId int64) error { + var query = this.Query(tx) + if adminId > 0 { + query.Attr("adminId", adminId) + } else if userId > 0 { + query.Attr("userId", userId) + } else { + return nil + } + return query.DeleteQuickly() +} diff --git a/internal/db/models/user_dao.go b/internal/db/models/user_dao.go index 38433b90..48847801 100644 --- a/internal/db/models/user_dao.go +++ b/internal/db/models/user_dao.go @@ -74,6 +74,11 @@ func (this *UserDAO) DisableUser(tx *dbs.Tx, userId int64) error { return err } + err = SharedAPIAccessTokenDAO.DeleteAccessTokens(tx, 0, userId) + if err != nil { + return err + } + return this.NotifyUpdate(tx, userId) } @@ -217,6 +222,14 @@ func (this *UserDAO) UpdateUser(tx *dbs.Tx, userId int64, username string, passw return err } + // 删除AccessTokens + if !isOn { + err = SharedAPIAccessTokenDAO.DeleteAccessTokens(tx, 0, userId) + if err != nil { + return err + } + } + return this.NotifyUpdate(tx, userId) } diff --git a/internal/rpc/services/service_admin.go b/internal/rpc/services/service_admin.go index cf33b083..14397ef0 100644 --- a/internal/rpc/services/service_admin.go +++ b/internal/rpc/services/service_admin.go @@ -425,7 +425,7 @@ func (this *AdminService) DeleteAdmin(ctx context.Context, req *pb.DeleteAdminRe // TODO 超级管理员用户是不能删除的,或者要至少留一个超级管理员用户 - _, err = models.SharedAdminDAO.DisableAdmin(tx, req.AdminId) + err = models.SharedAdminDAO.DisableAdmin(tx, req.AdminId) if err != nil { return nil, err }