From f1190623f18e9977e0838e4860a81363a681a368 Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Wed, 5 Jan 2022 20:12:37 +0800 Subject: [PATCH] =?UTF-8?q?=E9=83=A8=E5=88=86API=E6=94=AF=E6=8C=81?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E5=B9=B3=E5=8F=B0=E8=B0=83=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/db/models/server_dao.go | 10 +++-- internal/db/models/server_group_dao.go | 39 +++++++++++++++--- internal/rpc/services/service_server.go | 13 +++++- internal/rpc/services/service_server_group.go | 41 +++++++++++++++---- 4 files changed, 83 insertions(+), 20 deletions(-) diff --git a/internal/db/models/server_dao.go b/internal/db/models/server_dao.go index f5155b16..073e77a1 100644 --- a/internal/db/models/server_dao.go +++ b/internal/db/models/server_dao.go @@ -1262,9 +1262,13 @@ func (this *ServerDAO) CountAllEnabledServersWithNodeClusterId(tx *dbs.Tx, clust } // CountAllEnabledServersWithGroupId 计算使用某个分组的服务数量 -func (this *ServerDAO) CountAllEnabledServersWithGroupId(tx *dbs.Tx, groupId int64) (int64, error) { - return this.Query(tx). - State(ServerStateEnabled). +func (this *ServerDAO) CountAllEnabledServersWithGroupId(tx *dbs.Tx, groupId int64, userId int64) (int64, error) { + var query = this.Query(tx). + State(ServerStateEnabled) + if userId > 0 { + query.Attr("userId", userId) + } + return query. Where("JSON_CONTAINS(groupIds, :groupId)"). Param("groupId", numberutils.FormatInt64(groupId)). Count() diff --git a/internal/db/models/server_group_dao.go b/internal/db/models/server_group_dao.go index 48466016..4b42863d 100644 --- a/internal/db/models/server_group_dao.go +++ b/internal/db/models/server_group_dao.go @@ -77,10 +77,11 @@ func (this *ServerGroupDAO) FindServerGroupName(tx *dbs.Tx, id int64) (string, e } // CreateGroup 创建分组 -func (this *ServerGroupDAO) CreateGroup(tx *dbs.Tx, name string) (groupId int64, err error) { +func (this *ServerGroupDAO) CreateGroup(tx *dbs.Tx, name string, userId int64) (groupId int64, err error) { op := NewServerGroupOperator() op.State = ServerGroupStateEnabled op.Name = name + op.UserId = userId op.IsOn = true err = this.Save(tx, op) if err != nil { @@ -102,9 +103,15 @@ func (this *ServerGroupDAO) UpdateGroup(tx *dbs.Tx, groupId int64, name string) } // FindAllEnabledGroups 查找所有分组 -func (this *ServerGroupDAO) FindAllEnabledGroups(tx *dbs.Tx) (result []*ServerGroup, err error) { - _, err = this.Query(tx). - State(ServerGroupStateEnabled). +func (this *ServerGroupDAO) FindAllEnabledGroups(tx *dbs.Tx, userId int64) (result []*ServerGroup, err error) { + var query = this.Query(tx). + State(ServerGroupStateEnabled) + if userId > 0 { + query.Attr("userId", userId) + } else { + query.Attr("userId", 0) + } + _, err = query. Desc("order"). AscPk(). Slice(&result). @@ -113,9 +120,13 @@ func (this *ServerGroupDAO) FindAllEnabledGroups(tx *dbs.Tx) (result []*ServerGr } // UpdateGroupOrders 修改分组排序 -func (this *ServerGroupDAO) UpdateGroupOrders(tx *dbs.Tx, groupIds []int64) error { +func (this *ServerGroupDAO) UpdateGroupOrders(tx *dbs.Tx, groupIds []int64, userId int64) error { for index, groupId := range groupIds { - _, err := this.Query(tx). + var query = this.Query(tx) + if userId > 0 { + query.Attr("userId", userId) + } + _, err := query. Pk(groupId). Set("order", len(groupIds)-index). Update() @@ -383,6 +394,22 @@ func (this *ServerGroupDAO) FindEnabledGroupIdWithReverseProxyId(tx *dbs.Tx, rev FindInt64Col(0) } +// CheckUserGroup 检查用户分组 +func (this *ServerGroupDAO) CheckUserGroup(tx *dbs.Tx, userId int64, groupId int64) error { + b, err := this.Query(tx). + Pk(groupId). + Attr("userId", userId). + State(ServerGroupStateEnabled). + Exist() + if err != nil { + return err + } + if !b { + return ErrNotFound + } + return nil +} + // NotifyUpdate 通知更新 func (this *ServerGroupDAO) NotifyUpdate(tx *dbs.Tx, groupId int64) error { serverIds, err := SharedServerDAO.FindAllEnabledServerIdsWithGroupId(tx, groupId) diff --git a/internal/rpc/services/service_server.go b/internal/rpc/services/service_server.go index e2150ce7..20677015 100644 --- a/internal/rpc/services/service_server.go +++ b/internal/rpc/services/service_server.go @@ -74,6 +74,14 @@ func (this *ServerService) CreateServer(ctx context.Context, req *pb.CreateServe } // 服务分组 + for _, groupId := range req.ServerGroupIds { + err := models.SharedServerGroupDAO.CheckUserGroup(tx, userId, groupId) + if err != nil { + return nil, err + } + } + + // 增加默认分组 config, err := models.SharedSysSettingDAO.ReadUserServerConfig(tx) if err == nil && config.GroupId > 0 && !lists.ContainsInt64(req.ServerGroupIds, config.GroupId) { req.ServerGroupIds = append(req.ServerGroupIds, config.GroupId) @@ -698,6 +706,7 @@ func (this *ServerService) ListEnabledServersMatch(ctx context.Context, req *pb. AuditingResult: auditingResult, CreatedAt: int64(server.CreatedAt), DnsName: server.DnsName, + UserPlanId: int64(server.UserPlanId), NodeCluster: &pb.NodeCluster{ Id: int64(server.ClusterId), Name: clusterName, @@ -1092,14 +1101,14 @@ func (this *ServerService) CountAllEnabledServersWithNodeClusterId(ctx context.C // CountAllEnabledServersWithServerGroupId 计算使用某个分组的服务数量 func (this *ServerService) CountAllEnabledServersWithServerGroupId(ctx context.Context, req *pb.CountAllEnabledServersWithServerGroupIdRequest) (*pb.RPCCountResponse, error) { // 校验请求 - _, err := this.ValidateAdmin(ctx, 0) + _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) if err != nil { return nil, err } tx := this.NullTx() - count, err := models.SharedServerDAO.CountAllEnabledServersWithGroupId(tx, req.ServerGroupId) + count, err := models.SharedServerDAO.CountAllEnabledServersWithGroupId(tx, req.ServerGroupId, userId) if err != nil { return nil, err } diff --git a/internal/rpc/services/service_server_group.go b/internal/rpc/services/service_server_group.go index 0b5623b7..19e190b8 100644 --- a/internal/rpc/services/service_server_group.go +++ b/internal/rpc/services/service_server_group.go @@ -16,14 +16,14 @@ type ServerGroupService struct { // CreateServerGroup 创建分组 func (this *ServerGroupService) CreateServerGroup(ctx context.Context, req *pb.CreateServerGroupRequest) (*pb.CreateServerGroupResponse, error) { // 校验请求 - _, err := this.ValidateAdmin(ctx, 0) + _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) if err != nil { return nil, err } tx := this.NullTx() - groupId, err := models.SharedServerGroupDAO.CreateGroup(tx, req.Name) + groupId, err := models.SharedServerGroupDAO.CreateGroup(tx, req.Name, userId) if err != nil { return nil, err } @@ -33,13 +33,21 @@ func (this *ServerGroupService) CreateServerGroup(ctx context.Context, req *pb.C // UpdateServerGroup 修改分组 func (this *ServerGroupService) UpdateServerGroup(ctx context.Context, req *pb.UpdateServerGroupRequest) (*pb.RPCSuccess, error) { // 校验请求 - _, err := this.ValidateAdmin(ctx, 0) + _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) if err != nil { return nil, err } tx := this.NullTx() + // 检查用户权限 + if userId > 0 { + err = models.SharedServerGroupDAO.CheckUserGroup(tx, userId, req.ServerGroupId) + if err != nil { + return nil, err + } + } + err = models.SharedServerGroupDAO.UpdateGroup(tx, req.ServerGroupId, req.Name) if err != nil { return nil, err @@ -51,13 +59,21 @@ func (this *ServerGroupService) UpdateServerGroup(ctx context.Context, req *pb.U // DeleteServerGroup 删除分组 func (this *ServerGroupService) DeleteServerGroup(ctx context.Context, req *pb.DeleteServerGroupRequest) (*pb.RPCSuccess, error) { // 校验请求 - _, err := this.ValidateAdmin(ctx, 0) + _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) if err != nil { return nil, err } tx := this.NullTx() + // 检查用户权限 + if userId > 0 { + err = models.SharedServerGroupDAO.CheckUserGroup(tx, userId, req.ServerGroupId) + if err != nil { + return nil, err + } + } + err = models.SharedServerGroupDAO.DisableServerGroup(tx, req.ServerGroupId) if err != nil { return nil, err @@ -69,14 +85,14 @@ func (this *ServerGroupService) DeleteServerGroup(ctx context.Context, req *pb.D // FindAllEnabledServerGroups 查询所有分组 func (this *ServerGroupService) FindAllEnabledServerGroups(ctx context.Context, req *pb.FindAllEnabledServerGroupsRequest) (*pb.FindAllEnabledServerGroupsResponse, error) { // 校验请求 - _, err := this.ValidateAdmin(ctx, 0) + _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) if err != nil { return nil, err } tx := this.NullTx() - groups, err := models.SharedServerGroupDAO.FindAllEnabledGroups(tx) + groups, err := models.SharedServerGroupDAO.FindAllEnabledGroups(tx, userId) if err != nil { return nil, err } @@ -93,14 +109,14 @@ func (this *ServerGroupService) FindAllEnabledServerGroups(ctx context.Context, // UpdateServerGroupOrders 修改分组排序 func (this *ServerGroupService) UpdateServerGroupOrders(ctx context.Context, req *pb.UpdateServerGroupOrdersRequest) (*pb.RPCSuccess, error) { // 校验请求 - _, err := this.ValidateAdmin(ctx, 0) + _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) if err != nil { return nil, err } tx := this.NullTx() - err = models.SharedServerGroupDAO.UpdateGroupOrders(tx, req.ServerGroupIds) + err = models.SharedServerGroupDAO.UpdateGroupOrders(tx, req.ServerGroupIds, userId) if err != nil { return nil, err } @@ -110,7 +126,7 @@ func (this *ServerGroupService) UpdateServerGroupOrders(ctx context.Context, req // FindEnabledServerGroup 查找单个分组信息 func (this *ServerGroupService) FindEnabledServerGroup(ctx context.Context, req *pb.FindEnabledServerGroupRequest) (*pb.FindEnabledServerGroupResponse, error) { // 校验请求 - _, err := this.ValidateAdmin(ctx, 0) + _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) if err != nil { return nil, err } @@ -127,6 +143,13 @@ func (this *ServerGroupService) FindEnabledServerGroup(ctx context.Context, req }, nil } + // 检查用户权限 + if userId > 0 && int64(group.UserId) != userId { + return &pb.FindEnabledServerGroupResponse{ + ServerGroup: nil, + }, nil + } + return &pb.FindEnabledServerGroupResponse{ ServerGroup: &pb.ServerGroup{ Id: int64(group.Id),