管理员也支持AccessKey，Rest API增加所有的服务

2026-01-06 07:25:48 +08:00 · 2021-06-20 19:22:24 +08:00
parent a1c141010f
commit f67ddad2a8
12 changed files with 617 additions and 113 deletions
--- a/internal/db/models/api_access_token_dao.go
+++ b/internal/db/models/api_access_token_dao.go
@@ -1,6 +1,7 @@
 package models

 import (
+	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -29,10 +30,23 @@ func init() {
 	})
 }

-// 生成AccessToken
-func (this *APIAccessTokenDAO) GenerateAccessToken(tx *dbs.Tx, userId int64) (token string, expiresAt int64, err error) {
+// GenerateAccessToken 生成AccessToken
+func (this *APIAccessTokenDAO) GenerateAccessToken(tx *dbs.Tx, adminId int64, userId int64) (token string, expiresAt int64, err error) {
+	if adminId <= 0 && userId <= 0 {
+		err = errors.New("either 'adminId' or 'userId' should not be zero")
+		return
+	}
+
+	if adminId > 0 {
+		userId = 0
+	}
+	if userId > 0 {
+		adminId = 0
+	}
+
 	// 查询以前的
 	accessToken, err := this.Query(tx).
+		Attr("adminId", adminId).
 		Attr("userId", userId).
 		Find()
 	if err != nil {
@@ -48,6 +62,7 @@ func (this *APIAccessTokenDAO) GenerateAccessToken(tx *dbs.Tx, userId int64) (to
 		op.Id = accessToken.(*APIAccessToken).Id
 	}

+	op.AdminId = adminId
 	op.UserId = userId
 	op.Token = token
 	op.CreatedAt = time.Now().Unix()
@@ -56,7 +71,7 @@ func (this *APIAccessTokenDAO) GenerateAccessToken(tx *dbs.Tx, userId int64) (to
 	return
 }

-// 查找AccessToken
+// FindAccessToken 查找AccessToken
 func (this *APIAccessTokenDAO) FindAccessToken(tx *dbs.Tx, token string) (*APIAccessToken, error) {
 	one, err := this.Query(tx).
 		Attr("token", token).
--- a/internal/db/models/api_access_token_model.go
+++ b/internal/db/models/api_access_token_model.go
@@ -1,9 +1,10 @@
 package models

-// API访问令牌
+// APIAccessToken API访问令牌
 type APIAccessToken struct {
 	Id        uint64 `field:"id"`        // ID
 	UserId    uint32 `field:"userId"`    // 用户ID
+	AdminId   uint32 `field:"adminId"`   // 管理员ID
 	Token     string `field:"token"`     // 令牌
 	CreatedAt uint64 `field:"createdAt"` // 创建时间
 	ExpiredAt uint64 `field:"expiredAt"` // 过期时间
@@ -12,6 +13,7 @@ type APIAccessToken struct {
 type APIAccessTokenOperator struct {
 	Id        interface{} // ID
 	UserId    interface{} // 用户ID
+	AdminId   interface{} // 管理员ID
 	Token     interface{} // 令牌
 	CreatedAt interface{} // 创建时间
 	ExpiredAt interface{} // 过期时间
--- a/internal/db/models/dns/dns_task_dao_test.go
+++ b/internal/db/models/dns/dns_task_dao_test.go
@@ -9,7 +9,7 @@ import (

 func TestDNSTaskDAO_CreateDNSTask(t *testing.T) {
 	dbs.NotifyReady()
-	err := SharedDNSTaskDAO.CreateDNSTask(nil, 1, 2, 3, "taskType")
+	err := SharedDNSTaskDAO.CreateDNSTask(nil, 1, 2, 3, 0, "taskType")
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/internal/db/models/user_access_key_dao.go
+++ b/internal/db/models/user_access_key_dao.go
@@ -66,11 +66,12 @@ func (this *UserAccessKeyDAO) FindEnabledUserAccessKey(tx *dbs.Tx, id int64) (*U
 }

 // CreateAccessKey 创建Key
-func (this *UserAccessKeyDAO) CreateAccessKey(tx *dbs.Tx, userId int64, description string) (int64, error) {
-	if userId <= 0 {
-		return 0, errors.New("invalid userId")
+func (this *UserAccessKeyDAO) CreateAccessKey(tx *dbs.Tx, adminId int64, userId int64, description string) (int64, error) {
+	if adminId <= 0 && userId <= 0 {
+		return 0, errors.New("invalid adminId or userId")
 	}
 	op := NewUserAccessKeyOperator()
+	op.AdminId = adminId
 	op.UserId = userId
 	op.Description = description
 	op.UniqueId = rands.String(16)
@@ -81,8 +82,9 @@ func (this *UserAccessKeyDAO) CreateAccessKey(tx *dbs.Tx, userId int64, descript
 }

 // FindAllEnabledAccessKeys 查找用户所有的Key
-func (this *UserAccessKeyDAO) FindAllEnabledAccessKeys(tx *dbs.Tx, userId int64) (result []*UserAccessKey, err error) {
+func (this *UserAccessKeyDAO) FindAllEnabledAccessKeys(tx *dbs.Tx, adminId int64, userId int64) (result []*UserAccessKey, err error) {
 	_, err = this.Query(tx).
+		Attr("adminId", adminId).
 		Attr("userId", userId).
 		State(UserAccessKeyStateEnabled).
 		DescPk().
@@ -92,10 +94,11 @@ func (this *UserAccessKeyDAO) FindAllEnabledAccessKeys(tx *dbs.Tx, userId int64)
 }

 // CheckUserAccessKey 检查用户的AccessKey
-func (this *UserAccessKeyDAO) CheckUserAccessKey(tx *dbs.Tx, userId int64, accessKeyId int64) (bool, error) {
+func (this *UserAccessKeyDAO) CheckUserAccessKey(tx *dbs.Tx, adminId int64, userId int64, accessKeyId int64) (bool, error) {
 	return this.Query(tx).
 		Pk(accessKeyId).
 		State(UserAccessKeyStateEnabled).
+		Attr("adminId", adminId).
 		Attr("userId", userId).
 		Exist()
 }
@@ -133,3 +136,12 @@ func (this *UserAccessKeyDAO) UpdateAccessKeyAccessedAt(tx *dbs.Tx, accessKeyId
 		Set("accessedAt", time.Now().Unix()).
 		UpdateQuickly()
 }
+
+// CountAllEnabledAccessKeys 计算可用AccessKey数量
+func (this *UserAccessKeyDAO) CountAllEnabledAccessKeys(tx *dbs.Tx, adminId int64, userId int64) (int64, error) {
+	return this.Query(tx).
+		Attr("adminId", adminId).
+		Attr("userId", userId).
+		State(UserAccessKeyStateEnabled).
+		Count()
+}
--- a/internal/db/models/user_access_key_model.go
+++ b/internal/db/models/user_access_key_model.go
@@ -3,6 +3,7 @@ package models
 // UserAccessKey AccessKey
 type UserAccessKey struct {
 	Id          uint32 `field:"id"`          // ID
+	AdminId     uint32 `field:"adminId"`     // 管理员ID
 	UserId      uint32 `field:"userId"`      // 用户ID
 	SubUserId   uint32 `field:"subUserId"`   // 子用户ID
 	IsOn        uint8  `field:"isOn"`        // 是否启用
@@ -15,6 +16,7 @@ type UserAccessKey struct {

 type UserAccessKeyOperator struct {
 	Id          interface{} // ID
+	AdminId     interface{} // 管理员ID
 	UserId      interface{} // 用户ID
 	SubUserId   interface{} // 子用户ID
 	IsOn        interface{} // 是否启用