2020-07-22 22:19:39 +08:00
|
|
|
package helpers
|
|
|
|
|
|
|
|
|
|
import (
|
2020-12-02 20:31:42 +08:00
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
|
2020-07-22 22:19:39 +08:00
|
|
|
teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
|
2020-10-13 20:05:29 +08:00
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/setup"
|
2020-07-22 22:19:39 +08:00
|
|
|
"github.com/iwind/TeaGo/actions"
|
2020-11-10 15:40:22 +08:00
|
|
|
"github.com/iwind/TeaGo/maps"
|
2020-07-22 22:19:39 +08:00
|
|
|
"net/http"
|
|
|
|
|
"reflect"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// 认证拦截
|
2020-12-03 11:03:12 +08:00
|
|
|
type userMustAuth struct {
|
2020-12-02 23:47:50 +08:00
|
|
|
AdminId int64
|
2020-12-03 11:03:12 +08:00
|
|
|
module string
|
2020-07-22 22:19:39 +08:00
|
|
|
}
|
|
|
|
|
|
2020-12-03 11:03:12 +08:00
|
|
|
func NewUserMustAuth(module string) *userMustAuth {
|
|
|
|
|
return &userMustAuth{module: module}
|
2020-07-22 22:19:39 +08:00
|
|
|
}
|
|
|
|
|
|
2020-12-03 11:03:12 +08:00
|
|
|
func (this *userMustAuth) BeforeAction(actionPtr actions.ActionWrapper, paramName string) (goNext bool) {
|
2020-07-22 22:19:39 +08:00
|
|
|
var action = actionPtr.Object()
|
|
|
|
|
|
2020-11-10 12:47:24 +08:00
|
|
|
// 安全相关
|
2020-12-02 20:31:42 +08:00
|
|
|
securityConfig, _ := configloaders.LoadSecurityConfig()
|
2020-11-20 18:06:54 +08:00
|
|
|
if securityConfig == nil {
|
2020-11-10 12:47:24 +08:00
|
|
|
action.AddHeader("X-Frame-Options", "SAMEORIGIN")
|
2020-11-20 18:06:54 +08:00
|
|
|
} else if len(securityConfig.Frame) > 0 {
|
|
|
|
|
action.AddHeader("X-Frame-Options", securityConfig.Frame)
|
2020-11-10 12:47:24 +08:00
|
|
|
}
|
|
|
|
|
action.AddHeader("Content-Security-Policy", "default-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'")
|
|
|
|
|
|
2020-11-20 21:59:12 +08:00
|
|
|
// 检查IP
|
|
|
|
|
if !checkIP(securityConfig, action.RequestRemoteIP()) {
|
|
|
|
|
action.ResponseWriter.WriteHeader(http.StatusForbidden)
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-13 20:05:29 +08:00
|
|
|
// 检查系统是否已经配置过
|
|
|
|
|
if !setup.IsConfigured() {
|
|
|
|
|
action.RedirectURL("/setup")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-22 22:19:39 +08:00
|
|
|
var session = action.Session()
|
2020-12-02 23:47:50 +08:00
|
|
|
var adminId = session.GetInt64("adminId")
|
2020-12-07 11:45:45 +08:00
|
|
|
|
2020-07-22 22:19:39 +08:00
|
|
|
if adminId <= 0 {
|
|
|
|
|
this.login(action)
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 检查用户是否存在
|
2020-12-07 11:45:45 +08:00
|
|
|
if !configloaders.CheckAdmin(adminId) {
|
|
|
|
|
session.Delete()
|
2020-07-22 22:19:39 +08:00
|
|
|
|
2020-12-07 11:45:45 +08:00
|
|
|
this.login(action)
|
2020-07-22 22:19:39 +08:00
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-07 11:45:45 +08:00
|
|
|
// 检查用户权限
|
|
|
|
|
if len(this.module) > 0 && !configloaders.AllowModule(adminId, this.module) {
|
|
|
|
|
action.ResponseWriter.WriteHeader(http.StatusForbidden)
|
|
|
|
|
action.WriteString("Permission Denied.")
|
2020-07-22 22:19:39 +08:00
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
this.AdminId = adminId
|
|
|
|
|
action.Context.Set("adminId", this.AdminId)
|
|
|
|
|
|
|
|
|
|
if action.Request.Method != http.MethodGet {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-16 15:49:15 +08:00
|
|
|
config, err := configloaders.LoadAdminUIConfig()
|
2020-11-22 15:34:13 +08:00
|
|
|
if err != nil {
|
|
|
|
|
action.WriteString(err.Error())
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-22 22:19:39 +08:00
|
|
|
// 初始化内置方法
|
|
|
|
|
action.ViewFunc("teaTitle", func() string {
|
|
|
|
|
return action.Data["teaTitle"].(string)
|
|
|
|
|
})
|
|
|
|
|
|
2020-11-22 15:34:13 +08:00
|
|
|
action.Data["teaShowVersion"] = config.ShowVersion
|
|
|
|
|
action.Data["teaTitle"] = config.AdminSystemName
|
|
|
|
|
action.Data["teaName"] = config.ProductName
|
2020-12-07 11:45:45 +08:00
|
|
|
action.Data["teaUsername"] = configloaders.FindAdminFullname(adminId)
|
2020-11-20 21:59:12 +08:00
|
|
|
|
|
|
|
|
action.Data["teaUserAvatar"] = ""
|
|
|
|
|
|
2020-11-27 15:18:32 +08:00
|
|
|
if !action.Data.Has("teaMenu") {
|
|
|
|
|
action.Data["teaMenu"] = ""
|
|
|
|
|
}
|
2020-12-02 23:47:50 +08:00
|
|
|
action.Data["teaModules"] = this.modules(adminId)
|
2020-11-20 21:59:12 +08:00
|
|
|
action.Data["teaSubMenus"] = []map[string]interface{}{}
|
|
|
|
|
action.Data["teaTabbar"] = []map[string]interface{}{}
|
2020-11-22 15:34:13 +08:00
|
|
|
if len(config.Version) == 0 {
|
|
|
|
|
action.Data["teaVersion"] = teaconst.Version
|
|
|
|
|
} else {
|
|
|
|
|
action.Data["teaVersion"] = config.Version
|
|
|
|
|
}
|
|
|
|
|
action.Data["teaShowOpenSourceInfo"] = config.ShowOpenSourceInfo
|
2020-11-20 21:59:12 +08:00
|
|
|
action.Data["teaIsSuper"] = false
|
|
|
|
|
action.Data["teaDemoEnabled"] = teaconst.IsDemo
|
2021-01-13 17:50:03 +08:00
|
|
|
action.Data["teaShowFinance"] = configloaders.ShowFinance()
|
2020-11-20 21:59:12 +08:00
|
|
|
if !action.Data.Has("teaSubMenu") {
|
|
|
|
|
action.Data["teaSubMenu"] = ""
|
|
|
|
|
}
|
2021-01-17 16:47:29 +08:00
|
|
|
action.Data["teaCheckClusterTask"] = configloaders.AllowModule(adminId, configloaders.AdminModuleCodeNode)
|
2020-11-20 21:59:12 +08:00
|
|
|
|
|
|
|
|
// 菜单
|
|
|
|
|
action.Data["firstMenuItem"] = ""
|
|
|
|
|
|
|
|
|
|
// 未读消息数
|
|
|
|
|
action.Data["teaBadge"] = 0
|
|
|
|
|
|
|
|
|
|
// 调用Init
|
|
|
|
|
initMethod := reflect.ValueOf(actionPtr).MethodByName("Init")
|
|
|
|
|
if initMethod.IsValid() {
|
|
|
|
|
initMethod.Call([]reflect.Value{})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 菜单配置
|
2020-12-03 11:03:12 +08:00
|
|
|
func (this *userMustAuth) modules(adminId int64) []maps.Map {
|
2020-12-02 23:47:50 +08:00
|
|
|
allMaps := []maps.Map{
|
2020-07-22 22:19:39 +08:00
|
|
|
{
|
2020-12-02 23:47:50 +08:00
|
|
|
"code": "servers",
|
|
|
|
|
"module": configloaders.AdminModuleCodeServer,
|
|
|
|
|
"name": "网站服务",
|
|
|
|
|
"icon": "clone outsize",
|
2020-11-10 15:40:22 +08:00
|
|
|
"subItems": []maps.Map{
|
|
|
|
|
{
|
2020-11-18 10:07:29 +08:00
|
|
|
"name": "通用设置",
|
2020-11-10 15:40:22 +08:00
|
|
|
"url": "/servers/components",
|
2020-11-27 15:18:32 +08:00
|
|
|
"code": "global",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"name": "服务分组",
|
|
|
|
|
"url": "/servers/components/groups",
|
|
|
|
|
"code": "group",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"name": "缓存策略",
|
|
|
|
|
"url": "/servers/components/cache",
|
|
|
|
|
"code": "cache",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"name": "WAF策略",
|
|
|
|
|
"url": "/servers/components/waf",
|
|
|
|
|
"code": "waf",
|
2020-11-10 15:40:22 +08:00
|
|
|
},
|
2020-11-24 17:36:42 +08:00
|
|
|
{
|
|
|
|
|
"name": "证书管理",
|
|
|
|
|
"url": "/servers/certs",
|
|
|
|
|
"code": "cert",
|
|
|
|
|
},
|
2020-11-10 15:40:22 +08:00
|
|
|
},
|
2020-07-22 22:19:39 +08:00
|
|
|
},
|
|
|
|
|
{
|
2020-12-02 23:47:50 +08:00
|
|
|
"code": "clusters",
|
|
|
|
|
"module": configloaders.AdminModuleCodeNode,
|
|
|
|
|
"name": "边缘节点",
|
|
|
|
|
"icon": "cloud",
|
2020-11-10 15:45:48 +08:00
|
|
|
"subItems": []maps.Map{
|
|
|
|
|
{
|
|
|
|
|
"name": "SSH认证",
|
|
|
|
|
"url": "/clusters/grants",
|
|
|
|
|
"code": "grant",
|
|
|
|
|
},
|
2020-12-10 15:02:55 +08:00
|
|
|
{
|
|
|
|
|
"name": "区域设置",
|
|
|
|
|
"url": "/clusters/regions",
|
|
|
|
|
"code": "region",
|
|
|
|
|
},
|
2020-11-10 15:45:48 +08:00
|
|
|
},
|
2020-09-06 16:19:34 +08:00
|
|
|
},
|
2020-09-13 20:37:07 +08:00
|
|
|
{
|
2020-12-02 23:47:50 +08:00
|
|
|
"code": "dns",
|
|
|
|
|
"module": configloaders.AdminModuleCodeDNS,
|
|
|
|
|
"name": "域名解析",
|
|
|
|
|
"icon": "globe",
|
2020-11-10 21:37:48 +08:00
|
|
|
"subItems": []maps.Map{
|
2020-11-13 18:22:35 +08:00
|
|
|
{
|
|
|
|
|
"name": "问题修复",
|
|
|
|
|
"url": "/dns/issues",
|
|
|
|
|
"code": "issue",
|
|
|
|
|
},
|
2020-11-10 21:37:48 +08:00
|
|
|
{
|
2020-11-11 21:32:19 +08:00
|
|
|
"name": "DNS服务商",
|
2020-11-10 21:37:48 +08:00
|
|
|
"url": "/dns/providers",
|
|
|
|
|
"code": "provider",
|
|
|
|
|
},
|
|
|
|
|
},
|
2020-09-13 20:37:07 +08:00
|
|
|
},
|
2020-12-04 16:00:55 +08:00
|
|
|
{
|
|
|
|
|
"code": "users",
|
|
|
|
|
"module": configloaders.AdminModuleCodeUser,
|
|
|
|
|
"name": "平台用户",
|
|
|
|
|
"icon": "users",
|
|
|
|
|
},
|
2020-12-11 21:39:24 +08:00
|
|
|
{
|
|
|
|
|
"code": "finance",
|
|
|
|
|
"module": configloaders.AdminModuleCodeFinance,
|
|
|
|
|
"name": "财务管理",
|
|
|
|
|
"icon": "yen sign",
|
|
|
|
|
},
|
2020-12-02 23:11:43 +08:00
|
|
|
{
|
2020-12-02 23:47:50 +08:00
|
|
|
"code": "admins",
|
|
|
|
|
"module": configloaders.AdminModuleCodeAdmin,
|
|
|
|
|
"name": "系统用户",
|
2020-12-04 16:00:55 +08:00
|
|
|
"icon": "user secret",
|
2020-12-02 23:11:43 +08:00
|
|
|
},
|
2020-12-02 20:31:42 +08:00
|
|
|
{
|
2020-12-02 23:47:50 +08:00
|
|
|
"code": "log",
|
|
|
|
|
"module": configloaders.AdminModuleCodeLog,
|
|
|
|
|
"name": "日志审计",
|
|
|
|
|
"icon": "history",
|
2020-12-02 20:31:42 +08:00
|
|
|
},
|
2020-10-10 20:28:36 +08:00
|
|
|
{
|
2020-12-02 23:47:50 +08:00
|
|
|
"code": "settings",
|
|
|
|
|
"module": configloaders.AdminModuleCodeSetting,
|
|
|
|
|
"name": "系统设置",
|
|
|
|
|
"icon": "setting",
|
2020-12-14 21:24:21 +08:00
|
|
|
"subItems": []maps.Map{
|
|
|
|
|
{
|
|
|
|
|
"name": "高级设置",
|
|
|
|
|
"url": "/settings/advanced",
|
|
|
|
|
"code": "advanced",
|
|
|
|
|
},
|
|
|
|
|
},
|
2020-10-10 20:28:36 +08:00
|
|
|
},
|
2020-07-22 22:19:39 +08:00
|
|
|
}
|
2020-12-02 23:47:50 +08:00
|
|
|
|
|
|
|
|
result := []maps.Map{}
|
|
|
|
|
for _, m := range allMaps {
|
2021-01-13 17:50:03 +08:00
|
|
|
if m.GetString("code") == "finance" && !configloaders.ShowFinance() {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-02 23:47:50 +08:00
|
|
|
module := m.GetString("module")
|
|
|
|
|
if configloaders.AllowModule(adminId, module) {
|
|
|
|
|
result = append(result, m)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return result
|
2020-07-22 22:19:39 +08:00
|
|
|
}
|
|
|
|
|
|
2020-11-20 21:59:12 +08:00
|
|
|
// 跳转到登录页
|
2020-12-03 11:03:12 +08:00
|
|
|
func (this *userMustAuth) login(action *actions.ActionObject) {
|
2020-07-22 22:19:39 +08:00
|
|
|
action.RedirectURL("/")
|
|
|
|
|
}
|
