Files
certd/packages/libs/lib-server/src/basic/base-controller.ts
T

131 lines
3.4 KiB
TypeScript
Raw Normal View History

import { ApplicationContext, Inject } from "@midwayjs/core";
import type { IMidwayContainer } from "@midwayjs/core";
import * as koa from "@midwayjs/koa";
import { Constants } from "./constants.js";
import { isEnterprise } from "./mode.js";
2023-01-29 13:44:19 +08:00
export abstract class BaseController {
@Inject()
2024-10-03 22:03:49 +08:00
ctx: koa.Context;
2023-01-29 13:44:19 +08:00
2026-02-11 00:07:29 +08:00
@ApplicationContext()
applicationContext: IMidwayContainer;
2023-01-29 13:44:19 +08:00
/**
* 成功返回
* @param data 返回数据
*/
ok(data?: any) {
2023-01-29 13:44:19 +08:00
const res = {
...Constants.res.success,
data: undefined,
};
if (data) {
res.data = data;
}
return res;
}
/**
* 失败返回
2023-06-25 15:30:18 +08:00
* @param msg
* @param code
2023-01-29 13:44:19 +08:00
*/
2024-12-20 18:04:32 +08:00
fail(msg: string, code?: any) {
2023-01-29 13:44:19 +08:00
return {
code: code ? code : Constants.res.error.code,
message: msg ? msg : Constants.res.error.code,
2023-01-29 13:44:19 +08:00
};
}
2023-06-25 15:30:18 +08:00
getUserId() {
const userId = this.ctx.user?.id;
if (userId == null) {
throw new Error("Token已过期");
2023-06-25 15:30:18 +08:00
}
return userId;
}
getLoginUser() {
const user = this.ctx.user;
if (user == null) {
throw new Error("Token已过期");
}
return user;
}
2025-10-24 23:48:32 +08:00
isAdmin() {
const roleIds: number[] = this.ctx?.user?.roles;
if (roleIds?.includes(1)) {
return true;
}
}
async getProjectId(permission: string) {
2026-02-11 00:07:29 +08:00
if (!isEnterprise()) {
return undefined;
2026-02-11 00:07:29 +08:00
}
2026-02-13 21:28:17 +08:00
let projectIdStr = this.ctx.headers["project-id"] as string;
if (!projectIdStr) {
2026-02-13 21:28:17 +08:00
projectIdStr = this.ctx.request.query["projectId"] as string;
}
2026-02-11 00:07:29 +08:00
if (!projectIdStr) {
2026-03-03 23:31:42 +08:00
//这里必须抛异常,否则可能会有权限问题
throw new Error("projectId 不能为空");
2026-02-11 00:07:29 +08:00
}
const userId = this.getUserId();
const projectId = parseInt(projectIdStr);
await this.checkProjectPermission(userId, projectId, permission);
2026-02-11 00:07:29 +08:00
return projectId;
}
async getProjectUserId(permission: string) {
let userId = this.getUserId();
const projectId = await this.getProjectId(permission);
if (projectId) {
userId = -1; // 企业管理模式下,用户id固定-1
2026-02-11 00:07:29 +08:00
}
return {
projectId,
userId,
};
2026-02-11 00:07:29 +08:00
}
async getProjectUserIdRead() {
return await this.getProjectUserId("read");
2026-02-11 00:54:56 +08:00
}
async getProjectUserIdWrite() {
return await this.getProjectUserId("write");
2026-02-11 00:54:56 +08:00
}
async getProjectUserIdAdmin() {
return await this.getProjectUserId("admin");
2026-02-11 00:54:56 +08:00
}
2026-02-11 00:07:29 +08:00
async checkProjectPermission(userId: number, projectId: number, permission: string) {
const projectService: any = await this.applicationContext.getAsync("projectService");
await projectService.checkPermission({ userId, projectId, permission });
2026-02-11 00:07:29 +08:00
}
2026-02-11 18:11:33 +08:00
/**
*
2026-02-11 18:11:33 +08:00
* @param service 检查记录是否属于某用户或某项目
* @param id
2026-02-11 18:11:33 +08:00
*/
async checkOwner(service: any, id: number, permission: string, allowAdmin: boolean = false) {
const { projectId, userId } = await this.getProjectUserId(permission);
const authService: any = await this.applicationContext.getAsync("authService");
2026-02-11 18:11:33 +08:00
if (projectId) {
2026-02-13 00:41:40 +08:00
await authService.checkProjectId(service, id, projectId);
} else {
if (userId === Constants.systemUserId) {
2026-03-13 19:39:27 +08:00
//系统级别,不检查权限
} else {
if (allowAdmin) {
2026-03-13 19:39:27 +08:00
await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
} else {
await authService.checkUserId(service, id, userId);
2026-03-13 19:39:27 +08:00
}
2026-02-13 00:41:40 +08:00
}
2026-02-11 18:11:33 +08:00
}
return { projectId, userId };
2026-02-11 18:11:33 +08:00
}
2023-01-29 13:44:19 +08:00
}