Files
certd/packages/ui/certd-server/src/controller/user/open/open-key-controller.ts
T

123 lines
4.1 KiB
TypeScript
Raw Normal View History

2026-05-31 01:41:33 +08:00
import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
import { Constants, CrudController } from "@certd/lib-server";
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
import { OpenKeyService } from "../../../modules/open/service/open-key-service.js";
import { ApiTags } from "@midwayjs/swagger";
2026-07-12 02:29:54 +08:00
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
2024-12-22 14:00:46 +08:00
/**
*/
@Provide()
2026-05-31 01:41:33 +08:00
@Controller("/api/open/key")
@ApiTags(["open"])
2025-01-15 01:05:34 +08:00
export class OpenKeyController extends CrudController<OpenKeyService> {
2024-12-22 14:00:46 +08:00
@Inject()
2025-01-15 01:05:34 +08:00
service: OpenKeyService;
2024-12-22 14:00:46 +08:00
@Inject()
authService: AuthService;
2025-01-15 01:05:34 +08:00
getService(): OpenKeyService {
2024-12-22 14:00:46 +08:00
return this.service;
}
2026-07-12 02:29:54 +08:00
getAuditType(): string {
2026-07-13 00:53:19 +08:00
return AuditType.openKey.value;
2026-07-12 02:29:54 +08:00
}
2026-05-31 01:41:33 +08:00
@Post("/page", { description: Constants.per.authOnly, summary: "查询开放API密钥分页列表" })
2024-12-22 14:00:46 +08:00
async page(@Body(ALL) body: any) {
2026-05-31 01:41:33 +08:00
const { projectId, userId } = await this.getProjectUserIdRead();
2024-12-22 14:00:46 +08:00
body.query = body.query ?? {};
2026-02-13 21:28:17 +08:00
body.query.projectId = projectId;
body.query.userId = userId;
2024-12-22 14:00:46 +08:00
const res = await this.service.page({
query: body.query,
page: body.page,
sort: body.sort,
});
2026-03-15 18:26:49 +08:00
this.keySecretDesensitization(res.records);
2024-12-22 14:00:46 +08:00
return this.ok(res);
}
2026-03-15 18:26:49 +08:00
private keySecretDesensitization(list: any[]) {
for (const item of list) {
2026-05-31 01:41:33 +08:00
item.keySecret = item.keySecret?.substring(0, 4) + "*********************************" + item.keySecret?.substring(item.keySecret.length - 4);
2026-03-15 18:26:49 +08:00
}
}
2026-05-31 01:41:33 +08:00
@Post("/list", { description: Constants.per.authOnly, summary: "查询开放API密钥列表" })
2024-12-22 14:00:46 +08:00
async list(@Body(ALL) body: any) {
2026-05-31 01:41:33 +08:00
const { projectId, userId } = await this.getProjectUserIdRead();
2024-12-22 14:00:46 +08:00
body.query = body.query ?? {};
2026-02-13 21:28:17 +08:00
body.query.projectId = projectId;
body.query.userId = userId;
2026-03-15 18:26:49 +08:00
const res = await this.service.list(body);
this.keySecretDesensitization(res);
return this.ok(res);
2024-12-22 14:00:46 +08:00
}
2026-05-31 01:41:33 +08:00
@Post("/add", { description: Constants.per.authOnly, summary: "添加开放API密钥" })
2025-01-19 00:33:34 +08:00
async add(@Body(ALL) body: any) {
2026-05-31 01:41:33 +08:00
const { projectId, userId } = await this.getProjectUserIdRead();
2026-02-13 21:28:17 +08:00
body.projectId = projectId;
body.userId = userId;
2025-01-19 00:33:34 +08:00
const res = await this.service.add(body);
2026-07-10 19:24:42 +08:00
this.auditLog({
content: `新增了API密钥(ID:${res.id}, scope:${body.scope})`,
});
2024-12-24 01:12:12 +08:00
return this.ok(res);
2024-12-22 14:00:46 +08:00
}
2026-05-31 01:41:33 +08:00
@Post("/update", { description: Constants.per.authOnly, summary: "更新开放API密钥" })
2024-12-22 14:00:46 +08:00
async update(@Body(ALL) bean) {
2026-02-13 21:28:17 +08:00
await this.checkOwner(this.getService(), bean.id, "write");
2024-12-22 14:00:46 +08:00
delete bean.userId;
2026-02-13 21:28:17 +08:00
delete bean.projectId;
2024-12-24 01:12:12 +08:00
await this.service.update(bean);
2026-07-10 19:24:42 +08:00
this.auditLog({
content: `修改了API密钥(ID:${bean.id})`,
});
2024-12-24 01:12:12 +08:00
return this.ok();
2024-12-22 14:00:46 +08:00
}
2026-05-31 01:41:33 +08:00
@Post("/info", { description: Constants.per.authOnly, summary: "查询开放API密钥详情" })
async info(@Query("id") id: number) {
2026-03-15 18:26:49 +08:00
const info = await this.checkPermission(id);
return this.ok(info);
}
private async checkPermission(id: number) {
const info = await this.service.info(id);
if (!info) {
2026-05-31 01:41:33 +08:00
throw new Error("密钥不存在");
2026-03-15 18:26:49 +08:00
}
2026-05-31 01:41:33 +08:00
if (info.scope === "user") {
await this.checkOwner(this.getService(), id, "write");
} else {
2026-03-15 18:26:49 +08:00
await this.checkOwner(this.getService(), id, "read");
}
2026-05-31 01:41:33 +08:00
return info;
2024-12-22 14:00:46 +08:00
}
2026-05-31 01:41:33 +08:00
@Post("/delete", { description: Constants.per.authOnly, summary: "删除开放API密钥" })
async delete(@Query("id") id: number) {
2026-02-13 21:28:17 +08:00
await this.checkOwner(this.getService(), id, "write");
2026-07-10 19:24:42 +08:00
const res = await super.delete(id);
this.auditLog({
content: `删除了API密钥(ID:${id})`,
});
return res;
2024-12-22 14:00:46 +08:00
}
2025-01-15 22:58:11 +08:00
2026-05-31 01:41:33 +08:00
@Post("/getApiToken", { description: Constants.per.authOnly, summary: "获取API测试令牌" })
async getApiToken(@Body("id") id: number) {
2026-03-15 18:26:49 +08:00
await this.checkPermission(id);
2025-01-15 22:58:11 +08:00
const token = await this.service.getApiToken(id);
return this.ok(token);
}
2026-03-15 18:26:49 +08:00
2026-05-31 01:41:33 +08:00
@Post("/getSecret", { description: Constants.per.authOnly, summary: "获取密钥" })
async getSecret(@Body("id") id: number) {
2026-03-15 18:26:49 +08:00
const info = await this.checkPermission(id);
return this.ok(info.keySecret);
}
2024-12-22 14:00:46 +08:00
}