2026-02-11 00:07:29 +08:00
|
|
|
|
import { ApplicationContext, Inject } from '@midwayjs/core';
|
|
|
|
|
|
import type {IMidwayContainer} from '@midwayjs/core';
|
2024-10-03 22:03:49 +08:00
|
|
|
|
import * as koa from '@midwayjs/koa';
|
2024-07-15 00:30:33 +08:00
|
|
|
|
import { Constants } from './constants.js';
|
2026-02-11 00:07:29 +08:00
|
|
|
|
import { isEnterprise } from './mode.js';
|
|
|
|
|
|
|
2023-01-29 13:44:19 +08:00
|
|
|
|
|
|
|
|
|
|
export abstract class BaseController {
|
|
|
|
|
|
@Inject()
|
2024-10-03 22:03:49 +08:00
|
|
|
|
ctx: koa.Context;
|
2023-01-29 13:44:19 +08:00
|
|
|
|
|
2026-02-11 00:07:29 +08:00
|
|
|
|
@ApplicationContext()
|
|
|
|
|
|
applicationContext: IMidwayContainer;
|
|
|
|
|
|
|
2023-01-29 13:44:19 +08:00
|
|
|
|
/**
|
|
|
|
|
|
* 成功返回
|
|
|
|
|
|
* @param data 返回数据
|
|
|
|
|
|
*/
|
2024-08-05 12:49:44 +08:00
|
|
|
|
ok(data?: any) {
|
2023-01-29 13:44:19 +08:00
|
|
|
|
const res = {
|
|
|
|
|
|
...Constants.res.success,
|
|
|
|
|
|
data: undefined,
|
|
|
|
|
|
};
|
|
|
|
|
|
if (data) {
|
|
|
|
|
|
res.data = data;
|
|
|
|
|
|
}
|
|
|
|
|
|
return res;
|
|
|
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 失败返回
|
2023-06-25 15:30:18 +08:00
|
|
|
|
* @param msg
|
|
|
|
|
|
* @param code
|
2023-01-29 13:44:19 +08:00
|
|
|
|
*/
|
2024-12-20 18:04:32 +08:00
|
|
|
|
fail(msg: string, code?: any) {
|
2023-01-29 13:44:19 +08:00
|
|
|
|
return {
|
|
|
|
|
|
code: code ? code : Constants.res.error.code,
|
2026-02-26 23:50:01 +08:00
|
|
|
|
message: msg ? msg : Constants.res.error.code,
|
2023-01-29 13:44:19 +08:00
|
|
|
|
};
|
|
|
|
|
|
}
|
2023-06-25 15:30:18 +08:00
|
|
|
|
|
|
|
|
|
|
getUserId() {
|
|
|
|
|
|
const userId = this.ctx.user?.id;
|
|
|
|
|
|
if (userId == null) {
|
|
|
|
|
|
throw new Error('Token已过期');
|
|
|
|
|
|
}
|
|
|
|
|
|
return userId;
|
|
|
|
|
|
}
|
2024-12-23 00:24:31 +08:00
|
|
|
|
|
|
|
|
|
|
getLoginUser() {
|
|
|
|
|
|
const user = this.ctx.user;
|
|
|
|
|
|
if (user == null) {
|
|
|
|
|
|
throw new Error('Token已过期');
|
|
|
|
|
|
}
|
|
|
|
|
|
return user;
|
|
|
|
|
|
}
|
2025-10-24 23:48:32 +08:00
|
|
|
|
|
|
|
|
|
|
isAdmin() {
|
|
|
|
|
|
const roleIds: number[] = this.ctx?.user?.roles;
|
|
|
|
|
|
if (roleIds?.includes(1)) {
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-11 00:54:56 +08:00
|
|
|
|
async getProjectId(permission:string) {
|
2026-02-11 00:07:29 +08:00
|
|
|
|
if (!isEnterprise()) {
|
|
|
|
|
|
return null
|
|
|
|
|
|
}
|
2026-02-13 21:28:17 +08:00
|
|
|
|
let projectIdStr = this.ctx.headers["project-id"] as string;
|
|
|
|
|
|
if (!projectIdStr){
|
|
|
|
|
|
projectIdStr = this.ctx.request.query["projectId"] as string;
|
|
|
|
|
|
}
|
2026-02-11 00:07:29 +08:00
|
|
|
|
if (!projectIdStr) {
|
2026-03-03 23:31:42 +08:00
|
|
|
|
//这里必须抛异常,否则可能会有权限问题
|
2026-02-11 00:07:29 +08:00
|
|
|
|
throw new Error("projectId 不能为空")
|
|
|
|
|
|
}
|
|
|
|
|
|
const userId = this.getUserId()
|
|
|
|
|
|
const projectId = parseInt(projectIdStr)
|
2026-02-11 00:54:56 +08:00
|
|
|
|
await this.checkProjectPermission(userId, projectId,permission)
|
2026-02-11 00:07:29 +08:00
|
|
|
|
return projectId;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-11 00:54:56 +08:00
|
|
|
|
async getProjectUserId(permission:string){
|
2026-02-11 00:07:29 +08:00
|
|
|
|
let userId = this.getUserId()
|
2026-02-11 00:54:56 +08:00
|
|
|
|
const projectId = await this.getProjectId(permission)
|
2026-02-11 00:07:29 +08:00
|
|
|
|
if(projectId){
|
2026-03-04 23:15:48 +08:00
|
|
|
|
userId = -1 // 企业管理模式下,用户id固定-1
|
2026-02-11 00:07:29 +08:00
|
|
|
|
}
|
|
|
|
|
|
return {
|
|
|
|
|
|
projectId,userId
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2026-02-11 00:54:56 +08:00
|
|
|
|
async getProjectUserIdRead(){
|
|
|
|
|
|
return await this.getProjectUserId("read")
|
|
|
|
|
|
}
|
|
|
|
|
|
async getProjectUserIdWrite(){
|
|
|
|
|
|
return await this.getProjectUserId("write")
|
|
|
|
|
|
}
|
|
|
|
|
|
async getProjectUserIdAdmin(){
|
|
|
|
|
|
return await this.getProjectUserId("admin")
|
|
|
|
|
|
}
|
2026-02-11 00:07:29 +08:00
|
|
|
|
|
|
|
|
|
|
async checkProjectPermission(userId: number, projectId: number,permission:string) {
|
|
|
|
|
|
const projectService:any = await this.applicationContext.getAsync("projectService");
|
|
|
|
|
|
await projectService.checkPermission({userId,projectId,permission})
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-11 18:11:33 +08:00
|
|
|
|
/**
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param service 检查记录是否属于某用户或某项目
|
|
|
|
|
|
* @param id
|
|
|
|
|
|
*/
|
2026-02-13 00:41:40 +08:00
|
|
|
|
async checkOwner(service:any,id:number,permission:string,allowAdmin:boolean = false){
|
2026-02-11 18:11:33 +08:00
|
|
|
|
let { projectId,userId } = await this.getProjectUserId(permission)
|
|
|
|
|
|
const authService:any = await this.applicationContext.getAsync("authService");
|
|
|
|
|
|
if (projectId) {
|
2026-02-13 00:41:40 +08:00
|
|
|
|
await authService.checkProjectId(service, id, projectId);
|
2026-02-11 18:11:33 +08:00
|
|
|
|
}else{
|
2026-03-13 19:39:27 +08:00
|
|
|
|
|
2026-03-15 14:01:34 +08:00
|
|
|
|
if(userId === Constants.systemUserId){
|
2026-03-13 19:39:27 +08:00
|
|
|
|
//系统级别,不检查权限
|
2026-02-13 00:41:40 +08:00
|
|
|
|
}else{
|
2026-03-13 19:39:27 +08:00
|
|
|
|
if(allowAdmin){
|
|
|
|
|
|
await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
|
|
|
|
|
|
}else{
|
|
|
|
|
|
await authService.checkUserId( service, id, userId);
|
|
|
|
|
|
}
|
2026-02-13 00:41:40 +08:00
|
|
|
|
}
|
2026-03-13 19:39:27 +08:00
|
|
|
|
|
2026-02-11 18:11:33 +08:00
|
|
|
|
}
|
|
|
|
|
|
return {projectId,userId}
|
|
|
|
|
|
}
|
2026-02-11 00:07:29 +08:00
|
|
|
|
|
2023-01-29 13:44:19 +08:00
|
|
|
|
}
|
