mirror of
https://github.com/certd/certd.git
synced 2026-04-24 04:17:25 +08:00
chore: project controller ok
This commit is contained in:
xiaojunnuo
@@ -32,10 +32,12 @@ export class AddonController extends CrudController<AddonService> {
|
||||
|
||||
@Post("/page", { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
delete body.query.userId;
|
||||
body.query.projectId = projectId;
|
||||
const buildQuery = qb => {
|
||||
qb.andWhere("user_id = :userId", { userId: this.getUserId() });
|
||||
qb.andWhere("user_id = :userId", { userId });
|
||||
};
|
||||
const res = await this.service.page({
|
||||
query: body.query,
|
||||
@@ -48,14 +50,18 @@ export class AddonController extends CrudController<AddonService> {
|
||||
|
||||
@Post("/list", { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.userId = userId;
|
||||
body.query.projectId = projectId;
|
||||
return super.list(body);
|
||||
}
|
||||
|
||||
@Post("/add", { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean) {
|
||||
bean.userId = this.getUserId();
|
||||
const {userId,projectId} = await this.getProjectUserIdRead();
|
||||
bean.userId = userId;
|
||||
bean.projectId = projectId;
|
||||
const type = bean.type;
|
||||
const addonType = bean.addonType;
|
||||
if (!type || !addonType) {
|
||||
@@ -73,7 +79,7 @@ export class AddonController extends CrudController<AddonService> {
|
||||
|
||||
@Post("/update", { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id, "write");
|
||||
const old = await this.service.info(bean.id);
|
||||
if (!old) {
|
||||
throw new ValidateException("Addon配置不存在");
|
||||
@@ -90,18 +96,19 @@ export class AddonController extends CrudController<AddonService> {
|
||||
}
|
||||
}
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
|
||||
@Post("/info", { summary: Constants.per.authOnly })
|
||||
async info(@Query("id") id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "read");
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post("/delete", { summary: Constants.per.authOnly })
|
||||
async delete(@Query("id") id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "write");
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
@@ -133,38 +140,42 @@ export class AddonController extends CrudController<AddonService> {
|
||||
async simpleInfo(@Query("addonType") addonType: string, @Query("id") id: number) {
|
||||
if (id === 0) {
|
||||
//获取默认
|
||||
const res = await this.service.getDefault(this.getUserId(), addonType);
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const res = await this.service.getDefault(userId, addonType,projectId);
|
||||
if (!res) {
|
||||
throw new ValidateException("默认Addon配置不存在");
|
||||
}
|
||||
const simple = await this.service.getSimpleInfo(res.id);
|
||||
return this.ok(simple);
|
||||
}
|
||||
await this.authService.checkUserIdButAllowAdmin(this.ctx, this.service, id);
|
||||
await this.checkOwner(this.getService(), id, "read",true);
|
||||
const res = await this.service.getSimpleInfo(id);
|
||||
return this.ok(res);
|
||||
}
|
||||
|
||||
@Post("/getDefaultId", { summary: Constants.per.authOnly })
|
||||
async getDefaultId(@Query("addonType") addonType: string) {
|
||||
const res = await this.service.getDefault(this.getUserId(), addonType);
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const res = await this.service.getDefault(userId, addonType,projectId);
|
||||
return this.ok(res?.id);
|
||||
}
|
||||
|
||||
@Post("/setDefault", { summary: Constants.per.authOnly })
|
||||
async setDefault(@Query("addonType") addonType: string, @Query("id") id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
const res = await this.service.setDefault(id, this.getUserId(), addonType);
|
||||
const {projectId,userId} = await this.checkOwner(this.getService(), id, "write",true);
|
||||
const res = await this.service.setDefault(id, userId, addonType,projectId);
|
||||
return this.ok(res);
|
||||
}
|
||||
|
||||
|
||||
@Post("/options", { summary: Constants.per.authOnly })
|
||||
async options(@Query("addonType") addonType: string) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const res = await this.service.list({
|
||||
query: {
|
||||
userId: this.getUserId(),
|
||||
addonType
|
||||
userId,
|
||||
addonType,
|
||||
projectId
|
||||
}
|
||||
});
|
||||
for (const item of res) {
|
||||
@@ -176,22 +187,16 @@ export class AddonController extends CrudController<AddonService> {
|
||||
|
||||
@Post("/handle", { summary: Constants.per.authOnly })
|
||||
async handle(@Body(ALL) body: AddonRequestHandleReq) {
|
||||
const userId = this.getUserId();
|
||||
let inputAddon = body.input.addon;
|
||||
if (body.input.id > 0) {
|
||||
await this.checkOwner(this.getService(), body.input.id, "write",true);
|
||||
const oldEntity = await this.service.info(body.input.id);
|
||||
if (oldEntity) {
|
||||
if (oldEntity.userId !== userId) {
|
||||
throw new Error("addon not found");
|
||||
}
|
||||
// const param: any = {
|
||||
// type: body.typeName,
|
||||
// setting: JSON.stringify(body.input.access),
|
||||
// };
|
||||
inputAddon = JSON.parse(oldEntity.setting);
|
||||
}
|
||||
}
|
||||
const serviceGetter = this.taskServiceBuilder.create({ userId });
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const serviceGetter = this.taskServiceBuilder.create({ userId,projectId });
|
||||
|
||||
const ctx = {
|
||||
http: http,
|
||||
|
||||
@@ -20,10 +20,12 @@ export class GroupController extends CrudController<GroupService> {
|
||||
|
||||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.projectId = projectId;
|
||||
delete body.query.userId;
|
||||
const buildQuery = qb => {
|
||||
qb.andWhere('user_id = :userId', { userId: this.getUserId() });
|
||||
qb.andWhere('user_id = :userId', { userId });
|
||||
};
|
||||
const res = await this.service.page({
|
||||
query: body.query,
|
||||
@@ -36,40 +38,47 @@ export class GroupController extends CrudController<GroupService> {
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.projectId = projectId;
|
||||
body.query.userId = userId;
|
||||
return await super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean: any) {
|
||||
bean.userId = this.getUserId();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
bean.projectId = projectId;
|
||||
bean.userId = userId;
|
||||
return await super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id, "write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return await super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "read");
|
||||
return await super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "write");
|
||||
return await super.delete(id);
|
||||
}
|
||||
|
||||
@Post('/all', { summary: Constants.per.authOnly })
|
||||
async all(@Query('type') type: string) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const list: any = await this.service.find({
|
||||
where: {
|
||||
userId: this.getUserId(),
|
||||
projectId,
|
||||
userId,
|
||||
type,
|
||||
},
|
||||
});
|
||||
|
||||
@@ -18,8 +18,10 @@ export class DomainController extends CrudController<DomainService> {
|
||||
|
||||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.projectId = projectId;
|
||||
body.query.userId = userId;
|
||||
const domain = body.query.domain;
|
||||
delete body.query.domain;
|
||||
|
||||
@@ -40,41 +42,48 @@ export class DomainController extends CrudController<DomainService> {
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.projectId = projectId;
|
||||
body.query.userId = userId;
|
||||
const list = await this.getService().list(body);
|
||||
return this.ok(list);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean: any) {
|
||||
bean.userId = this.getUserId();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
bean.projectId = projectId;
|
||||
bean.userId = userId;
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean: any) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id, "write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "read");
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "write");
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
@Post('/deleteByIds', { summary: Constants.per.authOnly })
|
||||
async deleteByIds(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
await this.service.delete(body.ids, {
|
||||
userId: this.getUserId(),
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
});
|
||||
return this.ok();
|
||||
}
|
||||
@@ -83,9 +92,12 @@ export class DomainController extends CrudController<DomainService> {
|
||||
@Post('/import/start', { summary: Constants.per.authOnly })
|
||||
async importStart(@Body(ALL) body: any) {
|
||||
checkPlus();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const { key } = body;
|
||||
const req = {
|
||||
key, userId: this.getUserId(),
|
||||
key,
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
}
|
||||
await this.service.startDomainImportTask(req);
|
||||
return this.ok();
|
||||
@@ -93,8 +105,10 @@ export class DomainController extends CrudController<DomainService> {
|
||||
|
||||
@Post('/import/status', { summary: Constants.per.authOnly })
|
||||
async importStatus() {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const req = {
|
||||
userId: this.getUserId(),
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
}
|
||||
const task = await this.service.getDomainImportTaskStatus(req);
|
||||
return this.ok(task);
|
||||
@@ -103,9 +117,11 @@ export class DomainController extends CrudController<DomainService> {
|
||||
|
||||
@Post('/import/delete', { summary: Constants.per.authOnly })
|
||||
async importDelete(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const { key } = body;
|
||||
const req = {
|
||||
userId: this.getUserId(),
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
key,
|
||||
}
|
||||
await this.service.deleteDomainImportTask(req);
|
||||
@@ -115,9 +131,11 @@ export class DomainController extends CrudController<DomainService> {
|
||||
@Post('/import/save', { summary: Constants.per.authOnly })
|
||||
async importSave(@Body(ALL) body: any) {
|
||||
checkPlus();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const { dnsProviderType, dnsProviderAccessId, key } = body;
|
||||
const req = {
|
||||
userId: this.getUserId(),
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
dnsProviderType, dnsProviderAccessId, key
|
||||
}
|
||||
const item = await this.service.saveDomainImportTask(req);
|
||||
@@ -127,15 +145,19 @@ export class DomainController extends CrudController<DomainService> {
|
||||
|
||||
@Post('/sync/expiration/start', { summary: Constants.per.authOnly })
|
||||
async syncExpirationStart(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
await this.service.startSyncExpirationTask({
|
||||
userId: this.getUserId(),
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
})
|
||||
return this.ok();
|
||||
}
|
||||
@Post('/sync/expiration/status', { summary: Constants.per.authOnly })
|
||||
async syncExpirationStatus(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const status = await this.service.getSyncExpirationTaskStatus({
|
||||
userId: this.getUserId(),
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
})
|
||||
return this.ok(status);
|
||||
}
|
||||
|
||||
@@ -17,8 +17,10 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
||||
|
||||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body: any) {
|
||||
const {userId,projectId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.userId = userId;
|
||||
body.query.projectId = projectId;
|
||||
const domain = body.query.domain;
|
||||
delete body.query.domain;
|
||||
|
||||
@@ -39,22 +41,27 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body: any) {
|
||||
const {userId,projectId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.userId = userId;
|
||||
body.query.projectId = projectId;
|
||||
const list = await this.getService().list(body);
|
||||
return this.ok(list);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean: any) {
|
||||
bean.userId = this.getUserId();
|
||||
const {userId,projectId} = await this.getProjectUserIdWrite();
|
||||
bean.userId = userId;
|
||||
bean.projectId = projectId;
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean: any) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id, "write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
|
||||
|
||||
@@ -22,7 +22,7 @@ export class UserTwoFactorSettingController extends BaseController {
|
||||
@Post("/get", { summary: Constants.per.authOnly })
|
||||
async get() {
|
||||
const userId = this.getUserId();
|
||||
const setting = await this.service.getSetting<UserTwoFactorSetting>(userId, UserTwoFactorSetting);
|
||||
const setting = await this.service.getSetting<UserTwoFactorSetting>(userId,null, UserTwoFactorSetting);
|
||||
return this.ok(setting);
|
||||
}
|
||||
|
||||
@@ -41,7 +41,7 @@ export class UserTwoFactorSettingController extends BaseController {
|
||||
setting.authenticator.verified = false;
|
||||
}
|
||||
|
||||
await this.service.saveSetting(userId, setting);
|
||||
await this.service.saveSetting(userId,null, setting);
|
||||
return this.ok({});
|
||||
}
|
||||
|
||||
|
||||
@@ -65,13 +65,14 @@ export class UserSettingsController extends CrudController<UserSettingsService>
|
||||
|
||||
@Post('/get', { summary: Constants.per.authOnly })
|
||||
async get(@Query('key') key: string) {
|
||||
const entity = await this.service.getByKey(key, this.getUserId());
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const entity = await this.service.getByKey(key, userId, projectId);
|
||||
return this.ok(entity);
|
||||
}
|
||||
@Post("/grant/get", { summary: Constants.per.authOnly })
|
||||
async grantSettingsGet() {
|
||||
const userId = this.getUserId();
|
||||
const setting = await this.service.getSetting<UserGrantSetting>(userId, UserGrantSetting);
|
||||
const setting = await this.service.getSetting<UserGrantSetting>(userId, null, UserGrantSetting);
|
||||
return this.ok(setting);
|
||||
}
|
||||
|
||||
@@ -84,7 +85,7 @@ export class UserSettingsController extends CrudController<UserSettingsService>
|
||||
const setting = new UserGrantSetting();
|
||||
merge(setting, bean);
|
||||
|
||||
await this.service.saveSetting(userId, setting);
|
||||
await this.service.saveSetting(userId,null, setting);
|
||||
return this.ok({});
|
||||
}
|
||||
|
||||
|
||||
@@ -123,6 +123,7 @@ export class CertInfoController extends CrudController<CertInfoService> {
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.checkOwner(this.service,bean.id,"write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return await super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
|
||||
@@ -80,6 +80,7 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.checkOwner(this.service,bean.id,"write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
await this.service.update(bean);
|
||||
const entity = await this.service.info(bean.id);
|
||||
if (entity.disabled) {
|
||||
|
||||
@@ -62,6 +62,7 @@ export class SiteInfoController extends CrudController<SiteIpService> {
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.checkOwner(this.service,bean.id,"write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
await this.service.update(bean);
|
||||
const siteEntity = await this.siteInfoService.info(bean.siteId);
|
||||
if(!siteEntity.disabled){
|
||||
|
||||
@@ -19,8 +19,10 @@ export class OpenKeyController extends CrudController<OpenKeyService> {
|
||||
|
||||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.projectId = projectId;
|
||||
body.query.userId = userId;
|
||||
const res = await this.service.page({
|
||||
query: body.query,
|
||||
page: body.page,
|
||||
@@ -31,40 +33,45 @@ export class OpenKeyController extends CrudController<OpenKeyService> {
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.projectId = projectId;
|
||||
body.query.userId = userId;
|
||||
return await super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) body: any) {
|
||||
body.userId = this.getUserId();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.projectId = projectId;
|
||||
body.userId = userId;
|
||||
const res = await this.service.add(body);
|
||||
return this.ok(res);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id, "write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
await this.service.update(bean);
|
||||
return this.ok();
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "read");
|
||||
return await super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "write");
|
||||
return await super.delete(id);
|
||||
}
|
||||
|
||||
@Post('/getApiToken', { summary: Constants.per.authOnly })
|
||||
async getApiToken(@Body('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "write");
|
||||
const token = await this.service.getApiToken(id);
|
||||
return this.ok(token);
|
||||
}
|
||||
|
||||
@@ -21,9 +21,11 @@ export class AccessController extends CrudController<AccessService> {
|
||||
|
||||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body) {
|
||||
const { projectId, userId } = await this.getProjectUserIdRead()
|
||||
body.query = body.query ?? {};
|
||||
delete body.query.userId;
|
||||
body.query.userId = this.getUserId()
|
||||
body.query.userId = userId;
|
||||
body.query.projectId = projectId;
|
||||
let name = body.query?.name;
|
||||
delete body.query.name;
|
||||
const buildQuery = qb => {
|
||||
@@ -42,32 +44,37 @@ export class AccessController extends CrudController<AccessService> {
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body) {
|
||||
const { projectId, userId } = await this.getProjectUserIdRead()
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.userId = userId;
|
||||
body.query.projectId = projectId;
|
||||
return super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean) {
|
||||
bean.userId = this.getUserId();
|
||||
const { projectId, userId } = await this.getProjectUserIdWrite()
|
||||
bean.userId = userId;
|
||||
bean.projectId = projectId;
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id, "write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "read");
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "write");
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
@@ -79,7 +86,8 @@ export class AccessController extends CrudController<AccessService> {
|
||||
|
||||
@Post('/getSecretPlain', { summary: Constants.per.authOnly })
|
||||
async getSecretPlain(@Body(ALL) body: { id: number; key: string }) {
|
||||
const value = await this.service.getById(body.id, this.getUserId());
|
||||
const {userId, projectId} = await this.checkOwner(this.getService(), body.id, "read");
|
||||
const value = await this.service.getById(body.id, userId, projectId);
|
||||
return this.ok(value[body.key]);
|
||||
}
|
||||
|
||||
@@ -102,14 +110,16 @@ export class AccessController extends CrudController<AccessService> {
|
||||
|
||||
@Post('/simpleInfo', { summary: Constants.per.authOnly })
|
||||
async simpleInfo(@Query('id') id: number) {
|
||||
await this.authService.checkUserIdButAllowAdmin(this.ctx, this.service, id);
|
||||
// await this.authService.checkUserIdButAllowAdmin(this.ctx, this.service, id);
|
||||
await this.checkOwner(this.getService(), id, "read",true);
|
||||
const res = await this.service.getSimpleInfo(id);
|
||||
return this.ok(res);
|
||||
}
|
||||
|
||||
@Post('/getDictByIds', { summary: Constants.per.authOnly })
|
||||
async getDictByIds(@Body('ids') ids: number[]) {
|
||||
const res = await this.service.getSimpleByIds(ids, this.getUserId());
|
||||
const { userId, projectId } = await this.getProjectUserIdRead()
|
||||
const res = await this.service.getSimpleByIds(ids, userId, projectId);
|
||||
return this.ok(res);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,9 +21,8 @@ export class CertController extends BaseController {
|
||||
|
||||
@Post('/get', { summary: Constants.per.authOnly })
|
||||
async getCert(@Query('id') id: number) {
|
||||
const userId = this.getUserId();
|
||||
|
||||
|
||||
const {userId} = await this.getProjectUserIdRead()
|
||||
|
||||
const pipleinUserId = await this.pipelineService.getPipelineUserId(id);
|
||||
|
||||
@@ -34,7 +33,7 @@ export class CertController extends BaseController {
|
||||
throw new PermissionException();
|
||||
}
|
||||
// 是否允许管理员查看
|
||||
const setting = await this.userSettingsService.getSetting<UserGrantSetting>(pipleinUserId, UserGrantSetting, false);
|
||||
const setting = await this.userSettingsService.getSetting<UserGrantSetting>(pipleinUserId,null, UserGrantSetting, false);
|
||||
if (setting?.allowAdminViewCerts !== true) {
|
||||
//不允许管理员查看
|
||||
throw new PermissionException("该流水线的用户还未授权管理员查看证书,请先让用户在”设置->授权委托“中打开开关");
|
||||
|
||||
@@ -14,7 +14,6 @@ export class DnsProviderController extends BaseController {
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Query(ALL) query: any) {
|
||||
query.userId = this.getUserId();
|
||||
const list = this.service.getList();
|
||||
return this.ok(list);
|
||||
}
|
||||
|
||||
@@ -34,7 +34,7 @@ export class HandleController extends BaseController {
|
||||
|
||||
@Post('/access', { summary: Constants.per.authOnly })
|
||||
async accessRequest(@Body(ALL) body: AccessRequestHandleReq) {
|
||||
const userId = this.getUserId();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead()
|
||||
let inputAccess = body.input.access;
|
||||
if (body.input.id > 0) {
|
||||
const oldEntity = await this.accessService.info(body.input.id);
|
||||
@@ -42,6 +42,9 @@ export class HandleController extends BaseController {
|
||||
if (oldEntity.userId !== this.getUserId()) {
|
||||
throw new Error('access not found');
|
||||
}
|
||||
if (oldEntity.projectId && oldEntity.projectId !== projectId) {
|
||||
throw new Error('access not found');
|
||||
}
|
||||
const param: any = {
|
||||
type: body.typeName,
|
||||
setting: JSON.stringify(body.input.access),
|
||||
@@ -50,7 +53,7 @@ export class HandleController extends BaseController {
|
||||
inputAccess = this.accessService.decryptAccessEntity(param);
|
||||
}
|
||||
}
|
||||
const accessGetter = new AccessGetter(userId, this.accessService.getById.bind(this.accessService));
|
||||
const accessGetter = new AccessGetter(userId,projectId, this.accessService.getById.bind(this.accessService));
|
||||
const access = await newAccess(body.typeName, inputAccess,accessGetter);
|
||||
|
||||
mergeUtils.merge(access, body.input);
|
||||
@@ -77,7 +80,7 @@ export class HandleController extends BaseController {
|
||||
|
||||
@Post('/plugin', { summary: Constants.per.authOnly })
|
||||
async pluginRequest(@Body(ALL) body: PluginRequestHandleReq) {
|
||||
const userId = this.getUserId();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead()
|
||||
const pluginDefine = pluginRegistry.get(body.typeName);
|
||||
const pluginCls = await pluginDefine.target();
|
||||
if (pluginCls == null) {
|
||||
@@ -98,7 +101,7 @@ export class HandleController extends BaseController {
|
||||
});
|
||||
};
|
||||
|
||||
const taskServiceGetter = this.taskServiceBuilder.create({userId})
|
||||
const taskServiceGetter = this.taskServiceBuilder.create({userId,projectId})
|
||||
|
||||
const accessGetter = await taskServiceGetter.get<IAccessService>("accessService")
|
||||
//@ts-ignore
|
||||
@@ -118,6 +121,7 @@ export class HandleController extends BaseController {
|
||||
fileStore: undefined,
|
||||
signal: undefined,
|
||||
user: {id:userId,role:"user"},
|
||||
projectId,
|
||||
// pipelineContext: this.pipelineContext,
|
||||
// userContext: this.contextFactory.getContext('user', this.options.userId),
|
||||
// fileStore: new FileStore({
|
||||
|
||||
@@ -161,6 +161,7 @@ export class HistoryController extends CrudController<HistoryService> {
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.checkOwner(this.getService(), bean.id,"write",true);
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
|
||||
|
||||
@@ -22,10 +22,12 @@ export class NotificationController extends CrudController<NotificationService>
|
||||
|
||||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
delete body.query.userId;
|
||||
body.query.projectId = projectId;
|
||||
const buildQuery = qb => {
|
||||
qb.andWhere('user_id = :userId', { userId: this.getUserId() });
|
||||
qb.andWhere('user_id = :userId', { userId: userId});
|
||||
};
|
||||
const res = await this.service.page({
|
||||
query: body.query,
|
||||
@@ -38,14 +40,18 @@ export class NotificationController extends CrudController<NotificationService>
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.userId = userId;
|
||||
body.query.projectId = projectId;
|
||||
return super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean) {
|
||||
bean.userId = this.getUserId();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
bean.userId = userId;
|
||||
bean.projectId = projectId;
|
||||
const type = bean.type;
|
||||
const define: NotificationDefine = this.service.getDefineByType(type);
|
||||
if (!define) {
|
||||
@@ -59,7 +65,7 @@ export class NotificationController extends CrudController<NotificationService>
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id,"write");
|
||||
const old = await this.service.info(bean.id);
|
||||
if (!old) {
|
||||
throw new ValidateException('通知配置不存在');
|
||||
@@ -75,17 +81,18 @@ export class NotificationController extends CrudController<NotificationService>
|
||||
}
|
||||
}
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id,"read");
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id,"write");
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
@@ -118,44 +125,50 @@ export class NotificationController extends CrudController<NotificationService>
|
||||
|
||||
@Post('/simpleInfo', { summary: Constants.per.authOnly })
|
||||
async simpleInfo(@Query('id') id: number) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
if (id === 0) {
|
||||
//获取默认
|
||||
const res = await this.service.getDefault(this.getUserId());
|
||||
const res = await this.service.getDefault(userId,projectId);
|
||||
if (!res) {
|
||||
throw new ValidateException('默认通知配置不存在');
|
||||
}
|
||||
const simple = await this.service.getSimpleInfo(res.id);
|
||||
return this.ok(simple);
|
||||
}
|
||||
await this.authService.checkUserIdButAllowAdmin(this.ctx, this.service, id);
|
||||
await this.checkOwner(this.getService(), id,"read",true);
|
||||
const res = await this.service.getSimpleInfo(id);
|
||||
return this.ok(res);
|
||||
}
|
||||
|
||||
@Post('/getDefaultId', { summary: Constants.per.authOnly })
|
||||
async getDefaultId() {
|
||||
const res = await this.service.getDefault(this.getUserId());
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const res = await this.service.getDefault(userId,projectId);
|
||||
return this.ok(res?.id);
|
||||
}
|
||||
|
||||
@Post('/setDefault', { summary: Constants.per.authOnly })
|
||||
async setDefault(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
const res = await this.service.setDefault(id, this.getUserId());
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
await this.checkOwner(this.getService(), id,"write");
|
||||
const res = await this.service.setDefault(id, userId,projectId);
|
||||
return this.ok(res);
|
||||
}
|
||||
|
||||
@Post('/getOrCreateDefault', { summary: Constants.per.authOnly })
|
||||
async getOrCreateDefault(@Body('email') email: string) {
|
||||
const res = await this.service.getOrCreateDefault(email, this.getUserId());
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const res = await this.service.getOrCreateDefault(email, userId,projectId);
|
||||
return this.ok(res);
|
||||
}
|
||||
|
||||
@Post('/options', { summary: Constants.per.authOnly })
|
||||
async options() {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const res = await this.service.list({
|
||||
query: {
|
||||
userId: this.getUserId(),
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
},
|
||||
});
|
||||
for (const item of res) {
|
||||
|
||||
@@ -97,6 +97,7 @@ export class PipelineController extends CrudController<PipelineService> {
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.checkOwner(this.getService(), bean.id,"write",true);
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
|
||||
@@ -140,6 +141,7 @@ export class PipelineController extends CrudController<PipelineService> {
|
||||
async disabled(@Body(ALL) bean) {
|
||||
await this.checkOwner(this.getService(), bean.id,"write",true);
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
await this.service.disabled(bean.id, bean.disabled);
|
||||
return this.ok({});
|
||||
}
|
||||
|
||||
@@ -20,10 +20,12 @@ export class PipelineGroupController extends CrudController<PipelineGroupService
|
||||
|
||||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
delete body.query.userId;
|
||||
body.query.projectId = projectId;
|
||||
const buildQuery = qb => {
|
||||
qb.andWhere('user_id = :userId', { userId: this.getUserId() });
|
||||
qb.andWhere('user_id = :userId', { userId: userId });
|
||||
};
|
||||
const res = await this.service.page({
|
||||
query: body.query,
|
||||
@@ -36,40 +38,47 @@ export class PipelineGroupController extends CrudController<PipelineGroupService
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body: any) {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.userId = userId;
|
||||
body.query.projectId = projectId;
|
||||
return await super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean: any) {
|
||||
bean.userId = this.getUserId();
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
bean.userId = userId;
|
||||
bean.projectId = projectId;
|
||||
return await super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id, "write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return await super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "read");
|
||||
return await super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "write");
|
||||
return await super.delete(id);
|
||||
}
|
||||
|
||||
@Post('/all', { summary: Constants.per.authOnly })
|
||||
async all() {
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const list: any = await this.service.find({
|
||||
where: {
|
||||
userId: this.getUserId(),
|
||||
userId: userId,
|
||||
projectId: projectId,
|
||||
},
|
||||
});
|
||||
return this.ok(list);
|
||||
|
||||
@@ -18,21 +18,18 @@ export class PluginController extends BaseController {
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Query(ALL) query: any) {
|
||||
query.userId = this.getUserId();
|
||||
const list = await this.service.getEnabledBuiltInList();
|
||||
return this.ok(list);
|
||||
}
|
||||
|
||||
@Post('/groups', { summary: Constants.per.authOnly })
|
||||
async groups(@Query(ALL) query: any) {
|
||||
query.userId = this.getUserId();
|
||||
const group = await this.service.getEnabledBuildInGroup();
|
||||
return this.ok(group);
|
||||
}
|
||||
|
||||
@Post('/groupsList', { summary: Constants.per.authOnly })
|
||||
async groupsList(@Query(ALL) query: any) {
|
||||
query.userId = this.getUserId();
|
||||
const groups = pluginGroups
|
||||
const groupsList:any = []
|
||||
for (const key in groups) {
|
||||
|
||||
@@ -22,8 +22,8 @@ export class SubDomainController extends CrudController<SubDomainService> {
|
||||
|
||||
@Post('/parseDomain', { summary: Constants.per.authOnly })
|
||||
async parseDomain(@Body("fullDomain") fullDomain:string) {
|
||||
const userId = this.getUserId()
|
||||
const taskService = this.taskServiceBuilder.create({ userId: userId });
|
||||
const {projectId,userId} = await this.getProjectUserIdRead();
|
||||
const taskService = this.taskServiceBuilder.create({ userId: userId, projectId: projectId });
|
||||
const subDomainGetter = await taskService.getSubDomainsGetter();
|
||||
const domainParser = new DomainParser(subDomainGetter)
|
||||
const domain = await domainParser.parse(fullDomain)
|
||||
@@ -33,10 +33,12 @@ export class SubDomainController extends CrudController<SubDomainService> {
|
||||
|
||||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body) {
|
||||
const {userId,projectId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
delete body.query.userId;
|
||||
body.query.projectId = projectId;
|
||||
const buildQuery = qb => {
|
||||
qb.andWhere('user_id = :userId', { userId: this.getUserId() });
|
||||
qb.andWhere('user_id = :userId', { userId: userId });
|
||||
};
|
||||
const res = await this.service.page({
|
||||
query: body.query,
|
||||
@@ -49,38 +51,44 @@ export class SubDomainController extends CrudController<SubDomainService> {
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body) {
|
||||
const {userId,projectId} = await this.getProjectUserIdRead();
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.getUserId();
|
||||
body.query.userId = userId;
|
||||
body.query.projectId = projectId;
|
||||
return super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean) {
|
||||
bean.userId = this.getUserId();
|
||||
const {userId,projectId} = await this.getProjectUserIdRead();
|
||||
bean.userId = userId;
|
||||
bean.projectId = projectId;
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), bean.id, "write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "read");
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
await this.checkOwner(this.getService(), id, "write");
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
@Post('/batchDelete', { summary: Constants.per.authOnly })
|
||||
async batchDelete(@Body('ids') ids: number[]) {
|
||||
await this.service.batchDelete(ids, this.getUserId());
|
||||
const {userId,projectId} = await this.getProjectUserIdWrite();
|
||||
await this.service.batchDelete(ids, userId, projectId);
|
||||
return this.ok({});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -59,6 +59,7 @@ export class TemplateController extends CrudController<TemplateService> {
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.checkOwner(this.service, bean.id, "write");
|
||||
delete bean.userId;
|
||||
delete bean.projectId;
|
||||
return super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
|
||||
Reference in New Issue
Block a user