lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-23 19:57:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: 禁止普通用户使用不安全插件,比如复制到本机、自定义js脚本等

Browse Source
This commit is contained in:
xiaojunnuo
2024-09-29 01:14:21 +08:00
parent 5aa06f5b07
commit 4fcaab5feb
10 changed files with 70 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/core/pipeline/src/core/executor.ts
+5 -4
View File
@@ -1,7 +1,7 @@
import { ConcurrencyStrategy, NotificationWhen, Pipeline, ResultType, Runnable, RunStrategy, Stage, Step, Task } from "../dt/index.js";
import _ from "lodash-es";
import { RunHistory, RunnableCollection } from "./run-history.js";
import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext } from "../plugin/index.js";
import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext, UserInfo } from "../plugin/index.js";
import { ContextFactory, IContext } from "./context.js";
import { IStorage } from "./storage.js";
import { logger } from "../utils/util.log.js";
@@ -16,13 +16,13 @@ import { hashUtils, utils } from "../utils/index.js";
// import { TimeoutPromise } from "../utils/util.promise.js";
export type ExecutorOptions = {
userId: any;
pipeline: Pipeline;
storage: IStorage;
onChanged: (history: RunHistory) => Promise<void>;
accessService: IAccessService;
emailService: IEmailService;
fileRootDir?: string;
user: UserInfo;
};
export class Executor {
@@ -46,7 +46,7 @@ export class Executor {
this.onChanged = async (history: RunHistory) => {
await options.onChanged(history);
};
this.pipeline.userId = options.userId;
this.pipeline.userId = options.user.id;
this.contextFactory = new ContextFactory(options.storage);
this.logger = logger;
this.pipelineContext = this.contextFactory.getContext("pipeline", this.pipeline.id);
@@ -269,7 +269,7 @@ export class Executor {
accessService: this.options.accessService,
emailService: this.options.emailService,
pipelineContext: this.pipelineContext,
userContext: this.contextFactory.getContext("user", this.options.userId),
userContext: this.contextFactory.getContext("user", this.options.user.id),
fileStore: new FileStore({
scope: this.pipeline.id,
parent: this.runtime.id,
@@ -277,6 +277,7 @@ export class Executor {
}),
signal: this.abort.signal,
utils,
user: this.options.user,
};
instance.setCtx(taskCtx);
packages/core/pipeline/src/plugin/api.ts
+10 -1
View File
@@ -9,7 +9,10 @@ import { ILogger, logger, utils } from "../utils/index.js";
import { HttpClient } from "../utils/util.request";
import dayjs from "dayjs";
import _ from "lodash-es";
export type UserInfo = {
role: "admin" | "user";
id: any;
};
export enum ContextScope {
global,
pipeline,
@@ -81,6 +84,8 @@ export type TaskInstanceContext = {
signal: AbortSignal;
//工具类
utils: typeof utils;
user: UserInfo;
};
export abstract class AbstractTaskPlugin implements ITaskPlugin {
@@ -170,6 +175,10 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
}
throw new Error(`action ${req.action} not found`);
}
isAdmin() {
return this.ctx.user.role === "admin";
}
}
export type OutputVO = {