mirror of
https://github.com/certd/certd.git
synced 2026-07-07 04:47:34 +08:00
perf: 优化用户体验,首次访问时弹出邮箱账号绑定用以初始化账号
This commit is contained in:
@@ -1,9 +1,8 @@
|
||||
import { ApplicationContext, Inject } from '@midwayjs/core';
|
||||
import type {IMidwayContainer} from '@midwayjs/core';
|
||||
import * as koa from '@midwayjs/koa';
|
||||
import { Constants } from './constants.js';
|
||||
import { isEnterprise } from './mode.js';
|
||||
|
||||
import { ApplicationContext, Inject } from "@midwayjs/core";
|
||||
import type { IMidwayContainer } from "@midwayjs/core";
|
||||
import * as koa from "@midwayjs/koa";
|
||||
import { Constants } from "./constants.js";
|
||||
import { isEnterprise } from "./mode.js";
|
||||
|
||||
export abstract class BaseController {
|
||||
@Inject()
|
||||
@@ -41,7 +40,7 @@ export abstract class BaseController {
|
||||
getUserId() {
|
||||
const userId = this.ctx.user?.id;
|
||||
if (userId == null) {
|
||||
throw new Error('Token已过期');
|
||||
throw new Error("Token已过期");
|
||||
}
|
||||
return userId;
|
||||
}
|
||||
@@ -49,7 +48,7 @@ export abstract class BaseController {
|
||||
getLoginUser() {
|
||||
const user = this.ctx.user;
|
||||
if (user == null) {
|
||||
throw new Error('Token已过期');
|
||||
throw new Error("Token已过期");
|
||||
}
|
||||
return user;
|
||||
}
|
||||
@@ -61,73 +60,71 @@ export abstract class BaseController {
|
||||
}
|
||||
}
|
||||
|
||||
async getProjectId(permission:string) {
|
||||
async getProjectId(permission: string) {
|
||||
if (!isEnterprise()) {
|
||||
return undefined
|
||||
return undefined;
|
||||
}
|
||||
let projectIdStr = this.ctx.headers["project-id"] as string;
|
||||
if (!projectIdStr){
|
||||
if (!projectIdStr) {
|
||||
projectIdStr = this.ctx.request.query["projectId"] as string;
|
||||
}
|
||||
if (!projectIdStr) {
|
||||
//这里必须抛异常,否则可能会有权限问题
|
||||
throw new Error("projectId 不能为空")
|
||||
throw new Error("projectId 不能为空");
|
||||
}
|
||||
const userId = this.getUserId()
|
||||
const projectId = parseInt(projectIdStr)
|
||||
await this.checkProjectPermission(userId, projectId,permission)
|
||||
const userId = this.getUserId();
|
||||
const projectId = parseInt(projectIdStr);
|
||||
await this.checkProjectPermission(userId, projectId, permission);
|
||||
return projectId;
|
||||
}
|
||||
|
||||
async getProjectUserId(permission:string){
|
||||
let userId = this.getUserId()
|
||||
const projectId = await this.getProjectId(permission)
|
||||
if(projectId){
|
||||
userId = -1 // 企业管理模式下,用户id固定-1
|
||||
async getProjectUserId(permission: string) {
|
||||
let userId = this.getUserId();
|
||||
const projectId = await this.getProjectId(permission);
|
||||
if (projectId) {
|
||||
userId = -1; // 企业管理模式下,用户id固定-1
|
||||
}
|
||||
return {
|
||||
projectId,userId
|
||||
}
|
||||
projectId,
|
||||
userId,
|
||||
};
|
||||
}
|
||||
async getProjectUserIdRead(){
|
||||
return await this.getProjectUserId("read")
|
||||
async getProjectUserIdRead() {
|
||||
return await this.getProjectUserId("read");
|
||||
}
|
||||
async getProjectUserIdWrite(){
|
||||
return await this.getProjectUserId("write")
|
||||
async getProjectUserIdWrite() {
|
||||
return await this.getProjectUserId("write");
|
||||
}
|
||||
async getProjectUserIdAdmin(){
|
||||
return await this.getProjectUserId("admin")
|
||||
async getProjectUserIdAdmin() {
|
||||
return await this.getProjectUserId("admin");
|
||||
}
|
||||
|
||||
async checkProjectPermission(userId: number, projectId: number,permission:string) {
|
||||
const projectService:any = await this.applicationContext.getAsync("projectService");
|
||||
await projectService.checkPermission({userId,projectId,permission})
|
||||
async checkProjectPermission(userId: number, projectId: number, permission: string) {
|
||||
const projectService: any = await this.applicationContext.getAsync("projectService");
|
||||
await projectService.checkPermission({ userId, projectId, permission });
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
*
|
||||
* @param service 检查记录是否属于某用户或某项目
|
||||
* @param id
|
||||
* @param id
|
||||
*/
|
||||
async checkOwner(service:any,id:number,permission:string,allowAdmin:boolean = false){
|
||||
let { projectId,userId } = await this.getProjectUserId(permission)
|
||||
const authService:any = await this.applicationContext.getAsync("authService");
|
||||
async checkOwner(service: any, id: number, permission: string, allowAdmin: boolean = false) {
|
||||
const { projectId, userId } = await this.getProjectUserId(permission);
|
||||
const authService: any = await this.applicationContext.getAsync("authService");
|
||||
if (projectId) {
|
||||
await authService.checkProjectId(service, id, projectId);
|
||||
}else{
|
||||
|
||||
if(userId === Constants.systemUserId){
|
||||
} else {
|
||||
if (userId === Constants.systemUserId) {
|
||||
//系统级别,不检查权限
|
||||
}else{
|
||||
if(allowAdmin){
|
||||
} else {
|
||||
if (allowAdmin) {
|
||||
await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
|
||||
}else{
|
||||
await authService.checkUserId( service, id, userId);
|
||||
} else {
|
||||
await authService.checkUserId(service, id, userId);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
return {projectId,userId}
|
||||
return { projectId, userId };
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user