chore: project query

2026-05-16 13:17:29 +08:00 · 2026-02-13 00:41:40 +08:00
parent 99db1b1cc3
commit 67f347197e
24 changed files with 183 additions and 89 deletions
@@ -102,7 +102,7 @@ export class AccessController extends CrudController<AccessService> {

  @Post('/simpleInfo', { summary: Constants.per.authOnly })
  async simpleInfo(@Query('id') id: number) {
-    await this.authService.checkEntityUserId(this.ctx, this.service, id);
+    await this.authService.checkUserIdButAllowAdmin(this.ctx, this.service, id);
    const res = await this.service.getSimpleInfo(id);
    return this.ok(res);
  }
@@ -159,7 +159,7 @@ export class HistoryController extends CrudController<HistoryService> {

  @Post('/update', { summary: Constants.per.authOnly })
  async update(@Body(ALL) bean) {
-    await this.checkEntityOwner(this.getService(), bean.id,"write");
+    await this.checkOwner(this.getService(), bean.id,"write",true);
    delete bean.userId;
    return super.update(bean);
  }
@@ -173,7 +173,7 @@ export class HistoryController extends CrudController<HistoryService> {
      //修改
      delete bean.projectId;
      delete bean.userId;
-      await this.checkEntityOwner(this.getService(), bean.id,"write");
+      await this.checkOwner(this.getService(), bean.id,"write",true);
    }
   
    await this.service.save(bean);
@@ -189,7 +189,7 @@ export class HistoryController extends CrudController<HistoryService> {
      //修改
      delete bean.projectId;
      delete bean.userId;
-      await this.checkEntityOwner(this.logService, bean.id,"write");
+      await this.checkOwner(this.logService, bean.id,"write",true);
    }
    await this.logService.save(bean);
    return this.ok(bean.id);
@@ -197,14 +197,14 @@ export class HistoryController extends CrudController<HistoryService> {

  @Post('/delete', { summary: Constants.per.authOnly })
  async delete(@Query('id') id: number) {
-    await this.checkEntityOwner(this.getService(), id,"write");
+    await this.checkOwner(this.getService(), id,"write",true);
    await super.delete(id);
    return this.ok();
  }

  @Post('/deleteByIds', { summary: Constants.per.authOnly })
  async deleteByIds(@Body(ALL) body: any) {
-    let {userId} = await this.checkEntityOwner(this.getService(), body.ids,"write");
+    let {userId} = await this.checkOwner(this.getService(), body.ids,"write",true);
    const isAdmin = await this.authService.isAdmin(this.ctx);
    userId = isAdmin ? null : userId;
    await this.getService().deleteByIds(body.ids, userId);
@@ -213,14 +213,14 @@ export class HistoryController extends CrudController<HistoryService> {

  @Post('/detail', { summary: Constants.per.authOnly })
  async detail(@Query('id') id: number) {
-    await this.checkEntityOwner(this.getService(), id,"read");
+    await this.checkOwner(this.getService(), id,"read",true);
    const detail = await this.service.detail(id);
    return this.ok(detail);
  }

  @Post('/logs', { summary: Constants.per.authOnly })
  async logs(@Query('id') id: number) {
-    await this.checkEntityOwner(this.logService, id,"read");
+    await this.checkOwner(this.logService, id,"read",true);
    const logInfo = await this.logService.info(id);
    return this.ok(logInfo);
  }
@@ -127,7 +127,7 @@ export class NotificationController extends CrudController<NotificationService>
      const simple = await this.service.getSimpleInfo(res.id);
      return this.ok(simple);
    }
-    await this.authService.checkEntityUserId(this.ctx, this.service, id);
+    await this.authService.checkUserIdButAllowAdmin(this.ctx, this.service, id);
    const res = await this.service.getSimpleInfo(id);
    return this.ok(res);
  }
@@ -95,7 +95,7 @@ export class PipelineController extends CrudController<PipelineService> {

  @Post('/update', { summary: Constants.per.authOnly })
  async update(@Body(ALL) bean) {
-    await this.checkEntityOwner(this.getService(), bean.id,"write");
+    await this.checkOwner(this.getService(), bean.id,"write",true);
    delete bean.userId;
    return super.update(bean);
  }
@@ -104,7 +104,7 @@ export class PipelineController extends CrudController<PipelineService> {
  async save(@Body(ALL) bean: { addToMonitorEnabled: boolean, addToMonitorDomains: string } & PipelineEntity) {
     const { userId } = await this.getProjectUserIdWrite()
    if (bean.id > 0) {
-      await this.checkEntityOwner(this.getService(), bean.id,"write");
+      await this.checkOwner(this.getService(), bean.id,"write",true);
    } else {
      bean.userId = userId;
    }
@@ -131,14 +131,14 @@ export class PipelineController extends CrudController<PipelineService> {

  @Post('/delete', { summary: Constants.per.authOnly })
  async delete(@Query('id') id: number) {
-    await this.checkEntityOwner(this.getService(), id,"write");
+    await this.checkOwner(this.getService(), id,"write",true);
    await this.service.delete(id);
    return this.ok({});
  }

  @Post('/disabled', { summary: Constants.per.authOnly })
  async disabled(@Body(ALL) bean) {
-    await this.checkEntityOwner(this.getService(), bean.id,"write");
+    await this.checkOwner(this.getService(), bean.id,"write",true);
    delete bean.userId;
    await this.service.disabled(bean.id, bean.disabled);
    return this.ok({});
@@ -146,21 +146,21 @@ export class PipelineController extends CrudController<PipelineService> {

  @Post('/detail', { summary: Constants.per.authOnly })
  async detail(@Query('id') id: number) {
-    await this.checkEntityOwner(this.getService(), id,"read");
+    await this.checkOwner(this.getService(), id,"read",true);
    const detail = await this.service.detail(id);
    return this.ok(detail);
  }

  @Post('/trigger', { summary: Constants.per.authOnly })
  async trigger(@Query('id') id: number, @Query('stepId') stepId?: string) {
-    await this.checkEntityOwner(this.getService(), id,"write");
+    await this.checkOwner(this.getService(), id,"write",true);
    await this.service.trigger(id, stepId, true);
    return this.ok({});
  }

  @Post('/cancel', { summary: Constants.per.authOnly })
  async cancel(@Query('historyId') historyId: number) {
-    await this.checkEntityOwner(this.historyService, historyId,"write");
+    await this.checkOwner(this.historyService, historyId,"write",true);
    await this.service.cancel(historyId);
    return this.ok({});
  }
@@ -258,7 +258,7 @@ export class PipelineController extends CrudController<PipelineService> {

  @Post('/refreshWebhookKey', { summary: Constants.per.authOnly })
  async refreshWebhookKey(@Body('id') id: number) {
-    await this.checkEntityOwner(this.getService(), id,"write");
+    await this.checkOwner(this.getService(), id,"write",true);
    const res = await this.service.refreshWebhookKey(id);
    return this.ok({
      webhookKey: res,
@@ -19,10 +19,14 @@ export class TemplateController extends CrudController<TemplateService> {

  @Post('/page', { summary: Constants.per.authOnly })
  async page(@Body(ALL) body) {
+    
    body.query = body.query ?? {};
    delete body.query.userId;
+    const { projectId, userId } = await this.getProjectUserIdRead()
+    body.query.projectId = projectId
+    
    const buildQuery = qb => {
-      qb.andWhere('user_id = :userId', { userId: this.getUserId() });
+      qb.andWhere('user_id = :userId', { userId: userId });
    };
    const res = await this.service.page({
      query: body.query,
@@ -36,49 +40,58 @@ export class TemplateController extends CrudController<TemplateService> {
  @Post('/list', { summary: Constants.per.authOnly })
  async list(@Body(ALL) body) {
    body.query = body.query ?? {};
-    body.query.userId = this.getUserId();
+    const { projectId, userId } = await this.getProjectUserIdRead()
+    body.query.projectId = projectId
+    body.query.userId = userId
    return super.list(body);
  }

  @Post('/add', { summary: Constants.per.authOnly })
  async add(@Body(ALL) bean) {
-    bean.userId = this.getUserId();
+    const { projectId, userId } = await this.getProjectUserIdRead()
+    bean.userId = userId;
+    bean.projectId = projectId
    checkPlus()
    return super.add(bean);
  }

  @Post('/update', { summary: Constants.per.authOnly })
  async update(@Body(ALL) bean) {
-    await this.service.checkUserId(bean.id, this.getUserId());
+    await this.checkOwner(this.service, bean.id, "write");
    delete bean.userId;
    return super.update(bean);
  }
  @Post('/info', { summary: Constants.per.authOnly })
  async info(@Query('id') id: number) {
-    await this.service.checkUserId(id, this.getUserId());
+     await this.checkOwner(this.service, id, "read");
    return super.info(id);
  }

  @Post('/delete', { summary: Constants.per.authOnly })
  async delete(@Query('id') id: number) {
-    await this.service.batchDelete([id], this.getUserId());
+     const { userId ,projectId } = await this.getProjectUserIdWrite()
+    await this.service.batchDelete([id], userId,projectId);
    return this.ok({});
  }

  @Post('/batchDelete', { summary: Constants.per.authOnly })
  async batchDelete(@Body('ids') ids: number[]) {
-    await this.service.batchDelete(ids, this.getUserId());
+    const { userId ,projectId } = await this.getProjectUserIdWrite()
+    await this.service.batchDelete(ids, userId,projectId);
    return this.ok({});
  }

  @Post('/detail', { summary: Constants.per.authOnly })
  async detail(@Query('id') id: number) {
-    const detail = await this.service.detail(id, this.getUserId());
+    const { userId ,projectId } = await this.getProjectUserIdRead()
+    const detail = await this.service.detail(id, userId,projectId);
    return this.ok(detail);
  }
  @Post('/createPipelineByTemplate', { summary: Constants.per.authOnly })
  async createPipelineByTemplate(@Body(ALL) body: any) {
-    body.userId = this.getUserId();
+    const { userId ,projectId } = await this.getProjectUserIdWrite()
+    body.userId = userId;
+    body.projectId = projectId
    checkPlus()
    const res = await this.service.createPipelineByTemplate(body);
    return this.ok(res);