lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-05-16 05:07:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 修复cname服务普通用户access访问权限问题

Browse Source
This commit is contained in:
xiaojunnuo
2024-10-20 11:47:35 +08:00
parent e8b5fcf3ee
commit c1e3e2ee1f
12 changed files with 65 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/ui/certd-server/src/modules/pipeline/service/access-getter.ts
+4
View File
@@ -11,4 +11,8 @@ export class AccessGetter implements IAccessService {
async getById<T = any>(id: any) {
return await this.getter<T>(id, this.userId);
}
async getCommonById<T = any>(id: any) {
return await this.getter<T>(id, 0);
}
}
packages/ui/certd-server/src/modules/pipeline/service/access-service.ts
+13 -3
View File
@@ -107,14 +107,20 @@ export class AccessService extends BaseService<AccessEntity> {
return await super.update(param);
}
async getById(id: any, userId: number): Promise<any> {
async getAccessById(id: any, checkUserId: boolean, userId?: number): Promise<any> {
const entity = await this.info(id);
if (entity == null) {
throw new Error(`该授权配置不存在,请确认是否已被删除:id=${id}`);
}
if (userId !== entity.userId && entity.userId !== 0) {
throw new PermissionException('您对该Access授权无访问权限');
if (checkUserId) {
if (userId == null) {
throw new ValidateException('userId不能为空');
}
if (userId !== entity.userId) {
throw new PermissionException('您对该Access授权无访问权限');
}
}
// const access = accessRegistry.get(entity.type);
const setting = this.decryptAccessEntity(entity);
const input = {
@@ -124,6 +130,10 @@ export class AccessService extends BaseService<AccessEntity> {
return newAccess(entity.type, input);
}
async getById(id: any, userId: number): Promise<any> {
return await this.getAccessById(id, true, userId);
}
decryptAccessEntity(entity: AccessEntity): any {
let setting = {};
if (entity.encryptSetting && entity.encryptSetting !== '{}') {
packages/ui/certd-server/src/modules/pipeline/service/cname-proxy-service.ts
+2 -2
View File
@@ -8,7 +8,7 @@ export class CnameProxyService implements ICnameProxyService {
this.getter = getter;
}
getByDomain(domain: string): Promise<CnameRecord> {
return this.getter<CnameRecord>(domain, this.userId);
async getByDomain(domain: string): Promise<CnameRecord> {
return await this.getter<CnameRecord>(domain, this.userId);
}
}
packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
+1 -1
View File
@@ -354,7 +354,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
role: userIsAdmin ? 'admin' : 'user',
};
const accessGetter = new AccessGetter(userId, this.accessService.getById.bind(this.accessService));
const cnameProxyService = new CnameProxyService(userId, this.cnameRecordService.getByDomain.bind(this.cnameRecordService));
const cnameProxyService = new CnameProxyService(userId, this.cnameRecordService.getWithAccessByDomain.bind(this.cnameRecordService));
const executor = new Executor({
user,
pipeline,