mirror of
https://github.com/certd/certd.git
synced 2026-05-01 02:17:27 +08:00
fix: cname provider授权修改为sys级别
This commit is contained in:
xiaojunnuo
@@ -18,6 +18,7 @@ export type PluginRequestHandleReq<T = any> = {
|
|||||||
input: T;
|
input: T;
|
||||||
data: any;
|
data: any;
|
||||||
record: { id: number; type: string; title: string };
|
record: { id: number; type: string; title: string };
|
||||||
|
fromType?: "sys" | "user"; // sys、user
|
||||||
};
|
};
|
||||||
|
|
||||||
export type UserInfo = {
|
export type UserInfo = {
|
||||||
|
|||||||
@@ -19,6 +19,7 @@ defineOptions({
|
|||||||
name: "ApiTest",
|
name: "ApiTest",
|
||||||
});
|
});
|
||||||
|
|
||||||
|
const fromType: any = inject("getFromType");
|
||||||
const getScope: any = inject("get:scope");
|
const getScope: any = inject("get:scope");
|
||||||
const getPluginType: any = inject("get:plugin:type", () => {
|
const getPluginType: any = inject("get:plugin:type", () => {
|
||||||
return "access";
|
return "access";
|
||||||
@@ -55,6 +56,7 @@ const doTest = async () => {
|
|||||||
action: props.action,
|
action: props.action,
|
||||||
input,
|
input,
|
||||||
record,
|
record,
|
||||||
|
fromType,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
onError(err: any) {
|
onError(err: any) {
|
||||||
|
|||||||
@@ -13,11 +13,12 @@ export type RequestHandleReq<T = any> = {
|
|||||||
data?: any;
|
data?: any;
|
||||||
input: T;
|
input: T;
|
||||||
record?: any;
|
record?: any;
|
||||||
|
fromType?: string; // sys、user
|
||||||
};
|
};
|
||||||
|
|
||||||
export async function doRequest(req: RequestHandleReq, opts: any = {}) {
|
export async function doRequest(req: RequestHandleReq, opts: any = {}) {
|
||||||
const url = `/pi/handle/${req.type}`;
|
const url = `/pi/handle/${req.type}`;
|
||||||
const { typeName, action, data, input, record } = req;
|
const { typeName, action, data, input, record, fromType } = req;
|
||||||
const res = await request({
|
const res = await request({
|
||||||
url,
|
url,
|
||||||
method: "post",
|
method: "post",
|
||||||
@@ -27,6 +28,7 @@ export async function doRequest(req: RequestHandleReq, opts: any = {}) {
|
|||||||
data,
|
data,
|
||||||
input,
|
input,
|
||||||
record,
|
record,
|
||||||
|
fromType,
|
||||||
},
|
},
|
||||||
...opts,
|
...opts,
|
||||||
});
|
});
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { request } from "/src/api/service";
|
|||||||
export function createAccessApi(from = "user") {
|
export function createAccessApi(from = "user") {
|
||||||
const apiPrefix = from === "sys" ? "/sys/access" : "/pi/access";
|
const apiPrefix = from === "sys" ? "/sys/access" : "/pi/access";
|
||||||
return {
|
return {
|
||||||
|
from,
|
||||||
async GetList(query: any) {
|
async GetList(query: any) {
|
||||||
if (query?.query) {
|
if (query?.query) {
|
||||||
delete query.query.access;
|
delete query.query.access;
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ import SecretPlainGetter from "/@/views/certd/access/access-selector/access/secr
|
|||||||
import { utils } from "/@/utils";
|
import { utils } from "/@/utils";
|
||||||
|
|
||||||
export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
|
export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
|
||||||
|
provide("getFromType", api.from);
|
||||||
provide("accessApi", api);
|
provide("accessApi", api);
|
||||||
provide("get:plugin:type", () => {
|
provide("get:plugin:type", () => {
|
||||||
return "access";
|
return "access";
|
||||||
|
|||||||
@@ -122,7 +122,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
|
|||||||
title: t("certd.dnsProviderAuthorization"),
|
title: t("certd.dnsProviderAuthorization"),
|
||||||
type: "dict-select",
|
type: "dict-select",
|
||||||
dict: dict({
|
dict: dict({
|
||||||
url: "/pi/access/list",
|
url: "/sys/access/list",
|
||||||
value: "id",
|
value: "id",
|
||||||
label: "name",
|
label: "name",
|
||||||
}),
|
}),
|
||||||
@@ -133,6 +133,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
|
|||||||
type: compute(({ form }) => {
|
type: compute(({ form }) => {
|
||||||
return form.dnsProviderType;
|
return form.dnsProviderType;
|
||||||
}),
|
}),
|
||||||
|
from: "sys",
|
||||||
},
|
},
|
||||||
rules: [{ required: true, message: t("certd.requiredField") }],
|
rules: [{ required: true, message: t("certd.requiredField") }],
|
||||||
},
|
},
|
||||||
|
|||||||
@@ -17,6 +17,7 @@ import {NotificationService} from '../../../modules/pipeline/service/notificatio
|
|||||||
import {TaskServiceBuilder} from "../../../modules/pipeline/service/getter/task-service-getter.js";
|
import {TaskServiceBuilder} from "../../../modules/pipeline/service/getter/task-service-getter.js";
|
||||||
import { cloneDeep } from 'lodash-es';
|
import { cloneDeep } from 'lodash-es';
|
||||||
import { ApiTags } from '@midwayjs/swagger';
|
import { ApiTags } from '@midwayjs/swagger';
|
||||||
|
import { AuthService } from '../../../modules/sys/authority/service/auth-service.js';
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@Controller('/api/pi/handle')
|
@Controller('/api/pi/handle')
|
||||||
@@ -28,6 +29,9 @@ export class HandleController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
emailService: EmailService;
|
emailService: EmailService;
|
||||||
|
|
||||||
|
@Inject()
|
||||||
|
authService: AuthService;
|
||||||
|
|
||||||
@Inject()
|
@Inject()
|
||||||
taskServiceBuilder: TaskServiceBuilder;
|
taskServiceBuilder: TaskServiceBuilder;
|
||||||
|
|
||||||
@@ -36,16 +40,26 @@ export class HandleController extends BaseController {
|
|||||||
|
|
||||||
@Post('/access', { description: Constants.per.authOnly, summary: "处理授权请求" })
|
@Post('/access', { description: Constants.per.authOnly, summary: "处理授权请求" })
|
||||||
async accessRequest(@Body(ALL) body: AccessRequestHandleReq) {
|
async accessRequest(@Body(ALL) body: AccessRequestHandleReq) {
|
||||||
const {projectId,userId} = await this.getProjectUserIdRead()
|
let {projectId,userId} = await this.getProjectUserIdRead()
|
||||||
|
if (body.fromType === 'sys') {
|
||||||
|
//系统级别的请求
|
||||||
|
const pass = await this.authService.checkPermission(this.ctx, "sys:settings:view");
|
||||||
|
if (!pass) {
|
||||||
|
throw new Error('权限不足');
|
||||||
|
}
|
||||||
|
projectId = null
|
||||||
|
userId = 0
|
||||||
|
}
|
||||||
|
|
||||||
let inputAccess = body.input;
|
let inputAccess = body.input;
|
||||||
if (body.record.id > 0) {
|
if (body.record.id > 0) {
|
||||||
const oldEntity = await this.accessService.info(body.record.id);
|
const oldEntity = await this.accessService.info(body.record.id);
|
||||||
if (oldEntity) {
|
if (oldEntity) {
|
||||||
if (oldEntity.userId !== userId) {
|
if (oldEntity.userId !== userId && oldEntity.userId !== this.getUserId()) {
|
||||||
throw new Error('access not found');
|
throw new Error('您没有权限使用该授权');
|
||||||
}
|
}
|
||||||
if (oldEntity.projectId && oldEntity.projectId !== projectId) {
|
if (oldEntity.projectId && oldEntity.projectId !== projectId) {
|
||||||
throw new Error('access not found');
|
throw new Error('您没有权限使用该授权(projectId不匹配)');
|
||||||
}
|
}
|
||||||
const param: any = {
|
const param: any = {
|
||||||
type: body.typeName,
|
type: body.typeName,
|
||||||
|
|||||||
Reference in New Issue
Block a user