v1.26.10

.github/workflows/deploy-demo.yml

@@ -1,9 +1,9 @@
 name: deploy-demo
 on:
   push:
-    branches: ['v2']
-    paths:
-      - "deploy.trigger"
+    branches: ['v2-dev']
+#    paths:
+#      - "deploy.trigger"
   workflow_run:
     workflows: [ "build-image" ]
     types:

CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 ### Bug Fixes

build.trigger

@@ -1 +1 @@
-07:17
+03:13

docs/.vitepress/config.ts

@@ -25,7 +25,11 @@ export default defineConfig({
       name: "keywords",
       content: "证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具、Certd、SSL证书自动部署、证书自动化，https证书，pfx证书，der证书，TLS证书，nginx证书自动续签自动部署"
     }],
-    ["link", { rel: "icon", href: "/favicon.ico" }]
+    ["meta", {
+      name: "google-site-verification",
+      content: "V5XLTSnXoT15uQotwpxJoQolUo2d5UbSL-TacsyOsC0"
+    }],
+    ["link", { rel: "icon", href: "/static/logo/logo.svg" }]
   ],
   themeConfig: {
     logo: "/static/logo/logo.svg",

docs/.vitepress/theme/index.ts

@@ -4,6 +4,11 @@ import type { Theme } from 'vitepress'
 import DefaultTheme from 'vitepress/theme'
 import './style.css'
 import Layout from './Layout.vue'
+
+import { registerAnalytics, siteIds, trackPageview } from './plugins/baidutongji'
+import { inBrowser } from "vitepress";
+
+
 export default {
   extends: DefaultTheme,
   Layout,
@@ -14,5 +19,17 @@ export default {
   // },
   enhanceApp({ app, router, siteData }) {
     // ...
+    if (inBrowser) {
+      registerAnalytics(siteIds)
+
+      window.addEventListener('hashchange', () => {
+        const { href: url } = window.location
+        trackPageview(siteIds, url)
+      })
+
+      router.onAfterRouteChanged = (to) => {
+        trackPageview(siteIds, to)
+      }
+    }
   }
 } satisfies Theme

docs/.vitepress/theme/plugins/baidutongji.ts

@@ -0,0 +1,49 @@
+import { inBrowser } from 'vitepress'
+
+/**
+ * 统计站点的 ID 列表
+ */
+export const siteIds = 'a6ce877a899ae44292e4f854a53d688e'
+
+declare global {
+  interface Window {
+    _hmt: any
+  }
+}
+
+/**
+ * 注册统计
+ */
+export function registerAnalytics(siteId: string) {
+  if (!inBrowser)
+    return
+  if (document.querySelector(`#analytics-plugin-${siteId}`))
+    return
+  window._hmt = window._hmt ? window._hmt : []
+  const script = document.createElement('script')
+  script.id = `analytics-${siteId}`
+  script.async = true
+  script.src = `https://hm.baidu.com/hm.js?${siteId}`
+  document.querySelector('head')?.appendChild(script)
+}
+
+/**
+ * 上报 PV 数据
+ * @param siteId - 站点 ID
+ * @param pageUrl - 页面 URL
+ */
+export function trackPageview(siteId: string, pageUrl: string) {
+  if (!inBrowser)
+    return
+  if (!pageUrl || typeof pageUrl !== 'string')
+    pageUrl = '/'
+
+  if (pageUrl.startsWith('http')) {
+    const urlFragment = pageUrl.split('/')
+    const origin = `${urlFragment[0]}//${urlFragment[2]}`
+    pageUrl = pageUrl.replace(origin, '')
+  }
+
+  window._hmt.push(['_setAccount', siteId])
+  window._hmt.push(['_trackPageview', pageUrl])
+}

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.26.9"
+  "version": "1.26.10"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/publishlab/node-acme-client/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.26.9](https://github.com/publishlab/node-acme-client/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.26.9",
+    "version": "1.26.10",
     "main": "src/index.js",
     "types": "types/index.d.ts",
     "license": "MIT",
@@ -59,5 +59,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+    "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-03:09
+12:31

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.26.9",
+  "version": "1.26.10",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -64,5 +64,5 @@
     "vite": "^4.3.8",
     "vue-tsc": "^1.6.5"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 ### Performance Improvements

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.26.9",
+  "version": "1.26.10",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -15,8 +15,8 @@
     "test": "mocha   --loader=ts-node/esm"
   },
   "dependencies": {
-    "@certd/basic": "^1.26.9",
-    "@certd/plus-core": "^1.26.9",
+    "@certd/basic": "^1.26.10",
+    "@certd/plus-core": "^1.26.10",
     "axios": "^1.7.2",
     "dayjs": "^1.11.7",
     "fix-path": "^4.0.0",
@@ -66,5 +66,5 @@
     "vite": "^4.3.8",
     "vue-tsc": "^1.6.5"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/core/pipeline/src/access/api.ts

@@ -16,6 +16,7 @@ export type AccessDefine = Registrable & {
 };
 export interface IAccessService {
   getById<T = any>(id: any): Promise<T>;
+  getCommonById<T = any>(id: any): Promise<T>;
 }
 
 export interface IAccess {

packages/core/pipeline/src/service/cname.ts

@@ -1,9 +1,13 @@
+import { IAccess } from "../access";
+
 export type CnameProvider = {
   id: any;
   domain: string;
   dnsProviderType: string;
+  access?: IAccess;
   accessId: any;
 };
+
 export type CnameRecord = {
   id: any;
   domain: string;

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.26.9",
+  "version": "1.26.10",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -17,5 +17,5 @@
     "rimraf": "^5.0.5",
     "rollup": "^3.7.4"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.26.9",
+  "version": "1.26.10",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -39,5 +39,5 @@
     "tslib": "^2.5.2",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 **Note:** Version bump only for package @certd/lib-jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-jdcloud",
   "private": false,
-  "version": "1.26.9",
+  "version": "1.26.10",
   "main": "./dist/bundle.mjs",
   "module": "./dist/bundle.mjs",
   "types": "./dist/d/index.d.ts",
@@ -27,5 +27,5 @@
     "rimraf": "^5.0.5",
     "rollup": "^3.7.4"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.26.9",
+  "version": "1.26.10",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -18,7 +18,7 @@
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
-    "@certd/pipeline": "^1.26.9",
+    "@certd/pipeline": "^1.26.10",
     "@rollup/plugin-commonjs": "^23.0.4",
     "@rollup/plugin-json": "^6.0.0",
     "@rollup/plugin-node-resolve": "^15.0.1",
@@ -40,5 +40,5 @@
     "tslib": "^2.5.2",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.26.9",
+  "version": "1.26.10",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -26,8 +26,8 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/basic": "^1.26.9",
-    "@certd/pipeline": "^1.26.9",
+    "@certd/basic": "^1.26.10",
+    "@certd/pipeline": "^1.26.10",
     "@midwayjs/cache": "~3.14.0",
     "@midwayjs/core": "~3.17.1",
     "@midwayjs/i18n": "~3.17.3",
@@ -68,5 +68,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.26.9",
+  "version": "1.26.10",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -56,5 +56,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 ### Performance Improvements

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.26.9",
+  "version": "1.26.10",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -15,9 +15,9 @@
     "preview": "vite preview"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.26.9",
-    "@certd/basic": "^1.26.9",
-    "@certd/pipeline": "^1.26.9",
+    "@certd/acme-client": "^1.26.10",
+    "@certd/basic": "^1.26.10",
+    "@certd/pipeline": "^1.26.10",
     "@google-cloud/publicca": "^1.3.0",
     "dayjs": "^1.11.7",
     "jszip": "^3.10.1",
@@ -57,5 +57,5 @@
     "vite": "^3.1.0",
     "vue-tsc": "^0.38.9"
   },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "f36b6e382484ba8d07fa1718c438b097ad04c8da"
 }

packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts

@@ -266,7 +266,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
         eab = await this.ctx.accessService.getById(this.eabAccessId);
       } else if (this.googleCommonEabAccessId) {
         this.logger.info("当前正在使用 google公共EAB授权");
-        eab = await this.ctx.accessService.getById(this.googleCommonEabAccessId);
+        eab = await this.ctx.accessService.getCommonById(this.googleCommonEabAccessId);
       } else {
         this.logger.error("google需要配置EAB授权或服务账号授权");
         return;
@@ -277,7 +277,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
         eab = await this.ctx.accessService.getById(this.eabAccessId);
       } else if (this.zerosslCommonEabAccessId) {
         this.logger.info("当前正在使用 zerossl 公共EAB授权");
-        eab = await this.ctx.accessService.getById(this.zerosslCommonEabAccessId);
+        eab = await this.ctx.accessService.getCommonById(this.zerosslCommonEabAccessId);
       } else {
         this.logger.error("zerossl需要配置EAB授权");
         return;
@@ -324,8 +324,8 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
       domainsVerifyPlan = await this.createDomainsVerifyPlan();
     } else {
       const dnsProviderType = this.dnsProviderType;
-      const dnsProviderAccessId = this.dnsProviderAccess;
-      dnsProvider = await this.createDnsProvider(dnsProviderType, dnsProviderAccessId);
+      const access = await this.ctx.accessService.getById(this.dnsProviderAccess);
+      dnsProvider = await this.createDnsProvider(dnsProviderType, access);
     }
 
     try {
@@ -351,9 +351,8 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
     }
   }
 
-  async createDnsProvider(dnsProviderType: string, dnsProviderAccessId: number): Promise<IDnsProvider> {
-    const access = await this.accessService.getById(dnsProviderAccessId);
-    const context: DnsProviderContext = { access, logger: this.logger, http: this.ctx.http, utils };
+  async createDnsProvider(dnsProviderType: string, dnsProviderAccess: any): Promise<IDnsProvider> {
+    const context: DnsProviderContext = { access: dnsProviderAccess, logger: this.logger, http: this.ctx.http, utils };
     return await createDnsProvider({
       dnsProviderType,
       context,
@@ -367,14 +366,15 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
       let dnsProvider = null;
       const cnameVerifyPlan: Record<string, CnameVerifyPlan> = {};
       if (domainVerifyPlan.type === "dns") {
-        dnsProvider = await this.createDnsProvider(domainVerifyPlan.dnsProviderType, domainVerifyPlan.dnsProviderAccessId);
+        const access = await this.ctx.accessService.getById(domainVerifyPlan.dnsProviderAccessId);
+        dnsProvider = await this.createDnsProvider(domainVerifyPlan.dnsProviderType, access);
       } else {
         for (const key in domainVerifyPlan.cnameVerifyPlan) {
           const cnameRecord = await this.ctx.cnameProxyService.getByDomain(key);
           cnameVerifyPlan[key] = {
             domain: cnameRecord.cnameProvider.domain,
             fullRecord: cnameRecord.recordValue,
-            dnsProvider: await this.createDnsProvider(cnameRecord.cnameProvider.dnsProviderType, cnameRecord.cnameProvider.accessId),
+            dnsProvider: await this.createDnsProvider(cnameRecord.cnameProvider.dnsProviderType, cnameRecord.cnameProvider.access),
           };
         }
       }

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.26.9",
+  "version": "1.26.10",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -61,8 +61,8 @@
     "vuedraggable": "^4.1.0"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.26.9",
-    "@certd/pipeline": "^1.26.9",
+    "@certd/lib-iframe": "^1.26.10",
+    "@certd/pipeline": "^1.26.10",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/views/certd/access/crud.tsx

@@ -2,7 +2,7 @@
 import { useI18n } from "vue-i18n";
 import { ref } from "vue";
 import { getCommonColumnDefine } from "/@/views/certd/access/common";
-import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
+import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { t } = useI18n();
@@ -70,6 +70,33 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             width: 300
           }
         },
+        from: {
+          title: "级别",
+          type: "dict-select",
+          dict: dict({
+            data: [
+              { label: "系统", value: "sys" },
+              { label: "用户", value: "user" }
+            ]
+          }),
+          search: {
+            show: false
+          },
+          form: {
+            show: false
+          },
+          column: {
+            width: 100,
+            align: "center",
+            component: {
+              color: "auto"
+            },
+            order: 10
+          },
+          valueBuilder: ({ row, key, value }) => {
+            row[key] = row.userId > 0 ? "user" : "sys";
+          }
+        },
         ...commonColumnsDefine
       }
     }

packages/ui/certd-client/src/views/sys/access/index.vue

@@ -19,7 +19,7 @@ import { createAccessApi } from "/@/views/certd/access/api";
 export default defineComponent({
   name: "SysAccessManager",
   setup() {
-    const api = createAccessApi("/sys/access");
+    const api = createAccessApi("sys");
     const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
 
     // 页面打开后获取列表数据

packages/ui/certd-client/src/views/sys/cname/provider/crud.tsx

@@ -130,7 +130,6 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             component: {
               name: "access-selector",
               vModel: "modelValue",
-              from: "sys",
               type: compute(({ form }) => {
                 return form.dnsProviderType;
               })

packages/ui/certd-server/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
 
 ### Bug Fixes

packages/ui/certd-server/db/migration-pg/v10011__cname_provider_user_id.sql

@@ -0,0 +1,4 @@
+ALTER TABLE cd_cname_provider ADD COLUMN user_id bigint;
+
+update cd_cname_provider set user_id = 1;
+

packages/ui/certd-server/db/migration/v10011__cname_provider_user_id.sql

@@ -0,0 +1,4 @@
+ALTER TABLE cd_cname_provider ADD COLUMN user_id integer;
+
+update cd_cname_provider set user_id = 1;
+

packages/ui/certd-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-server",
-  "version": "1.26.9",
+  "version": "1.26.10",
   "description": "fast-server base midway",
   "private": true,
   "type": "module",
@@ -27,17 +27,17 @@
   },
   "dependencies": {
     "@alicloud/pop-core": "^1.7.10",
-    "@certd/acme-client": "^1.26.9",
-    "@certd/commercial-core": "^1.26.9",
-    "@certd/lib-huawei": "^1.26.9",
-    "@certd/lib-jdcloud": "^1.26.9",
-    "@certd/lib-k8s": "^1.26.9",
-    "@certd/lib-server": "^1.26.9",
-    "@certd/midway-flyway-js": "^1.26.9",
-    "@certd/pipeline": "^1.26.9",
-    "@certd/plugin-cert": "^1.26.9",
-    "@certd/plugin-plus": "^1.26.9",
-    "@certd/plus-core": "^1.26.9",
+    "@certd/acme-client": "^1.26.10",
+    "@certd/commercial-core": "^1.26.10",
+    "@certd/lib-huawei": "^1.26.10",
+    "@certd/lib-jdcloud": "^1.26.10",
+    "@certd/lib-k8s": "^1.26.10",
+    "@certd/lib-server": "^1.26.10",
+    "@certd/midway-flyway-js": "^1.26.10",
+    "@certd/pipeline": "^1.26.10",
+    "@certd/plugin-cert": "^1.26.10",
+    "@certd/plugin-plus": "^1.26.10",
+    "@certd/plus-core": "^1.26.10",
     "@koa/cors": "^5.0.0",
     "@midwayjs/bootstrap": "~3.17.1",
     "@midwayjs/cache": "~3.14.0",

packages/ui/certd-server/src/controller/sys/cname/cname-provider-controller.ts

@@ -34,11 +34,13 @@ export class CnameRecordController extends CrudController<CnameProviderService>
       disabled: false,
     };
     merge(bean, def);
+    bean.userId = this.getUserId();
     return super.add(bean);
   }
 
   @Post('/update', { summary: 'sys:settings:edit' })
   async update(@Body(ALL) bean: any) {
+    bean.userId = this.getUserId();
     return super.update(bean);
   }
 

packages/ui/certd-server/src/modules/cname/entity/cname_provider.ts

@@ -7,6 +7,8 @@ import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
 export class CnameProviderEntity {
   @PrimaryGeneratedColumn()
   id: number;
+  @Column({ comment: 'userId', name: 'user_id' })
+  userId: number;
   @Column({ comment: '域名', length: 100 })
   domain: string;
   @Column({ comment: 'DNS提供商类型', name: 'dns_provider_type', length: 20 })

packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts

@@ -5,7 +5,7 @@ import { BaseService, ValidateException } from '@certd/lib-server';
 import { CnameRecordEntity, CnameRecordStatusType } from '../entity/cname-record.js';
 import { v4 as uuidv4 } from 'uuid';
 import { createDnsProvider, IDnsProvider, parseDomain } from '@certd/plugin-cert';
-import { cache, http, logger, utils } from '@certd/pipeline';
+import { cache, CnameProvider, http, logger, utils } from '@certd/pipeline';
 import { AccessService } from '../../pipeline/service/access-service.js';
 import { isDev } from '../../../utils/env.js';
 import { walkTxtRecord } from '@certd/acme-client';
@@ -109,16 +109,22 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
     return await super.update(param);
   }
 
-  async validate(id: number) {
-    const info = await this.info(id);
-    if (info.status === 'success') {
-      return true;
-    }
+  // async validate(id: number) {
+  //   const info = await this.info(id);
+  //   if (info.status === 'success') {
+  //     return true;
+  //   }
+  //
+  //   //开始校验
+  //   // 1.  dnsProvider
+  //   // 2.  添加txt记录
+  //   // 3.  检查原域名是否有cname记录
+  // }
 
-    //开始校验
-    // 1.  dnsProvider
-    // 2.  添加txt记录
-    // 3.  检查原域名是否有cname记录
+  async getWithAccessByDomain(domain: string, userId: number) {
+    const record = await this.getByDomain(domain, userId);
+    record.cnameProvider.access = await this.accessService.getAccessById(record.cnameProvider.accessId, false);
+    return record;
   }
 
   async getByDomain(domain: string, userId: number, createOnNotFound = true) {
@@ -143,7 +149,9 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
 
     return {
       ...record,
-      cnameProvider: provider,
+      cnameProvider: {
+        ...provider,
+      } as CnameProvider,
     };
   }
 
@@ -178,7 +186,10 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
 
     const buildDnsProvider = async () => {
       const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
-      const access = await this.accessService.getById(cnameProvider.accessId, bean.userId);
+      if (cnameProvider == null) {
+        throw new ValidateException(`CNAME服务:${bean.cnameProviderId} 已被删除，请修改CNAME记录，重新选择CNAME服务`);
+      }
+      const access = await this.accessService.getById(cnameProvider.accessId, cnameProvider.userId);
       const context = { access, logger, http, utils };
       const dnsProvider: IDnsProvider = await createDnsProvider({
         dnsProviderType: cnameProvider.dnsProviderType,

packages/ui/certd-server/src/modules/pipeline/service/access-getter.ts

@@ -11,4 +11,8 @@ export class AccessGetter implements IAccessService {
   async getById<T = any>(id: any) {
     return await this.getter<T>(id, this.userId);
   }
+
+  async getCommonById<T = any>(id: any) {
+    return await this.getter<T>(id, 0);
+  }
 }

packages/ui/certd-server/src/modules/pipeline/service/access-service.ts

@@ -107,14 +107,20 @@ export class AccessService extends BaseService<AccessEntity> {
     return await super.update(param);
   }
 
-  async getById(id: any, userId: number): Promise<any> {
+  async getAccessById(id: any, checkUserId: boolean, userId?: number): Promise<any> {
     const entity = await this.info(id);
     if (entity == null) {
       throw new Error(`该授权配置不存在,请确认是否已被删除:id=${id}`);
     }
-    if (userId !== entity.userId && entity.userId !== 0) {
-      throw new PermissionException('您对该Access授权无访问权限');
+    if (checkUserId) {
+      if (userId == null) {
+        throw new ValidateException('userId不能为空');
+      }
+      if (userId !== entity.userId) {
+        throw new PermissionException('您对该Access授权无访问权限');
+      }
     }
+
     // const access = accessRegistry.get(entity.type);
     const setting = this.decryptAccessEntity(entity);
     const input = {
@@ -124,6 +130,10 @@ export class AccessService extends BaseService<AccessEntity> {
     return newAccess(entity.type, input);
   }
 
+  async getById(id: any, userId: number): Promise<any> {
+    return await this.getAccessById(id, true, userId);
+  }
+
   decryptAccessEntity(entity: AccessEntity): any {
     let setting = {};
     if (entity.encryptSetting && entity.encryptSetting !== '{}') {

packages/ui/certd-server/src/modules/pipeline/service/cname-proxy-service.ts

@@ -8,7 +8,7 @@ export class CnameProxyService implements ICnameProxyService {
     this.getter = getter;
   }
 
-  getByDomain(domain: string): Promise<CnameRecord> {
-    return this.getter<CnameRecord>(domain, this.userId);
+  async getByDomain(domain: string): Promise<CnameRecord> {
+    return await this.getter<CnameRecord>(domain, this.userId);
   }
 }

packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts

@@ -354,7 +354,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
       role: userIsAdmin ? 'admin' : 'user',
     };
     const accessGetter = new AccessGetter(userId, this.accessService.getById.bind(this.accessService));
-    const cnameProxyService = new CnameProxyService(userId, this.cnameRecordService.getByDomain.bind(this.cnameRecordService));
+    const cnameProxyService = new CnameProxyService(userId, this.cnameRecordService.getWithAccessByDomain.bind(this.cnameRecordService));
     const executor = new Executor({
       user,
       pipeline,