mirror of
https://github.com/lkddi/nexusphp.git
synced 2026-04-24 03:57:22 +08:00
user token permission configurable
This commit is contained in:
xiaomlove
@@ -14,6 +14,7 @@ use Filament\Facades\Filament;
|
||||
use Filament\Resources\Pages\Page;
|
||||
use Filament\Forms;
|
||||
use Illuminate\Support\HtmlString;
|
||||
use Nexus\Database\NexusDB;
|
||||
|
||||
class EditSetting extends Page implements Forms\Contracts\HasForms
|
||||
{
|
||||
@@ -85,11 +86,22 @@ class EditSetting extends Page implements Forms\Contracts\HasForms
|
||||
}
|
||||
}
|
||||
Setting::query()->upsert($data, ['name'], ['value']);
|
||||
$this->doAfterUpdate();
|
||||
do_action("nexus_setting_update");
|
||||
clear_setting_cache();
|
||||
send_admin_success_notification();
|
||||
}
|
||||
|
||||
/**
|
||||
* this actions get config must not use cache !!!
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
private function doAfterUpdate(): void
|
||||
{
|
||||
Setting::updateUserTokenPermissionAllowedCache();
|
||||
}
|
||||
|
||||
private function getTabs(): array
|
||||
{
|
||||
$tabs = [];
|
||||
|
||||
@@ -3,6 +3,8 @@
|
||||
namespace App\Http\Controllers;
|
||||
|
||||
use App\Models\PluginStore;
|
||||
use App\Models\Setting;
|
||||
use App\Repositories\TokenRepository;
|
||||
use App\Repositories\ToolRepository;
|
||||
use App\Repositories\UploadRepository;
|
||||
use Illuminate\Http\Request;
|
||||
@@ -33,7 +35,8 @@ class ToolController extends Controller
|
||||
public function test(Request $request)
|
||||
{
|
||||
$result = ['id' => 1];
|
||||
$result['logFile'] = getLogFile();
|
||||
$result['permissions'] = TokenRepository::listUserTokenPermissionAllowed();
|
||||
// $result['permissions'] = Setting::getPermissionUserTokenAllowed();
|
||||
$resource = new JsonResource($result);
|
||||
return $this->success($resource);
|
||||
}
|
||||
|
||||
@@ -19,6 +19,7 @@ class Setting extends NexusModel
|
||||
const ROLE_PERMISSION_CACHE_KEY_PREFIX = 'nexus_role_permissions_';
|
||||
|
||||
const TORRENT_GLOBAL_STATE_CACHE_KEY = 'global_promotion_state';
|
||||
const USER_TOKEN_PERMISSION_ALLOWED_CACHE_KRY = 'user_token_permission_allowed';
|
||||
|
||||
/**
|
||||
* get setting autoload = yes with cache
|
||||
@@ -100,6 +101,18 @@ class Setting extends NexusModel
|
||||
return $value;
|
||||
}
|
||||
|
||||
public static function updateUserTokenPermissionAllowedCache(): void
|
||||
{
|
||||
$redis = NexusDB::redis();
|
||||
$key = self::USER_TOKEN_PERMISSION_ALLOWED_CACHE_KRY;
|
||||
$redis->del($key);
|
||||
//must not use cache
|
||||
$allowed = self::getFromDb("permission.user_token_allowed");
|
||||
if (!empty($allowed)) {
|
||||
$redis->sAdd($key, ...$allowed);
|
||||
}
|
||||
}
|
||||
|
||||
public static function getDefaultLang(): string
|
||||
{
|
||||
return self::get("main.defaultlang");
|
||||
@@ -223,4 +236,10 @@ class Setting extends NexusModel
|
||||
return self::get("smtp.smtptype");
|
||||
}
|
||||
|
||||
public static function getPermissionUserTokenAllowed(): array
|
||||
{
|
||||
return self::get("permission.user_token_allowed");
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -615,6 +615,13 @@ class User extends Authenticatable implements FilamentUser, HasName
|
||||
return is_null($this->original['notifs']) || str_contains($this->notifs, "[{$name}]");
|
||||
}
|
||||
|
||||
public function tokenCan(string $ability)
|
||||
{
|
||||
$redis = NexusDB::redis();
|
||||
return $redis->sismember(Setting::USER_TOKEN_PERMISSION_ALLOWED_CACHE_KRY, $ability)
|
||||
&& $this->accessToken && $this->accessToken->can($ability);
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -2,21 +2,32 @@
|
||||
namespace App\Repositories;
|
||||
|
||||
use App\Enums\Permission\RoutePermissionEnum;
|
||||
use App\Models\Setting;
|
||||
|
||||
class TokenRepository extends BaseRepository
|
||||
{
|
||||
private static array $userTokenPermissions = [
|
||||
RoutePermissionEnum::TORRENT_LIST,
|
||||
RoutePermissionEnum::TORRENT_VIEW,
|
||||
RoutePermissionEnum::TORRENT_UPLOAD,
|
||||
RoutePermissionEnum::USER_VIEW,
|
||||
RoutePermissionEnum::TORRENT_LIST->value,
|
||||
RoutePermissionEnum::TORRENT_VIEW->value,
|
||||
RoutePermissionEnum::TORRENT_UPLOAD->value,
|
||||
RoutePermissionEnum::USER_VIEW->value,
|
||||
];
|
||||
|
||||
public static function listUserTokenPermissions(): array
|
||||
{
|
||||
return self::formatPermissions(self::$userTokenPermissions);
|
||||
}
|
||||
|
||||
public static function listUserTokenPermissionAllowed(): array
|
||||
{
|
||||
return self::formatPermissions(Setting::getPermissionUserTokenAllowed());
|
||||
}
|
||||
|
||||
private static function formatPermissions(array $permissions): array
|
||||
{
|
||||
$result = [];
|
||||
foreach (self::$userTokenPermissions as $permission) {
|
||||
$result[$permission->value] = nexus_trans("route-permission.{$permission->value}.text");
|
||||
foreach ($permissions as $permission) {
|
||||
$result[$permission] = nexus_trans("route-permission.{$permission}.text");
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user