From 00a04941249e5152eb43273da871da2a53056368 Mon Sep 17 00:00:00 2001 From: uubulb Date: Sat, 21 Dec 2024 23:56:56 +0800 Subject: [PATCH] some changes --- cmd/dashboard/controller/alertrule.go | 12 +++++------- cmd/dashboard/controller/service.go | 10 ++++------ cmd/dashboard/rpc/rpc.go | 12 ++++++++---- model/user.go | 6 ++++++ service/singleton/alertsentinel.go | 6 ++++-- service/singleton/user.go | 23 ++++++++++++----------- 6 files changed, 39 insertions(+), 30 deletions(-) diff --git a/cmd/dashboard/controller/alertrule.go b/cmd/dashboard/controller/alertrule.go index c8b0dab..2b22734 100644 --- a/cmd/dashboard/controller/alertrule.go +++ b/cmd/dashboard/controller/alertrule.go @@ -168,13 +168,11 @@ func validateRule(c *gin.Context, r *model.AlertRule) error { if len(r.Rules) > 0 { for _, rule := range r.Rules { singleton.ServerLock.RLock() - for s, enabled := range rule.Ignore { - if enabled { - if server, ok := singleton.ServerList[s]; ok { - if !server.HasPermission(c) { - singleton.ServerLock.RUnlock() - return singleton.Localizer.ErrorT("permission denied") - } + for s := range rule.Ignore { + if server, ok := singleton.ServerList[s]; ok { + if !server.HasPermission(c) { + singleton.ServerLock.RUnlock() + return singleton.Localizer.ErrorT("permission denied") } } } diff --git a/cmd/dashboard/controller/service.go b/cmd/dashboard/controller/service.go index a87621c..7395af5 100644 --- a/cmd/dashboard/controller/service.go +++ b/cmd/dashboard/controller/service.go @@ -364,12 +364,10 @@ func validateServers(c *gin.Context, ss *model.Service) error { singleton.ServerLock.RLock() defer singleton.ServerLock.RUnlock() - for s, enabled := range ss.SkipServers { - if enabled { - if server, ok := singleton.ServerList[s]; ok { - if !server.HasPermission(c) { - return singleton.Localizer.ErrorT("permission denied") - } + for s := range ss.SkipServers { + if server, ok := singleton.ServerList[s]; ok { + if !server.HasPermission(c) { + return singleton.Localizer.ErrorT("permission denied") } } } diff --git a/cmd/dashboard/rpc/rpc.go b/cmd/dashboard/rpc/rpc.go index 2daf620..51f6e12 100644 --- a/cmd/dashboard/rpc/rpc.go +++ b/cmd/dashboard/rpc/rpc.go @@ -102,9 +102,11 @@ func DispatchTask(serviceSentinelDispatchBus <-chan model.Service) { if task.Cover == model.ServiceCoverIgnoreAll && task.SkipServers[singleton.SortedServerList[workedServerIndex].ID] { server := singleton.SortedServerList[workedServerIndex] singleton.UserLock.RLock() - role, ok := singleton.UserRoleMap[server.UserID] - if !ok { + var role uint8 + if u, ok := singleton.UserInfoMap[server.UserID]; !ok { role = model.RoleMember + } else { + role = u.Role } singleton.UserLock.RUnlock() if task.UserID == server.UserID || role == model.RoleAdmin { @@ -116,9 +118,11 @@ func DispatchTask(serviceSentinelDispatchBus <-chan model.Service) { if task.Cover == model.ServiceCoverAll && !task.SkipServers[singleton.SortedServerList[workedServerIndex].ID] { server := singleton.SortedServerList[workedServerIndex] singleton.UserLock.RLock() - role, ok := singleton.UserRoleMap[server.UserID] - if !ok { + var role uint8 + if u, ok := singleton.UserInfoMap[server.UserID]; !ok { role = model.RoleMember + } else { + role = u.Role } singleton.UserLock.RUnlock() if task.UserID == server.UserID || role == model.RoleAdmin { diff --git a/model/user.go b/model/user.go index 5268298..29dfe4f 100644 --- a/model/user.go +++ b/model/user.go @@ -18,6 +18,12 @@ type User struct { AgentSecret string `json:"agent_secret,omitempty" gorm:"type:char(32)"` } +type UserInfo struct { + Role uint8 + _ [3]byte + AgentSecret string +} + func (u *User) BeforeSave(tx *gorm.DB) error { if u.AgentSecret != "" { return nil diff --git a/service/singleton/alertsentinel.go b/service/singleton/alertsentinel.go index 875eb8e..ec20a80 100644 --- a/service/singleton/alertsentinel.go +++ b/service/singleton/alertsentinel.go @@ -144,9 +144,11 @@ func checkStatus() { for _, server := range ServerList { // 监测点 UserLock.RLock() - role, ok := UserRoleMap[alert.UserID] - if !ok { + var role uint8 + if u, ok := UserInfoMap[server.UserID]; !ok { role = model.RoleMember + } else { + role = u.Role } UserLock.RUnlock() alertsStore[alert.ID][server.ID] = append(alertsStore[alert. diff --git a/service/singleton/user.go b/service/singleton/user.go index d61a3d0..ab883d6 100644 --- a/service/singleton/user.go +++ b/service/singleton/user.go @@ -8,26 +8,25 @@ import ( ) var ( - UserIdToAgentSecret map[uint64]string + UserInfoMap map[uint64]model.UserInfo AgentSecretToUserId map[string]uint64 - UserRoleMap map[uint64]uint8 - UserLock sync.RWMutex ) func initUser() { - UserIdToAgentSecret = make(map[uint64]string) + UserInfoMap = make(map[uint64]model.UserInfo) AgentSecretToUserId = make(map[string]uint64) - UserRoleMap = make(map[uint64]uint8) var users []model.User DB.Find(&users) for _, u := range users { - UserIdToAgentSecret[u.ID] = u.AgentSecret + UserInfoMap[u.ID] = model.UserInfo{ + Role: u.Role, + AgentSecret: u.AgentSecret, + } AgentSecretToUserId[u.AgentSecret] = u.ID - UserRoleMap[u.ID] = u.Role } } @@ -39,9 +38,11 @@ func OnUserUpdate(u *model.User) { return } - UserIdToAgentSecret[u.ID] = u.AgentSecret + UserInfoMap[u.ID] = model.UserInfo{ + Role: u.Role, + AgentSecret: u.AgentSecret, + } AgentSecretToUserId[u.AgentSecret] = u.ID - UserRoleMap[u.ID] = u.Role } func OnUserDelete(id []uint64, errorFunc func(string, ...interface{}) error) error { @@ -117,9 +118,9 @@ func OnUserDelete(id []uint64, errorFunc func(string, ...interface{}) error) err OnServerDelete(servers) } - secret := UserIdToAgentSecret[uid] + secret := UserInfoMap[uid].AgentSecret delete(AgentSecretToUserId, secret) - delete(UserIdToAgentSecret, uid) + delete(UserInfoMap, uid) } if cron {