some changes

2025-01-22 20:58:14 -05:00 · 2024-12-21 23:56:56 +08:00 · 2024-12-21 23:56:56 +08:00 · 00a0494124
commit 00a0494124
parent ddd782d623
6 changed files with 39 additions and 30 deletions
--- a/cmd/dashboard/controller/alertrule.go
+++ b/cmd/dashboard/controller/alertrule.go
@ -168,13 +168,11 @@ func validateRule(c *gin.Context, r *model.AlertRule) error {
 	if len(r.Rules) > 0 {
 		for _, rule := range r.Rules {
 			singleton.ServerLock.RLock()
-			for s, enabled := range rule.Ignore {
+			for s := range rule.Ignore {
-				if enabled {
+				if server, ok := singleton.ServerList[s]; ok {
-					if server, ok := singleton.ServerList[s]; ok {
+					if !server.HasPermission(c) {
-						if !server.HasPermission(c) {
+						singleton.ServerLock.RUnlock()
-							singleton.ServerLock.RUnlock()
+						return singleton.Localizer.ErrorT("permission denied")
 							return singleton.Localizer.ErrorT("permission denied")
 						}
 					}
 				}
 			}
--- a/cmd/dashboard/controller/service.go
+++ b/cmd/dashboard/controller/service.go
@ -364,12 +364,10 @@ func validateServers(c *gin.Context, ss *model.Service) error {
 	singleton.ServerLock.RLock()
 	defer singleton.ServerLock.RUnlock()
-	for s, enabled := range ss.SkipServers {
+	for s := range ss.SkipServers {
-		if enabled {
+		if server, ok := singleton.ServerList[s]; ok {
-			if server, ok := singleton.ServerList[s]; ok {
+			if !server.HasPermission(c) {
-				if !server.HasPermission(c) {
+				return singleton.Localizer.ErrorT("permission denied")
 					return singleton.Localizer.ErrorT("permission denied")
 				}
 			}
 		}
 	}
--- a/cmd/dashboard/rpc/rpc.go
+++ b/cmd/dashboard/rpc/rpc.go
@ -102,9 +102,11 @@ func DispatchTask(serviceSentinelDispatchBus <-chan model.Service) {
 			if task.Cover == model.ServiceCoverIgnoreAll && task.SkipServers[singleton.SortedServerList[workedServerIndex].ID] {
 				server := singleton.SortedServerList[workedServerIndex]
 				singleton.UserLock.RLock()
-				role, ok := singleton.UserRoleMap[server.UserID]
+				var role uint8
-				if !ok {
+				if u, ok := singleton.UserInfoMap[server.UserID]; !ok {
 					role = model.RoleMember
 				} else {
 					role = u.Role
 				}
 				singleton.UserLock.RUnlock()
 				if task.UserID == server.UserID || role == model.RoleAdmin {
@ -116,9 +118,11 @@ func DispatchTask(serviceSentinelDispatchBus <-chan model.Service) {
 			if task.Cover == model.ServiceCoverAll && !task.SkipServers[singleton.SortedServerList[workedServerIndex].ID] {
 				server := singleton.SortedServerList[workedServerIndex]
 				singleton.UserLock.RLock()
-				role, ok := singleton.UserRoleMap[server.UserID]
+				var role uint8
-				if !ok {
+				if u, ok := singleton.UserInfoMap[server.UserID]; !ok {
 					role = model.RoleMember
 				} else {
 					role = u.Role
 				}
 				singleton.UserLock.RUnlock()
 				if task.UserID == server.UserID || role == model.RoleAdmin {
--- a/model/user.go
+++ b/model/user.go
@ -18,6 +18,12 @@ type User struct {
 	AgentSecret string `json:"agent_secret,omitempty" gorm:"type:char(32)"`
 }
 type UserInfo struct {
 	Role        uint8
 	_           [3]byte
 	AgentSecret string
 }
 func (u *User) BeforeSave(tx *gorm.DB) error {
 	if u.AgentSecret != "" {
 		return nil
--- a/service/singleton/alertsentinel.go
+++ b/service/singleton/alertsentinel.go
@ -144,9 +144,11 @@ func checkStatus() {
 		for _, server := range ServerList {
 			// 监测点
 			UserLock.RLock()
-			role, ok := UserRoleMap[alert.UserID]
+			var role uint8
-			if !ok {
+			if u, ok := UserInfoMap[server.UserID]; !ok {
 				role = model.RoleMember
 			} else {
 				role = u.Role
 			}
 			UserLock.RUnlock()
 			alertsStore[alert.ID][server.ID] = append(alertsStore[alert.
--- a/service/singleton/user.go
+++ b/service/singleton/user.go
@ -8,26 +8,25 @@ import (
 )
 var (
-	UserIdToAgentSecret map[uint64]string
+	UserInfoMap         map[uint64]model.UserInfo
 	AgentSecretToUserId map[string]uint64
 	UserRoleMap map[uint64]uint8
 	UserLock sync.RWMutex
 )
 func initUser() {
-	UserIdToAgentSecret = make(map[uint64]string)
+	UserInfoMap = make(map[uint64]model.UserInfo)
 	AgentSecretToUserId = make(map[string]uint64)
 	UserRoleMap = make(map[uint64]uint8)
 	var users []model.User
 	DB.Find(&users)
 	for _, u := range users {
-		UserIdToAgentSecret[u.ID] = u.AgentSecret
+		UserInfoMap[u.ID] = model.UserInfo{
 			Role:        u.Role,
 			AgentSecret: u.AgentSecret,
 		}
 		AgentSecretToUserId[u.AgentSecret] = u.ID
 		UserRoleMap[u.ID] = u.Role
 	}
 }
@ -39,9 +38,11 @@ func OnUserUpdate(u *model.User) {
 		return
 	}
-	UserIdToAgentSecret[u.ID] = u.AgentSecret
+	UserInfoMap[u.ID] = model.UserInfo{
 		Role:        u.Role,
 		AgentSecret: u.AgentSecret,
 	}
 	AgentSecretToUserId[u.AgentSecret] = u.ID
 	UserRoleMap[u.ID] = u.Role
 }
 func OnUserDelete(id []uint64, errorFunc func(string, ...interface{}) error) error {
@ -117,9 +118,9 @@ func OnUserDelete(id []uint64, errorFunc func(string, ...interface{}) error) err
 			OnServerDelete(servers)
 		}
-		secret := UserIdToAgentSecret[uid]
+		secret := UserInfoMap[uid].AgentSecret
 		delete(AgentSecretToUserId, secret)
-		delete(UserIdToAgentSecret, uid)
+		delete(UserInfoMap, uid)
 	}
 	if cron {