tcjlj/nezha
1
0
Fork 0
mirror of https://github.com/nezhahq/nezha.git synced 2025-01-22 12:48:14 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge 0caca56dfd into a9c2abe71e

Browse Source
This commit is contained in:
UUBulb 2024-12-17 06:10:01 +00:00 committed by GitHub
commit 1cabe975f2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
12 changed files with 284 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
cmd/dashboard/controller/alertrule.go
View File

@ -50,6 +50,9 @@ func createAlertRule(c *gin.Context) (uint64, error) {
return 0, err
}
uid := getUid(c)
r.UserID = uid
r.Name = arf.Name
r.Rules = arf.Rules
r.FailTriggerTasks = arf.FailTriggerTasks
@ -100,6 +103,10 @@ func updateAlertRule(c *gin.Context) (any, error) {
return nil, singleton.Localizer.ErrorT("alert id %d does not exist", id)
}
if !r.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
r.Name = arf.Name
r.Rules = arf.Rules
r.FailTriggerTasks = arf.FailTriggerTasks
@ -133,12 +140,24 @@ func updateAlertRule(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/alert-rule [post]
func batchDeleteAlertRule(c *gin.Context) (any, error) {
var ar []uint64
if err := c.ShouldBindJSON(&ar); err != nil {
var arr []uint64
if err := c.ShouldBindJSON(&arr); err != nil {
return nil, err
}
var ars []model.AlertRule
if err := singleton.DB.Where("id in (?)", arr).Find(&ars).Error; err != nil {
return nil, err
}
var ar []uint64
for _, a := range ars {
if !a.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
ar = append(ar, a.ID)
}
if err := singleton.DB.Unscoped().Delete(&model.AlertRule{}, "id in (?)", ar).Error; err != nil {
return nil, newGormError("%v", err)
}

38
cmd/dashboard/controller/controller.go
View File

@ -9,6 +9,7 @@ import (
"net/http"
"os"
"path"
"slices"
"strings"
jwt "github.com/appleboy/gin-jwt/v2"
@ -82,7 +83,7 @@ func routers(r *gin.Engine, frontendDist fs.FS) {
auth.POST("/user", commonHandler(createUser))
auth.POST("/batch-delete/user", commonHandler(batchDeleteUser))
auth.GET("/service/list", commonHandler(listService))
auth.GET("/service/list", listHandler(listService))
auth.POST("/service", commonHandler(createService))
auth.PATCH("/service/:id", commonHandler(updateService))
auth.POST("/batch-delete/service", commonHandler(batchDeleteService))
@ -96,34 +97,34 @@ func routers(r *gin.Engine, frontendDist fs.FS) {
auth.PATCH("/notification-group/:id", commonHandler(updateNotificationGroup))
auth.POST("/batch-delete/notification-group", commonHandler(batchDeleteNotificationGroup))
auth.GET("/server", commonHandler(listServer))
auth.GET("/server", listHandler(listServer))
auth.PATCH("/server/:id", commonHandler(updateServer))
auth.POST("/batch-delete/server", commonHandler(batchDeleteServer))
auth.POST("/force-update/server", commonHandler(forceUpdateServer))
auth.GET("/notification", commonHandler(listNotification))
auth.GET("/notification", listHandler(listNotification))
auth.POST("/notification", commonHandler(createNotification))
auth.PATCH("/notification/:id", commonHandler(updateNotification))
auth.POST("/batch-delete/notification", commonHandler(batchDeleteNotification))
auth.GET("/alert-rule", commonHandler(listAlertRule))
auth.GET("/alert-rule", listHandler(listAlertRule))
auth.POST("/alert-rule", commonHandler(createAlertRule))
auth.PATCH("/alert-rule/:id", commonHandler(updateAlertRule))
auth.POST("/batch-delete/alert-rule", commonHandler(batchDeleteAlertRule))
auth.GET("/cron", commonHandler(listCron))
auth.GET("/cron", listHandler(listCron))
auth.POST("/cron", commonHandler(createCron))
auth.PATCH("/cron/:id", commonHandler(updateCron))
auth.GET("/cron/:id/manual", commonHandler(manualTriggerCron))
auth.POST("/batch-delete/cron", commonHandler(batchDeleteCron))
auth.GET("/ddns", commonHandler(listDDNS))
auth.GET("/ddns", listHandler(listDDNS))
auth.GET("/ddns/providers", commonHandler(listProviders))
auth.POST("/ddns", commonHandler(createDDNS))
auth.PATCH("/ddns/:id", commonHandler(updateDDNS))
auth.POST("/batch-delete/ddns", commonHandler(batchDeleteDDNS))
auth.GET("/nat", commonHandler(listNAT))
auth.GET("/nat", listHandler(listNAT))
auth.POST("/nat", commonHandler(createNAT))
auth.PATCH("/nat/:id", commonHandler(updateNAT))
auth.POST("/batch-delete/nat", commonHandler(batchDeleteNAT))
@ -212,6 +213,29 @@ func commonHandler[T any](handler handlerFunc[T]) func(*gin.Context) {
}
}
func listHandler[S ~[]E, E model.CommonInterface](handler handlerFunc[S]) func(*gin.Context) {
return func(c *gin.Context) {
data, err := handler(c)
if err != nil {
c.JSON(http.StatusOK, newErrorResponse(err))
return
}
c.JSON(http.StatusOK, filter(c, data))
}
}
func filter[S ~[]E, E model.CommonInterface](ctx *gin.Context, s S) S {
return slices.DeleteFunc(s, func(e E) bool {
return e.HasPermission(ctx)
})
}
func getUid(c *gin.Context) uint64 {
user, _ := c.MustGet(model.CtxKeyAuthorizedUser).(*model.User)
return user.ID
}
func fallbackToFrontend(frontendDist fs.FS) func(*gin.Context) {
checkLocalFileOrFs := func(c *gin.Context, fs fs.FS, path string) bool {
if _, err := os.Stat(path); err == nil {

35
cmd/dashboard/controller/cron.go
View File

@ -1,7 +1,6 @@
package controller
import (
"fmt"
"strconv"
"github.com/gin-gonic/gin"
@ -50,6 +49,7 @@ func createCron(c *gin.Context) (uint64, error) {
return 0, err
}
cr.UserID = getUid(c)
cr.TaskType = cf.TaskType
cr.Name = cf.Name
cr.Scheduler = cf.Scheduler
@ -106,7 +106,11 @@ func updateCron(c *gin.Context) (any, error) {
var cr model.Cron
if err := singleton.DB.First(&cr, id).Error; err != nil {
return nil, fmt.Errorf("task id %d does not exist", id)
return nil, singleton.Localizer.ErrorT("task id %d does not exist", id)
}
if !cr.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
cr.TaskType = cf.TaskType
@ -156,12 +160,15 @@ func manualTriggerCron(c *gin.Context) (any, error) {
return nil, err
}
var cr model.Cron
if err := singleton.DB.First(&cr, id).Error; err != nil {
singleton.CronLock.RLock()
cr, ok := singleton.Crons[id]
if !ok {
singleton.CronLock.RUnlock()
return nil, singleton.Localizer.ErrorT("task id %d does not exist", id)
}
singleton.CronLock.RUnlock()
singleton.ManualTrigger(&cr)
singleton.ManualTrigger(cr)
return nil, nil
}
@ -177,12 +184,24 @@ func manualTriggerCron(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/cron [post]
func batchDeleteCron(c *gin.Context) (any, error) {
var cr []uint64
if err := c.ShouldBindJSON(&cr); err != nil {
var crr []uint64
if err := c.ShouldBindJSON(&crr); err != nil {
return nil, err
}
var cr []uint64
singleton.CronLock.RLock()
for _, crID := range crr {
if crn, ok := singleton.Crons[crID]; ok {
if !crn.HasPermission(c) {
singleton.CronLock.RUnlock()
return nil, singleton.Localizer.ErrorT("permission denied")
}
cr = append(cr, crn.ID)
}
}
singleton.CronLock.RUnlock()
if err := singleton.DB.Unscoped().Delete(&model.Cron{}, "id in (?)", cr).Error; err != nil {
return nil, newGormError("%v", err)
}

22
cmd/dashboard/controller/ddns.go
View File

@ -56,6 +56,7 @@ func createDDNS(c *gin.Context) (uint64, error) {
return 0, singleton.Localizer.ErrorT("the retry count must be an integer between 1 and 10")
}
p.UserID = getUid(c)
p.Name = df.Name
enableIPv4 := df.EnableIPv4
enableIPv6 := df.EnableIPv6
@ -125,6 +126,10 @@ func updateDDNS(c *gin.Context) (any, error) {
return nil, singleton.Localizer.ErrorT("profile id %d does not exist", id)
}
if !p.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
p.Name = df.Name
enableIPv4 := df.EnableIPv4
enableIPv6 := df.EnableIPv6
@ -172,12 +177,25 @@ func updateDDNS(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/ddns [post]
func batchDeleteDDNS(c *gin.Context) (any, error) {
var ddnsConfigs []uint64
var ddnsConfigsr []uint64
if err := c.ShouldBindJSON(&ddnsConfigs); err != nil {
if err := c.ShouldBindJSON(&ddnsConfigsr); err != nil {
return nil, err
}
var ddnsConfigs []uint64
singleton.DDNSCacheLock.RLock()
for _, pid := range ddnsConfigsr {
if p, ok := singleton.DDNSCache[pid]; ok {
if !p.HasPermission(c) {
singleton.DDNSCacheLock.RUnlock()
return nil, singleton.Localizer.ErrorT("permission denied")
}
ddnsConfigs = append(ddnsConfigs, p.ID)
}
}
singleton.DDNSCacheLock.RUnlock()
if err := singleton.DB.Unscoped().Delete(&model.DDNSProfile{}, "id in (?)", ddnsConfigs).Error; err != nil {
return nil, newGormError("%v", err)
}

25
cmd/dashboard/controller/nat.go
View File

@ -51,6 +51,9 @@ func createNAT(c *gin.Context) (uint64, error) {
return 0, err
}
uid := getUid(c)
n.UserID = uid
n.Name = nf.Name
n.Domain = nf.Domain
n.Host = nf.Host
@ -95,6 +98,10 @@ func updateNAT(c *gin.Context) (any, error) {
return nil, singleton.Localizer.ErrorT("profile id %d does not exist", id)
}
if !n.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
n.Name = nf.Name
n.Domain = nf.Domain
n.Host = nf.Host
@ -121,12 +128,24 @@ func updateNAT(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/nat [post]
func batchDeleteNAT(c *gin.Context) (any, error) {
var n []uint64
if err := c.ShouldBindJSON(&n); err != nil {
var nr []uint64
if err := c.ShouldBindJSON(&nr); err != nil {
return nil, err
}
var n []uint64
singleton.NATCacheRwLock.RLock()
for _, id := range nr {
if p, ok := singleton.NATCache[singleton.NATIDToDomain[id]]; ok {
if !p.HasPermission(c) {
singleton.NATCacheRwLock.RUnlock()
return nil, singleton.Localizer.ErrorT("permission denied")
}
n = append(n, p.ID)
}
}
singleton.NATCacheRwLock.RUnlock()
if err := singleton.DB.Unscoped().Delete(&model.NAT{}, "id in (?)", n).Error; err != nil {
return nil, newGormError("%v", err)
}

22
cmd/dashboard/controller/notification.go
View File

@ -48,6 +48,7 @@ func createNotification(c *gin.Context) (uint64, error) {
}
var n model.Notification
n.UserID = getUid(c)
n.Name = nf.Name
n.RequestMethod = nf.RequestMethod
n.RequestType = nf.RequestType
@ -106,6 +107,10 @@ func updateNotification(c *gin.Context) (any, error) {
return nil, singleton.Localizer.ErrorT("notification id %d does not exist", id)
}
if !n.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
n.Name = nf.Name
n.RequestMethod = nf.RequestMethod
n.RequestType = nf.RequestType
@ -148,12 +153,23 @@ func updateNotification(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/notification [post]
func batchDeleteNotification(c *gin.Context) (any, error) {
var n []uint64
if err := c.ShouldBindJSON(&n); err != nil {
var nr []uint64
if err := c.ShouldBindJSON(&nr); err != nil {
return nil, err
}
var n []uint64
singleton.NotificationsLock.RLock()
for _, nid := range nr {
if ns, ok := singleton.NotificationMap[nid]; ok {
if !ns.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
n = append(n, ns.ID)
}
}
singleton.NotificationsLock.RUnlock()
err := singleton.DB.Transaction(func(tx *gorm.DB) error {
if err := tx.Unscoped().Delete(&model.Notification{}, "id in (?)", n).Error; err != nil {
return err

38
cmd/dashboard/controller/notification_group.go
View File

@ -20,7 +20,7 @@ import (
// @Produce json
// @Success 200 {object} model.CommonResponse[[]model.NotificationGroupResponseItem]
// @Router /notification-group [get]
func listNotificationGroup(c *gin.Context) ([]model.NotificationGroupResponseItem, error) {
func listNotificationGroup(c *gin.Context) ([]*model.NotificationGroupResponseItem, error) {
var ng []model.NotificationGroup
if err := singleton.DB.Find(&ng).Error; err != nil {
return nil, err
@ -39,9 +39,9 @@ func listNotificationGroup(c *gin.Context) ([]model.NotificationGroupResponseIte
groupNotifications[n.NotificationGroupID] = append(groupNotifications[n.NotificationGroupID], n.NotificationID)
}
ngRes := make([]model.NotificationGroupResponseItem, 0, len(ng))
ngRes := make([]*model.NotificationGroupResponseItem, 0, len(ng))
for _, n := range ng {
ngRes = append(ngRes, model.NotificationGroupResponseItem{
ngRes = append(ngRes, &model.NotificationGroupResponseItem{
Group: n,
Notifications: groupNotifications[n.ID],
})
@ -68,8 +68,11 @@ func createNotificationGroup(c *gin.Context) (uint64, error) {
}
ngf.Notifications = slices.Compact(ngf.Notifications)
uid := getUid(c)
var ng model.NotificationGroup
ng.Name = ngf.Name
ng.UserID = uid
var count int64
if err := singleton.DB.Model(&model.Notification{}).Where("id in (?)", ngf.Notifications).Count(&count).Error; err != nil {
@ -86,6 +89,9 @@ func createNotificationGroup(c *gin.Context) (uint64, error) {
}
for _, n := range ngf.Notifications {
if err := tx.Create(&model.NotificationGroupNotification{
Common: model.Common{
UserID: uid,
},
NotificationGroupID: ng.ID,
NotificationID: n,
}).Error; err != nil {
@ -131,6 +137,10 @@ func updateNotificationGroup(c *gin.Context) (any, error) {
return nil, singleton.Localizer.ErrorT("group id %d does not exist", id)
}
if !ngDB.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
ngDB.Name = ngf.Name
ngf.Notifications = slices.Compact(ngf.Notifications)
@ -142,6 +152,8 @@ func updateNotificationGroup(c *gin.Context) (any, error) {
return nil, singleton.Localizer.ErrorT("have invalid notification id")
}
uid := getUid(c)
err = singleton.DB.Transaction(func(tx *gorm.DB) error {
if err := tx.Save(&ngDB).Error; err != nil {
return err
@ -152,6 +164,9 @@ func updateNotificationGroup(c *gin.Context) (any, error) {
for _, n := range ngf.Notifications {
if err := tx.Create(&model.NotificationGroupNotification{
Common: model.Common{
UserID: uid,
},
NotificationGroupID: ngDB.ID,
NotificationID: n,
}).Error; err != nil {
@ -180,11 +195,24 @@ func updateNotificationGroup(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/notification-group [post]
func batchDeleteNotificationGroup(c *gin.Context) (any, error) {
var ngn []uint64
if err := c.ShouldBindJSON(&ngn); err != nil {
var ngnr []uint64
if err := c.ShouldBindJSON(&ngnr); err != nil {
return nil, err
}
var ng []model.NotificationGroup
if err := singleton.DB.Where("id in (?)", ng).Find(&ng).Error; err != nil {
return nil, err
}
var ngn []uint64
for _, n := range ng {
if !n.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
ngn = append(ngn, n.ID)
}
err := singleton.DB.Transaction(func(tx *gorm.DB) error {
if err := tx.Unscoped().Delete(&model.NotificationGroup{}, "id in (?)", ngn).Error; err != nil {
return err

21
cmd/dashboard/controller/server.go
View File

@ -61,6 +61,10 @@ func updateServer(c *gin.Context) (any, error) {
return nil, singleton.Localizer.ErrorT("server id %d does not exist", id)
}
if !s.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
s.Name = sf.Name
s.DisplayIndex = sf.DisplayIndex
s.Note = sf.Note
@ -99,11 +103,24 @@ func updateServer(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/server [post]
func batchDeleteServer(c *gin.Context) (any, error) {
var servers []uint64
if err := c.ShouldBindJSON(&servers); err != nil {
var serversRaw []uint64
if err := c.ShouldBindJSON(&serversRaw); err != nil {
return nil, err
}
var servers []uint64
singleton.ServerLock.RLock()
for _, sid := range serversRaw {
if s, ok := singleton.ServerList[sid]; ok {
if !s.HasPermission(c) {
singleton.ServerLock.RUnlock()
return nil, singleton.Localizer.ErrorT("permission denied")
}
servers = append(servers, s.ID)
}
}
singleton.ServerLock.RUnlock()
err := singleton.DB.Transaction(func(tx *gorm.DB) error {
if err := tx.Unscoped().Delete(&model.Server{}, "id in (?)", servers).Error; err != nil {
return err

39
cmd/dashboard/controller/server_group.go
View File

@ -20,7 +20,7 @@ import (
// @Produce json
// @Success 200 {object} model.CommonResponse[[]model.ServerGroupResponseItem]
// @Router /server-group [get]
func listServerGroup(c *gin.Context) ([]model.ServerGroupResponseItem, error) {
func listServerGroup(c *gin.Context) ([]*model.ServerGroupResponseItem, error) {
var sg []model.ServerGroup
if err := singleton.DB.Find(&sg).Error; err != nil {
return nil, err
@ -38,9 +38,9 @@ func listServerGroup(c *gin.Context) ([]model.ServerGroupResponseItem, error) {
groupServers[s.ServerGroupId] = append(groupServers[s.ServerGroupId], s.ServerId)
}
var sgRes []model.ServerGroupResponseItem
var sgRes []*model.ServerGroupResponseItem
for _, s := range sg {
sgRes = append(sgRes, model.ServerGroupResponseItem{
sgRes = append(sgRes, &model.ServerGroupResponseItem{
Group: s,
Servers: groupServers[s.ID],
})
@ -67,8 +67,11 @@ func createServerGroup(c *gin.Context) (uint64, error) {
}
sgf.Servers = slices.Compact(sgf.Servers)
uid := getUid(c)
var sg model.ServerGroup
sg.Name = sgf.Name
sg.UserID = uid
var count int64
if err := singleton.DB.Model(&model.Server{}).Where("id in (?)", sgf.Servers).Count(&count).Error; err != nil {
@ -84,6 +87,9 @@ func createServerGroup(c *gin.Context) (uint64, error) {
}
for _, s := range sgf.Servers {
if err := tx.Create(&model.ServerGroupServer{
Common: model.Common{
UserID: uid,
},
ServerGroupId: sg.ID,
ServerId: s,
}).Error; err != nil {
@ -129,6 +135,11 @@ func updateServerGroup(c *gin.Context) (any, error) {
if err := singleton.DB.First(&sgDB, id).Error; err != nil {
return nil, singleton.Localizer.ErrorT("group id %d does not exist", id)
}
if !sgDB.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("unauthorized")
}
sgDB.Name = sg.Name
var count int64
@ -139,6 +150,8 @@ func updateServerGroup(c *gin.Context) (any, error) {
return nil, singleton.Localizer.ErrorT("have invalid server id")
}
uid := getUid(c)
err = singleton.DB.Transaction(func(tx *gorm.DB) error {
if err := tx.Save(&sgDB).Error; err != nil {
return err
@ -149,6 +162,9 @@ func updateServerGroup(c *gin.Context) (any, error) {
for _, s := range sg.Servers {
if err := tx.Create(&model.ServerGroupServer{
Common: model.Common{
UserID: uid,
},
ServerGroupId: sgDB.ID,
ServerId: s,
}).Error; err != nil {
@ -176,11 +192,24 @@ func updateServerGroup(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/server-group [post]
func batchDeleteServerGroup(c *gin.Context) (any, error) {
var sgs []uint64
if err := c.ShouldBindJSON(&sgs); err != nil {
var sgsr []uint64
if err := c.ShouldBindJSON(&sgsr); err != nil {
return nil, err
}
var sg []model.ServerGroup
if err := singleton.DB.Where("id in (?)", sgsr).Find(&sg).Error; err != nil {
return nil, err
}
var sgs []uint64
for _, s := range sg {
if !s.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
sgs = append(sgs, s.ID)
}
err := singleton.DB.Transaction(func(tx *gorm.DB) error {
if err := tx.Unscoped().Delete(&model.ServerGroup{}, "id in (?)", sgs).Error; err != nil {
return err

26
cmd/dashboard/controller/service.go
View File

@ -190,7 +190,10 @@ func createService(c *gin.Context) (uint64, error) {
return 0, err
}
uid := getUid(c)
var m model.Service
m.UserID = uid
m.Name = mf.Name
m.Target = strings.TrimSpace(mf.Target)
m.Type = mf.Type
@ -260,6 +263,11 @@ func updateService(c *gin.Context) (any, error) {
if err := singleton.DB.First(&m, id).Error; err != nil {
return nil, singleton.Localizer.ErrorT("service id %d does not exist", id)
}
if !m.HasPermission(c) {
return nil, singleton.Localizer.ErrorT("permission denied")
}
m.Name = mf.Name
m.Target = strings.TrimSpace(mf.Target)
m.Type = mf.Type
@ -314,10 +322,24 @@ func updateService(c *gin.Context) (any, error) {
// @Success 200 {object} model.CommonResponse[any]
// @Router /batch-delete/service [post]
func batchDeleteService(c *gin.Context) (any, error) {
var ids []uint64
if err := c.ShouldBindJSON(&ids); err != nil {
var idsr []uint64
if err := c.ShouldBindJSON(&idsr); err != nil {
return nil, err
}
var ids []uint64
singleton.ServiceSentinelShared.ServicesLock.RLock()
for _, id := range idsr {
if ss, ok := singleton.ServiceSentinelShared.Services[id]; ok {
if !ss.HasPermission(c) {
singleton.ServiceSentinelShared.ServicesLock.RUnlock()
return nil, singleton.Localizer.ErrorT("permission denied")
}
ids = append(ids, ss.ID)
}
}
singleton.ServiceSentinelShared.ServicesLock.RUnlock()
err := singleton.DB.Transaction(func(tx *gorm.DB) error {
if err := tx.Unscoped().Delete(&model.Service{}, "id in (?)", ids).Error; err != nil {
return err

27
model/common.go
View File

@ -2,6 +2,8 @@ package model
import (
"time"
"github.com/gin-gonic/gin"
)
const (
@ -17,6 +19,31 @@ type Common struct {
UpdatedAt time.Time `gorm:"autoUpdateTime" json:"updated_at,omitempty"`
// Do not use soft deletion
// DeletedAt gorm.DeletedAt `gorm:"index" json:"deleted_at,omitempty"`
UserID uint64 `json:"user_id,omitempty"`
}
func (c *Common) GetID() uint64 {
return c.ID
}
func (c *Common) HasPermission(ctx *gin.Context) bool {
auth, ok := ctx.Get(CtxKeyAuthorizedUser)
if !ok {
return false
}
user := *auth.(*User)
if user.Role == RoleAdmin {
return true
}
return user.ID == c.UserID
}
type CommonInterface interface {
GetID() uint64
HasPermission(*gin.Context) bool
}
type Response struct {

6
model/user.go
View File

@ -1,9 +1,15 @@
package model
const (
RoleAdmin uint8 = iota
RoleMember
)
type User struct {
Common
Username string `json:"username,omitempty" gorm:"uniqueIndex"`
Password string `json:"password,omitempty" gorm:"type:char(72)"`
Role uint8 `json:"role,omitempty"`
}
type Profile struct {