From 672063f4de1ab56db0fa2d18d7df3a0e63d27dad Mon Sep 17 00:00:00 2001 From: naiba Date: Mon, 23 Dec 2024 19:50:41 +0800 Subject: [PATCH] feat: block user manual & upgrade frontend --- cmd/dashboard/controller/user.go | 20 +++++++++++++++++++- model/waf.go | 10 +++++++++- service/singleton/frontend-templates.yaml | 6 +++--- 3 files changed, 31 insertions(+), 5 deletions(-) diff --git a/cmd/dashboard/controller/user.go b/cmd/dashboard/controller/user.go index 0df27d8..31a07dd 100644 --- a/cmd/dashboard/controller/user.go +++ b/cmd/dashboard/controller/user.go @@ -172,6 +172,11 @@ func batchDeleteUser(c *gin.Context) (any, error) { // @Success 200 {object} model.PaginatedResponse[[]model.OnlineUser, model.OnlineUser] // @Router /online-user [get] func listOnlineUser(c *gin.Context) (*model.Value[[]*model.OnlineUser], error) { + var isAdmin bool + u, ok := c.Get(model.CtxKeyAuthorizedUser) + if ok { + isAdmin = u.(*model.User).Role == model.RoleAdmin + } limit, err := strconv.Atoi(c.Query("limit")) if err != nil || limit < 1 { limit = 25 @@ -182,8 +187,21 @@ func listOnlineUser(c *gin.Context) (*model.Value[[]*model.OnlineUser], error) { offset = 0 } + users := singleton.GetOnlineUsers(limit, offset) + if !isAdmin { + var newUsers []*model.OnlineUser + for _, user := range users { + newUsers = append(newUsers, &model.OnlineUser{ + UserID: user.UserID, + IP: utils.IPDesensitize(user.IP), + ConnectedAt: user.ConnectedAt, + }) + } + users = newUsers + } + return &model.Value[[]*model.OnlineUser]{ - Value: singleton.GetOnlineUsers(limit, offset), + Value: users, Pagination: model.Pagination{ Offset: offset, Limit: limit, diff --git a/model/waf.go b/model/waf.go index 59815a6..75e77e8 100644 --- a/model/waf.go +++ b/model/waf.go @@ -115,6 +115,14 @@ func BlockIP(db *gorm.DB, ip string, reason uint8, uid int64) error { BlockIdentifier: uid, } now := uint64(time.Now().Unix()) + + var count interface{} + if reason == WAFBlockReasonTypeManual { + count = 99999 + } else { + count = gorm.Expr("count + 1") + } + return db.Transaction(func(tx *gorm.DB) error { if err := tx.Where(&w).Attrs(WAF{ BlockReason: reason, @@ -122,7 +130,7 @@ func BlockIP(db *gorm.DB, ip string, reason uint8, uid int64) error { }).FirstOrCreate(&w).Error; err != nil { return err } - return tx.Exec("UPDATE nz_waf SET count = count + 1, block_reason = ?, block_timestamp = ? WHERE ip = ? and block_identifier = ?", reason, now, ipBinary, uid).Error + return tx.Exec("UPDATE nz_waf SET count = ?, block_reason = ?, block_timestamp = ? WHERE ip = ? and block_identifier = ?", count, reason, now, ipBinary, uid).Error }) } diff --git a/service/singleton/frontend-templates.yaml b/service/singleton/frontend-templates.yaml index 1d2bd8f..e114e6b 100644 --- a/service/singleton/frontend-templates.yaml +++ b/service/singleton/frontend-templates.yaml @@ -2,17 +2,17 @@ name: "OfficialAdmin" repository: "https://github.com/nezhahq/admin-frontend" author: "nezhahq" - version: "v1.4.0" + version: "v1.4.2" isadmin: true isofficial: true - path: "user-dist" name: "Official" repository: "https://github.com/hamster1963/nezha-dash-v1" author: "hamster1963" - version: "v1.7.8" + version: "v1.8.0" isofficial: true - path: "nazhua-dist" name: "Nazhua" repository: "https://github.com/hi2shark/nazhua" author: "hi2hi" - version: "v0.4.24" + version: "v0.4.25"