tcjlj/nezha
1
0
Fork 0
mirror of https://github.com/nezhahq/nezha.git synced 2025-01-22 12:48:14 -05:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

bug fixes (#918)

Browse Source 
* bug fixes

* fix for backward compatibility

* fix init

* cleanup

* possible fix

* optimize permission check

* Revert "possible fix"

This reverts commit 003f1bbb2a.
This commit is contained in:
UUBulb 2024-12-26 23:38:40 +08:00 committed by GitHub
parent b876909a8a
commit 85818c2630
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/dashboard/controller/notification_group.go
View File

@ -168,7 +168,7 @@ func updateNotificationGroup(c *gin.Context) (any, error) {
ngf.Notifications = slices.Compact(ngf.Notifications)
var count int64
if err := singleton.DB.Model(&model.Server{}).Where("id in (?)", ngf.Notifications).Count(&count).Error; err != nil {
if err := singleton.DB.Model(&model.Notification{}).Where("id in (?)", ngf.Notifications).Count(&count).Error; err != nil {
return nil, newGormError("%v", err)
}
if count != int64(len(ngf.Notifications)) {

10
model/alertrule.go
View File

@ -62,13 +62,9 @@ func (r *AlertRule) Enabled() bool {
}
// Snapshot 对传入的Server进行该报警规则下所有type的检查 返回每项检查结果
func (r *AlertRule) Snapshot(cycleTransferStats *CycleTransferStats, server *Server, db *gorm.DB, role uint8) []bool {
func (r *AlertRule) Snapshot(cycleTransferStats *CycleTransferStats, server *Server, db *gorm.DB) []bool {
point := make([]bool, len(r.Rules))
if r.UserID != server.UserID && role != RoleAdmin {
return point
}
for i, rule := range r.Rules {
point[i] = rule.Snapshot(cycleTransferStats, server, db)
}
@ -85,8 +81,8 @@ func (r *AlertRule) Check(points [][]bool) (maxDuration int, passed bool) {
if maxDuration < 1 {
maxDuration = 1
}
for j := len(points[i]) - 1; j >= 0; j-- {
if !points[i][j] {
for j := len(points) - 1; j >= 0; j-- {
if !points[j][i] {
failCount++
break
}

2
service/rpc/auth.go
View File

@ -38,7 +38,7 @@ func (a *authHandler) Check(ctx context.Context) (uint64, error) {
singleton.UserLock.RLock()
userId, ok := singleton.AgentSecretToUserId[clientSecret]
if !ok && clientSecret != singleton.Conf.AgentSecretKey {
if !ok {
singleton.UserLock.RUnlock()
model.BlockIP(singleton.DB, ip, model.WAFBlockReasonTypeAgentAuthFail, model.BlockIDgRPC)
return 0, status.Error(codes.Unauthenticated, "客户端认证失败")

5
service/singleton/alertsentinel.go
View File

@ -151,8 +151,11 @@ func checkStatus() {
role = u.Role
}
UserLock.RUnlock()
if alert.UserID != server.UserID && role != model.RoleAdmin {
continue
}
alertsStore[alert.ID][server.ID] = append(alertsStore[alert.
ID][server.ID], alert.Snapshot(AlertsCycleTransferStatsStore[alert.ID], server, DB, role))
ID][server.ID], alert.Snapshot(AlertsCycleTransferStatsStore[alert.ID], server, DB))
// 发送通知,分为触发报警和恢复通知
max, passed := alert.Check(alertsStore[alert.ID][server.ID])
// 保存当前服务器状态信息

7
service/singleton/user.go
View File

@ -21,6 +21,13 @@ func initUser() {
var users []model.User
DB.Find(&users)
// for backward compatibility
UserInfoMap[0] = model.UserInfo{
Role: model.RoleAdmin,
AgentSecret: Conf.AgentSecretKey,
}
AgentSecretToUserId[Conf.AgentSecretKey] = 0
for _, u := range users {
UserInfoMap[u.ID] = model.UserInfo{
Role: u.Role,