From 2059280428d088675c374ed54cfffe5c55773920 Mon Sep 17 00:00:00 2001 From: hxsherry <1053288784@qq.com> Date: Thu, 18 Jan 2018 17:59:40 +0800 Subject: [PATCH] Unify the user's status. fix #9. --- README.md | 2 ++ build/doc/alien_zh.md | 13 ------------- rest/base_controller.go | 17 ++++++++++++----- rest/user_controller.go | 12 +++++++++++- rest/user_dao.go | 6 +++++- rest/user_model.go | 2 ++ rest/web_result.go | 2 +- 7 files changed, 33 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 0d31022..504e267 100644 --- a/README.md +++ b/README.md @@ -184,6 +184,8 @@ cd tank/build/pack/ [蓝眼云盘编程接口](https://github.com/eyebluecn/tank/blob/master/build/doc/alien_zh.md) +[快速使用Let's Encrypt开启个人网站的https](https://blog.eyeblue.cn/home/article/9f580b3f-5679-4a9d-be6f-4d9f0dd417af) + ### Contribution 感谢所有蓝眼云盘的贡献者 [@zicla](https://github.com/zicla),[@seaheart](https://github.com/seaheart),[@yemuhe](https://github.com/yemuhe),[@hxsherry](https://github.com/hxsherry) diff --git a/build/doc/alien_zh.md b/build/doc/alien_zh.md index d012d4c..c4f0f47 100644 --- a/build/doc/alien_zh.md +++ b/build/doc/alien_zh.md @@ -76,19 +76,6 @@ matterUuid | `string` | 【必填】文件uuid,要想下载的文件`uuid` expire | `int` | 【选填】UploadToken过期时间,单位:s。默认 86400s 即24h -#### /api/alien/fetch/download/token - -功能:一个蓝眼云盘受信任的用户请求一个`DownloadToken`,用于给另一个用户下载蓝眼云盘上的私有文件。 - -一般的使用场景是`应用服务器`向`蓝眼云盘`请求`DownloadToken`,然后将此`DownloadToken`交由`浏览器`去向`蓝眼云盘`下载文件。 - -参数 | 类型 | 描述 ---------- | ---- | ----------- -email | `string` | 【必填】邮箱,用于确定请求者身份 -password | `string` | 【必填】密码,用于确定请求者身份 -matterUuid | `string` | 【必填】文件uuid,要想下载的文件`uuid` -expire | `int` | 【选填】UploadToken过期时间,单位:s。默认 86400s 即24h - #### /api/alien/download/{uuid}/{filename} 功能:在浏览器中下载文件 diff --git a/rest/base_controller.go b/rest/base_controller.go index 6284b51..cb81743 100644 --- a/rest/base_controller.go +++ b/rest/base_controller.go @@ -50,7 +50,7 @@ func (this *BaseController) HandleRoutes(writer http.ResponseWriter, request *ht } //需要进行登录验证的wrap包装 -func (this *BaseController) Wrap(f func(writer http.ResponseWriter, request *http.Request) *WebResult, role string) func(w http.ResponseWriter, r *http.Request) { +func (this *BaseController) Wrap(f func(writer http.ResponseWriter, request *http.Request) *WebResult, qualifiedRole string) func(w http.ResponseWriter, r *http.Request) { return func(writer http.ResponseWriter, request *http.Request) { @@ -59,13 +59,20 @@ func (this *BaseController) Wrap(f func(writer http.ResponseWriter, request *htt var webResult *WebResult = nil //只有游客接口不需要登录 - if role != USER_ROLE_GUEST { + if qualifiedRole != USER_ROLE_GUEST { user := this.checkUser(writer, request) - if role == USER_ROLE_ADMINISTRATOR && user.Role != USER_ROLE_ADMINISTRATOR { - webResult = ConstWebResult(RESULT_CODE_UNAUTHORIZED) + + if user.Status == USER_STATUS_DISABLED { + //判断用户是否被禁用。 + webResult = ConstWebResult(RESULT_CODE_LOGIN_INVALID) } else { - webResult = f(writer, request) + if qualifiedRole == USER_ROLE_ADMINISTRATOR && user.Role != USER_ROLE_ADMINISTRATOR { + webResult = ConstWebResult(RESULT_CODE_UNAUTHORIZED) + } else { + webResult = f(writer, request) + } } + } else { webResult = f(writer, request) } diff --git a/rest/user_controller.go b/rest/user_controller.go index f1faa03..0eff9d3 100644 --- a/rest/user_controller.go +++ b/rest/user_controller.go @@ -240,6 +240,7 @@ func (this *UserController) Page(writer http.ResponseWriter, request *http.Reque username := request.FormValue("username") email := request.FormValue("email") phone := request.FormValue("phone") + status := request.FormValue("status") orderLastTime := request.FormValue("orderLastTime") orderCreateTime := request.FormValue("orderCreateTime") @@ -267,7 +268,7 @@ func (this *UserController) Page(writer http.ResponseWriter, request *http.Reque }, } - pager := this.userDao.Page(page, pageSize, username, email, phone, sortArray) + pager := this.userDao.Page(page, pageSize, username, email, phone, status, sortArray) return this.Success(pager) } @@ -279,6 +280,11 @@ func (this *UserController) Disable(writer http.ResponseWriter, request *http.Re user := this.userDao.CheckByUuid(uuid) + loginUser := this.checkUser(writer, request) + if uuid == loginUser.Uuid { + return this.Error("你不能操作自己的状态。") + } + if user.Status == USER_STATUS_DISABLED { return this.Error("用户已经被禁用,操作无效。") } @@ -297,6 +303,10 @@ func (this *UserController) Enable(writer http.ResponseWriter, request *http.Req uuid := request.FormValue("uuid") user := this.userDao.CheckByUuid(uuid) + loginUser := this.checkUser(writer, request) + if uuid == loginUser.Uuid { + return this.Error("你不能操作自己的状态。") + } if user.Status == USER_STATUS_OK { return this.Error("用户已经是正常状态,操作无效。") diff --git a/rest/user_dao.go b/rest/user_dao.go index 6175927..cead885 100644 --- a/rest/user_dao.go +++ b/rest/user_dao.go @@ -64,7 +64,7 @@ func (this *UserDao) FindByEmail(email string) *User { } //显示用户列表。 -func (this *UserDao) Page(page int, pageSize int, username string, email string, phone string, sortArray []OrderPair) *Pager { +func (this *UserDao) Page(page int, pageSize int, username string, email string, phone string, status string, sortArray []OrderPair) *Pager { var wp = &WherePair{} @@ -80,6 +80,10 @@ func (this *UserDao) Page(page int, pageSize int, username string, email string, wp = wp.And(&WherePair{Query: "phone = ?", Args: []interface{}{phone}}) } + if status != "" { + wp = wp.And(&WherePair{Query: "status = ?", Args: []interface{}{status}}) + } + count := 0 db := this.context.DB.Model(&User{}).Where(wp.Query, wp.Args...).Count(&count) this.PanicError(db.Error) diff --git a/rest/user_model.go b/rest/user_model.go index 0054745..72d3b36 100644 --- a/rest/user_model.go +++ b/rest/user_model.go @@ -20,7 +20,9 @@ const ( ) const ( + //正常状态 USER_STATUS_OK = "OK" + //被禁用 USER_STATUS_DISABLED = "DISABLED" ) diff --git a/rest/web_result.go b/rest/web_result.go index 6abb654..daeb99e 100644 --- a/rest/web_result.go +++ b/rest/web_result.go @@ -82,7 +82,7 @@ func ConstWebResult(code int) *WebResult { //该登录用户不是有效用户 case RESULT_CODE_LOGIN_INVALID: - wr.Msg = "该登录用户不是有效用户" + wr.Msg = "该登录用户不是有效用户或者用户已被禁用" //提交的表单验证不通过 case RESULT_CODE_FORM_INVALID: