v0.3.2 add permited member info

6 months ago · 94479ceae2
3 changed files with 22 additions and 6 deletions
--- a/build/doc/sql/schema-3.1.0.sql
+++ b/build/doc/sql/schema-3.1.0.sql
@ -152,6 +152,7 @@ CREATE TABLE `tank31_share` (
  `expire_infinity` tinyint(1) NOT NULL DEFAULT '0',
  `expire_time` timestamp NOT NULL DEFAULT '2018-01-01 00:00:00',
  `permit_list` varchar(2048) DEFAULT NULL,
+  `permit_infos` varchar(4096) NOT NULL,
  PRIMARY KEY (`uuid`),
  UNIQUE KEY `uuid` (`uuid`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
--- a/code/rest/share_controller.go
+++ b/code/rest/share_controller.go
@ -3,6 +3,7 @@ package rest
 import (
 	"encoding/base64"
 	"net/http"
+	"regexp"
 	"strconv"
 	"strings"
 	"time"
@ -157,11 +158,13 @@ func (this *ShareController) Create(writer http.ResponseWriter, request *http.Re

 	if permitListStr != "" {
 		length := request.FormValue("len")
+		infoStr := request.FormValue("permitInfos")
 		permited, err := checkFormatOfPermitList(permitListStr, length)
 		if err != nil {
 			panic(result.BadRequest("illegal data"))
 		}
 		share.PermitList = permited
+		share.PermitInfos = infoStr
 	}
 	this.shareDao.Create(share)

@ -196,21 +199,32 @@ func (this *ShareController) Permits(writer http.ResponseWriter, request *http.R
 	//通过users参数进行逻辑分支处理
 	if update == "true" && permitList != "" {
 		length := request.FormValue("len")
+		//todo: 最好对字符串的安全性加一些检验，如特殊字符
+		infoStr := request.FormValue("permitInfos")
+		illegal, _ := regexp.MatchString(`[@\&?#%><;/=*]`, infoStr)
+		permited, err := checkFormatOfPermitList(permitList, length)
+		if err != nil || illegal {
+			panic(result.BadRequest("illegal data"))
+		}
+
 		user := this.checkUser(request)
 		if share.UserUuid != user.Uuid {
 			panic(result.Unauthorized("have no permission for editing"))
 		}

-		permited, err := checkFormatOfPermitList(permitList, length)
-		if err != nil {
-			panic(result.BadRequest("illegal data"))
-		}
 		share.PermitList = permited
+		share.PermitInfos = infoStr
 		this.shareDao.Save(share)
 		return this.Success(nil)
 	}

-	return this.Success(strings.Split(share.PermitList, "|"))
+	return this.Success(struct {
+		Permited []string `json:"permited"`
+		Infos    []string `json:"infos"`
+	}{
+		Permited: strings.Split(share.PermitList, "|"),
+		Infos:    strings.Split(share.PermitInfos, "|"),
+	})
 }

 func checkFormatOfPermitList(permitList, length string) (string, error) {
--- a/code/rest/share_model.go
+++ b/code/rest/share_model.go
@ -28,7 +28,8 @@ type Share struct {
 	ShareType      string    `json:"shareType" gorm:"type:varchar(45)"`
 	Username       string    `json:"username" gorm:"type:varchar(45)"`
 	UserUuid       string    `json:"userUuid" gorm:"type:char(36)"`
-	PermitList     string    `json:"permitList" gorm:"type:char(2048)"`
+	PermitList     string    `json:"permitList" gorm:"type:text(2048)"`
+	PermitInfos    string    `json:"permitInfos" gorm:"type:text(4096)"`
 	DownloadTimes  int64     `json:"downloadTimes" gorm:"type:bigint(20) not null;default:0"`
 	Code           string    `json:"code" gorm:"type:varchar(45) not null"`
 	ExpireInfinity bool      `json:"expireInfinity" gorm:"type:tinyint(1) not null;default:0"`