diff --git a/build/conf/tank.json b/build/conf/tank.json index da41152..4050df4 100644 --- a/build/conf/tank.json +++ b/build/conf/tank.json @@ -1,10 +1,10 @@ { "ServerPort": 6010, "MatterPath": "./build/matter", - "MysqlPort":3306, - "MysqlHost":"127.0.0.1", - "MysqlSchema":"hxstorage", - "MysqlUsername":"dj", - "MysqlPassword":"123456", - "MysqlCharset":"utf8mb4" + "MysqlPort":3306, + "MysqlHost":"127.0.0.1", + "MysqlSchema":"hxstorage", + "MysqlUsername":"dj", + "MysqlPassword":"123456", + "MysqlCharset":"utf8mb4" } \ No newline at end of file diff --git a/build/doc/sql/schema-3.1.0.sql b/build/doc/sql/schema-3.1.0.sql index 5606b71..0f29c9d 100644 --- a/build/doc/sql/schema-3.1.0.sql +++ b/build/doc/sql/schema-3.1.0.sql @@ -151,6 +151,7 @@ CREATE TABLE `tank31_share` ( `code` varchar(45) NOT NULL, `expire_infinity` tinyint(1) NOT NULL DEFAULT '0', `expire_time` timestamp NOT NULL DEFAULT '2018-01-01 00:00:00', + `permit_list` varchar(2048) DEFAULT NULL, PRIMARY KEY (`uuid`), UNIQUE KEY `uuid` (`uuid`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; diff --git a/code/rest/share_controller.go b/code/rest/share_controller.go index 9dc3115..5e02d5d 100644 --- a/code/rest/share_controller.go +++ b/code/rest/share_controller.go @@ -1,6 +1,7 @@ package rest import ( + "encoding/base64" "net/http" "strconv" "strings" @@ -63,6 +64,8 @@ func (this *ShareController) RegisterRoutes() map[string]func(writer http.Respon routeMap["/api/share/page"] = this.Wrap(this.Page, USER_ROLE_USER) routeMap["/api/share/browse"] = this.Wrap(this.Browse, USER_ROLE_GUEST) routeMap["/api/share/zip"] = this.Wrap(this.Zip, USER_ROLE_GUEST) + //by han + routeMap["/api/share/permits"] = this.Wrap(this.Permits, USER_ROLE_USER) return routeMap } @@ -72,6 +75,7 @@ func (this *ShareController) Create(writer http.ResponseWriter, request *http.Re matterUuids := request.FormValue("matterUuids") expireInfinityStr := request.FormValue("expireInfinity") expireTimeStr := request.FormValue("expireTime") + permitListStr := request.FormValue("permitList") if matterUuids == "" { panic(result.BadRequest("matterUuids cannot be null")) @@ -150,6 +154,15 @@ func (this *ShareController) Create(writer http.ResponseWriter, request *http.Re ExpireInfinity: expireInfinity, ExpireTime: expireTime, } + + if permitListStr != "" { + length := request.FormValue("len") + permited, err := checkFormatOfPermitList(permitListStr, length) + if err != nil { + panic(result.BadRequest("illegal data")) + } + share.PermitList = permited + } this.shareDao.Create(share) for _, matter := range matters { @@ -163,6 +176,55 @@ func (this *ShareController) Create(writer http.ResponseWriter, request *http.Re return this.Success(share) } +// by han +// Permits 包含2个功能,一是获取权限列表,二是对权限做修改 +func (this *ShareController) Permits(writer http.ResponseWriter, request *http.Request) *result.WebResult { + + uuid := request.FormValue("uuid") + update := request.FormValue("update") + permitList := request.FormValue("permitList") + //uid := request.FormValue("uid") //当前用户 + + if uuid == "" { + panic(result.BadRequest("uuid cannot be null")) + } + + share := this.shareDao.FindByUuid(uuid) + if share == nil { + return this.Success(nil) + } + + //通过users参数进行逻辑分支处理 + if update == "true" && permitList != "" { + length := request.FormValue("len") + + permited, err := checkFormatOfPermitList(permitList, length) + if err != nil { + panic(result.BadRequest("illegal data")) + } + share.PermitList = permited + this.shareDao.Save(share) + return this.Success(nil) + } + + return this.Success(strings.Split(share.PermitList, "|")) +} + +func checkFormatOfPermitList(permitList, length string) (string, error) { + data, err := base64.StdEncoding.DecodeString(permitList) + if err != nil { + return "", err + } + + //简单校验一下数据 格式和长度 + strs := strings.Split(string(data), "|") + if strconv.Itoa(len(strs)) != length { + return "", err + } + + return string(data), nil +} + func (this *ShareController) Delete(writer http.ResponseWriter, request *http.Request) *result.WebResult { uuid := request.FormValue("uuid") diff --git a/code/rest/share_model.go b/code/rest/share_model.go index 1362136..14ace59 100644 --- a/code/rest/share_model.go +++ b/code/rest/share_model.go @@ -1,8 +1,9 @@ package rest import ( - "github.com/eyebluecn/tank/code/core" "time" + + "github.com/eyebluecn/tank/code/core" ) const ( @@ -27,6 +28,7 @@ type Share struct { ShareType string `json:"shareType" gorm:"type:varchar(45)"` Username string `json:"username" gorm:"type:varchar(45)"` UserUuid string `json:"userUuid" gorm:"type:char(36)"` + PermitList string `json:"permitList" gorm:"type:char(2048)"` DownloadTimes int64 `json:"downloadTimes" gorm:"type:bigint(20) not null;default:0"` Code string `json:"code" gorm:"type:varchar(45) not null"` ExpireInfinity bool `json:"expireInfinity" gorm:"type:tinyint(1) not null;default:0"` diff --git a/code/rest/user_service.go b/code/rest/user_service.go index 4deead4..c6ad24b 100644 --- a/code/rest/user_service.go +++ b/code/rest/user_service.go @@ -126,7 +126,7 @@ func (this *UserService) PreHandle(writer http.ResponseWriter, request *http.Req if cacheItem != nil { u := cacheItem.Data().(*User) - //session.UserUuid==userid 这个比较重要,平台退出后,这里的session是不清空的,要加判断 + //session.UserUuid==userid 这个非常重要,平台退出后,这里的session是不清空的,要加判断 if userid != "" && u.Uuid != userid { this.sessionDao.Delete(sessionId) d := time.Until(time.Now().AddDate(0, 0, 30))