From eadeac064bac8dcb3eb5c93b183466a43777d416 Mon Sep 17 00:00:00 2001 From: zhangtao Date: Mon, 4 Aug 2025 09:55:20 +0800 Subject: [PATCH] =?UTF-8?q?feat(sys=5Fdeploy=5Ffile=5Fservice):=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E7=94=A8=E6=88=B7=E6=9D=83=E9=99=90=E6=8E=A7=E5=88=B6?= =?UTF-8?q?=E5=B9=B6=E4=BC=98=E5=8C=96=E9=83=A8=E7=BD=B2=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E6=93=8D=E4=BD=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 在 GetByID、Update、Delete 和 List 方法中添加用户权限控制,确保只能操作自己创建的部署文件 - 优化部署文件查询逻辑,提高数据安全性 - 改进错误处理,提升用户体验 --- internal/service/sys_deploy_file_service.go | 50 +++++++++++++++++---- 1 file changed, 42 insertions(+), 8 deletions(-) diff --git a/internal/service/sys_deploy_file_service.go b/internal/service/sys_deploy_file_service.go index cbd0ed8..ae484ba 100644 --- a/internal/service/sys_deploy_file_service.go +++ b/internal/service/sys_deploy_file_service.go @@ -65,8 +65,14 @@ func (s *SysDeployFileService) Create(c *gin.Context) serializer.Response { // GetByID 根据ID获取部署文件记录 func (s *SysDeployFileService) GetByID(c *gin.Context) serializer.Response { + // 获取当前用户ID + currentUserId := c.GetString("id") + if currentUserId == "" { + return serializer.ParamErr("用户信息获取失败!", nil) + } + var deployFile model.SysDeployFile - if err := s.Db.Where("deploy_id = ? AND del_flag = ?", c.Param("id"), "0").First(&deployFile).Error; err != nil { + if err := s.Db.Where("deploy_id = ? AND del_flag = ? AND create_by = ?", c.Param("id"), "0", currentUserId).First(&deployFile).Error; err != nil { logger.Error(c, "获取部署文件记录失败!") return serializer.DBErr("获取部署文件记录失败!", err) } @@ -87,16 +93,29 @@ func (s *SysDeployFileService) UpdateByID(c *gin.Context) serializer.Response { return serializer.ParamErr("id不可为空!", fmt.Errorf("id不可为空")) } + // 获取当前用户ID + currentUserId := c.GetString("id") + if currentUserId == "" { + return serializer.ParamErr("用户信息获取失败!", nil) + } + + // 检查权限:只能更新自己创建的数据 + var existingDeployFile model.SysDeployFile + if err := s.Db.Where("deploy_id = ? AND del_flag = ? AND create_by = ?", id, "0", currentUserId).First(&existingDeployFile).Error; err != nil { + logger.Error(c, "部署文件记录不存在或无权限访问!") + return serializer.ParamErr("部署文件记录不存在或无权限访问!", err) + } + // 设置更新时间 now := time.Now() deployFile.UpdateTime = &now // 获取当前用户 - if updateBy := c.GetString("id"); updateBy != "" { + if updateBy := currentUserId; updateBy != "" { deployFile.UpdateBy = updateBy } - if err := s.Db.Model(&deployFile).Where("deploy_id = ? AND del_flag = ?", id, "0").Updates(&deployFile).Error; err != nil { + if err := s.Db.Model(&deployFile).Where("deploy_id = ? AND del_flag = ? AND create_by = ?", id, "0", currentUserId).Updates(&deployFile).Error; err != nil { logger.Error(c, "更新部署文件记录失败!") return serializer.DBErr("更新部署文件记录失败!", err) } @@ -111,18 +130,24 @@ func (s *SysDeployFileService) DeleteByID(c *gin.Context) serializer.Response { return serializer.ParamErr("id不可为空!", fmt.Errorf("id不可为空")) } + // 获取当前用户ID + currentUserId := c.GetString("id") + if currentUserId == "" { + return serializer.ParamErr("用户信息获取失败!", nil) + } + // 软删除 data := map[string]any{ "del_flag": "1", "update_time": time.Now(), - "update_by": c.GetString("id"), + "update_by": currentUserId, } // 删除已经部署的文件夹 deployFile := model.SysDeployFile{} - if err := s.Db.Where("deploy_id = ?", id).First(&deployFile).Error; err != nil { - logger.Error(c, "获取部署文件记录失败!") - return serializer.DBErr("获取部署文件记录失败!", err) + if err := s.Db.Where("deploy_id = ? AND create_by = ?", id, currentUserId).First(&deployFile).Error; err != nil { + logger.Error(c, "获取部署文件记录失败或无权限访问!") + return serializer.DBErr("获取部署文件记录失败或无权限访问!", err) } // 删除 /home/:projectName @@ -133,7 +158,7 @@ func (s *SysDeployFileService) DeleteByID(c *gin.Context) serializer.Response { } // 删除数据库记录 - if err := s.Db.Model(&model.SysDeployFile{}).Where("deploy_id = ?", id).Updates(data).Error; err != nil { + if err := s.Db.Model(&model.SysDeployFile{}).Where("deploy_id = ? AND create_by = ?", id, currentUserId).Updates(data).Error; err != nil { logger.Error(c, "删除部署文件记录失败!") return serializer.DBErr("删除部署文件记录失败!", err) } @@ -158,6 +183,12 @@ func (s *SysDeployFileService) GetByCondition(c *gin.Context) serializer.Respons var deployFiles []model.SysDeployFile offset := (p.Page - 1) * p.Limit + // 获取当前用户ID + currentUserId := c.GetString("id") + if currentUserId == "" { + return serializer.ParamErr("用户信息获取失败!", nil) + } + // 构建基础查询 db := s.Db.Model(&model.SysDeployFile{}) @@ -166,6 +197,9 @@ func (s *SysDeployFileService) GetByCondition(c *gin.Context) serializer.Respons db = db.Where(queryStr, args...) } + // 添加用户权限过滤:只能查询自己创建的数据 + db = db.Where("create_by = ?", currentUserId) + // 排序 if p.Sort != "" { db = db.Order(p.Sort)