diff --git a/.idea/.gitignore b/.idea/.gitignore
deleted file mode 100644
index 35410ca..0000000
--- a/.idea/.gitignore
+++ /dev/null
@@ -1,8 +0,0 @@
-# 默认忽略的文件
-/shelf/
-/workspace.xml
-# 基于编辑器的 HTTP 客户端请求
-/httpRequests/
-# Datasource local storage ignored files
-/dataSources/
-/dataSources.local.xml
diff --git a/.idea/Interactive.iml b/.idea/Paperclip.iml
similarity index 100%
rename from .idea/Interactive.iml
rename to .idea/Paperclip.iml
diff --git a/.idea/dataSources.xml b/.idea/dataSources.xml
deleted file mode 100644
index dfd9603..0000000
--- a/.idea/dataSources.xml
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
- postgresql
- true
- org.postgresql.Driver
- jdbc:postgresql://localhost:5432/hy_paperclip
- $ProjectFileDir$
-
-
-
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/Project_Default.xml b/.idea/inspectionProfiles/Project_Default.xml
deleted file mode 100644
index 03d9549..0000000
--- a/.idea/inspectionProfiles/Project_Default.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/workspace.xml b/.idea/workspace.xml
new file mode 100644
index 0000000..7754750
--- /dev/null
+++ b/.idea/workspace.xml
@@ -0,0 +1,80 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ {
+ "customColor": "",
+ "associatedIndex": 7
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ true
+
+
\ No newline at end of file
diff --git a/go.mod b/go.mod
index 4c8b3c1..832517c 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module git.solsynth.dev/hydrogen/paperclip
go 1.21.6
require (
- git.solsynth.dev/hydrogen/passport v0.0.0-20240504085931-7c418a3cd32f
+ git.solsynth.dev/hydrogen/passport v0.0.0-20240517121420-1e2d5e9f9d87
github.com/go-playground/validator/v10 v10.17.0
github.com/gofiber/fiber/v2 v2.52.4
github.com/golang-jwt/jwt/v5 v5.2.0
diff --git a/go.sum b/go.sum
index 9200ed3..804692d 100644
--- a/go.sum
+++ b/go.sum
@@ -1,5 +1,7 @@
git.solsynth.dev/hydrogen/passport v0.0.0-20240504085931-7c418a3cd32f h1:sKrQrKZc5C+dwefRsnc0uAGttzpSUWXUBoFaCXLkaTo=
git.solsynth.dev/hydrogen/passport v0.0.0-20240504085931-7c418a3cd32f/go.mod h1:3JRFPtf0dXRk2UQ1yVIgIspNfytM2yLBeBePJChgLZE=
+git.solsynth.dev/hydrogen/passport v0.0.0-20240517121420-1e2d5e9f9d87 h1:r+x72tRB9LTJFH3F2rIKydQUXREc7lgxITDnjfFWwGw=
+git.solsynth.dev/hydrogen/passport v0.0.0-20240517121420-1e2d5e9f9d87/go.mod h1:mEcDEKashAh3jvoGDbNLefK+HgsJaMj4xEc6vkLZ+Zc=
github.com/andybalholm/brotli v1.1.0 h1:eLKJA0d02Lf0mVpIDgYnqXcUn0GqVmEFny3VuID1U3M=
github.com/andybalholm/brotli v1.1.0/go.mod h1:sms7XGricyQI9K10gOSf56VKKWS4oLer58Q+mhRPtnY=
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
diff --git a/pkg/grpc/client.go b/pkg/grpc/client.go
index dd300e0..7db0061 100644
--- a/pkg/grpc/client.go
+++ b/pkg/grpc/client.go
@@ -8,9 +8,6 @@ import (
"google.golang.org/grpc"
)
-var Realms idpb.RealmsClient
-var Friendships idpb.FriendshipsClient
-var Notify idpb.NotifyClient
var Auth idpb.AuthClient
func ConnectPassport() error {
@@ -18,9 +15,6 @@ func ConnectPassport() error {
if conn, err := grpc.Dial(addr, grpc.WithTransportCredentials(insecure.NewCredentials())); err != nil {
return err
} else {
- Realms = idpb.NewRealmsClient(conn)
- Friendships = idpb.NewFriendshipsClient(conn)
- Notify = idpb.NewNotifyClient(conn)
Auth = idpb.NewAuthClient(conn)
}
diff --git a/pkg/server/attachments_api.go b/pkg/server/attachments_api.go
index f8a30a6..0821ec7 100644
--- a/pkg/server/attachments_api.go
+++ b/pkg/server/attachments_api.go
@@ -1,7 +1,10 @@
package server
import (
+ "context"
"fmt"
+ "git.solsynth.dev/hydrogen/paperclip/pkg/grpc"
+ "git.solsynth.dev/hydrogen/passport/pkg/grpc/proto"
"net/url"
"path/filepath"
@@ -79,13 +82,25 @@ func createAttachment(c *fiber.Ctx) error {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("disallowed usage: %s", usage))
}
- // TODO Add file size check with user permissions (BLOCKED BY Passport#3)
-
file, err := c.FormFile("file")
if err != nil {
return err
}
+ requiredPerm, _ := jsoniter.Marshal(file.Size)
+ if result, err := grpc.Auth.CheckPerm(context.Background(), &proto.CheckPermRequest{
+ Token: c.Locals("token").(string),
+ Key: "CreatePaperclipAttachments",
+ Value: requiredPerm,
+ }); err != nil {
+ return fiber.NewError(fiber.StatusInternalServerError, fmt.Sprintf("failed to check permission: %v", err))
+ } else if !result.GetIsValid() {
+ return fiber.NewError(
+ fiber.StatusForbidden,
+ fmt.Sprintf("requires permission CreatePaperclipAttachments equals or greater than %d", file.Size),
+ )
+ }
+
var usermeta = make(map[string]any)
_ = jsoniter.UnmarshalFromString(c.FormValue("metadata"), &usermeta)
diff --git a/pkg/services/accounts.go b/pkg/services/accounts.go
deleted file mode 100644
index fdbb154..0000000
--- a/pkg/services/accounts.go
+++ /dev/null
@@ -1,56 +0,0 @@
-package services
-
-import (
- "context"
- "time"
-
- "git.solsynth.dev/hydrogen/paperclip/pkg/database"
- "git.solsynth.dev/hydrogen/paperclip/pkg/grpc"
- "git.solsynth.dev/hydrogen/paperclip/pkg/models"
- "git.solsynth.dev/hydrogen/passport/pkg/grpc/proto"
- "github.com/rs/zerolog/log"
- "github.com/spf13/viper"
-)
-
-func GetAccountFriend(userId, relatedId uint, status int) (*proto.FriendshipResponse, error) {
- var user models.Account
- if err := database.C.Where("id = ?", userId).First(&user).Error; err != nil {
- return nil, err
- }
- var related models.Account
- if err := database.C.Where("id = ?", relatedId).First(&related).Error; err != nil {
- return nil, err
- }
-
- ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
- defer cancel()
-
- return grpc.Friendships.GetFriendship(ctx, &proto.FriendshipTwoSideLookupRequest{
- AccountId: uint64(user.ExternalID),
- RelatedId: uint64(related.ExternalID),
- Status: uint32(status),
- })
-}
-
-func NotifyAccount(user models.Account, subject, content string, realtime bool, links ...*proto.NotifyLink) error {
- ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
- defer cancel()
-
- _, err := grpc.Notify.NotifyUser(ctx, &proto.NotifyRequest{
- ClientId: viper.GetString("passport.client_id"),
- ClientSecret: viper.GetString("passport.client_secret"),
- Subject: subject,
- Content: content,
- Links: links,
- RecipientId: uint64(user.ExternalID),
- IsRealtime: realtime,
- IsImportant: false,
- })
- if err != nil {
- log.Warn().Err(err).Msg("An error occurred when notify account...")
- } else {
- log.Debug().Uint("external", user.ExternalID).Msg("Notified account.")
- }
-
- return err
-}