♻️ Use power level permission management

2024-02-06 11:05:40 +08:00 · 2024-02-06 11:05:40 +08:00 · 37ac26378f
commit 37ac26378f
parent 922fa45fa7
3 changed files with 17 additions and 20 deletions
--- a/pkg/models/accounts.go
+++ b/pkg/models/accounts.go
@ -5,8 +5,6 @@ import (
 	"github.com/spf13/viper"
 	"path/filepath"
 	"time"
-
-	"gorm.io/datatypes"
 )

 type AccountState = int8
@ -19,21 +17,21 @@ const (
 type Account struct {
 	BaseModel

-	Name          string                       `json:"name" gorm:"uniqueIndex"`
-	Nick          string                       `json:"nick"`
-	Avatar        string                       `json:"avatar"`
-	State         AccountState                 `json:"state"`
-	Profile       AccountProfile               `json:"profile"`
-	Sessions      []AuthSession                `json:"sessions"`
-	Challenges    []AuthChallenge              `json:"challenges"`
-	Factors       []AuthFactor                 `json:"factors"`
-	Contacts      []AccountContact             `json:"contacts"`
-	Events        []ActionEvent                `json:"events"`
-	MagicTokens   []MagicToken                 `json:"-" gorm:"foreignKey:AssignTo"`
-	ThirdClients  []ThirdClient                `json:"clients"`
-	Notifications []Notification               `json:"notifications" gorm:"foreignKey:RecipientID"`
-	ConfirmedAt   *time.Time                   `json:"confirmed_at"`
-	Permissions   datatypes.JSONType[[]string] `json:"permissions"`
+	Name          string           `json:"name" gorm:"uniqueIndex"`
+	Nick          string           `json:"nick"`
+	Avatar        string           `json:"avatar"`
+	State         AccountState     `json:"state"`
+	Profile       AccountProfile   `json:"profile"`
+	Sessions      []AuthSession    `json:"sessions"`
+	Challenges    []AuthChallenge  `json:"challenges"`
+	Factors       []AuthFactor     `json:"factors"`
+	Contacts      []AccountContact `json:"contacts"`
+	Events        []ActionEvent    `json:"events"`
+	MagicTokens   []MagicToken     `json:"-" gorm:"foreignKey:AssignTo"`
+	ThirdClients  []ThirdClient    `json:"clients"`
+	Notifications []Notification   `json:"notifications" gorm:"foreignKey:RecipientID"`
+	ConfirmedAt   *time.Time       `json:"confirmed_at"`
+	PowerLevel    int              `json:"power_level"`
 }

 func (v Account) GetPrimaryEmail() AccountContact {
--- a/pkg/server/auth.go
+++ b/pkg/server/auth.go
@ -29,7 +29,6 @@ var auth = keyauth.New(keyauth.Config{
 		}

 		c.Locals("principal", user)
-		c.Locals("permissions", user.Permissions.Data())

 		return true, nil
 	},
--- a/pkg/services/accounts.go
+++ b/pkg/services/accounts.go
@ -7,7 +7,6 @@ import (
 	"fmt"
 	"github.com/google/uuid"
 	"github.com/samber/lo"
-	"gorm.io/datatypes"
 	"gorm.io/gorm"
 	"time"
 )
@ -68,7 +67,7 @@ func CreateAccount(name, nick, email, password string) (models.Account, error) {
 				VerifiedAt: nil,
 			},
 		},
-		Permissions: datatypes.NewJSONType(make([]string, 0)),
+		PowerLevel:  0,
 		ConfirmedAt: nil,
 	}

@ -100,6 +99,7 @@ func ConfirmAccount(code string) error {

 	return database.C.Transaction(func(tx *gorm.DB) error {
 		user.ConfirmedAt = lo.ToPtr(time.Now())
+		user.PowerLevel += 5

 		if err := database.C.Delete(&token).Error; err != nil {
 			return err