✨ Admin force confirm account
This commit is contained in:
parent
8c89d89382
commit
74819c1c2b
14
.idea/workspace.xml
generated
14
.idea/workspace.xml
generated
@ -4,14 +4,12 @@
|
|||||||
<option name="autoReloadType" value="ALL" />
|
<option name="autoReloadType" value="ALL" />
|
||||||
</component>
|
</component>
|
||||||
<component name="ChangeListManager">
|
<component name="ChangeListManager">
|
||||||
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":recycle: Optimized the initial permission system">
|
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":zap: Optimized audit, event logging system :sparkles: Audit logs :sparkles: Admin edit user permissions">
|
||||||
<change afterPath="$PROJECT_DIR$/pkg/internal/models/audit.go" afterDir="false" />
|
<change afterPath="$PROJECT_DIR$/pkg/internal/server/admin/user_api.go" afterDir="false" />
|
||||||
<change afterPath="$PROJECT_DIR$/pkg/internal/server/admin/permissions_api.go" afterDir="false" />
|
|
||||||
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
|
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
|
||||||
<change beforePath="$PROJECT_DIR$/pkg/internal/database/migrator.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/database/migrator.go" afterDir="false" />
|
|
||||||
<change beforePath="$PROJECT_DIR$/pkg/internal/server/admin/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/admin/index.go" afterDir="false" />
|
<change beforePath="$PROJECT_DIR$/pkg/internal/server/admin/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/admin/index.go" afterDir="false" />
|
||||||
<change beforePath="$PROJECT_DIR$/pkg/internal/services/events.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/events.go" afterDir="false" />
|
<change beforePath="$PROJECT_DIR$/pkg/internal/server/admin/permissions_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/admin/permissions_api.go" afterDir="false" />
|
||||||
<change beforePath="$PROJECT_DIR$/pkg/main.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/main.go" afterDir="false" />
|
<change beforePath="$PROJECT_DIR$/pkg/internal/services/accounts.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/accounts.go" afterDir="false" />
|
||||||
</list>
|
</list>
|
||||||
<option name="SHOW_DIALOG" value="false" />
|
<option name="SHOW_DIALOG" value="false" />
|
||||||
<option name="HIGHLIGHT_CONFLICTS" value="true" />
|
<option name="HIGHLIGHT_CONFLICTS" value="true" />
|
||||||
@ -157,7 +155,6 @@
|
|||||||
</option>
|
</option>
|
||||||
</component>
|
</component>
|
||||||
<component name="VcsManagerConfiguration">
|
<component name="VcsManagerConfiguration">
|
||||||
<MESSAGE value=":sparkles: Status system" />
|
|
||||||
<MESSAGE value=":bug: Fix status expired in cache" />
|
<MESSAGE value=":bug: Fix status expired in cache" />
|
||||||
<MESSAGE value=":bug: Fix online condition" />
|
<MESSAGE value=":bug: Fix online condition" />
|
||||||
<MESSAGE value=":sparkles: Last seen at" />
|
<MESSAGE value=":sparkles: Last seen at" />
|
||||||
@ -182,7 +179,8 @@
|
|||||||
<MESSAGE value=":sparkles: Reset password APIs" />
|
<MESSAGE value=":sparkles: Reset password APIs" />
|
||||||
<MESSAGE value=":sparkles: Password reset & user lookup API" />
|
<MESSAGE value=":sparkles: Password reset & user lookup API" />
|
||||||
<MESSAGE value=":recycle: Optimized the initial permission system" />
|
<MESSAGE value=":recycle: Optimized the initial permission system" />
|
||||||
<option name="LAST_COMMIT_MESSAGE" value=":recycle: Optimized the initial permission system" />
|
<MESSAGE value=":zap: Optimized audit, event logging system :sparkles: Audit logs :sparkles: Admin edit user permissions" />
|
||||||
|
<option name="LAST_COMMIT_MESSAGE" value=":zap: Optimized audit, event logging system :sparkles: Audit logs :sparkles: Admin edit user permissions" />
|
||||||
</component>
|
</component>
|
||||||
<component name="VgoProject">
|
<component name="VgoProject">
|
||||||
<settings-migrated>true</settings-migrated>
|
<settings-migrated>true</settings-migrated>
|
||||||
|
@ -13,5 +13,6 @@ func MapAdminAPIs(app *fiber.App) {
|
|||||||
admin.Post("/notify/all", notifyAllUser)
|
admin.Post("/notify/all", notifyAllUser)
|
||||||
|
|
||||||
admin.Put("/users/:user/permissions", editUserPermission)
|
admin.Put("/users/:user/permissions", editUserPermission)
|
||||||
|
admin.Post("/users/:user/confirm", forceConfirmAccount)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -37,6 +37,7 @@ func editUserPermission(c *fiber.Ctx) error {
|
|||||||
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||||
} else {
|
} else {
|
||||||
services.AddAuditRecord(operator, "user.permissions.edit", c.IP(), c.Get(fiber.HeaderUserAgent), map[string]any{
|
services.AddAuditRecord(operator, "user.permissions.edit", c.IP(), c.Get(fiber.HeaderUserAgent), map[string]any{
|
||||||
|
"user_id": user.ID,
|
||||||
"previous_permissions": prev,
|
"previous_permissions": prev,
|
||||||
"new_permissions": data.PermNodes,
|
"new_permissions": data.PermNodes,
|
||||||
})
|
})
|
||||||
|
35
pkg/internal/server/admin/user_api.go
Normal file
35
pkg/internal/server/admin/user_api.go
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
package admin
|
||||||
|
|
||||||
|
import "C"
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
|
||||||
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
|
||||||
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
|
||||||
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
|
||||||
|
"github.com/gofiber/fiber/v2"
|
||||||
|
)
|
||||||
|
|
||||||
|
func forceConfirmAccount(c *fiber.Ctx) error {
|
||||||
|
userId, _ := c.ParamsInt("user")
|
||||||
|
|
||||||
|
if err := exts.EnsureGrantedPerm(c, "AdminUserConfirmation", true); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
operator := c.Locals("user").(models.Account)
|
||||||
|
|
||||||
|
var user models.Account
|
||||||
|
if err := database.C.Where("id = ?", userId).First(&user).Error; err != nil {
|
||||||
|
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("account was not found: %v", err))
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := services.ForceConfirmAccount(user); err != nil {
|
||||||
|
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||||
|
} else {
|
||||||
|
services.AddAuditRecord(operator, "user.confirm", c.IP(), c.Get(fiber.HeaderUserAgent), map[string]any{
|
||||||
|
"user_id": user.ID,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.SendStatus(fiber.StatusOK)
|
||||||
|
}
|
@ -11,7 +11,6 @@ import (
|
|||||||
"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
|
||||||
"github.com/google/uuid"
|
"github.com/google/uuid"
|
||||||
"github.com/samber/lo"
|
"github.com/samber/lo"
|
||||||
"gorm.io/gorm"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func GetAccount(id uint) (models.Account, error) {
|
func GetAccount(id uint) (models.Account, error) {
|
||||||
@ -112,28 +111,33 @@ func ConfirmAccount(code string) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
return database.C.Transaction(func(tx *gorm.DB) error {
|
if err = ForceConfirmAccount(user); err != nil {
|
||||||
user.ConfirmedAt = lo.ToPtr(time.Now())
|
return err
|
||||||
|
} else {
|
||||||
|
database.C.Delete(&token)
|
||||||
|
}
|
||||||
|
|
||||||
for k, v := range viper.GetStringMap("permissions.verified") {
|
return nil
|
||||||
if val, ok := user.PermNodes[k]; !ok {
|
}
|
||||||
user.PermNodes[k] = v
|
|
||||||
} else {
|
func ForceConfirmAccount(user models.Account) error {
|
||||||
user.PermNodes[k] = val
|
user.ConfirmedAt = lo.ToPtr(time.Now())
|
||||||
}
|
|
||||||
|
for k, v := range viper.GetStringMap("permissions.verified") {
|
||||||
|
if val, ok := user.PermNodes[k]; !ok {
|
||||||
|
user.PermNodes[k] = v
|
||||||
|
} else {
|
||||||
|
user.PermNodes[k] = val
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if err := database.C.Delete(&token).Error; err != nil {
|
if err := database.C.Save(&user).Error; err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err := database.C.Save(&user).Error; err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
InvalidAuthCacheWithUser(user.ID)
|
InvalidAuthCacheWithUser(user.ID)
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func CheckAbleToResetPassword(user models.Account) error {
|
func CheckAbleToResetPassword(user models.Account) error {
|
||||||
|
Loading…
Reference in New Issue
Block a user