🐛 Fix check perm panic

This commit is contained in:
LittleSheep 2024-10-30 23:28:26 +08:00
parent 8fbb79607b
commit d7b1913bc3
3 changed files with 30 additions and 65 deletions

91
.idea/workspace.xml generated
View File

@ -4,45 +4,10 @@
<option name="autoReloadType" value="ALL" /> <option name="autoReloadType" value="ALL" />
</component> </component>
<component name="ChangeListManager"> <component name="ChangeListManager">
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":truck: Move http server package"> <list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":recycle: Move models.Account to sec.UserInfo">
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" /> <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/go.sum" beforeDir="false" afterPath="$PROJECT_DIR$/go.sum" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/gap/server.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/gap/server.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/grpc/realms.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/grpc/realms.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/admin/notify_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/admin/notify_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/admin/permissions_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/admin/permissions_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/admin/users_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/admin/users_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/accounts_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/accounts_api.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/http/api/accounts_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/accounts_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/avatar_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/avatar_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/bot_token_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/bot_token_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/bots_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/bots_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/index.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/notifications_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/notifications_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/notify_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/notify_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/oauth_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/oauth_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/preferences_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/preferences_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/realm_members_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/realm_members_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/realms_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/realms_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/relationships_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/relationships_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/reports_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/reports_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/security_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/security_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/sign_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/sign_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/api/statuses_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/api/statuses_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/exts/auth.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/exts/auth.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/http/exts/auth.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/exts/auth.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/http/server.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/http/server.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/bots.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/bots.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/events.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/events.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/jwt.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/jwt.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/preferences.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/preferences.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/realms.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/realms.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/relationships.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/relationships.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/reports.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/reports.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/sign.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/sign.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/statuses.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/statuses.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/ticket.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/ticket.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/ticket_token.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/ticket_token.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/main.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/main.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/settings.toml" beforeDir="false" afterPath="$PROJECT_DIR$/settings.toml" afterDir="false" />
</list> </list>
<option name="SHOW_DIALOG" value="false" /> <option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" /> <option name="HIGHLIGHT_CONFLICTS" value="true" />
@ -77,34 +42,34 @@
<option name="hideEmptyMiddlePackages" value="true" /> <option name="hideEmptyMiddlePackages" value="true" />
<option name="showLibraryContents" value="true" /> <option name="showLibraryContents" value="true" />
</component> </component>
<component name="PropertiesComponent"><![CDATA[{ <component name="PropertiesComponent">{
"keyToString": { &quot;keyToString&quot;: {
"DefaultGoTemplateProperty": "Go File", &quot;DefaultGoTemplateProperty&quot;: &quot;Go File&quot;,
"Go Build.Backend.executor": "Debug", &quot;Go Build.Backend.executor&quot;: &quot;Debug&quot;,
"Go 构建.Backend.executor": "Run", &quot;Go 构建.Backend.executor&quot;: &quot;Run&quot;,
"RunOnceActivity.ShowReadmeOnStart": "true", &quot;RunOnceActivity.ShowReadmeOnStart&quot;: &quot;true&quot;,
"RunOnceActivity.go.formatter.settings.were.checked": "true", &quot;RunOnceActivity.go.formatter.settings.were.checked&quot;: &quot;true&quot;,
"RunOnceActivity.go.migrated.go.modules.settings": "true", &quot;RunOnceActivity.go.migrated.go.modules.settings&quot;: &quot;true&quot;,
"RunOnceActivity.go.modules.automatic.dependencies.download": "true", &quot;RunOnceActivity.go.modules.automatic.dependencies.download&quot;: &quot;true&quot;,
"RunOnceActivity.go.modules.go.list.on.any.changes.was.set": "true", &quot;RunOnceActivity.go.modules.go.list.on.any.changes.was.set&quot;: &quot;true&quot;,
"git-widget-placeholder": "refactor/nexus", &quot;git-widget-placeholder&quot;: &quot;refactor/nexus&quot;,
"go.import.settings.migrated": "true", &quot;go.import.settings.migrated&quot;: &quot;true&quot;,
"go.sdk.automatically.set": "true", &quot;go.sdk.automatically.set&quot;: &quot;true&quot;,
"last_opened_file_path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/keys", &quot;last_opened_file_path&quot;: &quot;/Users/littlesheep/Documents/Projects/Hydrogen/Passport/keys&quot;,
"node.js.detected.package.eslint": "true", &quot;node.js.detected.package.eslint&quot;: &quot;true&quot;,
"node.js.selected.package.eslint": "(autodetect)", &quot;node.js.selected.package.eslint&quot;: &quot;(autodetect)&quot;,
"nodejs_package_manager_path": "npm", &quot;nodejs_package_manager_path&quot;: &quot;npm&quot;,
"run.code.analysis.last.selected.profile": "pProject Default", &quot;run.code.analysis.last.selected.profile&quot;: &quot;pProject Default&quot;,
"settings.editor.selected.configurable": "preferences.intentionPowerPack", &quot;settings.editor.selected.configurable&quot;: &quot;preferences.intentionPowerPack&quot;,
"ts.external.directory.path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/node_modules/typescript/lib", &quot;ts.external.directory.path&quot;: &quot;/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/node_modules/typescript/lib&quot;,
"vue.rearranger.settings.migration": "true" &quot;vue.rearranger.settings.migration&quot;: &quot;true&quot;
}, },
"keyToStringList": { &quot;keyToStringList&quot;: {
"DatabaseDriversLRU": [ &quot;DatabaseDriversLRU&quot;: [
"postgresql" &quot;postgresql&quot;
] ]
} }
}]]></component> }</component>
<component name="RecentsManager"> <component name="RecentsManager">
<key name="CopyFile.RECENT_KEYS"> <key name="CopyFile.RECENT_KEYS">
<recent name="$PROJECT_DIR$/keys" /> <recent name="$PROJECT_DIR$/keys" />
@ -189,7 +154,6 @@
</option> </option>
</component> </component>
<component name="VcsManagerConfiguration"> <component name="VcsManagerConfiguration">
<MESSAGE value=":bug: Fix date formatting issue on daily signing" />
<MESSAGE value=":bug: Fix daily sign batch list query issue" /> <MESSAGE value=":bug: Fix daily sign batch list query issue" />
<MESSAGE value=":bug: Fix daily sign random panic" /> <MESSAGE value=":bug: Fix daily sign random panic" />
<MESSAGE value=":sparkles: Realm avatar, banner and access policy" /> <MESSAGE value=":sparkles: Realm avatar, banner and access policy" />
@ -214,7 +178,8 @@
<MESSAGE value=":recycle: Refactored more modules into nexus" /> <MESSAGE value=":recycle: Refactored more modules into nexus" />
<MESSAGE value=":recycle: All parts into nexus" /> <MESSAGE value=":recycle: All parts into nexus" />
<MESSAGE value=":truck: Move http server package" /> <MESSAGE value=":truck: Move http server package" />
<option name="LAST_COMMIT_MESSAGE" value=":truck: Move http server package" /> <MESSAGE value=":recycle: Move models.Account to sec.UserInfo" />
<option name="LAST_COMMIT_MESSAGE" value=":recycle: Move models.Account to sec.UserInfo" />
</component> </component>
<component name="VgoProject"> <component name="VgoProject">
<settings-migrated>true</settings-migrated> <settings-migrated>true</settings-migrated>

View File

@ -60,7 +60,7 @@ func getUserinfo(c *fiber.Ctx) error {
First(&data).Error; err != nil { First(&data).Error; err != nil {
return fiber.NewError(fiber.StatusInternalServerError, err.Error()) return fiber.NewError(fiber.StatusInternalServerError, err.Error())
} else { } else {
data.PermNodes = c.Locals("permissions").(map[string]any) data.PermNodes = user.PermNodes
} }
var resp fiber.Map var resp fiber.Map

View File

@ -19,7 +19,7 @@ func EnsureGrantedPerm(c *fiber.Ctx, key string, val any) error {
if err := EnsureAuthenticated(c); err != nil { if err := EnsureAuthenticated(c); err != nil {
return err return err
} }
perms := c.Locals("permissions").(map[string]any) perms := c.Locals("user").(*sec.UserInfo).PermNodes
if !services.HasPermNode(perms, key, val) { if !services.HasPermNode(perms, key, val) {
return fiber.NewError(fiber.StatusForbidden, fmt.Sprintf("missing permission: %s", key)) return fiber.NewError(fiber.StatusForbidden, fmt.Sprintf("missing permission: %s", key))
} }