Account groups

This commit is contained in:
LittleSheep 2024-07-24 17:23:44 +08:00
parent 2d181bfdaf
commit f113719e79
8 changed files with 560 additions and 403 deletions

File diff suppressed because it is too large Load Diff

View File

@ -1,2 +1,2 @@
#n:public #n:public
!<md> [10102, 0, null, null, -2147483648, -2147483648] !<md> [10192, 0, null, null, -2147483648, -2147483648]

11
.idea/workspace.xml generated
View File

@ -4,7 +4,16 @@
<option name="autoReloadType" value="ALL" /> <option name="autoReloadType" value="ALL" />
</component> </component>
<component name="ChangeListManager"> <component name="ChangeListManager">
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":bug: Fix push notification to wrong person" /> <list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":bug: Fix push notification to wrong person">
<change afterPath="$PROJECT_DIR$/pkg/internal/models/account_groups.go" afterDir="false" />
<change afterPath="$PROJECT_DIR$/pkg/internal/services/account_groups.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/.idea/dataSources/74bcf3ef-a2b9-435b-b9e5-f32902a33b25.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/dataSources/74bcf3ef-a2b9-435b-b9e5-f32902a33b25.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/.idea/dataSources/74bcf3ef-a2b9-435b-b9e5-f32902a33b25/storage_v2/_src_/database/hy_passport.gNOKQQ/schema/public.abK9xQ.meta" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/dataSources/74bcf3ef-a2b9-435b-b9e5-f32902a33b25/storage_v2/_src_/database/hy_passport.gNOKQQ/schema/public.abK9xQ.meta" afterDir="false" />
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/database/migrator.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/database/migrator.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/accounts.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/accounts.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/auth.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/auth.go" afterDir="false" />
</list>
<option name="SHOW_DIALOG" value="false" /> <option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" /> <option name="HIGHLIGHT_CONFLICTS" value="true" />
<option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" /> <option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />

View File

@ -7,6 +7,8 @@ import (
var AutoMaintainRange = []any{ var AutoMaintainRange = []any{
&models.Account{}, &models.Account{},
&models.AccountGroup{},
&models.AccountGroupMember{},
&models.AuthFactor{}, &models.AuthFactor{},
&models.AccountProfile{}, &models.AccountProfile{},
&models.AccountContact{}, &models.AccountContact{},

View File

@ -0,0 +1,19 @@
package models
import "gorm.io/datatypes"
type AccountGroup struct {
BaseModel
Name string `json:"name"`
PermNodes datatypes.JSONMap `json:"perm_nodes"`
}
type AccountGroupMember struct {
BaseModel
Account Account `json:"account"`
Group AccountGroup `json:"group"`
AccountID uint `json:"account_id"`
GroupID uint `json:"group_id"`
}

View File

@ -0,0 +1,25 @@
package services
import (
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"github.com/samber/lo"
)
func GetUserAccountGroup(user models.Account) ([]models.AccountGroup, error) {
var members []models.AccountGroupMember
if err := database.C.Where(&models.AccountGroupMember{
AccountID: user.ID,
}).Find(&members).Error; err != nil {
return nil, err
}
var groups []models.AccountGroup
if err := database.C.Where("id IN ?", lo.Map(groups, func(item models.AccountGroup, index int) uint {
return item.ID
})).Find(&groups).Error; err != nil {
return nil, err
}
return groups, nil
}

View File

@ -2,6 +2,7 @@ package services
import ( import (
"fmt" "fmt"
"gorm.io/gorm/clause"
"time" "time"
"github.com/rs/zerolog/log" "github.com/rs/zerolog/log"
@ -209,29 +210,7 @@ func ConfirmResetPassword(code, newPassword string) error {
func DeleteAccount(id uint) error { func DeleteAccount(id uint) error {
tx := database.C.Begin() tx := database.C.Begin()
for _, model := range []any{ if err := tx.Select(clause.Associations).Delete(&models.Account{}, "id = ?", id).Error; err != nil {
&models.Badge{},
&models.RealmMember{},
&models.AccountContact{},
&models.AuthFactor{},
&models.AuthTicket{},
&models.MagicToken{},
&models.ThirdClient{},
&models.NotificationSubscriber{},
&models.AccountRelationship{},
} {
if err := tx.Delete(model, "account_id = ?", id).Error; err != nil {
tx.Rollback()
return err
}
}
if err := tx.Delete(&models.Notification{}, "recipient_id = ?", id).Error; err != nil {
tx.Rollback()
return err
}
if err := tx.Delete(&models.Account{}, "id = ?", id).Error; err != nil {
tx.Rollback() tx.Rollback()
return err return err
} }

View File

@ -76,6 +76,18 @@ func CacheAuthContext(jti string) (models.AuthContext, error) {
if err != nil { if err != nil {
return ctx, fmt.Errorf("invalid account: %v", err) return ctx, fmt.Errorf("invalid account: %v", err)
} }
groups, err := GetUserAccountGroup(user)
if err != nil {
return ctx, fmt.Errorf("unable to get account groups: %v", err)
}
for _, group := range groups {
for k, v := range group.PermNodes {
if _, ok := user.PermNodes[k]; !ok {
user.PermNodes[k] = v
}
}
}
ctx = models.AuthContext{ ctx = models.AuthContext{
Ticket: ticket, Ticket: ticket,