💥 Simplified permission node system and data structure

2025-12-02 21:42:26 +08:00
parent fa2f53ff7a
commit 158cc75c5b
32 changed files with 3333 additions and 379 deletions
--- a/DysonNetwork.Sphere/Chat/ChatController.cs
+++ b/DysonNetwork.Sphere/Chat/ChatController.cs
@@ -243,7 +243,7 @@ public partial class ChatController(

    [HttpPost("{roomId:guid}/messages")]
    [Authorize]
-    [RequiredPermission("global", "chat.messages.create")]
+    [AskPermission("chat.messages.create")]
    public async Task<ActionResult> SendMessage([FromBody] SendMessageRequest request, Guid roomId)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
--- a/DysonNetwork.Sphere/Chat/ChatRoomController.cs
+++ b/DysonNetwork.Sphere/Chat/ChatRoomController.cs
@@ -179,7 +179,7 @@ public class ChatRoomController(

    [HttpPost]
    [Authorize]
-    [RequiredPermission("global", "chat.create")]
+    [AskPermission("chat.create")]
    public async Task<ActionResult<SnChatRoom>> CreateChatRoom(ChatRoomRequest request)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
--- a/DysonNetwork.Sphere/Post/PostController.cs
+++ b/DysonNetwork.Sphere/Post/PostController.cs
@@ -525,7 +525,7 @@ public class PostController(
    }

    [HttpPost]
-    [RequiredPermission("global", "posts.create")]
+    [AskPermission("posts.create")]
    public async Task<ActionResult<SnPost>> CreatePost(
        [FromBody] PostRequest request,
        [FromQuery(Name = "pub")] string? pubName
@@ -725,7 +725,7 @@ public class PostController(

    [HttpPost("{id:guid}/reactions")]
    [Authorize]
-    [RequiredPermission("global", "posts.react")]
+    [AskPermission("posts.react")]
    public async Task<ActionResult<SnPostReaction>> ReactPost(
        Guid id,
        [FromBody] PostReactionRequest request
--- a/DysonNetwork.Sphere/Publisher/PublisherController.cs
+++ b/DysonNetwork.Sphere/Publisher/PublisherController.cs
@@ -341,7 +341,7 @@ public class PublisherController(

    [HttpPost("individual")]
    [Authorize]
-    [RequiredPermission("global", "publishers.create")]
+    [AskPermission("publishers.create")]
    public async Task<ActionResult<SnPublisher>> CreatePublisherIndividual(
        [FromBody] PublisherRequest request
    )
@@ -426,7 +426,7 @@ public class PublisherController(

    [HttpPost("organization/{realmSlug}")]
    [Authorize]
-    [RequiredPermission("global", "publishers.create")]
+    [AskPermission("publishers.create")]
    public async Task<ActionResult<SnPublisher>> CreatePublisherOrganization(
        string realmSlug,
        [FromBody] PublisherRequest request
@@ -833,7 +833,7 @@ public class PublisherController(

    [HttpPost("{name}/features")]
    [Authorize]
-    [RequiredPermission("maintenance", "publishers.features")]
+    [AskPermission("publishers.features")]
    public async Task<ActionResult<PublisherFeature>> AddPublisherFeature(
        string name,
        [FromBody] PublisherFeatureRequest request
@@ -858,7 +858,7 @@ public class PublisherController(

    [HttpDelete("{name}/features/{flag}")]
    [Authorize]
-    [RequiredPermission("maintenance", "publishers.features")]
+    [AskPermission("publishers.features")]
    public async Task<ActionResult> RemovePublisherFeature(string name, string flag)
    {
        var publisher = await db.Publishers.Where(p => p.Name == name).FirstOrDefaultAsync();
@@ -880,7 +880,7 @@ public class PublisherController(

    [HttpPost("rewards/settle")]
    [Authorize]
-    [RequiredPermission("maintenance", "publishers.reward.settle")]
+    [AskPermission("publishers.reward.settle")]
    public async Task<IActionResult> PerformLotteryDraw()
    {
        await ps.SettlePublisherRewards();
--- a/DysonNetwork.Sphere/Startup/ApplicationConfiguration.cs
+++ b/DysonNetwork.Sphere/Startup/ApplicationConfiguration.cs
@@ -16,7 +16,7 @@ public static class ApplicationConfiguration
        app.UseWebSockets();
        app.UseAuthentication();
        app.UseAuthorization();
-        app.UseMiddleware<PermissionMiddleware>();
+        app.UseMiddleware<RemotePermissionMiddleware>();

        app.MapControllers();

--- a/DysonNetwork.Sphere/Sticker/StickerController.cs
+++ b/DysonNetwork.Sphere/Sticker/StickerController.cs
@@ -120,7 +120,7 @@ public class StickerController(
    }

    [HttpPost]
-    [RequiredPermission("global", "stickers.packs.create")]
+    [AskPermission("stickers.packs.create")]
    public async Task<ActionResult<StickerPack>> CreateStickerPack(
        [FromBody] StickerPackRequest request,
        [FromQuery(Name = "pub")] string publisherName
@@ -334,7 +334,7 @@ public class StickerController(
    public const int MaxStickersPerPack = 24;

    [HttpPost("{packId:guid}/content")]
-    [RequiredPermission("global", "stickers.create")]
+    [AskPermission("stickers.create")]
    public async Task<IActionResult> CreateSticker(Guid packId, [FromBody] StickerRequest request)
    {
        if (HttpContext.Items["CurrentUser"] is not Account currentUser)
--- a/DysonNetwork.Sphere/WebReader/WebReaderController.cs
+++ b/DysonNetwork.Sphere/WebReader/WebReaderController.cs
@@ -59,7 +59,7 @@ public class WebReaderController(WebReaderService reader, ILogger<WebReaderContr
    /// </summary>
    [HttpDelete("link/cache")]
    [Authorize]
-    [RequiredPermission("maintenance", "cache.scrap")]
+    [AskPermission("cache.scrap")]
    public async Task<IActionResult> InvalidateCache([FromQuery] string url)
    {
        if (string.IsNullOrEmpty(url))
@@ -76,7 +76,7 @@ public class WebReaderController(WebReaderService reader, ILogger<WebReaderContr
    /// </summary>
    [HttpDelete("cache/all")]
    [Authorize]
-    [RequiredPermission("maintenance", "cache.scrap")]
+    [AskPermission("cache.scrap")]
    public async Task<IActionResult> InvalidateAllCache()
    {
        await reader.InvalidateAllCachedPreviewsAsync();