From 91cc7529a035d7f78d332c4cf54f501ffb65c2cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=8D=83=E7=9F=B3?= <CN_QianShi@hotmail.com>
Date: Sun, 27 Jul 2025 22:25:45 +0800
Subject: [PATCH] feat(user/role/storage): enhance user and storage operations
 with additional validations (#9223)

- Update `CreateUser` to adjust `BasePath` based on user roles and clean paths.
- Modify `UpdateUser` to incorporate role-based path changes.
- Add validation in `CreateStorage` and `UpdateStorage` to prevent root mount path.
- Prevent changes to admin user's role and username in user handler.
- Update `UpdateRole` to modify user base paths when role paths change, and clear user cache accordingly.
- Import `errors` package to handle error messages.
---
 internal/op/role.go    | 15 +++++++++++++++
 internal/op/storage.go |  8 ++++++++
 internal/op/user.go    | 31 ++++++++++++++++++++++++++++++-
 server/handles/user.go | 17 +++++++++++++----
 4 files changed, 66 insertions(+), 5 deletions(-)

diff --git a/internal/op/role.go b/internal/op/role.go
index 64502f98..e0f2dc75 100644
--- a/internal/op/role.go
+++ b/internal/op/role.go
@@ -2,6 +2,7 @@ package op
 
 import (
 	"fmt"
+	"github.com/pkg/errors"
 	"time"
 
 	"github.com/Xhofe/go-cache"
@@ -102,6 +103,20 @@ func UpdateRole(r *model.Role) error {
 	for i := range r.PermissionScopes {
 		r.PermissionScopes[i].Path = utils.FixAndCleanPath(r.PermissionScopes[i].Path)
 	}
+	if len(old.PermissionScopes) > 0 && len(r.PermissionScopes) > 0 &&
+		old.PermissionScopes[0].Path != r.PermissionScopes[0].Path {
+
+		oldPath := old.PermissionScopes[0].Path
+		newPath := r.PermissionScopes[0].Path
+		modifiedUsernames, err := db.UpdateUserBasePathPrefix(oldPath, newPath)
+		if err != nil {
+			return errors.WithMessage(err, "failed to update user base path when role updated")
+		}
+
+		for _, name := range modifiedUsernames {
+			userCache.Del(name)
+		}
+	}
 	roleCache.Del(fmt.Sprint(r.ID))
 	roleCache.Del(r.Name)
 	return db.UpdateRole(r)
diff --git a/internal/op/storage.go b/internal/op/storage.go
index 2ec68aae..2833afa8 100644
--- a/internal/op/storage.go
+++ b/internal/op/storage.go
@@ -46,6 +46,11 @@ func GetStorageByMountPath(mountPath string) (driver.Driver, error) {
 func CreateStorage(ctx context.Context, storage model.Storage) (uint, error) {
 	storage.Modified = time.Now()
 	storage.MountPath = utils.FixAndCleanPath(storage.MountPath)
+
+	if storage.MountPath == "/" {
+		return 0, errors.New("Mount path cannot be '/'")
+	}
+
 	var err error
 	// check driver first
 	driverName := storage.Driver
@@ -205,6 +210,9 @@ func UpdateStorage(ctx context.Context, storage model.Storage) error {
 	}
 	storage.Modified = time.Now()
 	storage.MountPath = utils.FixAndCleanPath(storage.MountPath)
+	if storage.MountPath == "/" {
+		return errors.New("Mount path cannot be '/'")
+	}
 	err = db.UpdateStorage(&storage)
 	if err != nil {
 		return errors.WithMessage(err, "failed update storage in database")
diff --git a/internal/op/user.go b/internal/op/user.go
index e775df63..30b9d0e6 100644
--- a/internal/op/user.go
+++ b/internal/op/user.go
@@ -78,7 +78,25 @@ func GetUsers(pageIndex, pageSize int) (users []model.User, count int64, err err
 
 func CreateUser(u *model.User) error {
 	u.BasePath = utils.FixAndCleanPath(u.BasePath)
-	return db.CreateUser(u)
+
+	err := db.CreateUser(u)
+	if err != nil {
+		return err
+	}
+
+	roles, err := GetRolesByUserID(u.ID)
+	if err == nil {
+		for _, role := range roles {
+			if len(role.PermissionScopes) > 0 {
+				u.BasePath = utils.FixAndCleanPath(role.PermissionScopes[0].Path)
+				break
+			}
+		}
+		_ = db.UpdateUser(u)
+		userCache.Del(u.Username)
+	}
+
+	return nil
 }
 
 func DeleteUserById(id uint) error {
@@ -106,6 +124,17 @@ func UpdateUser(u *model.User) error {
 	}
 	userCache.Del(old.Username)
 	u.BasePath = utils.FixAndCleanPath(u.BasePath)
+	if len(u.Role) > 0 {
+		roles, err := GetRolesByUserID(u.ID)
+		if err == nil {
+			for _, role := range roles {
+				if len(role.PermissionScopes) > 0 {
+					u.BasePath = utils.FixAndCleanPath(role.PermissionScopes[0].Path)
+					break
+				}
+			}
+		}
+	}
 	return db.UpdateUser(u)
 }
 
diff --git a/server/handles/user.go b/server/handles/user.go
index 50eaf969..b729d117 100644
--- a/server/handles/user.go
+++ b/server/handles/user.go
@@ -1,6 +1,7 @@
 package handles
 
 import (
+	"github.com/alist-org/alist/v3/pkg/utils"
 	"strconv"
 
 	"github.com/alist-org/alist/v3/internal/model"
@@ -60,10 +61,18 @@ func UpdateUser(c *gin.Context) {
 		common.ErrorResp(c, err, 500)
 		return
 	}
-	//if !utils.SliceEqual(user.Role, req.Role) {
-	//	common.ErrorStrResp(c, "role can not be changed", 400)
-	//	return
-	//}
+
+	if user.Username == "admin" {
+		if !utils.SliceEqual(user.Role, req.Role) {
+			common.ErrorStrResp(c, "cannot change role of admin user", 403)
+			return
+		}
+		if user.Username != req.Username {
+			common.ErrorStrResp(c, "cannot change username of admin user", 403)
+			return
+		}
+	}
+
 	if req.Password == "" {
 		req.PwdHash = user.PwdHash
 		req.Salt = user.Salt