mirror of https://github.com/Xhofe/alist
				
				
				
			
		
			
				
	
	
		
			168 lines
		
	
	
		
			3.5 KiB
		
	
	
	
		
			Go
		
	
	
			
		
		
	
	
			168 lines
		
	
	
		
			3.5 KiB
		
	
	
	
		
			Go
		
	
	
| package handles
 | |
| 
 | |
| import (
 | |
| 	"strconv"
 | |
| 
 | |
| 	"github.com/alist-org/alist/v3/pkg/utils"
 | |
| 
 | |
| 	"github.com/alist-org/alist/v3/internal/model"
 | |
| 	"github.com/alist-org/alist/v3/internal/op"
 | |
| 	"github.com/alist-org/alist/v3/server/common"
 | |
| 	"github.com/gin-gonic/gin"
 | |
| 	log "github.com/sirupsen/logrus"
 | |
| )
 | |
| 
 | |
| func ListUsers(c *gin.Context) {
 | |
| 	var req model.PageReq
 | |
| 	if err := c.ShouldBind(&req); err != nil {
 | |
| 		common.ErrorResp(c, err, 400)
 | |
| 		return
 | |
| 	}
 | |
| 	req.Validate()
 | |
| 	log.Debugf("%+v", req)
 | |
| 	users, total, err := op.GetUsers(req.Page, req.PerPage)
 | |
| 	if err != nil {
 | |
| 		common.ErrorResp(c, err, 500, true)
 | |
| 		return
 | |
| 	}
 | |
| 	common.SuccessResp(c, common.PageResp{
 | |
| 		Content: users,
 | |
| 		Total:   total,
 | |
| 	})
 | |
| }
 | |
| 
 | |
| func CreateUser(c *gin.Context) {
 | |
| 	var req model.User
 | |
| 	if err := c.ShouldBind(&req); err != nil {
 | |
| 		common.ErrorResp(c, err, 400)
 | |
| 		return
 | |
| 	}
 | |
| 	if len(req.Role) == 0 {
 | |
| 		req.Role = model.Roles{op.GetDefaultRoleID()}
 | |
| 	}
 | |
| 	if req.IsAdmin() || req.IsGuest() {
 | |
| 		common.ErrorStrResp(c, "admin or guest user can not be created", 400, true)
 | |
| 		return
 | |
| 	}
 | |
| 	req.SetPassword(req.Password)
 | |
| 	req.Password = ""
 | |
| 	req.Authn = "[]"
 | |
| 	if err := op.CreateUser(&req); err != nil {
 | |
| 		common.ErrorResp(c, err, 500, true)
 | |
| 	} else {
 | |
| 		common.SuccessResp(c)
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func UpdateUser(c *gin.Context) {
 | |
| 	var req model.User
 | |
| 	if err := c.ShouldBind(&req); err != nil {
 | |
| 		common.ErrorResp(c, err, 400)
 | |
| 		return
 | |
| 	}
 | |
| 	user, err := op.GetUserById(req.ID)
 | |
| 	if err != nil {
 | |
| 		common.ErrorResp(c, err, 500)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	if user.Username == "admin" {
 | |
| 		if !utils.SliceEqual(user.Role, req.Role) {
 | |
| 			common.ErrorStrResp(c, "cannot change role of admin user", 403)
 | |
| 			return
 | |
| 		}
 | |
| 		//if user.Username != req.Username {
 | |
| 		//	common.ErrorStrResp(c, "cannot change username of admin user", 403)
 | |
| 		//	return
 | |
| 		//}
 | |
| 	}
 | |
| 
 | |
| 	if req.Password == "" {
 | |
| 		req.PwdHash = user.PwdHash
 | |
| 		req.Salt = user.Salt
 | |
| 	} else {
 | |
| 		req.SetPassword(req.Password)
 | |
| 		req.Password = ""
 | |
| 	}
 | |
| 	if req.OtpSecret == "" {
 | |
| 		req.OtpSecret = user.OtpSecret
 | |
| 	}
 | |
| 	if req.Disabled && user.IsAdmin() {
 | |
| 		count, err := op.CountEnabledAdminsExcluding(user.ID)
 | |
| 		if err != nil {
 | |
| 			common.ErrorResp(c, err, 500)
 | |
| 			return
 | |
| 		}
 | |
| 		if count == 0 {
 | |
| 			common.ErrorStrResp(c, "at least one enabled admin must be kept", 400)
 | |
| 			return
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	if !utils.SliceEqual(user.Role, req.Role) {
 | |
| 		if req.IsAdmin() || req.IsGuest() {
 | |
| 			common.ErrorStrResp(c, "cannot assign admin or guest role to user", 400, true)
 | |
| 			return
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	if err := op.UpdateUser(&req); err != nil {
 | |
| 		common.ErrorResp(c, err, 500)
 | |
| 	} else {
 | |
| 		common.SuccessResp(c)
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func DeleteUser(c *gin.Context) {
 | |
| 	idStr := c.Query("id")
 | |
| 	id, err := strconv.Atoi(idStr)
 | |
| 	if err != nil {
 | |
| 		common.ErrorResp(c, err, 400)
 | |
| 		return
 | |
| 	}
 | |
| 	if err := op.DeleteUserById(uint(id)); err != nil {
 | |
| 		common.ErrorResp(c, err, 500)
 | |
| 		return
 | |
| 	}
 | |
| 	common.SuccessResp(c)
 | |
| }
 | |
| 
 | |
| func GetUser(c *gin.Context) {
 | |
| 	idStr := c.Query("id")
 | |
| 	id, err := strconv.Atoi(idStr)
 | |
| 	if err != nil {
 | |
| 		common.ErrorResp(c, err, 400)
 | |
| 		return
 | |
| 	}
 | |
| 	user, err := op.GetUserById(uint(id))
 | |
| 	if err != nil {
 | |
| 		common.ErrorResp(c, err, 500, true)
 | |
| 		return
 | |
| 	}
 | |
| 	common.SuccessResp(c, user)
 | |
| }
 | |
| 
 | |
| func Cancel2FAById(c *gin.Context) {
 | |
| 	idStr := c.Query("id")
 | |
| 	id, err := strconv.Atoi(idStr)
 | |
| 	if err != nil {
 | |
| 		common.ErrorResp(c, err, 400)
 | |
| 		return
 | |
| 	}
 | |
| 	if err := op.Cancel2FAById(uint(id)); err != nil {
 | |
| 		common.ErrorResp(c, err, 500)
 | |
| 		return
 | |
| 	}
 | |
| 	common.SuccessResp(c)
 | |
| }
 | |
| 
 | |
| func DelUserCache(c *gin.Context) {
 | |
| 	username := c.Query("username")
 | |
| 	err := op.DelUserCache(username)
 | |
| 	if err != nil {
 | |
| 		common.ErrorResp(c, err, 500)
 | |
| 		return
 | |
| 	}
 | |
| 	common.SuccessResp(c)
 | |
| }
 |