From 03f317ffdb6595ce70e8a2302b05f390c52110c8 Mon Sep 17 00:00:00 2001 From: xiaojunnuo Date: Fri, 26 Sep 2025 01:20:25 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E6=94=AF=E6=8C=81=E8=85=BE=E8=AE=AF?= =?UTF-8?q?=E4=BA=91=E9=AA=8C=E8=AF=81=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../libs/lib-server/src/user/addon/api/api.ts | 47 ++++++++++++++++++- .../src/user/addon/service/addon-service.ts | 9 +++- .../src/plugin/cert-plugin/index.ts | 12 ++++- 3 files changed, 64 insertions(+), 4 deletions(-) diff --git a/packages/libs/lib-server/src/user/addon/api/api.ts b/packages/libs/lib-server/src/user/addon/api/api.ts index 4e65ce86..3671f790 100644 --- a/packages/libs/lib-server/src/user/addon/api/api.ts +++ b/packages/libs/lib-server/src/user/addon/api/api.ts @@ -1,6 +1,13 @@ import { HttpClient, ILogger, utils } from "@certd/basic"; import {upperFirst} from "lodash-es"; -import { FormItemProps, PluginRequestHandleReq, Registrable } from "@certd/pipeline"; +import { + accessRegistry, + FormItemProps, + IAccessService, + IServiceGetter, + PluginRequestHandleReq, + Registrable +} from "@certd/pipeline"; export type AddonRequestHandleReqInput = { @@ -48,6 +55,7 @@ export type AddonContext = { http: HttpClient; logger: ILogger; utils: typeof utils; + serviceGetter: IServiceGetter; }; export abstract class BaseAddon implements IAddon { @@ -58,8 +66,45 @@ export abstract class BaseAddon implements IAddon { + // eslint-disable-next-line @typescript-eslint/no-empty-function async onInstance() {} + + + async getAccess(accessId: string | number, isCommon = false) { + if (accessId == null) { + throw new Error("您还没有配置授权"); + } + const accessService = await this.ctx.serviceGetter.get("accessService") + let res: any = null; + if (isCommon) { + res = await accessService.getCommonById(accessId); + } else { + res = await accessService.getById(accessId); + } + if (res == null) { + throw new Error("授权不存在,可能已被删除,请前往任务配置里面重新选择授权"); + } + // @ts-ignore + if (this.logger?.addSecret) { + // 隐藏加密信息,不在日志中输出 + const type = res._type; + const plugin = accessRegistry.get(type); + const define = plugin.define; + // @ts-ignore + const input = define.input; + for (const key in input) { + if (input[key].encrypt && res[key] != null) { + // @ts-ignore + this.logger.addSecret(res[key]); + } + } + } + + return res as T; + } + + setCtx(ctx: AddonContext) { this.ctx = ctx; this.http = ctx.http; diff --git a/packages/libs/lib-server/src/user/addon/service/addon-service.ts b/packages/libs/lib-server/src/user/addon/service/addon-service.ts index d58d2453..11da789c 100644 --- a/packages/libs/lib-server/src/user/addon/service/addon-service.ts +++ b/packages/libs/lib-server/src/user/addon/service/addon-service.ts @@ -1,10 +1,11 @@ -import { Provide, Scope, ScopeEnum } from "@midwayjs/core"; +import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core"; import { InjectEntityModel } from "@midwayjs/typeorm"; import { In, Repository } from "typeorm"; import { AddonDefine, BaseService, PageReq, PermissionException, ValidateException } from "../../../index.js"; import { addonRegistry, newAddon } from "../api/index.js"; import { AddonEntity } from "../entity/addon.js"; import { http, logger, utils } from "@certd/basic"; +import { TaskServiceBuilder } from "@certd/ui-server/dist/modules/pipeline/service/getter/task-service-getter.js"; /** * Addon @@ -15,6 +16,9 @@ export class AddonService extends BaseService { @InjectEntityModel(AddonEntity) repository: Repository; + @Inject() + private taskServiceBuilder: TaskServiceBuilder; + //@ts-ignore getRepository() { return this.repository; @@ -76,13 +80,14 @@ export class AddonService extends BaseService { } async getAddonById(id: any, checkUserId: boolean, userId?: number): Promise { + const serviceGetter = this.taskServiceBuilder.create({userId:userId??0}) const ctx = { http: http, logger: logger, utils: utils, + serviceGetter }; - if (!id){ //使用图片验证码 return await newAddon("captcha", "image", {},ctx); diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts index 5b8fa86f..2141495a 100644 --- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts +++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts @@ -541,7 +541,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin { const mainDomain = await domainParser.parse(domain); const planSetting: DomainVerifyPlanInput = verifyPlanSetting[mainDomain]; if (planSetting == null) { - throw new Error(`没有找到域名(${domain})的校验计划(如果您在流水线创建之后设置了子域名托管,需要重新编辑一下证书申请任务和cname记录的校验状态)`); + throw new Error(`没有找到域名(${domain})的校验计划(如果您在流水线创建之后设置了子域名托管,需要重新编辑证书申请任务和重新校验cname记录的校验状态)`); } if (planSetting.type === "dns") { plan[domain] = await this.createDnsDomainVerifyPlan(planSetting, domain, mainDomain); @@ -630,10 +630,20 @@ export class CertApplyPlugin extends CertApplyBasePlugin { if (cnameRecord == null) { throw new Error(`请先配置${domain}的CNAME记录,并通过校验`); } + if (cnameRecord.status !== "valid") { + throw new Error(`CNAME记录${domain}的校验状态为${cnameRecord.status},请等待校验通过`); + } + + // 主域名异常 + if (cnameRecord.mainDomain !== mainDomain) { + throw new Error(`CNAME记录${domain}的域名与配置的主域名不一致,请确认是否在流水线创建之后修改了子域名托管,您需要重新校验CNAME记录的校验状态`); + } + let dnsProvider = cnameRecord.commonDnsProvider; if (cnameRecord.cnameProvider.id > 0) { dnsProvider = await this.createDnsProvider(cnameRecord.cnameProvider.dnsProviderType, cnameRecord.cnameProvider.access); } + return { type: "cname", domain,