mirror of https://github.com/certd/certd
chore:
parent
b5d8935159
commit
f0b2a61246
|
@ -45,3 +45,5 @@ exports.axios = require('./axios');
|
|||
*/
|
||||
|
||||
exports.setLogger = require('./logger').setLogger;
|
||||
|
||||
exports.walkTxtRecord = require('./verify').walkTxtRecord;
|
||||
|
|
|
@ -66,18 +66,35 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
|
|||
log(`Checking name for TXT records: ${recordName}`);
|
||||
const txtRecords = await resolver.resolveTxt(recordName);
|
||||
|
||||
if (txtRecords.length) {
|
||||
if (txtRecords && txtRecords.length) {
|
||||
log(`Found ${txtRecords.length} TXT records at ${recordName}`);
|
||||
log(`TXT records: ${JSON.stringify(txtRecords)}`);
|
||||
return [].concat(...txtRecords);
|
||||
}
|
||||
return [];
|
||||
}
|
||||
catch (e) {
|
||||
log(`No TXT records found for name: ${recordName}`);
|
||||
log(`Resolve TXT records error, ${recordName} :${e.message}`);
|
||||
throw e;
|
||||
}
|
||||
}
|
||||
|
||||
/* Found nothing */
|
||||
throw new Error(`No TXT records found for name: ${recordName}`);
|
||||
async function walkTxtRecord(recordName) {
|
||||
try {
|
||||
/* Default DNS resolver first */
|
||||
log('Attempting to resolve TXT with default DNS resolver first');
|
||||
const res = await walkDnsChallengeRecord(recordName);
|
||||
if (res && res.length > 0) {
|
||||
return res;
|
||||
}
|
||||
throw new Error('No TXT records found');
|
||||
}
|
||||
catch (e) {
|
||||
/* Authoritative DNS resolver */
|
||||
log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
|
||||
const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
|
||||
return await walkDnsChallengeRecord(recordName, authoritativeResolver);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -93,24 +110,10 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
|
|||
*/
|
||||
|
||||
async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
|
||||
let recordValues = [];
|
||||
const recordName = `${prefix}${authz.identifier.value}`;
|
||||
log(`Resolving DNS TXT from record: ${recordName}`);
|
||||
|
||||
try {
|
||||
/* Default DNS resolver first */
|
||||
log('Attempting to resolve TXT with default DNS resolver first');
|
||||
recordValues = await walkDnsChallengeRecord(recordName);
|
||||
}
|
||||
catch (e) {
|
||||
/* Authoritative DNS resolver */
|
||||
log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
|
||||
const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
|
||||
recordValues = await walkDnsChallengeRecord(recordName, authoritativeResolver);
|
||||
}
|
||||
|
||||
const recordValues = await walkTxtRecord(recordName);
|
||||
log(`DNS query finished successfully, found ${recordValues.length} TXT records`);
|
||||
|
||||
if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
|
||||
throw new Error(`Authorization not found in DNS TXT record: ${recordName},need:${keyAuthorization},found:${recordValues}`);
|
||||
}
|
||||
|
@ -154,4 +157,5 @@ module.exports = {
|
|||
'http-01': verifyHttpChallenge,
|
||||
'dns-01': verifyDnsChallenge,
|
||||
'tls-alpn-01': verifyTlsAlpnChallenge,
|
||||
walkTxtRecord,
|
||||
};
|
||||
|
|
|
@ -197,3 +197,5 @@ export const axios: AxiosInstance;
|
|||
*/
|
||||
|
||||
export function setLogger(fn: (msg: string) => void): void;
|
||||
|
||||
export function walkTxtRecord(record: any): Promise<string[]>;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
import { ValidateException } from './exception/index.js';
|
||||
import * as _ from 'lodash-es';
|
||||
import { PermissionException } from './exception/index.js';
|
||||
import { Repository } from 'typeorm';
|
||||
import { In, Repository } from 'typeorm';
|
||||
import { Inject } from '@midwayjs/core';
|
||||
import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
|
||||
import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
|
||||
|
@ -49,16 +49,22 @@ export abstract class BaseService<T> {
|
|||
/**
|
||||
* 删除
|
||||
* @param ids 删除的ID集合 如:[1,2,3] 或者 1,2,3
|
||||
* @param where
|
||||
*/
|
||||
async delete(ids) {
|
||||
if (ids instanceof Array) {
|
||||
await this.getRepository().delete(ids);
|
||||
} else if (typeof ids === 'string') {
|
||||
await this.getRepository().delete(ids.split(','));
|
||||
} else {
|
||||
//ids是一个condition
|
||||
await this.getRepository().delete(ids);
|
||||
async delete(ids: any, where?: any) {
|
||||
if (!ids) {
|
||||
throw new ValidateException('ids不能为空');
|
||||
}
|
||||
if (typeof ids === 'string') {
|
||||
ids = ids.split(',');
|
||||
}
|
||||
if (ids.length === 0) {
|
||||
return;
|
||||
}
|
||||
await this.getRepository().delete({
|
||||
id: In(ids),
|
||||
...where,
|
||||
});
|
||||
await this.modifyAfter(ids);
|
||||
}
|
||||
|
||||
|
@ -90,7 +96,7 @@ export abstract class BaseService<T> {
|
|||
* @param param 数据
|
||||
*/
|
||||
async update(param) {
|
||||
if (!param.id) throw new ValidateException('no id');
|
||||
if (!param.id) throw new ValidateException('id 不能为空');
|
||||
param.updateTime = new Date();
|
||||
await this.addOrUpdate(param);
|
||||
await this.modifyAfter(param);
|
||||
|
|
|
@ -26,9 +26,9 @@ import * as api from "./api.js";
|
|||
const statusDict = dict({
|
||||
data: [
|
||||
{ label: "待设置CNAME", value: "cname", color: "warning" },
|
||||
{ label: "验证中", value: "validating", color: "primary" },
|
||||
{ label: "验证成功", value: "valid", color: "success" },
|
||||
{ label: "验证失败", value: "failed", color: "error" }
|
||||
{ label: "验证中", value: "validating", color: "blue" },
|
||||
{ label: "验证成功", value: "valid", color: "green" },
|
||||
{ label: "验证失败", value: "failed", color: "red" }
|
||||
]
|
||||
});
|
||||
|
||||
|
|
|
@ -57,3 +57,13 @@ export async function DeleteBatch(ids: any[]) {
|
|||
data: { ids }
|
||||
});
|
||||
}
|
||||
|
||||
export async function DoVerify(id: number) {
|
||||
return await request({
|
||||
url: apiPrefix + "/verify",
|
||||
method: "post",
|
||||
data: {
|
||||
id
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -1,10 +1,12 @@
|
|||
import * as api from "./api";
|
||||
import { useI18n } from "vue-i18n";
|
||||
import { computed, Ref, ref } from "vue";
|
||||
import { Ref, ref } from "vue";
|
||||
import { useRouter } from "vue-router";
|
||||
import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, utils } from "@fast-crud/fast-crud";
|
||||
import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
|
||||
import { useUserStore } from "/@/store/modules/user";
|
||||
import { useSettingStore } from "/@/store/modules/settings";
|
||||
import { message } from "ant-design-vue";
|
||||
import { DoVerify } from "./api";
|
||||
|
||||
export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
|
||||
const router = useRouter();
|
||||
|
@ -58,6 +60,10 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
|
|||
editRequest,
|
||||
delRequest
|
||||
},
|
||||
tabs: {
|
||||
name: "status",
|
||||
show: true
|
||||
},
|
||||
rowHandle: {
|
||||
minWidth: 200,
|
||||
fixed: "right"
|
||||
|
@ -139,9 +145,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
|
|||
dict: dict({
|
||||
data: [
|
||||
{ label: "待设置CNAME", value: "cname", color: "warning" },
|
||||
{ label: "验证中", value: "validating", color: "primary" },
|
||||
{ label: "验证成功", value: "valid", color: "success" },
|
||||
{ label: "验证失败", value: "failed", color: "error" }
|
||||
{ label: "验证中", value: "validating", color: "blue" },
|
||||
{ label: "验证成功", value: "valid", color: "green" },
|
||||
{ label: "验证失败", value: "failed", color: "red" }
|
||||
]
|
||||
}),
|
||||
addForm: {
|
||||
|
@ -160,14 +166,29 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
|
|||
},
|
||||
column: {
|
||||
conditionalRenderDisabled: true,
|
||||
width: 100,
|
||||
width: 130,
|
||||
align: "center",
|
||||
cellRender({ row, value }) {
|
||||
if (row.status === "valid") {
|
||||
return "-";
|
||||
}
|
||||
async function doVerify() {
|
||||
row._validating_ = true;
|
||||
try {
|
||||
const res = await api.DoVerify(row.id);
|
||||
if (res === true) {
|
||||
message.success("验证成功");
|
||||
row.status = "valid";
|
||||
}
|
||||
} catch (e) {
|
||||
console.error(e);
|
||||
message.error(e.message);
|
||||
} finally {
|
||||
row._validating_ = false;
|
||||
}
|
||||
}
|
||||
return (
|
||||
<a-button size={"small"} type={"primary"}>
|
||||
<a-button onClick={doVerify} loading={row._validating_} size={"small"} type={"primary"}>
|
||||
点击验证
|
||||
</a-button>
|
||||
);
|
||||
|
|
|
@ -18,7 +18,7 @@ import { onMounted } from "vue";
|
|||
import { useFs } from "@fast-crud/fast-crud";
|
||||
import createCrudOptions from "./crud";
|
||||
import { message, Modal } from "ant-design-vue";
|
||||
import { DeleteBatch } from "/@/views/certd/history/api";
|
||||
import { DeleteBatch } from "./api";
|
||||
|
||||
defineOptions({
|
||||
name: "CnameRecord"
|
||||
|
|
|
@ -18,7 +18,7 @@ import { onMounted } from "vue";
|
|||
import { useFs } from "@fast-crud/fast-crud";
|
||||
import createCrudOptions from "./crud";
|
||||
import { message, Modal } from "ant-design-vue";
|
||||
import { DeleteBatch } from "/@/views/certd/history/api";
|
||||
import { DeleteBatch } from "./api";
|
||||
|
||||
defineOptions({
|
||||
name: "PipelineHistory"
|
||||
|
|
|
@ -17,6 +17,7 @@ import DefaultConfig from './config/config.default.js';
|
|||
import * as libServer from '@certd/lib-server';
|
||||
import * as commercial from '@certd/commercial-core';
|
||||
import * as upload from '@midwayjs/upload';
|
||||
import { setLogger } from '@certd/acme-client';
|
||||
process.on('uncaughtException', error => {
|
||||
console.error('未捕获的异常:', error);
|
||||
// 在这里可以添加日志记录、发送错误通知等操作
|
||||
|
@ -75,6 +76,11 @@ export class MainConfiguration {
|
|||
ResetPasswdMiddleware,
|
||||
]);
|
||||
|
||||
//acme setlogger
|
||||
setLogger((text: string) => {
|
||||
logger.info(text);
|
||||
});
|
||||
|
||||
logger.info('当前环境:', this.app.getEnv()); // prod
|
||||
}
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@ export class CnameProviderController extends BaseController {
|
|||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body: any) {
|
||||
body.userId = this.ctx.user.id;
|
||||
body.userId = this.getUserId();
|
||||
const res = await this.providerService.find({});
|
||||
return this.ok(res);
|
||||
}
|
||||
|
|
|
@ -18,50 +18,67 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
|||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body: any) {
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.ctx.user.id;
|
||||
return await super.page(body);
|
||||
body.query.userId = this.getUserId();
|
||||
const domain = body.query.domain;
|
||||
delete body.query.domain;
|
||||
|
||||
const bq = qb => {
|
||||
if (domain) {
|
||||
qb.where('domain like :domain', { domain: `%${domain}%` });
|
||||
}
|
||||
};
|
||||
|
||||
const pageRet = await this.getService().page(body?.query, body?.page, body?.sort, bq);
|
||||
return this.ok(pageRet);
|
||||
}
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body: any) {
|
||||
body.userId = this.ctx.user.id;
|
||||
body.userId = this.getUserId();
|
||||
return super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean: any) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean: any) {
|
||||
await this.service.checkUserId(bean.id, this.ctx.user.id);
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
return super.update(bean);
|
||||
}
|
||||
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.ctx.user.id);
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.ctx.user.id);
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
@Post('/deleteByIds', { summary: Constants.per.authOnly })
|
||||
async deleteByIds(@Body(ALL) body: any) {
|
||||
await this.service.delete(body.ids, {
|
||||
userId: this.getUserId(),
|
||||
});
|
||||
return this.ok();
|
||||
}
|
||||
@Post('/getByDomain', { summary: Constants.per.authOnly })
|
||||
async getByDomain(@Body(ALL) body: { domain: string; createOnNotFound: boolean }) {
|
||||
const userId = this.ctx.user.id;
|
||||
const userId = this.getUserId();
|
||||
const res = await this.service.getByDomain(body.domain, userId, body.createOnNotFound);
|
||||
return this.ok(res);
|
||||
}
|
||||
|
||||
@Post('/verify', { summary: Constants.per.authOnly })
|
||||
async verify(@Body(ALL) body: { id: string }) {
|
||||
const userId = this.ctx.user.id;
|
||||
const userId = this.getUserId();
|
||||
await this.service.checkUserId(body.id, userId);
|
||||
const res = await this.service.verify(body.id);
|
||||
return this.ok(res);
|
||||
|
|
|
@ -8,9 +8,18 @@ import { CnameProviderService } from '../../sys/cname/service/cname-provider-ser
|
|||
import { CnameProviderEntity } from '../../sys/cname/entity/cname_provider.js';
|
||||
import { createDnsProvider, IDnsProvider, parseDomain } from '@certd/plugin-cert';
|
||||
import { cache, http, logger, utils } from '@certd/pipeline';
|
||||
import dns from 'dns';
|
||||
import { AccessService } from '../../pipeline/service/access-service.js';
|
||||
import { isDev } from '../../../utils/env.js';
|
||||
import { walkTxtRecord } from '@certd/acme-client';
|
||||
|
||||
type CnameCheckCacheValue = {
|
||||
validating: boolean;
|
||||
pass: boolean;
|
||||
recordReq?: any;
|
||||
recordRes?: any;
|
||||
startTime: number;
|
||||
intervalId?: NodeJS.Timeout;
|
||||
};
|
||||
/**
|
||||
* 授权
|
||||
*/
|
||||
|
@ -147,56 +156,94 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
|
|||
if (!bean) {
|
||||
throw new ValidateException(`CnameRecord:${id} 不存在`);
|
||||
}
|
||||
const cacheKey = `cname.record.verify.${bean.id}`;
|
||||
|
||||
type CacheValue = {
|
||||
ready: boolean;
|
||||
pass: boolean;
|
||||
};
|
||||
let value: CacheValue = cache.get(cacheKey);
|
||||
if (!value) {
|
||||
value = {
|
||||
ready: false,
|
||||
pass: false,
|
||||
};
|
||||
if (bean.status === 'valid') {
|
||||
return true;
|
||||
}
|
||||
|
||||
const originDomain = parseDomain(bean.domain);
|
||||
const fullDomain = `${bean.hostRecord}.${originDomain}`;
|
||||
const cacheKey = `cname.record.verify.${bean.id}`;
|
||||
|
||||
let value: CnameCheckCacheValue = cache.get(cacheKey);
|
||||
if (!value) {
|
||||
value = {
|
||||
validating: false,
|
||||
pass: false,
|
||||
startTime: new Date().getTime(),
|
||||
};
|
||||
}
|
||||
let ttl = 60 * 60 * 15 * 1000;
|
||||
if (isDev()) {
|
||||
ttl = 30 * 1000;
|
||||
}
|
||||
const recordValue = bean.recordValue.substring(0, bean.recordValue.indexOf('.'));
|
||||
|
||||
const buildDnsProvider = async () => {
|
||||
const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
|
||||
const access = await this.accessService.getById(cnameProvider.accessId, bean.userId);
|
||||
const context = { access, logger, http, utils };
|
||||
const dnsProvider: IDnsProvider = await createDnsProvider({
|
||||
dnsProviderType: cnameProvider.dnsProviderType,
|
||||
context,
|
||||
});
|
||||
return dnsProvider;
|
||||
};
|
||||
|
||||
const checkRecordValue = async () => {
|
||||
if (value.pass) {
|
||||
return true;
|
||||
}
|
||||
if (value.startTime + ttl < new Date().getTime()) {
|
||||
logger.warn(`cname验证超时,停止检查,${bean.domain} ${recordValue}`);
|
||||
clearInterval(value.intervalId);
|
||||
await this.updateStatus(bean.id, 'cname');
|
||||
return false;
|
||||
}
|
||||
|
||||
const originDomain = parseDomain(bean.domain);
|
||||
const fullDomain = `${bean.hostRecord}.${originDomain}`;
|
||||
|
||||
logger.info(`检查CNAME配置 ${fullDomain} ${recordValue}`);
|
||||
const txtRecords = await dns.promises.resolveTxt(fullDomain);
|
||||
|
||||
// const txtRecords = await dns.promises.resolveTxt(fullDomain);
|
||||
// if (txtRecords.length) {
|
||||
// records = [].concat(...txtRecords);
|
||||
// }
|
||||
let records: string[] = [];
|
||||
if (txtRecords.length) {
|
||||
records = [].concat(...txtRecords);
|
||||
try {
|
||||
records = await walkTxtRecord(fullDomain);
|
||||
} catch (e) {
|
||||
logger.error(`获取TXT记录失败,${e.message}`);
|
||||
}
|
||||
logger.info(`检查到TXT记录 ${JSON.stringify(records)}`);
|
||||
const success = records.includes(recordValue);
|
||||
if (success) {
|
||||
clearInterval(value.intervalId);
|
||||
logger.info(`检测到CNAME配置,修改状态 ${fullDomain} ${recordValue}`);
|
||||
await this.updateStatus(bean.id, 'valid');
|
||||
value.pass = true;
|
||||
cache.delete(cacheKey);
|
||||
try {
|
||||
const dnsProvider = await buildDnsProvider();
|
||||
await dnsProvider.removeRecord({
|
||||
recordReq: value.recordReq,
|
||||
recordRes: value.recordRes,
|
||||
});
|
||||
logger.info('删除CNAME的校验DNS记录成功');
|
||||
} catch (e) {
|
||||
logger.error(`删除CNAME的校验DNS记录失败, ${e.message},req:${JSON.stringify(value.recordReq)},recordRes:${JSON.stringify(value.recordRes)}`, e);
|
||||
}
|
||||
}
|
||||
return success;
|
||||
};
|
||||
|
||||
if (value.ready) {
|
||||
if (value.validating) {
|
||||
// lookup recordValue in dns
|
||||
return await checkRecordValue();
|
||||
}
|
||||
|
||||
const ttl = 60 * 60 * 30;
|
||||
cache.set(cacheKey, value, {
|
||||
ttl: ttl,
|
||||
});
|
||||
|
||||
const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
|
||||
const access = await this.accessService.getById(cnameProvider.accessId, bean.userId);
|
||||
const context = { access, logger, http, utils };
|
||||
const dnsProvider: IDnsProvider = await createDnsProvider({
|
||||
dnsProviderType: cnameProvider.dnsProviderType,
|
||||
context,
|
||||
});
|
||||
const domain = parseDomain(bean.recordValue);
|
||||
const fullRecord = bean.recordValue;
|
||||
const hostRecord = fullRecord.replace(`.${domain}`, '');
|
||||
|
@ -207,8 +254,20 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
|
|||
type: 'TXT',
|
||||
value: recordValue,
|
||||
};
|
||||
await dnsProvider.createRecord(req);
|
||||
value.ready = true;
|
||||
const dnsProvider = await buildDnsProvider();
|
||||
const recordRes = await dnsProvider.createRecord(req);
|
||||
value.validating = true;
|
||||
value.recordReq = req;
|
||||
value.recordRes = recordRes;
|
||||
await this.updateStatus(bean.id, 'validating');
|
||||
|
||||
value.intervalId = setInterval(async () => {
|
||||
try {
|
||||
await checkRecordValue();
|
||||
} catch (e) {
|
||||
logger.error('检查cname出错:', e);
|
||||
}
|
||||
}, 10000);
|
||||
}
|
||||
|
||||
async updateStatus(id: number, status: CnameRecordStatusType) {
|
||||
|
|
|
@ -19,49 +19,49 @@ export class UserSettingsController extends CrudController<UserSettingsService>
|
|||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body) {
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.ctx.user.id;
|
||||
body.query.userId = this.getUserId();
|
||||
return super.page(body);
|
||||
}
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body) {
|
||||
body.userId = this.ctx.user.id;
|
||||
body.userId = this.getUserId();
|
||||
return super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.ctx.user.id);
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
return super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.ctx.user.id);
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.ctx.user.id);
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
@Post('/save', { summary: Constants.per.authOnly })
|
||||
async save(@Body(ALL) bean: UserSettingsEntity) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
await this.service.save(bean);
|
||||
return this.ok({});
|
||||
}
|
||||
|
||||
@Post('/get', { summary: Constants.per.authOnly })
|
||||
async get(@Query('key') key: string) {
|
||||
const entity = await this.service.getByKey(key, this.ctx.user.id);
|
||||
const entity = await this.service.getByKey(key, this.getUserId());
|
||||
return this.ok(entity);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,36 +19,36 @@ export class AccessController extends CrudController<AccessService> {
|
|||
@Post('/page', { summary: Constants.per.authOnly })
|
||||
async page(@Body(ALL) body) {
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.ctx.user.id;
|
||||
body.query.userId = this.getUserId();
|
||||
return await super.page(body);
|
||||
}
|
||||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Body(ALL) body) {
|
||||
body.userId = this.ctx.user.id;
|
||||
body.userId = this.getUserId();
|
||||
return super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: Constants.per.authOnly })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.ctx.user.id);
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
return super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: Constants.per.authOnly })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.ctx.user.id);
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: Constants.per.authOnly })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.ctx.user.id);
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ export class DnsProviderController extends BaseController {
|
|||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Query(ALL) query: any) {
|
||||
query.userId = this.ctx.user.id;
|
||||
query.userId = this.getUserId();
|
||||
const list = this.service.getList();
|
||||
return this.ok(list);
|
||||
}
|
||||
|
|
|
@ -41,8 +41,8 @@ export class HistoryController extends CrudController<HistoryService> {
|
|||
const publicSettings = await this.sysSettingsService.getPublicSettings();
|
||||
const pipelineQuery: any = {};
|
||||
if (!(publicSettings.managerOtherUserPipeline && isAdmin)) {
|
||||
body.query.userId = this.ctx.user.id;
|
||||
pipelineQuery.userId = this.ctx.user.id;
|
||||
body.query.userId = this.getUserId();
|
||||
pipelineQuery.userId = this.getUserId();
|
||||
}
|
||||
|
||||
let pipelineIds: any = null;
|
||||
|
@ -70,7 +70,7 @@ export class HistoryController extends CrudController<HistoryService> {
|
|||
async list(@Body(ALL) body) {
|
||||
const isAdmin = await this.authService.isAdmin(this.ctx);
|
||||
if (!isAdmin) {
|
||||
body.userId = this.ctx.user.id;
|
||||
body.userId = this.getUserId();
|
||||
}
|
||||
if (body.pipelineId == null) {
|
||||
return this.ok([]);
|
||||
|
@ -84,7 +84,7 @@ export class HistoryController extends CrudController<HistoryService> {
|
|||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean: PipelineEntity) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
|
@ -96,7 +96,7 @@ export class HistoryController extends CrudController<HistoryService> {
|
|||
|
||||
@Post('/save', { summary: Constants.per.authOnly })
|
||||
async save(@Body(ALL) bean: HistoryEntity) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
if (bean.id > 0) {
|
||||
await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id);
|
||||
}
|
||||
|
@ -106,7 +106,7 @@ export class HistoryController extends CrudController<HistoryService> {
|
|||
|
||||
@Post('/saveLog', { summary: Constants.per.authOnly })
|
||||
async saveLog(@Body(ALL) bean: HistoryLogEntity) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
if (bean.id > 0) {
|
||||
await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id);
|
||||
}
|
||||
|
@ -125,7 +125,7 @@ export class HistoryController extends CrudController<HistoryService> {
|
|||
async deleteByIds(@Body(ALL) body: any) {
|
||||
await this.authService.checkEntityUserId(this.ctx, this.getService(), body.ids);
|
||||
const isAdmin = await this.authService.isAdmin(this.ctx);
|
||||
const userId = isAdmin ? null : this.ctx.user.id;
|
||||
const userId = isAdmin ? null : this.getUserId();
|
||||
await this.getService().deleteByIds(body.ids, userId);
|
||||
return this.ok();
|
||||
}
|
||||
|
@ -162,7 +162,7 @@ export class HistoryController extends CrudController<HistoryService> {
|
|||
if (history == null) {
|
||||
throw new CommonException('historyId is null');
|
||||
}
|
||||
if (history.userId !== this.ctx.user.id) {
|
||||
if (history.userId !== this.getUserId()) {
|
||||
throw new PermissionException();
|
||||
}
|
||||
return await this.service.getFiles(history);
|
||||
|
|
|
@ -29,7 +29,7 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||
const isAdmin = await this.authService.isAdmin(this.ctx);
|
||||
const publicSettings = await this.sysSettingsService.getPublicSettings();
|
||||
if (!(publicSettings.managerOtherUserPipeline && isAdmin)) {
|
||||
body.query.userId = this.ctx.user.id;
|
||||
body.query.userId = this.getUserId();
|
||||
}
|
||||
|
||||
const title = body.query.title;
|
||||
|
@ -50,7 +50,7 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||
|
||||
@Post('/add', { summary: Constants.per.authOnly })
|
||||
async add(@Body(ALL) bean: PipelineEntity) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
|
@ -62,7 +62,7 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||
|
||||
@Post('/save', { summary: Constants.per.authOnly })
|
||||
async save(@Body(ALL) bean: PipelineEntity) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
if (bean.id > 0) {
|
||||
await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id);
|
||||
}
|
||||
|
|
|
@ -14,14 +14,14 @@ export class PluginController extends BaseController {
|
|||
|
||||
@Post('/list', { summary: Constants.per.authOnly })
|
||||
async list(@Query(ALL) query: any) {
|
||||
query.userId = this.ctx.user.id;
|
||||
query.userId = this.getUserId();
|
||||
const list = this.service.getList();
|
||||
return this.ok(list);
|
||||
}
|
||||
|
||||
@Post('/groups', { summary: Constants.per.authOnly })
|
||||
async groups(@Query(ALL) query: any) {
|
||||
query.userId = this.ctx.user.id;
|
||||
query.userId = this.getUserId();
|
||||
const group = this.service.getGroups();
|
||||
return this.ok(group);
|
||||
}
|
||||
|
|
|
@ -68,6 +68,9 @@ export class HistoryService extends BaseService<HistoryEntity> {
|
|||
}
|
||||
|
||||
private async clear(pipelineId: number, keepCount = 20) {
|
||||
if (pipelineId == null) {
|
||||
return;
|
||||
}
|
||||
const count = await this.repository.count({
|
||||
where: {
|
||||
pipelineId,
|
||||
|
@ -139,6 +142,9 @@ export class HistoryService extends BaseService<HistoryEntity> {
|
|||
}
|
||||
|
||||
async deleteByIds(ids: number[], userId: number) {
|
||||
if (!ids || ids.length === 0) {
|
||||
return;
|
||||
}
|
||||
const condition: any = {
|
||||
id: In(ids),
|
||||
};
|
||||
|
@ -150,6 +156,9 @@ export class HistoryService extends BaseService<HistoryEntity> {
|
|||
}
|
||||
|
||||
async deleteByPipelineId(id: number) {
|
||||
if (id == null) {
|
||||
return;
|
||||
}
|
||||
await this.repository.delete({
|
||||
pipelineId: id,
|
||||
});
|
||||
|
|
|
@ -86,7 +86,7 @@ export class UserController extends CrudController<UserService> {
|
|||
*/
|
||||
@Post('/mine', { summary: Constants.per.authOnly })
|
||||
public async mine() {
|
||||
const id = this.ctx.user.id;
|
||||
const id = this.getUserId();
|
||||
const info = await this.service.info(id, ['password']);
|
||||
return this.ok(info);
|
||||
}
|
||||
|
@ -96,7 +96,7 @@ export class UserController extends CrudController<UserService> {
|
|||
*/
|
||||
@Post('/permissions', { summary: Constants.per.authOnly })
|
||||
public async permissions() {
|
||||
const id = this.ctx.user.id;
|
||||
const id = this.getUserId();
|
||||
const permissions = await this.service.getUserPermissions(id);
|
||||
return this.ok(permissions);
|
||||
}
|
||||
|
@ -106,7 +106,7 @@ export class UserController extends CrudController<UserService> {
|
|||
*/
|
||||
@Post('/permissionTree', { summary: Constants.per.authOnly })
|
||||
public async permissionTree() {
|
||||
const id = this.ctx.user.id;
|
||||
const id = this.getUserId();
|
||||
const permissions = await this.service.getUserPermissions(id);
|
||||
const tree = this.permissionService.buildTree(permissions);
|
||||
return this.ok(tree);
|
||||
|
|
|
@ -23,36 +23,36 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
|
|||
@Post('/page', { summary: 'sys:settings:view' })
|
||||
async page(@Body(ALL) body) {
|
||||
body.query = body.query ?? {};
|
||||
body.query.userId = this.ctx.user.id;
|
||||
body.query.userId = this.getUserId();
|
||||
return super.page(body);
|
||||
}
|
||||
|
||||
@Post('/list', { summary: 'sys:settings:view' })
|
||||
async list(@Body(ALL) body) {
|
||||
body.userId = this.ctx.user.id;
|
||||
body.userId = this.getUserId();
|
||||
return super.list(body);
|
||||
}
|
||||
|
||||
@Post('/add', { summary: 'sys:settings:edit' })
|
||||
async add(@Body(ALL) bean) {
|
||||
bean.userId = this.ctx.user.id;
|
||||
bean.userId = this.getUserId();
|
||||
return super.add(bean);
|
||||
}
|
||||
|
||||
@Post('/update', { summary: 'sys:settings:edit' })
|
||||
async update(@Body(ALL) bean) {
|
||||
await this.service.checkUserId(bean.id, this.ctx.user.id);
|
||||
await this.service.checkUserId(bean.id, this.getUserId());
|
||||
return super.update(bean);
|
||||
}
|
||||
@Post('/info', { summary: 'sys:settings:view' })
|
||||
async info(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.ctx.user.id);
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
return super.info(id);
|
||||
}
|
||||
|
||||
@Post('/delete', { summary: 'sys:settings:edit' })
|
||||
async delete(@Query('id') id: number) {
|
||||
await this.service.checkUserId(id, this.ctx.user.id);
|
||||
await this.service.checkUserId(id, this.getUserId());
|
||||
return super.delete(id);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline';
|
||||
import { isDev } from "../../utils/env.js";
|
||||
|
||||
/**
|
||||
* 这个注解将注册一个授权配置
|
||||
|
@ -41,7 +42,7 @@ export class DemoAccess extends BaseAccess {
|
|||
demoKeySecret = '';
|
||||
}
|
||||
|
||||
if (process.env.NODE_ENV === 'development') {
|
||||
if (isDev()) {
|
||||
//你的实现 要去掉这个if,不然生产环境将不会显示
|
||||
new DemoAccess();
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
|
||||
import { Autowire, HttpClient, ILogger } from '@certd/pipeline';
|
||||
import { DemoAccess } from './access.js';
|
||||
import { isDev } from "../../utils/env.js";
|
||||
|
||||
type DemoRecord = {
|
||||
// 这里定义Record记录的数据结构,跟对应云平台接口返回值一样即可,一般是拿到id就行,用于删除txt解析记录,清理申请痕迹
|
||||
|
@ -79,7 +80,7 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
|
|||
}
|
||||
|
||||
//TODO 实例化这个provider,将其自动注册到系统中
|
||||
if (process.env.NODE_ENV === 'development') {
|
||||
if (isDev()) {
|
||||
//你的实现 要去掉这个if,不然生产环境将不会显示
|
||||
new DemoDnsProvider();
|
||||
}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
|
||||
import { CertInfo, CertReader } from '@certd/plugin-cert';
|
||||
import { isDev } from '../../../utils/env.js';
|
||||
|
||||
@IsTaskPlugin({
|
||||
name: 'demoTest',
|
||||
|
@ -98,7 +99,7 @@ export class DemoTestPlugin extends AbstractTaskPlugin {
|
|||
}
|
||||
}
|
||||
//TODO 这里实例化插件,进行注册
|
||||
if (process.env.NODE_ENV === 'development') {
|
||||
if (isDev()) {
|
||||
//你的实现 要去掉这个if,不然生产环境将不会显示
|
||||
new DemoTestPlugin();
|
||||
}
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
export function isDev() {
|
||||
return process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'local';
|
||||
}
|
Loading…
Reference in New Issue