From f0b2a612469caa5e5c2574b2d2569f7164ac326a Mon Sep 17 00:00:00 2001 From: xiaojunnuo Date: Thu, 10 Oct 2024 02:15:05 +0800 Subject: [PATCH] chore: --- packages/core/acme-client/src/index.js | 2 + packages/core/acme-client/src/verify.js | 42 ++++--- packages/core/acme-client/types/index.d.ts | 2 + .../libs/lib-server/src/basic/base-service.ts | 26 ++-- .../cname-record-info.vue | 6 +- .../src/views/certd/cname/record/api.ts | 10 ++ .../src/views/certd/cname/record/crud.tsx | 35 ++++-- .../src/views/certd/cname/record/index.vue | 2 +- .../src/views/certd/history/index.vue | 2 +- packages/ui/certd-server/src/configuration.ts | 6 + .../controller/cname-provider-controller.ts | 2 +- .../controller/cname-record-controller.ts | 35 ++++-- .../cname/service/cname-record-service.ts | 117 +++++++++++++----- .../controller/user-settings-controller.ts | 16 +-- .../pipeline/controller/access-controller.ts | 12 +- .../controller/dns-provider-controller.ts | 2 +- .../pipeline/controller/history-controller.ts | 16 +-- .../controller/pipeline-controller.ts | 6 +- .../pipeline/controller/plugin-controller.ts | 4 +- .../pipeline/service/history-service.ts | 9 ++ .../authority/controller/user-controller.ts | 6 +- .../controller/sys-settings-controller.ts | 12 +- .../src/plugins/plugin-demo/access.ts | 3 +- .../src/plugins/plugin-demo/dns-provider.ts | 3 +- .../plugin-demo/plugins/plugin-test.ts | 3 +- packages/ui/certd-server/src/utils/env.ts | 3 + 26 files changed, 262 insertions(+), 120 deletions(-) create mode 100644 packages/ui/certd-server/src/utils/env.ts diff --git a/packages/core/acme-client/src/index.js b/packages/core/acme-client/src/index.js index 4e83c9f6..65276df4 100644 --- a/packages/core/acme-client/src/index.js +++ b/packages/core/acme-client/src/index.js @@ -45,3 +45,5 @@ exports.axios = require('./axios'); */ exports.setLogger = require('./logger').setLogger; + +exports.walkTxtRecord = require('./verify').walkTxtRecord; diff --git a/packages/core/acme-client/src/verify.js b/packages/core/acme-client/src/verify.js index 93e147a3..875252a1 100644 --- a/packages/core/acme-client/src/verify.js +++ b/packages/core/acme-client/src/verify.js @@ -66,18 +66,35 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) { log(`Checking name for TXT records: ${recordName}`); const txtRecords = await resolver.resolveTxt(recordName); - if (txtRecords.length) { + if (txtRecords && txtRecords.length) { log(`Found ${txtRecords.length} TXT records at ${recordName}`); log(`TXT records: ${JSON.stringify(txtRecords)}`); return [].concat(...txtRecords); } + return []; } catch (e) { - log(`No TXT records found for name: ${recordName}`); + log(`Resolve TXT records error, ${recordName} :${e.message}`); + throw e; } +} - /* Found nothing */ - throw new Error(`No TXT records found for name: ${recordName}`); +async function walkTxtRecord(recordName) { + try { + /* Default DNS resolver first */ + log('Attempting to resolve TXT with default DNS resolver first'); + const res = await walkDnsChallengeRecord(recordName); + if (res && res.length > 0) { + return res; + } + throw new Error('No TXT records found'); + } + catch (e) { + /* Authoritative DNS resolver */ + log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`); + const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName); + return await walkDnsChallengeRecord(recordName, authoritativeResolver); + } } /** @@ -93,24 +110,10 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) { */ async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') { - let recordValues = []; const recordName = `${prefix}${authz.identifier.value}`; log(`Resolving DNS TXT from record: ${recordName}`); - - try { - /* Default DNS resolver first */ - log('Attempting to resolve TXT with default DNS resolver first'); - recordValues = await walkDnsChallengeRecord(recordName); - } - catch (e) { - /* Authoritative DNS resolver */ - log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`); - const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName); - recordValues = await walkDnsChallengeRecord(recordName, authoritativeResolver); - } - + const recordValues = await walkTxtRecord(recordName); log(`DNS query finished successfully, found ${recordValues.length} TXT records`); - if (!recordValues.length || !recordValues.includes(keyAuthorization)) { throw new Error(`Authorization not found in DNS TXT record: ${recordName},need:${keyAuthorization},found:${recordValues}`); } @@ -154,4 +157,5 @@ module.exports = { 'http-01': verifyHttpChallenge, 'dns-01': verifyDnsChallenge, 'tls-alpn-01': verifyTlsAlpnChallenge, + walkTxtRecord, }; diff --git a/packages/core/acme-client/types/index.d.ts b/packages/core/acme-client/types/index.d.ts index ac469cb9..9178c840 100644 --- a/packages/core/acme-client/types/index.d.ts +++ b/packages/core/acme-client/types/index.d.ts @@ -197,3 +197,5 @@ export const axios: AxiosInstance; */ export function setLogger(fn: (msg: string) => void): void; + +export function walkTxtRecord(record: any): Promise; diff --git a/packages/libs/lib-server/src/basic/base-service.ts b/packages/libs/lib-server/src/basic/base-service.ts index 1c3fcb8d..c4bd4178 100644 --- a/packages/libs/lib-server/src/basic/base-service.ts +++ b/packages/libs/lib-server/src/basic/base-service.ts @@ -1,7 +1,7 @@ import { ValidateException } from './exception/index.js'; import * as _ from 'lodash-es'; import { PermissionException } from './exception/index.js'; -import { Repository } from 'typeorm'; +import { In, Repository } from 'typeorm'; import { Inject } from '@midwayjs/core'; import { TypeORMDataSourceManager } from '@midwayjs/typeorm'; import { EntityManager } from 'typeorm/entity-manager/EntityManager.js'; @@ -49,16 +49,22 @@ export abstract class BaseService { /** * 删除 * @param ids 删除的ID集合 如:[1,2,3] 或者 1,2,3 + * @param where */ - async delete(ids) { - if (ids instanceof Array) { - await this.getRepository().delete(ids); - } else if (typeof ids === 'string') { - await this.getRepository().delete(ids.split(',')); - } else { - //ids是一个condition - await this.getRepository().delete(ids); + async delete(ids: any, where?: any) { + if (!ids) { + throw new ValidateException('ids不能为空'); } + if (typeof ids === 'string') { + ids = ids.split(','); + } + if (ids.length === 0) { + return; + } + await this.getRepository().delete({ + id: In(ids), + ...where, + }); await this.modifyAfter(ids); } @@ -90,7 +96,7 @@ export abstract class BaseService { * @param param 数据 */ async update(param) { - if (!param.id) throw new ValidateException('no id'); + if (!param.id) throw new ValidateException('id 不能为空'); param.updateTime = new Date(); await this.addOrUpdate(param); await this.modifyAfter(param); diff --git a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue index 6ce9b58f..ddf66101 100644 --- a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue +++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue @@ -26,9 +26,9 @@ import * as api from "./api.js"; const statusDict = dict({ data: [ { label: "待设置CNAME", value: "cname", color: "warning" }, - { label: "验证中", value: "validating", color: "primary" }, - { label: "验证成功", value: "valid", color: "success" }, - { label: "验证失败", value: "failed", color: "error" } + { label: "验证中", value: "validating", color: "blue" }, + { label: "验证成功", value: "valid", color: "green" }, + { label: "验证失败", value: "failed", color: "red" } ] }); diff --git a/packages/ui/certd-client/src/views/certd/cname/record/api.ts b/packages/ui/certd-client/src/views/certd/cname/record/api.ts index 5ee30428..e50149ee 100644 --- a/packages/ui/certd-client/src/views/certd/cname/record/api.ts +++ b/packages/ui/certd-client/src/views/certd/cname/record/api.ts @@ -57,3 +57,13 @@ export async function DeleteBatch(ids: any[]) { data: { ids } }); } + +export async function DoVerify(id: number) { + return await request({ + url: apiPrefix + "/verify", + method: "post", + data: { + id + } + }); +} diff --git a/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx b/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx index e8b6758e..0052d7a2 100644 --- a/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx +++ b/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx @@ -1,10 +1,12 @@ import * as api from "./api"; import { useI18n } from "vue-i18n"; -import { computed, Ref, ref } from "vue"; +import { Ref, ref } from "vue"; import { useRouter } from "vue-router"; -import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, utils } from "@fast-crud/fast-crud"; +import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud"; import { useUserStore } from "/@/store/modules/user"; import { useSettingStore } from "/@/store/modules/settings"; +import { message } from "ant-design-vue"; +import { DoVerify } from "./api"; export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet { const router = useRouter(); @@ -58,6 +60,10 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat editRequest, delRequest }, + tabs: { + name: "status", + show: true + }, rowHandle: { minWidth: 200, fixed: "right" @@ -139,9 +145,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat dict: dict({ data: [ { label: "待设置CNAME", value: "cname", color: "warning" }, - { label: "验证中", value: "validating", color: "primary" }, - { label: "验证成功", value: "valid", color: "success" }, - { label: "验证失败", value: "failed", color: "error" } + { label: "验证中", value: "validating", color: "blue" }, + { label: "验证成功", value: "valid", color: "green" }, + { label: "验证失败", value: "failed", color: "red" } ] }), addForm: { @@ -160,14 +166,29 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat }, column: { conditionalRenderDisabled: true, - width: 100, + width: 130, align: "center", cellRender({ row, value }) { if (row.status === "valid") { return "-"; } + async function doVerify() { + row._validating_ = true; + try { + const res = await api.DoVerify(row.id); + if (res === true) { + message.success("验证成功"); + row.status = "valid"; + } + } catch (e) { + console.error(e); + message.error(e.message); + } finally { + row._validating_ = false; + } + } return ( - + 点击验证 ); diff --git a/packages/ui/certd-client/src/views/certd/cname/record/index.vue b/packages/ui/certd-client/src/views/certd/cname/record/index.vue index 5b791327..af547f1a 100644 --- a/packages/ui/certd-client/src/views/certd/cname/record/index.vue +++ b/packages/ui/certd-client/src/views/certd/cname/record/index.vue @@ -18,7 +18,7 @@ import { onMounted } from "vue"; import { useFs } from "@fast-crud/fast-crud"; import createCrudOptions from "./crud"; import { message, Modal } from "ant-design-vue"; -import { DeleteBatch } from "/@/views/certd/history/api"; +import { DeleteBatch } from "./api"; defineOptions({ name: "CnameRecord" diff --git a/packages/ui/certd-client/src/views/certd/history/index.vue b/packages/ui/certd-client/src/views/certd/history/index.vue index 40f74b36..ea8a3ac2 100644 --- a/packages/ui/certd-client/src/views/certd/history/index.vue +++ b/packages/ui/certd-client/src/views/certd/history/index.vue @@ -18,7 +18,7 @@ import { onMounted } from "vue"; import { useFs } from "@fast-crud/fast-crud"; import createCrudOptions from "./crud"; import { message, Modal } from "ant-design-vue"; -import { DeleteBatch } from "/@/views/certd/history/api"; +import { DeleteBatch } from "./api"; defineOptions({ name: "PipelineHistory" diff --git a/packages/ui/certd-server/src/configuration.ts b/packages/ui/certd-server/src/configuration.ts index 8b5beea3..41221fad 100644 --- a/packages/ui/certd-server/src/configuration.ts +++ b/packages/ui/certd-server/src/configuration.ts @@ -17,6 +17,7 @@ import DefaultConfig from './config/config.default.js'; import * as libServer from '@certd/lib-server'; import * as commercial from '@certd/commercial-core'; import * as upload from '@midwayjs/upload'; +import { setLogger } from '@certd/acme-client'; process.on('uncaughtException', error => { console.error('未捕获的异常:', error); // 在这里可以添加日志记录、发送错误通知等操作 @@ -75,6 +76,11 @@ export class MainConfiguration { ResetPasswdMiddleware, ]); + //acme setlogger + setLogger((text: string) => { + logger.info(text); + }); + logger.info('当前环境:', this.app.getEnv()); // prod } } diff --git a/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts b/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts index 30a9acc4..4e9ad522 100644 --- a/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts +++ b/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts @@ -20,7 +20,7 @@ export class CnameProviderController extends BaseController { @Post('/list', { summary: Constants.per.authOnly }) async list(@Body(ALL) body: any) { - body.userId = this.ctx.user.id; + body.userId = this.getUserId(); const res = await this.providerService.find({}); return this.ok(res); } diff --git a/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts b/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts index ff0b4412..9d1c6ab0 100644 --- a/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts +++ b/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts @@ -18,50 +18,67 @@ export class CnameRecordController extends CrudController { @Post('/page', { summary: Constants.per.authOnly }) async page(@Body(ALL) body: any) { body.query = body.query ?? {}; - body.query.userId = this.ctx.user.id; - return await super.page(body); + body.query.userId = this.getUserId(); + const domain = body.query.domain; + delete body.query.domain; + + const bq = qb => { + if (domain) { + qb.where('domain like :domain', { domain: `%${domain}%` }); + } + }; + + const pageRet = await this.getService().page(body?.query, body?.page, body?.sort, bq); + return this.ok(pageRet); } @Post('/list', { summary: Constants.per.authOnly }) async list(@Body(ALL) body: any) { - body.userId = this.ctx.user.id; + body.userId = this.getUserId(); return super.list(body); } @Post('/add', { summary: Constants.per.authOnly }) async add(@Body(ALL) bean: any) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); return super.add(bean); } @Post('/update', { summary: Constants.per.authOnly }) async update(@Body(ALL) bean: any) { - await this.service.checkUserId(bean.id, this.ctx.user.id); + await this.service.checkUserId(bean.id, this.getUserId()); return super.update(bean); } @Post('/info', { summary: Constants.per.authOnly }) async info(@Query('id') id: number) { - await this.service.checkUserId(id, this.ctx.user.id); + await this.service.checkUserId(id, this.getUserId()); return super.info(id); } @Post('/delete', { summary: Constants.per.authOnly }) async delete(@Query('id') id: number) { - await this.service.checkUserId(id, this.ctx.user.id); + await this.service.checkUserId(id, this.getUserId()); return super.delete(id); } + @Post('/deleteByIds', { summary: Constants.per.authOnly }) + async deleteByIds(@Body(ALL) body: any) { + await this.service.delete(body.ids, { + userId: this.getUserId(), + }); + return this.ok(); + } @Post('/getByDomain', { summary: Constants.per.authOnly }) async getByDomain(@Body(ALL) body: { domain: string; createOnNotFound: boolean }) { - const userId = this.ctx.user.id; + const userId = this.getUserId(); const res = await this.service.getByDomain(body.domain, userId, body.createOnNotFound); return this.ok(res); } @Post('/verify', { summary: Constants.per.authOnly }) async verify(@Body(ALL) body: { id: string }) { - const userId = this.ctx.user.id; + const userId = this.getUserId(); await this.service.checkUserId(body.id, userId); const res = await this.service.verify(body.id); return this.ok(res); diff --git a/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts b/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts index 94b655b7..49698abb 100644 --- a/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts +++ b/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts @@ -8,9 +8,18 @@ import { CnameProviderService } from '../../sys/cname/service/cname-provider-ser import { CnameProviderEntity } from '../../sys/cname/entity/cname_provider.js'; import { createDnsProvider, IDnsProvider, parseDomain } from '@certd/plugin-cert'; import { cache, http, logger, utils } from '@certd/pipeline'; -import dns from 'dns'; import { AccessService } from '../../pipeline/service/access-service.js'; +import { isDev } from '../../../utils/env.js'; +import { walkTxtRecord } from '@certd/acme-client'; +type CnameCheckCacheValue = { + validating: boolean; + pass: boolean; + recordReq?: any; + recordRes?: any; + startTime: number; + intervalId?: NodeJS.Timeout; +}; /** * 授权 */ @@ -147,56 +156,94 @@ export class CnameRecordService extends BaseService { if (!bean) { throw new ValidateException(`CnameRecord:${id} 不存在`); } - const cacheKey = `cname.record.verify.${bean.id}`; - - type CacheValue = { - ready: boolean; - pass: boolean; - }; - let value: CacheValue = cache.get(cacheKey); - if (!value) { - value = { - ready: false, - pass: false, - }; + if (bean.status === 'valid') { + return true; } - const originDomain = parseDomain(bean.domain); - const fullDomain = `${bean.hostRecord}.${originDomain}`; + const cacheKey = `cname.record.verify.${bean.id}`; + + let value: CnameCheckCacheValue = cache.get(cacheKey); + if (!value) { + value = { + validating: false, + pass: false, + startTime: new Date().getTime(), + }; + } + let ttl = 60 * 60 * 15 * 1000; + if (isDev()) { + ttl = 30 * 1000; + } const recordValue = bean.recordValue.substring(0, bean.recordValue.indexOf('.')); + + const buildDnsProvider = async () => { + const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId); + const access = await this.accessService.getById(cnameProvider.accessId, bean.userId); + const context = { access, logger, http, utils }; + const dnsProvider: IDnsProvider = await createDnsProvider({ + dnsProviderType: cnameProvider.dnsProviderType, + context, + }); + return dnsProvider; + }; + const checkRecordValue = async () => { + if (value.pass) { + return true; + } + if (value.startTime + ttl < new Date().getTime()) { + logger.warn(`cname验证超时,停止检查,${bean.domain} ${recordValue}`); + clearInterval(value.intervalId); + await this.updateStatus(bean.id, 'cname'); + return false; + } + + const originDomain = parseDomain(bean.domain); + const fullDomain = `${bean.hostRecord}.${originDomain}`; + logger.info(`检查CNAME配置 ${fullDomain} ${recordValue}`); - const txtRecords = await dns.promises.resolveTxt(fullDomain); + + // const txtRecords = await dns.promises.resolveTxt(fullDomain); + // if (txtRecords.length) { + // records = [].concat(...txtRecords); + // } let records: string[] = []; - if (txtRecords.length) { - records = [].concat(...txtRecords); + try { + records = await walkTxtRecord(fullDomain); + } catch (e) { + logger.error(`获取TXT记录失败,${e.message}`); } logger.info(`检查到TXT记录 ${JSON.stringify(records)}`); const success = records.includes(recordValue); if (success) { + clearInterval(value.intervalId); logger.info(`检测到CNAME配置,修改状态 ${fullDomain} ${recordValue}`); await this.updateStatus(bean.id, 'valid'); value.pass = true; + cache.delete(cacheKey); + try { + const dnsProvider = await buildDnsProvider(); + await dnsProvider.removeRecord({ + recordReq: value.recordReq, + recordRes: value.recordRes, + }); + logger.info('删除CNAME的校验DNS记录成功'); + } catch (e) { + logger.error(`删除CNAME的校验DNS记录失败, ${e.message},req:${JSON.stringify(value.recordReq)},recordRes:${JSON.stringify(value.recordRes)}`, e); + } } + return success; }; - if (value.ready) { + if (value.validating) { // lookup recordValue in dns return await checkRecordValue(); } - const ttl = 60 * 60 * 30; cache.set(cacheKey, value, { ttl: ttl, }); - const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId); - const access = await this.accessService.getById(cnameProvider.accessId, bean.userId); - const context = { access, logger, http, utils }; - const dnsProvider: IDnsProvider = await createDnsProvider({ - dnsProviderType: cnameProvider.dnsProviderType, - context, - }); const domain = parseDomain(bean.recordValue); const fullRecord = bean.recordValue; const hostRecord = fullRecord.replace(`.${domain}`, ''); @@ -207,8 +254,20 @@ export class CnameRecordService extends BaseService { type: 'TXT', value: recordValue, }; - await dnsProvider.createRecord(req); - value.ready = true; + const dnsProvider = await buildDnsProvider(); + const recordRes = await dnsProvider.createRecord(req); + value.validating = true; + value.recordReq = req; + value.recordRes = recordRes; + await this.updateStatus(bean.id, 'validating'); + + value.intervalId = setInterval(async () => { + try { + await checkRecordValue(); + } catch (e) { + logger.error('检查cname出错:', e); + } + }, 10000); } async updateStatus(id: number, status: CnameRecordStatusType) { diff --git a/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts b/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts index 88c530f0..ea5f06da 100644 --- a/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts +++ b/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts @@ -19,49 +19,49 @@ export class UserSettingsController extends CrudController @Post('/page', { summary: Constants.per.authOnly }) async page(@Body(ALL) body) { body.query = body.query ?? {}; - body.query.userId = this.ctx.user.id; + body.query.userId = this.getUserId(); return super.page(body); } @Post('/list', { summary: Constants.per.authOnly }) async list(@Body(ALL) body) { - body.userId = this.ctx.user.id; + body.userId = this.getUserId(); return super.list(body); } @Post('/add', { summary: Constants.per.authOnly }) async add(@Body(ALL) bean) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); return super.add(bean); } @Post('/update', { summary: Constants.per.authOnly }) async update(@Body(ALL) bean) { - await this.service.checkUserId(bean.id, this.ctx.user.id); + await this.service.checkUserId(bean.id, this.getUserId()); return super.update(bean); } @Post('/info', { summary: Constants.per.authOnly }) async info(@Query('id') id: number) { - await this.service.checkUserId(id, this.ctx.user.id); + await this.service.checkUserId(id, this.getUserId()); return super.info(id); } @Post('/delete', { summary: Constants.per.authOnly }) async delete(@Query('id') id: number) { - await this.service.checkUserId(id, this.ctx.user.id); + await this.service.checkUserId(id, this.getUserId()); return super.delete(id); } @Post('/save', { summary: Constants.per.authOnly }) async save(@Body(ALL) bean: UserSettingsEntity) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); await this.service.save(bean); return this.ok({}); } @Post('/get', { summary: Constants.per.authOnly }) async get(@Query('key') key: string) { - const entity = await this.service.getByKey(key, this.ctx.user.id); + const entity = await this.service.getByKey(key, this.getUserId()); return this.ok(entity); } } diff --git a/packages/ui/certd-server/src/modules/pipeline/controller/access-controller.ts b/packages/ui/certd-server/src/modules/pipeline/controller/access-controller.ts index b80db726..af4ddb3f 100644 --- a/packages/ui/certd-server/src/modules/pipeline/controller/access-controller.ts +++ b/packages/ui/certd-server/src/modules/pipeline/controller/access-controller.ts @@ -19,36 +19,36 @@ export class AccessController extends CrudController { @Post('/page', { summary: Constants.per.authOnly }) async page(@Body(ALL) body) { body.query = body.query ?? {}; - body.query.userId = this.ctx.user.id; + body.query.userId = this.getUserId(); return await super.page(body); } @Post('/list', { summary: Constants.per.authOnly }) async list(@Body(ALL) body) { - body.userId = this.ctx.user.id; + body.userId = this.getUserId(); return super.list(body); } @Post('/add', { summary: Constants.per.authOnly }) async add(@Body(ALL) bean) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); return super.add(bean); } @Post('/update', { summary: Constants.per.authOnly }) async update(@Body(ALL) bean) { - await this.service.checkUserId(bean.id, this.ctx.user.id); + await this.service.checkUserId(bean.id, this.getUserId()); return super.update(bean); } @Post('/info', { summary: Constants.per.authOnly }) async info(@Query('id') id: number) { - await this.service.checkUserId(id, this.ctx.user.id); + await this.service.checkUserId(id, this.getUserId()); return super.info(id); } @Post('/delete', { summary: Constants.per.authOnly }) async delete(@Query('id') id: number) { - await this.service.checkUserId(id, this.ctx.user.id); + await this.service.checkUserId(id, this.getUserId()); return super.delete(id); } diff --git a/packages/ui/certd-server/src/modules/pipeline/controller/dns-provider-controller.ts b/packages/ui/certd-server/src/modules/pipeline/controller/dns-provider-controller.ts index e5a6e8b4..bc4087a0 100644 --- a/packages/ui/certd-server/src/modules/pipeline/controller/dns-provider-controller.ts +++ b/packages/ui/certd-server/src/modules/pipeline/controller/dns-provider-controller.ts @@ -14,7 +14,7 @@ export class DnsProviderController extends BaseController { @Post('/list', { summary: Constants.per.authOnly }) async list(@Query(ALL) query: any) { - query.userId = this.ctx.user.id; + query.userId = this.getUserId(); const list = this.service.getList(); return this.ok(list); } diff --git a/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts b/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts index 99ecf34a..19661739 100644 --- a/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts +++ b/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts @@ -41,8 +41,8 @@ export class HistoryController extends CrudController { const publicSettings = await this.sysSettingsService.getPublicSettings(); const pipelineQuery: any = {}; if (!(publicSettings.managerOtherUserPipeline && isAdmin)) { - body.query.userId = this.ctx.user.id; - pipelineQuery.userId = this.ctx.user.id; + body.query.userId = this.getUserId(); + pipelineQuery.userId = this.getUserId(); } let pipelineIds: any = null; @@ -70,7 +70,7 @@ export class HistoryController extends CrudController { async list(@Body(ALL) body) { const isAdmin = await this.authService.isAdmin(this.ctx); if (!isAdmin) { - body.userId = this.ctx.user.id; + body.userId = this.getUserId(); } if (body.pipelineId == null) { return this.ok([]); @@ -84,7 +84,7 @@ export class HistoryController extends CrudController { @Post('/add', { summary: Constants.per.authOnly }) async add(@Body(ALL) bean: PipelineEntity) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); return super.add(bean); } @@ -96,7 +96,7 @@ export class HistoryController extends CrudController { @Post('/save', { summary: Constants.per.authOnly }) async save(@Body(ALL) bean: HistoryEntity) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); if (bean.id > 0) { await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id); } @@ -106,7 +106,7 @@ export class HistoryController extends CrudController { @Post('/saveLog', { summary: Constants.per.authOnly }) async saveLog(@Body(ALL) bean: HistoryLogEntity) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); if (bean.id > 0) { await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id); } @@ -125,7 +125,7 @@ export class HistoryController extends CrudController { async deleteByIds(@Body(ALL) body: any) { await this.authService.checkEntityUserId(this.ctx, this.getService(), body.ids); const isAdmin = await this.authService.isAdmin(this.ctx); - const userId = isAdmin ? null : this.ctx.user.id; + const userId = isAdmin ? null : this.getUserId(); await this.getService().deleteByIds(body.ids, userId); return this.ok(); } @@ -162,7 +162,7 @@ export class HistoryController extends CrudController { if (history == null) { throw new CommonException('historyId is null'); } - if (history.userId !== this.ctx.user.id) { + if (history.userId !== this.getUserId()) { throw new PermissionException(); } return await this.service.getFiles(history); diff --git a/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts b/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts index a64e2658..f485679b 100644 --- a/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts +++ b/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts @@ -29,7 +29,7 @@ export class PipelineController extends CrudController { const isAdmin = await this.authService.isAdmin(this.ctx); const publicSettings = await this.sysSettingsService.getPublicSettings(); if (!(publicSettings.managerOtherUserPipeline && isAdmin)) { - body.query.userId = this.ctx.user.id; + body.query.userId = this.getUserId(); } const title = body.query.title; @@ -50,7 +50,7 @@ export class PipelineController extends CrudController { @Post('/add', { summary: Constants.per.authOnly }) async add(@Body(ALL) bean: PipelineEntity) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); return super.add(bean); } @@ -62,7 +62,7 @@ export class PipelineController extends CrudController { @Post('/save', { summary: Constants.per.authOnly }) async save(@Body(ALL) bean: PipelineEntity) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); if (bean.id > 0) { await this.authService.checkEntityUserId(this.ctx, this.getService(), bean.id); } diff --git a/packages/ui/certd-server/src/modules/pipeline/controller/plugin-controller.ts b/packages/ui/certd-server/src/modules/pipeline/controller/plugin-controller.ts index 9f6e871b..50a2f698 100644 --- a/packages/ui/certd-server/src/modules/pipeline/controller/plugin-controller.ts +++ b/packages/ui/certd-server/src/modules/pipeline/controller/plugin-controller.ts @@ -14,14 +14,14 @@ export class PluginController extends BaseController { @Post('/list', { summary: Constants.per.authOnly }) async list(@Query(ALL) query: any) { - query.userId = this.ctx.user.id; + query.userId = this.getUserId(); const list = this.service.getList(); return this.ok(list); } @Post('/groups', { summary: Constants.per.authOnly }) async groups(@Query(ALL) query: any) { - query.userId = this.ctx.user.id; + query.userId = this.getUserId(); const group = this.service.getGroups(); return this.ok(group); } diff --git a/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts b/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts index 2f9800c8..43df7eb7 100644 --- a/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts +++ b/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts @@ -68,6 +68,9 @@ export class HistoryService extends BaseService { } private async clear(pipelineId: number, keepCount = 20) { + if (pipelineId == null) { + return; + } const count = await this.repository.count({ where: { pipelineId, @@ -139,6 +142,9 @@ export class HistoryService extends BaseService { } async deleteByIds(ids: number[], userId: number) { + if (!ids || ids.length === 0) { + return; + } const condition: any = { id: In(ids), }; @@ -150,6 +156,9 @@ export class HistoryService extends BaseService { } async deleteByPipelineId(id: number) { + if (id == null) { + return; + } await this.repository.delete({ pipelineId: id, }); diff --git a/packages/ui/certd-server/src/modules/sys/authority/controller/user-controller.ts b/packages/ui/certd-server/src/modules/sys/authority/controller/user-controller.ts index 563da24b..0f46cb7d 100644 --- a/packages/ui/certd-server/src/modules/sys/authority/controller/user-controller.ts +++ b/packages/ui/certd-server/src/modules/sys/authority/controller/user-controller.ts @@ -86,7 +86,7 @@ export class UserController extends CrudController { */ @Post('/mine', { summary: Constants.per.authOnly }) public async mine() { - const id = this.ctx.user.id; + const id = this.getUserId(); const info = await this.service.info(id, ['password']); return this.ok(info); } @@ -96,7 +96,7 @@ export class UserController extends CrudController { */ @Post('/permissions', { summary: Constants.per.authOnly }) public async permissions() { - const id = this.ctx.user.id; + const id = this.getUserId(); const permissions = await this.service.getUserPermissions(id); return this.ok(permissions); } @@ -106,7 +106,7 @@ export class UserController extends CrudController { */ @Post('/permissionTree', { summary: Constants.per.authOnly }) public async permissionTree() { - const id = this.ctx.user.id; + const id = this.getUserId(); const permissions = await this.service.getUserPermissions(id); const tree = this.permissionService.buildTree(permissions); return this.ok(tree); diff --git a/packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts b/packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts index 680e7139..aae21627 100644 --- a/packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts +++ b/packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts @@ -23,36 +23,36 @@ export class SysSettingsController extends CrudController { @Post('/page', { summary: 'sys:settings:view' }) async page(@Body(ALL) body) { body.query = body.query ?? {}; - body.query.userId = this.ctx.user.id; + body.query.userId = this.getUserId(); return super.page(body); } @Post('/list', { summary: 'sys:settings:view' }) async list(@Body(ALL) body) { - body.userId = this.ctx.user.id; + body.userId = this.getUserId(); return super.list(body); } @Post('/add', { summary: 'sys:settings:edit' }) async add(@Body(ALL) bean) { - bean.userId = this.ctx.user.id; + bean.userId = this.getUserId(); return super.add(bean); } @Post('/update', { summary: 'sys:settings:edit' }) async update(@Body(ALL) bean) { - await this.service.checkUserId(bean.id, this.ctx.user.id); + await this.service.checkUserId(bean.id, this.getUserId()); return super.update(bean); } @Post('/info', { summary: 'sys:settings:view' }) async info(@Query('id') id: number) { - await this.service.checkUserId(id, this.ctx.user.id); + await this.service.checkUserId(id, this.getUserId()); return super.info(id); } @Post('/delete', { summary: 'sys:settings:edit' }) async delete(@Query('id') id: number) { - await this.service.checkUserId(id, this.ctx.user.id); + await this.service.checkUserId(id, this.getUserId()); return super.delete(id); } diff --git a/packages/ui/certd-server/src/plugins/plugin-demo/access.ts b/packages/ui/certd-server/src/plugins/plugin-demo/access.ts index fadee1c2..4c6aeb86 100644 --- a/packages/ui/certd-server/src/plugins/plugin-demo/access.ts +++ b/packages/ui/certd-server/src/plugins/plugin-demo/access.ts @@ -1,4 +1,5 @@ import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline'; +import { isDev } from "../../utils/env.js"; /** * 这个注解将注册一个授权配置 @@ -41,7 +42,7 @@ export class DemoAccess extends BaseAccess { demoKeySecret = ''; } -if (process.env.NODE_ENV === 'development') { +if (isDev()) { //你的实现 要去掉这个if,不然生产环境将不会显示 new DemoAccess(); } diff --git a/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts index 1734beea..da9944c6 100644 --- a/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts +++ b/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts @@ -1,6 +1,7 @@ import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert'; import { Autowire, HttpClient, ILogger } from '@certd/pipeline'; import { DemoAccess } from './access.js'; +import { isDev } from "../../utils/env.js"; type DemoRecord = { // 这里定义Record记录的数据结构,跟对应云平台接口返回值一样即可,一般是拿到id就行,用于删除txt解析记录,清理申请痕迹 @@ -79,7 +80,7 @@ export class DemoDnsProvider extends AbstractDnsProvider { } //TODO 实例化这个provider,将其自动注册到系统中 -if (process.env.NODE_ENV === 'development') { +if (isDev()) { //你的实现 要去掉这个if,不然生产环境将不会显示 new DemoDnsProvider(); } diff --git a/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts b/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts index fe426060..ac2fedb2 100644 --- a/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts +++ b/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts @@ -1,5 +1,6 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline'; import { CertInfo, CertReader } from '@certd/plugin-cert'; +import { isDev } from '../../../utils/env.js'; @IsTaskPlugin({ name: 'demoTest', @@ -98,7 +99,7 @@ export class DemoTestPlugin extends AbstractTaskPlugin { } } //TODO 这里实例化插件,进行注册 -if (process.env.NODE_ENV === 'development') { +if (isDev()) { //你的实现 要去掉这个if,不然生产环境将不会显示 new DemoTestPlugin(); } diff --git a/packages/ui/certd-server/src/utils/env.ts b/packages/ui/certd-server/src/utils/env.ts new file mode 100644 index 00000000..1427b882 --- /dev/null +++ b/packages/ui/certd-server/src/utils/env.ts @@ -0,0 +1,3 @@ +export function isDev() { + return process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'local'; +}