Added new readonly role: Reporter

2018-05-05 10:17:05 +08:00 · 2018-05-05 10:17:05 +08:00 · d3d40e4e92
parent 6fe9c2f4ec
commit d3d40e4e92
10 changed files with 65 additions and 48 deletions
--- a/account.go
+++ b/account.go
@ -29,11 +29,12 @@ type Role int
 const (
 	Administrator Role = 1
 	Developer     Role = 2
+	Reporter      Role = 3
 )

 func (r Role) Defined() bool {
 	switch r {
-	case Administrator, Developer:
+	case Administrator, Developer, Reporter:
 		return true
 	}
 	return false
@ -45,6 +46,8 @@ func (r Role) String() string {
 		return "Administrator"
 	case Developer:
 		return "Developer"
+	case Reporter:
+		return "Reporter"
 	}
 	return "Undefined"
 }
--- a/version.go
+++ b/version.go
@ -5,7 +5,7 @@ import (
 	"runtime"
 )

-const VersionNumber = "0.3.1"
+const VersionNumber = "0.3.2"

 var (
 	Version = fmt.Sprintf("v%s (build %s)", VersionNumber, runtime.Version())
--- a/web/administrator.go
+++ b/web/administrator.go
@ -17,16 +17,7 @@ import (
 type Administrator struct{}

 func adminAuthHandler(ctx *Context) (abort bool) {
-	if abort = authHandler(true)(ctx); abort {
-		return
-	}
-
-	abort = ctx.Session.Data["role"].(cronsun.Role) != cronsun.Administrator
-	if abort {
-		outJSONWithCode(ctx.W, http.StatusForbidden, "access deny.")
-	}
-
-	return
+	return authHandler(true, cronsun.Administrator)(ctx)
 }

 func NewAdminAuthHandler(f func(ctx *Context)) BaseHandler {
--- a/web/base.go
+++ b/web/base.go
@ -65,19 +65,19 @@ type BaseHandler struct {

 func NewBaseHandler(f func(ctx *Context)) BaseHandler {
 	return BaseHandler{
-		BeforeHandle: authHandler(false),
+		BeforeHandle: authHandler(false, 0),
 		Handle:       f,
 	}
 }

-func NewAuthHandler(f func(ctx *Context)) BaseHandler {
+func NewAuthHandler(f func(ctx *Context), reqRole cronsun.Role) BaseHandler {
 	return BaseHandler{
-		BeforeHandle: authHandler(true),
+		BeforeHandle: authHandler(true, reqRole),
 		Handle:       f,
 	}
 }

-func authHandler(needAuth bool) func(*Context) bool {
+func authHandler(needAuth bool, reqRole cronsun.Role) func(*Context) bool {
 	return func(ctx *Context) (abort bool) {
 		var err error
 		ctx.Session, err = sessManager.Get(ctx.W, ctx.R)
@ -104,6 +104,21 @@ func authHandler(needAuth bool) func(*Context) bool {
 			abort = true
 			return
 		}
+
+		if r, ok := ctx.Session.Data["role"]; !ok {
+			outJSONWithCode(ctx.W, http.StatusUnauthorized, "role unknow.")
+			abort = true
+			return
+		} else if role, ok := r.(cronsun.Role); !ok {
+			outJSONWithCode(ctx.W, http.StatusUnauthorized, "role unknow.")
+			abort = true
+			return
+		} else if role > reqRole { // Lower number has more power.
+			outJSONWithCode(ctx.W, http.StatusUnauthorized, "higher role permission is required.")
+			abort = true
+			return
+		}
+
 		return
 	}
 }
--- a/web/routers.go
+++ b/web/routers.go
@ -45,65 +45,65 @@ func initRouters() (s *http.Server, err error) {
 	subrouter.Handle("/admin/account", h).Methods("POSt")

 	// get job list
-	h = NewAuthHandler(jobHandler.GetList)
+	h = NewAuthHandler(jobHandler.GetList, cronsun.Reporter)
 	subrouter.Handle("/jobs", h).Methods("GET")
 	// get a job group list
-	h = NewAuthHandler(jobHandler.GetGroups)
+	h = NewAuthHandler(jobHandler.GetGroups, cronsun.Reporter)
 	subrouter.Handle("/job/groups", h).Methods("GET")
 	// create/update a job
-	h = NewAuthHandler(jobHandler.UpdateJob)
+	h = NewAuthHandler(jobHandler.UpdateJob, cronsun.Developer)
 	subrouter.Handle("/job", h).Methods("PUT")
 	// pause/start
-	h = NewAuthHandler(jobHandler.ChangeJobStatus)
+	h = NewAuthHandler(jobHandler.ChangeJobStatus, cronsun.Developer)
 	subrouter.Handle("/job/{group}-{id}", h).Methods("POST")
 	// batch pause/start
-	h = NewAuthHandler(jobHandler.BatchChangeJobStatus)
+	h = NewAuthHandler(jobHandler.BatchChangeJobStatus, cronsun.Developer)
 	subrouter.Handle("/jobs/{op}", h).Methods("POST")
 	// get a job
-	h = NewAuthHandler(jobHandler.GetJob)
+	h = NewAuthHandler(jobHandler.GetJob, cronsun.Reporter)
 	subrouter.Handle("/job/{group}-{id}", h).Methods("GET")
 	// remove a job
-	h = NewAuthHandler(jobHandler.DeleteJob)
+	h = NewAuthHandler(jobHandler.DeleteJob, cronsun.Developer)
 	subrouter.Handle("/job/{group}-{id}", h).Methods("DELETE")

-	h = NewAuthHandler(jobHandler.GetJobNodes)
+	h = NewAuthHandler(jobHandler.GetJobNodes, cronsun.Reporter)
 	subrouter.Handle("/job/{group}-{id}/nodes", h).Methods("GET")

-	h = NewAuthHandler(jobHandler.JobExecute)
+	h = NewAuthHandler(jobHandler.JobExecute, cronsun.Developer)
 	subrouter.Handle("/job/{group}-{id}/execute", h).Methods("PUT")

 	// query executing job
-	h = NewAuthHandler(jobHandler.GetExecutingJob)
+	h = NewAuthHandler(jobHandler.GetExecutingJob, cronsun.Reporter)
 	subrouter.Handle("/job/executing", h).Methods("GET")

 	// get job log list
-	h = NewAuthHandler(jobLogHandler.GetList)
+	h = NewAuthHandler(jobLogHandler.GetList, cronsun.Reporter)
 	subrouter.Handle("/logs", h).Methods("GET")
 	// get job log
-	h = NewAuthHandler(jobLogHandler.GetDetail)
+	h = NewAuthHandler(jobLogHandler.GetDetail, cronsun.Developer)
 	subrouter.Handle("/log/{id}", h).Methods("GET")

-	h = NewAuthHandler(nodeHandler.GetNodes)
+	h = NewAuthHandler(nodeHandler.GetNodes, cronsun.Developer)
 	subrouter.Handle("/nodes", h).Methods("GET")
-	h = NewAuthHandler(nodeHandler.DeleteNode)
+	h = NewAuthHandler(nodeHandler.DeleteNode, cronsun.Developer)
 	subrouter.Handle("/node/{ip}", h).Methods("DELETE")
 	// get node group list
-	h = NewAuthHandler(nodeHandler.GetGroups)
+	h = NewAuthHandler(nodeHandler.GetGroups, cronsun.Reporter)
 	subrouter.Handle("/node/groups", h).Methods("GET")
 	// get a node group by group id
-	h = NewAuthHandler(nodeHandler.GetGroupByGroupId)
+	h = NewAuthHandler(nodeHandler.GetGroupByGroupId, cronsun.Reporter)
 	subrouter.Handle("/node/group/{id}", h).Methods("GET")
 	// create/update a node group
-	h = NewAuthHandler(nodeHandler.UpdateGroup)
+	h = NewAuthHandler(nodeHandler.UpdateGroup, cronsun.Developer)
 	subrouter.Handle("/node/group", h).Methods("PUT")
 	// delete a node group
-	h = NewAuthHandler(nodeHandler.DeleteGroup)
+	h = NewAuthHandler(nodeHandler.DeleteGroup, cronsun.Developer)
 	subrouter.Handle("/node/group/{id}", h).Methods("DELETE")

-	h = NewAuthHandler(infoHandler.Overview)
+	h = NewAuthHandler(infoHandler.Overview, cronsun.Reporter)
 	subrouter.Handle("/info/overview", h).Methods("GET")

-	h = NewAuthHandler(configHandler.Configuratios)
+	h = NewAuthHandler(configHandler.Configuratios, cronsun.Reporter)
 	subrouter.Handle("/configurations", h).Methods("GET")

 	r.PathPrefix("/ui/").Handler(http.StripPrefix("/ui/", newEmbeddedFileServer("", "index.html")))
--- a/web/session/session.go
+++ b/web/session/session.go
@ -16,6 +16,7 @@ import (
 func init() {
 	gob.Register(cronsun.Administrator)
 	gob.Register(cronsun.Developer)
+	gob.Register(cronsun.Reporter)
 }

 var Manager SessionManager
--- a/web/static_assets.go
+++ b/web/static_assets.go
--- a/web/ui/index.html
+++ b/web/ui/index.html
@ -61,7 +61,7 @@
  <div id="app">
    <div id="initloader"></div>
  </div>
-  <script src="build.js?v=75b49bd"></script>
+  <script src="build.js?v=6fe9c2f"></script>
 </body>

 </html>
--- a/web/ui/src/components/Account.vue
+++ b/web/ui/src/components/Account.vue
@ -64,6 +64,7 @@ export default {
      switch (s){
        case 1: return 'Administrator';
        case 2: return 'Developer';
+        case 3: return 'Repoter';
      }
      return '';
    }
--- a/web/ui/src/components/AccountEdit.vue
+++ b/web/ui/src/components/AccountEdit.vue
@ -23,6 +23,12 @@
          <label>Developer</label>
        </div>
      </div>
+      <div class="field">
+        <div class="ui radio checkbox">
+          <input type="radio" name="role" value="3" v-model="account.role" class="hidden">
+          <label>Reporter(ReadOnly)</label>
+        </div>
+      </div>
    </div>
    <div v-show="action === 'UPDATE'">
      <div class="inline fields" ref="status">