Skip to content

Commit 0fa401c

Browse files
BugsGuruBugsGuru
authored
Merge pull request #2934 from actiontech/fix-premission-middle-ware
fix: remove hardcoded project id in permission middleware
2 parents 4a5a8ed + 83eeb75 commit 0fa401c

File tree

1 file changed

+15
-28
lines changed

1 file changed

+15
-28
lines changed

sqle/api/middleware/permission.go

+15-28
Original file line numberDiff line numberDiff line change
@@ -10,42 +10,20 @@ import (
1010
"github.com/labstack/echo/v4"
1111
)
1212

13-
// AdminUserAllowed is a `echo` middleware, only allow admin user to access next.
14-
func AdminUserAllowed() echo.MiddlewareFunc {
15-
return func(next echo.HandlerFunc) echo.HandlerFunc {
16-
return func(c echo.Context) error {
17-
uid, err := dmsJWT.GetUserUidStrFromContextWithOldJwt(c)
18-
if err != nil {
19-
return echo.NewHTTPError(http.StatusForbidden)
20-
}
21-
up, err := dms.NewUserPermission(uid, "700300" /*TODO 支持不传空间 */)
22-
if err != nil {
23-
return echo.NewHTTPError(http.StatusForbidden)
24-
}
25-
if up.IsAdmin() {
26-
return next(c)
27-
}
28-
return echo.NewHTTPError(http.StatusForbidden)
29-
}
30-
}
31-
}
32-
3313
func OpGlobalAllowed() echo.MiddlewareFunc {
3414
return func(next echo.HandlerFunc) echo.HandlerFunc {
3515
return func(c echo.Context) error {
3616
uid, err := dmsJWT.GetUserUidStrFromContextWithOldJwt(c)
3717
if err != nil {
3818
return echo.NewHTTPError(http.StatusForbidden)
3919
}
40-
up, err := dms.NewUserPermission(uid, "700300" /*TODO 支持不传空间 */)
20+
up, err := dms.NewUserPermission(uid, "")
4121
if err != nil {
4222
return echo.NewHTTPError(http.StatusForbidden)
4323
}
44-
4524
if up.CanOpGlobal() {
4625
return next(c)
4726
}
48-
4927
return echo.NewHTTPError(http.StatusForbidden)
5028
}
5129
}
@@ -58,7 +36,13 @@ func OpProjectAllowed() echo.MiddlewareFunc {
5836
if err != nil {
5937
return echo.NewHTTPError(http.StatusForbidden)
6038
}
61-
up, err := dms.NewUserPermission(uid, "700300" /*TODO 支持不传空间 */)
39+
40+
projectUid, err := dms.GetPorjectUIDByName(context.TODO(), c.Param("project_name"))
41+
if err != nil {
42+
return controller.JSONBaseErrorReq(c, err)
43+
}
44+
45+
up, err := dms.NewUserPermission(uid, projectUid)
6246
if err != nil {
6347
return echo.NewHTTPError(http.StatusForbidden)
6448
}
@@ -79,15 +63,13 @@ func ViewGlobalAllowed() echo.MiddlewareFunc {
7963
if err != nil {
8064
return echo.NewHTTPError(http.StatusForbidden)
8165
}
82-
up, err := dms.NewUserPermission(uid, "700300" /*TODO 支持不传空间 */)
66+
up, err := dms.NewUserPermission(uid, "")
8367
if err != nil {
8468
return echo.NewHTTPError(http.StatusForbidden)
8569
}
86-
8770
if up.CanViewGlobal() {
8871
return next(c)
8972
}
90-
9173
return echo.NewHTTPError(http.StatusForbidden)
9274
}
9375
}
@@ -100,7 +82,12 @@ func ViewProjectAllowed() echo.MiddlewareFunc {
10082
if err != nil {
10183
return echo.NewHTTPError(http.StatusForbidden)
10284
}
103-
up, err := dms.NewUserPermission(uid, "700300" /*TODO 支持不传空间 */)
85+
projectUid, err := dms.GetPorjectUIDByName(context.TODO(), c.Param("project_name"))
86+
if err != nil {
87+
return controller.JSONBaseErrorReq(c, err)
88+
}
89+
90+
up, err := dms.NewUserPermission(uid, projectUid)
10491
if err != nil {
10592
return echo.NewHTTPError(http.StatusForbidden)
10693
}

0 commit comments

Comments
 (0)