From a4348f225046ddc3a7b2f93dd930e971ea4fd1ab Mon Sep 17 00:00:00 2001
From: ROC <i@rocs.me>
Date: Sun, 8 Sep 2024 11:45:58 +0800
Subject: [PATCH 1/3] fixed: check permission of post view.

---
 internal/model/web/loose.go    |  1 +
 internal/servants/web/loose.go |  5 +++++
 internal/servants/web/utils.go | 26 ++++++++++++++++++++++++++
 3 files changed, 32 insertions(+)

diff --git a/internal/model/web/loose.go b/internal/model/web/loose.go
index 691bfdf0..db701dfe 100644
--- a/internal/model/web/loose.go
+++ b/internal/model/web/loose.go
@@ -113,6 +113,7 @@ type TopicListResp struct {
 }
 
 type TweetDetailReq struct {
+	BaseInfo   `form:"-"  binding:"-"`
 	SimpleInfo `form:"-"  binding:"-"`
 	TweetId    int64 `form:"id"`
 }
diff --git a/internal/servants/web/loose.go b/internal/servants/web/loose.go
index 67add729..088178d2 100644
--- a/internal/servants/web/loose.go
+++ b/internal/servants/web/loose.go
@@ -508,6 +508,11 @@ func (s *looseSrv) TweetDetail(req *web.TweetDetailReq) (*web.TweetDetailResp, m
 	if err != nil {
 		return nil, web.ErrGetPostFailed
 	}
+
+	// check current user permission
+	if xerr := checkPostViewPermission(req.User, post, s.Ds); xerr != nil {
+		return nil, xerr
+	}
 	postContents, err := s.Ds.GetPostContentsByIDs([]int64{post.ID})
 	if err != nil {
 		return nil, web.ErrGetPostFailed
diff --git a/internal/servants/web/utils.go b/internal/servants/web/utils.go
index 0e2696e3..d2191681 100644
--- a/internal/servants/web/utils.go
+++ b/internal/servants/web/utils.go
@@ -207,3 +207,29 @@ func checkPermision(user *ms.User, targetUserId int64) mir.Error {
 	}
 	return nil
 }
+
+// checkPostViewPermission 检查当前用户是否可读指定post
+func checkPostViewPermission(user *ms.User, post *ms.Post, ds core.DataService) mir.Error {
+	if post.Visibility == core.PostVisitPublic {
+		return nil
+	}
+
+	if user == nil {
+		return web.ErrNoPermission
+	}
+
+	if user.IsAdmin || user.ID == post.UserID {
+		return nil
+	}
+
+	if post.Visibility == core.PostVisitPrivate {
+		return web.ErrNoPermission
+	}
+
+	if post.Visibility == core.PostVisitFriend {
+		if !ds.IsFriend(post.UserID, user.ID) && !ds.IsFriend(user.ID, post.UserID) {
+			return web.ErrNoPermission
+		}
+	}
+	return nil
+}

From c531e0047447de0af74bee5a302fd2506ea71262 Mon Sep 17 00:00:00 2001
From: OldCat <924417424@qq.com>
Date: Mon, 9 Sep 2024 11:48:42 +0800
Subject: [PATCH 2/3] fix: The sqlite database file is not updated because the
 database connection is not closed when the program exits.

---
 cmd/serve/serve.go            |  2 ++
 internal/conf/db_gorm.go      |  8 ++++++++
 internal/dao/dao.go           | 13 +++++++++++++
 internal/dao/jinzhu/jinzhu.go |  4 ++++
 internal/dao/sakila/sakila.go |  4 ++++
 internal/dao/slonik/slonik.go |  4 ++++
 6 files changed, 35 insertions(+)

diff --git a/cmd/serve/serve.go b/cmd/serve/serve.go
index b7dcbff1..3b791645 100644
--- a/cmd/serve/serve.go
+++ b/cmd/serve/serve.go
@@ -18,6 +18,7 @@ import (
 	"github.com/rocboss/paopao-ce/cmd"
 	"github.com/rocboss/paopao-ce/internal"
 	"github.com/rocboss/paopao-ce/internal/conf"
+	"github.com/rocboss/paopao-ce/internal/dao"
 	"github.com/rocboss/paopao-ce/internal/service"
 	"github.com/rocboss/paopao-ce/pkg/debug"
 	"github.com/rocboss/paopao-ce/pkg/utils"
@@ -47,6 +48,7 @@ func init() {
 }
 
 func deferFn() {
+	dao.CloseDsx()
 	if cfg.If("Sentry") {
 		// Flush buffered events before the program terminates.
 		sentry.Flush(2 * time.Second)
diff --git a/internal/conf/db_gorm.go b/internal/conf/db_gorm.go
index 66095f22..dfa381cf 100644
--- a/internal/conf/db_gorm.go
+++ b/internal/conf/db_gorm.go
@@ -34,6 +34,14 @@ func MustGormDB() *gorm.DB {
 	return _gormdb
 }
 
+func CloseGormDB() {
+	db, err := _gormdb.DB()
+	if err != nil {
+		log.Fatalf("close gorm db failed: %s", err)
+	}
+	_ = db.Close()
+}
+
 func newGormDB() (db *gorm.DB, err error) {
 	newLogger := logger.New(
 		logrus.StandardLogger(), // io writer（日志输出的目标，前缀和日志包含的内容）
diff --git a/internal/dao/dao.go b/internal/dao/dao.go
index 8b355e36..9cbb7051 100644
--- a/internal/dao/dao.go
+++ b/internal/dao/dao.go
@@ -88,6 +88,19 @@ func initDsX() {
 	logrus.Infof("use %s as core.ServantA with version %s", dsaVer.Name(), dsaVer.Version())
 }
 
+func CloseDsx() {
+	if cfg.If("Gorm") {
+		jinzhu.CloseDbObject()
+	} else if cfg.If("Sqlx") {
+		sakila.CloseDbObject()
+	} else if cfg.If("Sqlc") && cfg.Any("Postgres", "PostgreSQL") {
+		slonik.CloseDbObject()
+	} else {
+		// default use gorm as orm for sql database
+		jinzhu.CloseDbObject()
+	}
+}
+
 func initOSS() {
 	var v core.VersionInfo
 	if cfg.If("AliOSS") {
diff --git a/internal/dao/jinzhu/jinzhu.go b/internal/dao/jinzhu/jinzhu.go
index 16b6d64a..ddc9cd2f 100644
--- a/internal/dao/jinzhu/jinzhu.go
+++ b/internal/dao/jinzhu/jinzhu.go
@@ -87,6 +87,10 @@ func NewDataService() (core.DataService, core.VersionInfo) {
 	return cache.NewCacheDataService(ds), ds
 }
 
+func CloseDbObject() {
+	conf.CloseGormDB()
+}
+
 func NewWebDataServantA() (core.WebDataServantA, core.VersionInfo) {
 	lazyInitial()
 	db := conf.MustGormDB()
diff --git a/internal/dao/sakila/sakila.go b/internal/dao/sakila/sakila.go
index 0a605bf8..69029e31 100644
--- a/internal/dao/sakila/sakila.go
+++ b/internal/dao/sakila/sakila.go
@@ -26,3 +26,7 @@ func NewAuthorizationManageService() core.AuthorizationManageService {
 	logrus.Fatal("not support now")
 	return nil
 }
+
+func CloseDbObject() {
+	logrus.Fatal("not support now")
+}
diff --git a/internal/dao/slonik/slonik.go b/internal/dao/slonik/slonik.go
index 705c5bbf..34fd0ae0 100644
--- a/internal/dao/slonik/slonik.go
+++ b/internal/dao/slonik/slonik.go
@@ -26,3 +26,7 @@ func NewAuthorizationManageService() core.AuthorizationManageService {
 	logrus.Fatal("not support now")
 	return nil
 }
+
+func CloseDbObject() {
+	logrus.Fatal("not support now")
+}

From 0a8bb0512a852a047e623c9200d8b60e274e335c Mon Sep 17 00:00:00 2001
From: OldCat <924417424@qq.com>
Date: Mon, 9 Sep 2024 13:46:36 +0800
Subject: [PATCH 3/3] fix:The first post shows bugs with no data yet

---
 web/src/views/Post.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/src/views/Post.vue b/web/src/views/Post.vue
index 2170f7ba..1811a4fc 100644
--- a/web/src/views/Post.vue
+++ b/web/src/views/Post.vue
@@ -5,7 +5,7 @@
         <n-list class="main-content-wrap" bordered>
             <n-list-item>
                 <n-spin :show="loading">
-                    <div class="detail-wrap" v-if="post.id > 1">
+                    <div class="detail-wrap" v-if="post.id > 0">
                         <post-detail :post="post" @reload="reloadPost" />
                     </div>
                     <div class="empty-wrap" v-else>