From c1ed0dfb4a4932c328dd9160e0694aa853be438f Mon Sep 17 00:00:00 2001 From: ROC Date: Sat, 11 Jun 2022 08:59:44 +0800 Subject: [PATCH] feat: add user ban for admin --- internal/middleware/admin.go | 25 ++++++++++++++ internal/routers/api/user.go | 30 +++++++++++++++++ internal/routers/router.go | 3 ++ internal/service/user.go | 19 +++++++++++ pkg/errcode/module_code.go | 1 + web/src/App.vue | 64 ++++++++++++++++++++---------------- web/src/api/user.ts | 13 ++++++++ web/src/types/NetParams.d.ts | 7 +++- web/src/types/NetReq.d.ts | 14 +++++--- web/src/types/item.d.ts | 4 +-- web/src/views/User.vue | 57 +++++++++++++++++++++++++++++--- 11 files changed, 195 insertions(+), 42 deletions(-) create mode 100644 internal/middleware/admin.go diff --git a/internal/middleware/admin.go b/internal/middleware/admin.go new file mode 100644 index 00000000..f81b00ee --- /dev/null +++ b/internal/middleware/admin.go @@ -0,0 +1,25 @@ +package middleware + +import ( + "github.com/gin-gonic/gin" + "github.com/rocboss/paopao-ce/internal/model" + "github.com/rocboss/paopao-ce/pkg/app" + "github.com/rocboss/paopao-ce/pkg/errcode" +) + +func Admin() gin.HandlerFunc { + return func(c *gin.Context) { + if user, exist := c.Get("USER"); exist { + if userModel, ok := user.(*model.User); ok { + if userModel.Status == model.UserStatusNormal && userModel.IsAdmin { + c.Next() + return + } + } + } + + response := app.NewResponse(c) + response.ToErrorResponse(errcode.NoAdminPermission) + c.Abort() + } +} diff --git a/internal/routers/api/user.go b/internal/routers/api/user.go index 5d5db51a..94b3bcb9 100644 --- a/internal/routers/api/user.go +++ b/internal/routers/api/user.go @@ -251,6 +251,36 @@ func BindUserPhone(c *gin.Context) { response.ToResponse(nil) } +// 修改用户状态 +func ChangeUserStatus(c *gin.Context) { + param := service.ChangeUserStatusReq{} + response := app.NewResponse(c) + valid, errs := app.BindAndValid(c, ¶m) + if !valid { + logrus.Errorf("app.BindAndValid errs: %v", errs) + response.ToErrorResponse(errcode.InvalidParams.WithDetails(errs.Errors()...)) + return + } + + if param.Status != model.UserStatusNormal && param.Status != model.UserStatusClosed { + response.ToErrorResponse(errcode.InvalidParams) + return + } + + user, err := service.GetUserByID(param.ID) + if err != nil { + logrus.Errorf("service.GetUserByID err: %v\n", err) + response.ToErrorResponse(errcode.NoExistUsername) + return + } + + // 执行更新 + user.Status = param.Status + service.UpdateUserInfo(user) + + response.ToResponse(nil) +} + func GetUserProfile(c *gin.Context) { response := app.NewResponse(c) username := c.Query("username") diff --git a/internal/routers/router.go b/internal/routers/router.go index bcd33c60..9802a5c6 100644 --- a/internal/routers/router.go +++ b/internal/routers/router.go @@ -76,6 +76,7 @@ func NewRouter() *gin.Engine { // 鉴权路由组 authApi := r.Group("/").Use(middleware.JWT()) privApi := r.Group("/").Use(middleware.JWT()).Use(middleware.Priv()) + adminApi := r.Group("/").Use(middleware.JWT()).Use(middleware.Admin()) { // 同步索引 authApi.GET("/sync/index", api.SyncSearchIndex) @@ -173,6 +174,8 @@ func NewRouter() *gin.Engine { // 删除评论回复 privApi.DELETE("/post/comment/reply", api.DeletePostCommentReply) + // 管理·禁言/解封用户 + adminApi.POST("/admin/user/status", api.ChangeUserStatus) } // 默认404 e.NoRoute(func(c *gin.Context) { diff --git a/internal/service/user.go b/internal/service/user.go index d1434e13..25f5a225 100644 --- a/internal/service/user.go +++ b/internal/service/user.go @@ -52,6 +52,11 @@ type ChangeAvatarReq struct { Avatar string `json:"avatar" form:"avatar" binding:"required"` } +type ChangeUserStatusReq struct { + ID int64 `json:"id" form:"id" binding:"required"` + Status int `json:"status" form:"status" binding:"required"` +} + const LOGIN_ERR_KEY = "PaoPaoUserLoginErr" const MAX_LOGIN_ERR_TIMES = 10 @@ -226,6 +231,20 @@ func GetUserInfo(param *AuthRequest) (*model.User, error) { return nil, errcode.UnauthorizedAuthNotExist } +func GetUserByID(id int64) (*model.User, error) { + user, err := ds.GetUserByID(id) + + if err != nil { + return nil, err + } + + if user.Model != nil && user.ID > 0 { + return user, nil + } + + return nil, errcode.NoExistUsername +} + func GetUserByUsername(username string) (*model.User, error) { user, err := ds.GetUserByUsername(username) diff --git a/pkg/errcode/module_code.go b/pkg/errcode/module_code.go index 0196d121..02976dc6 100644 --- a/pkg/errcode/module_code.go +++ b/pkg/errcode/module_code.go @@ -22,6 +22,7 @@ var ( MaxPhoneCaptchaUseTimes = NewError(20019, "手机验证码已达最大使用次数") NicknameLengthLimit = NewError(20020, "昵称长度2~12") NoExistUsername = NewError(20021, "用户不存在") + NoAdminPermission = NewError(20022, "无管理权限") GetPostsFailed = NewError(30001, "获取动态列表失败") CreatePostFailed = NewError(30002, "动态发布失败") diff --git a/web/src/App.vue b/web/src/App.vue index 8e584b77..118ba886 100644 --- a/web/src/App.vue +++ b/web/src/App.vue @@ -1,35 +1,40 @@