optimize tweet detail visit permission check logic

1 year ago · f0c80f3dcf
parent 04dbb42e5a
commit f0c80f3dcf
9 changed files with 47 additions and 42 deletions
--- a/cmd/serve/serve.go
+++ b/cmd/serve/serve.go
@ -18,7 +18,6 @@ import (
 	"github.com/rocboss/paopao-ce/cmd"
 	"github.com/rocboss/paopao-ce/internal"
 	"github.com/rocboss/paopao-ce/internal/conf"
 	"github.com/rocboss/paopao-ce/internal/dao"
 	"github.com/rocboss/paopao-ce/internal/service"
 	"github.com/rocboss/paopao-ce/pkg/debug"
 	"github.com/rocboss/paopao-ce/pkg/utils"
@ -48,11 +47,11 @@ func init() {
 }
 func deferFn() {
 	dao.CloseDsx()
 	if cfg.If("Sentry") {
 		// Flush buffered events before the program terminates.
 		sentry.Flush(2 * time.Second)
 	}
 	conf.CloseDB()
 }
 func serveRun(_cmd *cobra.Command, _args []string) {
--- a/internal/conf/db.go
+++ b/internal/conf/db.go
@ -58,6 +58,17 @@ func MustSqlDB() *sql.DB {
 	return _sqldb
 }
 // CloseDB close databse to prevent data missing
 func CloseDB() {
 	cfg.On(cfg.Actions{
 		"Gorm": func() {
 			closeGormDB()
 		},
 	}, func() {
 		closeGormDB()
 	})
 }
 func newSqlDB() (driver string, db *sql.DB, err error) {
 	if cfg.If("MySQL") {
 		driver = "mysql"
--- a/internal/conf/db_gorm.go
+++ b/internal/conf/db_gorm.go
@ -34,12 +34,14 @@ func MustGormDB() *gorm.DB {
 	return _gormdb
 }
-func CloseGormDB() {
+func closeGormDB() {
 	db, err := _gormdb.DB()
 	if err != nil {
-		log.Fatalf("close gorm db failed: %s", err)
+		logrus.WithError(err).Error("get db from grom failed")
 	}
 	if err = db.Close(); err != nil {
 		logrus.WithError(err).Error("close db failed")
 	}
 	_ = db.Close()
 }
 func newGormDB() (db *gorm.DB, err error) {
--- a/internal/dao/dao.go
+++ b/internal/dao/dao.go
@ -88,19 +88,6 @@ func initDsX() {
 	logrus.Infof("use %s as core.ServantA with version %s", dsaVer.Name(), dsaVer.Version())
 }
 func CloseDsx() {
 	if cfg.If("Gorm") {
 		jinzhu.CloseDbObject()
 	} else if cfg.If("Sqlx") {
 		sakila.CloseDbObject()
 	} else if cfg.If("Sqlc") && cfg.Any("Postgres", "PostgreSQL") {
 		slonik.CloseDbObject()
 	} else {
 		// default use gorm as orm for sql database
 		jinzhu.CloseDbObject()
 	}
 }
 func initOSS() {
 	var v core.VersionInfo
 	if cfg.If("AliOSS") {
--- a/internal/dao/jinzhu/jinzhu.go
+++ b/internal/dao/jinzhu/jinzhu.go
@ -87,10 +87,6 @@ func NewDataService() (core.DataService, core.VersionInfo) {
 	return cache.NewCacheDataService(ds), ds
 }
 func CloseDbObject() {
 	conf.CloseGormDB()
 }
 func NewWebDataServantA() (core.WebDataServantA, core.VersionInfo) {
 	lazyInitial()
 	db := conf.MustGormDB()
--- a/internal/model/web/loose.go
+++ b/internal/model/web/loose.go
@ -113,9 +113,8 @@ type TopicListResp struct {
 }
 type TweetDetailReq struct {
-	BaseInfo   `form:"-"  binding:"-"`
+	BaseInfo `form:"-"  binding:"-"`
-	SimpleInfo `form:"-"  binding:"-"`
+	TweetId  int64 `form:"id"`
 	TweetId    int64 `form:"id"`
 }
 type TweetDetailResp ms.PostFormated
--- a/internal/servants/base/base.go
+++ b/internal/servants/base/base.go
@ -231,23 +231,22 @@ func (s *DaoServant) PrepareMessages(userId int64, messages []*ms.MessageFormate
 	return nil
 }
-func (s *DaoServant) PrepareTweet(userId int64, tweet *ms.PostFormated) error {
+func (s *DaoServant) PrepareTweet(user *ms.User, tweet *ms.PostFormated) error {
 	// guest用户
 	if user == nil {
 		return nil
 	}
 	// 转换一下可见性的值
 	tweet.Visibility = ms.PostVisibleT(tweet.Visibility.ToOutValue())
-	// guest用户的userId<0
+	friendMap, err := s.Ds.IsMyFriend(user.ID, tweet.UserID)
-	if userId < 0 {
+	if err != nil {
-		return nil
+		return err
 	}
-	// friendMap, err := s.Ds.IsMyFriend(userId, userIds)
+	followMap, err := s.Ds.IsMyFollow(user.ID, tweet.UserID)
 	// if err != nil {
 	// 	return err
 	// }
 	followMap, err := s.Ds.IsMyFollow(userId, tweet.UserID)
 	if err != nil {
 		return err
 	}
-	// tweet.User.IsFriend, tweet.User.IsFollowing = friendMap[tweet.UserID], followMap[tweet.UserID]
+	tweet.User.IsFriend, tweet.User.IsFollowing = friendMap[tweet.UserID], followMap[tweet.UserID]
 	tweet.User.IsFollowing = followMap[tweet.UserID]
 	return nil
 }
--- a/internal/servants/web/loose.go
+++ b/internal/servants/web/loose.go
@ -508,11 +508,6 @@ func (s *looseSrv) TweetDetail(req *web.TweetDetailReq) (*web.TweetDetailResp, m
 	if err != nil {
 		return nil, web.ErrGetPostFailed
 	}
 	// check current user permission
 	if xerr := checkPostViewPermission(req.User, post, s.Ds); xerr != nil {
 		return nil, xerr
 	}
 	postContents, err := s.Ds.GetPostContentsByIDs([]int64{post.ID})
 	if err != nil {
 		return nil, web.ErrGetPostFailed
@ -531,7 +526,23 @@ func (s *looseSrv) TweetDetail(req *web.TweetDetailReq) (*web.TweetDetailResp, m
 			postFormated.Contents = append(postFormated.Contents, content.Format())
 		}
 	}
-	s.PrepareTweet(req.Uid, postFormated)
+	if err = s.PrepareTweet(req.User, postFormated); err != nil {
 		return nil, web.ErrGetPostFailed
 	}
 	// 检测访问权限
 	// TODO: 提到最前面去检测
 	switch {
 	case req.User.IsAdmin:
 		break
 	case post.Visibility == core.PostVisitPublic:
 		break
 	case post.Visibility == core.PostVisitFriend && postFormated.User.IsFriend:
 		break
 	case post.Visibility == core.PostVisitFollowing && postFormated.User.IsFollowing:
 		break
 	default:
 		return nil, web.ErrNoPermission
 	}
 	return (*web.TweetDetailResp)(postFormated), nil
 }
--- a/internal/servants/web/utils.go
+++ b/internal/servants/web/utils.go
@ -231,5 +231,6 @@ func checkPostViewPermission(user *ms.User, post *ms.Post, ds core.DataService)
 			return web.ErrNoPermission
 		}
 	}
 	// TODO: add following check logic
 	return nil
 }