mnt-ltd
/
moredoc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

完成账户处罚

Browse Source
dev
truthhun 11 months ago
parent 289bbc7d6c
commit aa653542b5
10 changed files with 99 additions and 15 deletions
Show Stats Download Patch File Download Diff File

2
biz/attachment.go
Unescape View File

@ -186,7 +186,7 @@ func (s *AttachmentAPIService) UploadDocument(ctx *gin.Context) {
} }
// 检查用户是否有权限上传文档 // 检查用户是否有权限上传文档
if !s.dbModel.CanIUploadDocument(userClaims.UserId) { if !s.dbModel.CanIAccessUploadDocument(userClaims.UserId) {
ctx.JSON(http.StatusForbidden, ginResponse{Code: http.StatusForbidden, Message: "没有权限上传文档", Error: "没有权限上传文档"}) ctx.JSON(http.StatusForbidden, ginResponse{Code: http.StatusForbidden, Message: "没有权限上传文档", Error: "没有权限上传文档"})
return return
} }

4
biz/comment.go
Unescape View File

@ -47,6 +47,10 @@ func (s *CommentAPIService) CreateComment(ctx context.Context, req *pb.CreateCom
return nil, status.Errorf(codes.InvalidArgument, "验证码错误") return nil, status.Errorf(codes.InvalidArgument, "验证码错误")
} }
if yes, _ := s.dbModel.CanIAccessComment(userClaims.UserId); !yes {
return nil, status.Errorf(codes.PermissionDenied, "您已经被禁止发表评论")
}
comment := &model.Comment{} comment := &model.Comment{}
err = util.CopyStruct(req, comment) err = util.CopyStruct(req, comment)
if err != nil { if err != nil {

6
biz/document.go
Unescape View File

@ -54,7 +54,7 @@ func (s *DocumentAPIService) CreateDocument(ctx context.Context, req *pb.CreateD
return nil, err return nil, err
} }
if !s.dbModel.CanIUploadDocument(userCliams.UserId) { if !s.dbModel.CanIAccessUploadDocument(userCliams.UserId) {
return nil, status.Error(codes.PermissionDenied, "没有权限上传文档") return nil, status.Error(codes.PermissionDenied, "没有权限上传文档")
} }
@ -673,6 +673,10 @@ func (s *DocumentAPIService) DownloadDocument(ctx context.Context, req *pb.Docum
userId = userClaims.UserId userId = userClaims.UserId
} }
if yes, _ := s.dbModel.CanIAccessDownload(userId); !yes {
return res, status.Errorf(codes.PermissionDenied, "您的账户已被禁止下载文档")
}
ip := "" ip := ""
ips, _ := util.GetGRPCRemoteIP(ctx) ips, _ := util.GetGRPCRemoteIP(ctx)
if len(ips) > 0 { if len(ips) > 0 {

5
biz/favorite.go
Unescape View File

@ -34,6 +34,11 @@ func (s *FavoriteAPIService) CreateFavorite(ctx context.Context, req *pb.Favorit
return nil, err return nil, err
} }
yes, _ := s.dbModel.CanIAccessFavorite(userClaims.UserId)
if !yes {
return nil, status.Errorf(codes.PermissionDenied, "您已经被禁止收藏文档")
}
favorite := &model.Favorite{ favorite := &model.Favorite{
UserId: userClaims.UserId, UserId: userClaims.UserId,
DocumentId: req.DocumentId, DocumentId: req.DocumentId,

2
biz/user.go
Unescape View File

@ -541,7 +541,7 @@ func (s *UserAPIService) CanIUploadDocument(ctx context.Context, req *emptypb.Em
return nil, err return nil, err
} }
if !s.dbModel.CanIUploadDocument(userClaims.UserId) { if !s.dbModel.CanIAccessUploadDocument(userClaims.UserId) {
return nil, status.Errorf(codes.PermissionDenied, "您没有上传文档的权限") return nil, status.Errorf(codes.PermissionDenied, "您没有上传文档的权限")
} }

21
model/punishment.go
Unescape View File

@ -165,3 +165,24 @@ func (m *DBModel) DeletePunishment(ids []int64) (err error) {
} }
return return
} }
func (m *DBModel) isInPunishing(userId int64, types []int) (yes bool, err error) {
if userId <= 1 {
return false, nil
}
punishment := &Punishment{}
err = m.db.Model(punishment).Select("id").
Where(
"user_id = ? and enable = ? and type in ? and (end_time IS NULL or end_time > ?)",
userId, true, types, time.Now(),
).Find(&punishment).Error
if err != nil {
if err == gorm.ErrRecordNotFound {
return false, nil
}
m.logger.Error("isInPunishing", zap.Error(err))
return
}
return punishment.Id > 0, nil
}

41
model/user.go
Unescape View File

@ -411,7 +411,13 @@ func (m *DBModel) SetUserGroupAndPassword(userId int64, groupId []int64, passwor
} }
// CanIUploadDocument 判断用户是否有上传文档的权限 // CanIUploadDocument 判断用户是否有上传文档的权限
func (m *DBModel) CanIUploadDocument(userId int64) (yes bool) { // 1. 用户是否被禁用或被处罚禁止上传文档
// 2. 用户所在的用户组是否允许上传文档
func (m *DBModel) CanIAccessUploadDocument(userId int64) (yes bool) {
if inPunishing, _ := m.isInPunishing(userId, []int{PunishmentTypeDisabled, PunishmentTypeUploadLimited}); inPunishing {
return false
}
var ( var (
tableGroup = Group{}.TableName() tableGroup = Group{}.TableName()
tableUserGroup = UserGroup{}.TableName() tableUserGroup = UserGroup{}.TableName()
@ -427,6 +433,39 @@ func (m *DBModel) CanIUploadDocument(userId int64) (yes bool) {
return group.Id > 0 return group.Id > 0
} }
// 用户是否可以下载文档:被禁用的账号或被禁止下载的账户不能下载
func (m *DBModel) CanIAccessDownload(userId int64) (yes bool, err error) {
yes, err = m.isInPunishing(userId, []int{PunishmentTypeDownloadLimited, PunishmentTypeDisabled})
yes = !yes
if err != nil {
m.logger.Error("CanIAccessDownload", zap.Error(err))
return
}
return
}
// 用户是否可以评论
func (m *DBModel) CanIAccessComment(userId int64) (yes bool, err error) {
yes, err = m.isInPunishing(userId, []int{PunishmentTypeCommentLimited, PunishmentTypeDisabled})
yes = !yes
if err != nil {
m.logger.Error("CanIAccessComment", zap.Error(err))
return
}
return
}
// 用户是否可以收藏文档
func (m *DBModel) CanIAccessFavorite(userId int64) (yes bool, err error) {
yes, err = m.isInPunishing(userId, []int{PunishmentTypeFavoriteLimited, PunishmentTypeDisabled})
yes = !yes
if err != nil {
m.logger.Error("CanIAccessFavorite", zap.Error(err))
return
}
return
}
// 用户是否发表评论 // 用户是否发表评论
func (m *DBModel) CanIPublishComment(userId int64) (defaultCommentStatus int8, err error) { func (m *DBModel) CanIPublishComment(userId int64) (defaultCommentStatus int8, err error) {
if userId <= 0 { if userId <= 0 {

13
web/components/FormPunishment.vue
Unescape View File

@ -36,7 +36,18 @@
</el-select> </el-select>
<el-input v-else :disabled="true" v-model="punishment.username" /> <el-input v-else :disabled="true" v-model="punishment.username" />
</el-form-item> </el-form-item>
<el-form-item label="处罚类型"> <el-form-item
prop="type"
:rules="[
{ required: true, trigger: 'blur', message: '' },
]"
>
<template slot="label">
<ToolTip
content="禁止评论:不允许发表评论;禁止上传:不允许上传文档;禁止收藏:不允许收藏;禁止下载:不允许下载文档;禁用账户:包括上述全部禁用项"
/>
</template>
<el-checkbox-group v-if="punishment.id === 0" v-model="punishment.type"> <el-checkbox-group v-if="punishment.id === 0" v-model="punishment.type">
<el-checkbox <el-checkbox
v-for="item in punishmentTypeOptions" v-for="item in punishmentTypeOptions"

18
web/pages/admin/user/list.vue
Unescape View File

@ -113,7 +113,7 @@ export default {
groups: [], groups: [],
users: [], users: [],
user: { id: 0 }, user: { id: 0 },
total: 100, total: 0,
searchFormFields: [], searchFormFields: [],
listFields: [], listFields: [],
selectedRows: [], selectedRows: [],
@ -308,14 +308,14 @@ export default {
} }
}), }),
}, },
{ // {
type: 'select', // type: 'select',
label: '', // label: '状态',
name: 'status', // name: 'status',
placeholder: '', // placeholder: '请选择用户状态',
multiple: true, // multiple: true,
options: this.userStatusOptions, // options: this.userStatusOptions,
}, // },
] ]
}, },
initTableListFields() { initTableListFields() {

2
web/pages/upload.vue
Unescape View File

@ -166,7 +166,7 @@
class="btn-block" class="btn-block"
disabled disabled
> >
<span v-if="user.id > 0"></span> <span v-if="user.id > 0"></span>
<span v-else></span> <span v-else></span>
</el-button> </el-button>
</el-form-item> </el-form-item>

Write Preview
Loading…
Cancel
Save