2017-09-03 08:43:13 +08:00
|
|
|
|
const yapi = require('../yapi.js');
|
|
|
|
|
|
const projectModel = require('../models/project.js');
|
|
|
|
|
|
const userModel = require('../models/user.js');
|
|
|
|
|
|
const interfaceModel = require('../models/interface.js');
|
|
|
|
|
|
const groupModel = require('../models/group.js');
|
2017-08-08 14:45:19 +08:00
|
|
|
|
|
2017-09-03 08:43:13 +08:00
|
|
|
|
const _ = require('underscore');
|
2017-07-11 12:12:43 +08:00
|
|
|
|
const jwt = require('jsonwebtoken');
|
|
|
|
|
|
|
2017-07-27 14:12:43 +08:00
|
|
|
|
class baseController {
|
2017-09-03 08:43:13 +08:00
|
|
|
|
constructor(ctx) {
|
|
|
|
|
|
this.ctx = ctx;
|
|
|
|
|
|
//网站上线后,role对象key是不能修改的,value可以修改
|
|
|
|
|
|
this.roles = {
|
|
|
|
|
|
admin: 'Admin',
|
|
|
|
|
|
member: '网站会员'
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
async init(ctx) {
|
|
|
|
|
|
this.$user = null;
|
|
|
|
|
|
let ignoreRouter = [
|
|
|
|
|
|
'/api/user/login_by_token',
|
|
|
|
|
|
'/api/user/login',
|
|
|
|
|
|
'/api/user/reg',
|
|
|
|
|
|
'/api/user/status',
|
|
|
|
|
|
'/api/user/logout'
|
|
|
|
|
|
];
|
|
|
|
|
|
if (ignoreRouter.indexOf(ctx.path) > -1) {
|
|
|
|
|
|
this.$auth = true;
|
|
|
|
|
|
} else {
|
|
|
|
|
|
await this.checkLogin(ctx);
|
2017-07-11 12:12:43 +08:00
|
|
|
|
}
|
2017-07-10 11:11:35 +08:00
|
|
|
|
|
2017-09-03 08:43:13 +08:00
|
|
|
|
}
|
2017-07-27 14:12:43 +08:00
|
|
|
|
|
2017-09-03 08:43:13 +08:00
|
|
|
|
getUid() {
|
|
|
|
|
|
return parseInt(this.$uid, 10);
|
|
|
|
|
|
}
|
2017-07-10 11:11:35 +08:00
|
|
|
|
|
2017-09-03 08:43:13 +08:00
|
|
|
|
async checkLogin(ctx) {
|
|
|
|
|
|
let token = ctx.cookies.get('_yapi_token');
|
|
|
|
|
|
let uid = ctx.cookies.get('_yapi_uid');
|
2017-07-05 17:47:51 +08:00
|
|
|
|
|
2017-09-03 08:43:13 +08:00
|
|
|
|
try {
|
|
|
|
|
|
if (!token || !uid) return false;
|
|
|
|
|
|
let userInst = yapi.getInst(userModel); //创建user实体
|
|
|
|
|
|
let result = await userInst.findById(uid);
|
|
|
|
|
|
let decoded = jwt.verify(token, result.passsalt);
|
2017-07-11 12:12:43 +08:00
|
|
|
|
|
2017-09-03 08:43:13 +08:00
|
|
|
|
if (decoded.uid == uid) {
|
|
|
|
|
|
this.$uid = uid;
|
|
|
|
|
|
this.$auth = true;
|
|
|
|
|
|
this.$user = result;
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
2017-07-06 19:21:54 +08:00
|
|
|
|
|
2017-09-03 08:43:13 +08:00
|
|
|
|
return false;
|
|
|
|
|
|
} catch (e) {
|
|
|
|
|
|
return false;
|
2017-07-06 19:21:54 +08:00
|
|
|
|
}
|
2017-07-10 11:56:53 +08:00
|
|
|
|
|
2017-09-03 08:43:13 +08:00
|
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param {*} ctx
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
async getLoginStatus(ctx) {
|
|
|
|
|
|
if (await this.checkLogin(ctx) === true) {
|
|
|
|
|
|
let result = yapi.commons.fieldSelect(this.$user, ['_id', 'username', 'email', 'up_time', 'add_time', 'role', 'type']);
|
|
|
|
|
|
result.server_ip = yapi.WEBCONFIG.server_ip;
|
|
|
|
|
|
return ctx.body = yapi.commons.resReturn(result);
|
2017-08-11 17:49:47 +08:00
|
|
|
|
}
|
2017-09-03 08:43:13 +08:00
|
|
|
|
return ctx.body = yapi.commons.resReturn(null, 40011, '请登录...');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
getRole() {
|
|
|
|
|
|
return this.$user.role;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
getUsername() {
|
|
|
|
|
|
return this.$user.username;
|
|
|
|
|
|
}
|
|
|
|
|
|
async getProjectRole(id, type) {
|
|
|
|
|
|
let result = {};
|
|
|
|
|
|
try {
|
|
|
|
|
|
if (this.getRole() === 'admin') {
|
|
|
|
|
|
return 'admin';
|
|
|
|
|
|
}
|
|
|
|
|
|
if (type === 'interface') {
|
|
|
|
|
|
let interfaceInst = yapi.getInst(interfaceModel);
|
|
|
|
|
|
let interfaceData = await interfaceInst.get(id)
|
|
|
|
|
|
result.interfaceData = interfaceData;
|
|
|
|
|
|
if (interfaceData.uid === this.getUid()) {
|
|
|
|
|
|
return 'owner';
|
2017-07-27 14:12:43 +08:00
|
|
|
|
}
|
2017-09-03 08:43:13 +08:00
|
|
|
|
type = 'project';
|
|
|
|
|
|
id = interfaceData.project_id;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (type === 'project') {
|
|
|
|
|
|
let projectInst = yapi.getInst(projectModel);
|
|
|
|
|
|
let projectData = await projectInst.get(id);
|
|
|
|
|
|
if (projectData.uid === this.getUid()) {
|
|
|
|
|
|
return 'owner';
|
2017-07-10 11:56:53 +08:00
|
|
|
|
}
|
2017-09-03 08:43:13 +08:00
|
|
|
|
let memberData = _.find(projectData.members, (m) => {
|
|
|
|
|
|
if (m.uid === this.getUid()) {
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
|
|
if (memberData && memberData.role) {
|
|
|
|
|
|
if (memberData.role === 'owner') {
|
|
|
|
|
|
return 'owner';
|
|
|
|
|
|
} else {
|
|
|
|
|
|
return 'dev';
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
type = 'group';
|
|
|
|
|
|
id = projectData.group_id
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (type === 'group') {
|
|
|
|
|
|
let groupInst = yapi.getInst(groupModel);
|
|
|
|
|
|
let groupData = await groupInst.get(id);
|
|
|
|
|
|
let groupMemberData = _.find(groupData.members, (m) => {
|
|
|
|
|
|
if (m.uid === this.getUid()) {
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
})
|
|
|
|
|
|
if (groupMemberData && groupMemberData.role) {
|
|
|
|
|
|
if (groupMemberData.role === 'owner') {
|
|
|
|
|
|
return 'owner';
|
|
|
|
|
|
} else {
|
|
|
|
|
|
return 'dev'
|
|
|
|
|
|
}
|
2017-08-16 17:13:14 +08:00
|
|
|
|
}
|
2017-09-03 08:43:13 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return 'member';
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (e) {
|
|
|
|
|
|
yapi.commons.log(e.message, 'error')
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param {*} id type对应的id
|
|
|
|
|
|
* @param {*} type enum[interface, project, group]
|
|
|
|
|
|
* @param {*} action enum[ danger , edit ] danger只有owner或管理员才能操作,edit只要是dev或以上就能执行
|
|
|
|
|
|
*/
|
|
|
|
|
|
async checkAuth(id, type, action) {
|
|
|
|
|
|
let role = await this.getProjectRole(id, type);
|
|
|
|
|
|
if (action === 'danger') {
|
|
|
|
|
|
if (role === 'admin' || role === 'owner') {
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
} else if (action === 'edit') {
|
|
|
|
|
|
if (role === 'admin' || role === 'owner' || role === 'dev') {
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
2017-08-16 17:13:14 +08:00
|
|
|
|
}
|
2017-09-03 08:43:13 +08:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2017-07-05 17:47:51 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-07-27 14:12:43 +08:00
|
|
|
|
module.exports = baseController;
|
