工具标识
- 每个项目都有唯一的标识token,用户可以使用这个token值来请求项目的所有资源数据。
+ 每个项目都有唯一的标识token,用户可以使用这个token值来请求项目 openapi.
@@ -74,6 +74,22 @@ class ProjectToken extends Component {
为确保项目内数据的安全性和私密性,请勿轻易将该token暴露给项目组外用户。
+
+ {/* open接口:
*/}
+ {/*
+
+ - /api/open/run_auto_test [运行自动化测试]
+ - /api/open/import_data [导入数据]
+ - /api/interface/add [新增接口]
+ - /api/interface/save [保存接口]
+ - /api/interface/up [更新接口]
+ - /api/interface/get [获取接口]
+ - /api/interface/list [获取接口列表]
+ - /api/interface/list_menu [获取接口菜单]
+ - /api/interface/add_cat [新增接口分类]
+ - /api/interface/getCatMenu [获取所有分类]
+
+
);
}
diff --git a/client/containers/Project/Setting/ProjectToken/ProjectToken.scss b/client/containers/Project/Setting/ProjectToken/ProjectToken.scss
index 2d61aa9a..4be5dde0 100644
--- a/client/containers/Project/Setting/ProjectToken/ProjectToken.scss
+++ b/client/containers/Project/Setting/ProjectToken/ProjectToken.scss
@@ -17,6 +17,14 @@
}
+ .open-api{
+ margin-top: 10px;
+ margin-left: 20px;
+ li{
+ margin-bottom: 10px;
+ }
+ }
+
.message{
padding: 16px 0 0 16px;
font-size: 14px;
diff --git a/exts/yapi-plugin-wiki/wikiPage/index.js b/exts/yapi-plugin-wiki/wikiPage/index.js
index 13ae4a41..1545cf40 100644
--- a/exts/yapi-plugin-wiki/wikiPage/index.js
+++ b/exts/yapi-plugin-wiki/wikiPage/index.js
@@ -131,11 +131,11 @@ class WikiPage extends Component {
};
this.handleWebsocketAccidentClose(sendEditor, status => {
// 如果websocket 启动不成功用户依旧可以对wiki 进行编辑
- // if (!status) {
+ if (!status) {
this.setState({
isEditor: !this.state.isEditor
});
- // }
+ }
});
};
diff --git a/package.json b/package.json
index e94e633b..c4cd4abe 100755
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "yapi-vendor",
- "version": "1.4.4",
+ "version": "1.5.0",
"description": "YAPI",
"main": "server/app.js",
"scripts": {
diff --git a/server/controllers/base.js b/server/controllers/base.js
index 3689ff9d..f0f0f7e6 100755
--- a/server/controllers/base.js
+++ b/server/controllers/base.js
@@ -6,6 +6,7 @@ const groupModel = require('../models/group.js');
const tokenModel = require('../models/token.js');
const _ = require('underscore');
const jwt = require('jsonwebtoken');
+const OPENAPI_USER = 99999999;
class baseController {
constructor(ctx) {
@@ -38,11 +39,15 @@ class baseController {
let openApiRouter = [
'/api/open/run_auto_test',
- '/api/open/import_data',
- '/api/interface/add',
- '/api/interface/save',
- '/api/interface/up',
- '/api/interface/add_cat'
+ '/api/open/import_data',
+ '/api/interface/add',
+ '/api/interface/save',
+ '/api/interface/up',
+ '/api/interface/get',
+ '/api/interface/list',
+ '/api/interface/list_menu',
+ '/api/interface/add_cat',
+ '/api/interface/getCatMenu'
];
let params = Object.assign({}, ctx.query, ctx.request.body);
@@ -63,7 +68,7 @@ class baseController {
if (projectData) {
ctx.params.project_id = checkId;
this.$tokenAuth = true;
- this.$uid = '999999';
+ this.$uid = OPENAPI_USER;
this.$user = {
_id: this.$uid,
role: 'member',
@@ -258,6 +263,9 @@ class baseController {
*/
async checkAuth(id, type, action) {
let role = await this.getProjectRole(id, type);
+ if(this.getUid() === OPENAPI_USER){
+ role = 'dev'
+ }
if (action === 'danger') {
if (role === 'admin' || role === 'owner') {
diff --git a/server/controllers/interface.js b/server/controllers/interface.js
index 8cb7c607..fb81ed6f 100755
--- a/server/controllers/interface.js
+++ b/server/controllers/interface.js
@@ -398,13 +398,19 @@ class interfaceController extends baseController {
* @example ./api/interface/get.json
*/
async get(ctx) {
- let params = ctx.request.query;
+ let params = ctx.params;
if (!params.id) {
return (ctx.body = yapi.commons.resReturn(null, 400, '接口id不能为空'));
}
try {
let result = await this.Model.get(params.id);
+ if(this.$tokenAuth){
+ if(params.project_id !== result.project_id){
+ ctx.body = yapi.commons.resReturn(null, 400, 'token有误')
+ return;
+ }
+ }
// console.log('result', result);
if (!result) {
return (ctx.body = yapi.commons.resReturn(null, 490, '不存在的'));
@@ -440,7 +446,7 @@ class interfaceController extends baseController {
* @example ./api/interface/list.json
*/
async list(ctx) {
- let project_id = ctx.request.query.project_id;
+ let project_id = ctx.params.project_id;
let page = ctx.request.query.page || 1,
limit = ctx.request.query.limit || 10;
let project = await this.projectModel.getBaseInfo(project_id);
@@ -520,7 +526,7 @@ class interfaceController extends baseController {
}
async listByMenu(ctx) {
- let project_id = ctx.request.query.project_id;
+ let project_id = ctx.params.project_id;
if (!project_id) {
return (ctx.body = yapi.commons.resReturn(null, 400, '项目id不能为空'));
}
@@ -980,7 +986,7 @@ class interfaceController extends baseController {
*/
async getCatMenu(ctx) {
- let project_id = ctx.request.query.project_id;
+ let project_id = ctx.params.project_id;
if (!project_id || isNaN(project_id)) {
return (ctx.body = yapi.commons.resReturn(null, 400, '项目id不能为空'));
diff --git a/server/utils/commons.js b/server/utils/commons.js
index a21e0e6c..22f46976 100755
--- a/server/utils/commons.js
+++ b/server/utils/commons.js
@@ -417,8 +417,9 @@ exports.createAction = (router, baseurl, routerController, action, path, method,
let inst = new routerController(ctx);
try {
await inst.init(ctx);
+ ctx.params = Object.assign({}, ctx.request.query, ctx.request.body, ctx.params);
if (inst.schemaMap && typeof inst.schemaMap === 'object' && inst.schemaMap[action]) {
- ctx.params = Object.assign({}, ctx.request.query, ctx.request.body, ctx.params);
+
let validResult = yapi.commons.validateParams(inst.schemaMap[action], ctx.params);
if (!validResult.valid) {