node/corgi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

系统管理员跳过权限检查

Browse Source
This commit is contained in:
zhl 2021-04-20 20:42:35 +08:00
parent 0f4122bf41
commit 83efbc2e5d
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/plugins/zauth.ts
View File

@ -42,15 +42,16 @@ const zAuthPlugin: FastifyPluginAsync = async function (
if (!account.roles) { if (!account.roles) {
return reply.send({ code: 11, msg: 'no permission' }) return reply.send({ code: 11, msg: 'no permission' })
} }
let isSupAdmin = account.isSysAdmin()
if (request.roles && request.roles.indexOf('anon') == -1) { if (request.roles && request.roles.indexOf('anon') == -1) {
if (account.roles) { if (account.roles && !isSupAdmin) {
const roles = request.roles.intersect(account.roles) const roles = request.roles.intersect(account.roles)
if (!roles || roles.length == 0) { if (!roles || roles.length == 0) {
return reply.send({ code: 12, msg: 'no permission' }) return reply.send({ code: 12, msg: 'no permission' })
} }
} }
} }
if (request.permissions) { if (request.permissions && !isSupAdmin) {
let canDo = false let canDo = false
for (let role of account.roles) { for (let role of account.roles) {
for (let sub of request.permissions) { for (let sub of request.permissions) {