Compare commits

...

6 Commits
master ... dev

Author SHA1 Message Date
yulixing
fb213adac5 调整权限验证 2019-08-19 16:55:28 +08:00
yulixing
b34c2d3df2 Merge branch 'master' into dev 2019-08-19 15:08:37 +08:00
yulixing
c1e9ecc521 修改权限验证方式 2019-08-15 14:08:25 +08:00
yulixing
a11b6bc8e8 权限验证方法调整 2019-08-14 15:40:23 +08:00
yulixing
47645d050c Merge branch 'master' into dev 2019-08-14 11:59:37 +08:00
yulixing
16232dbfa1 增加 权限验证 util 2019-06-06 11:03:02 +08:00
23 changed files with 1489 additions and 889 deletions

View File

@ -1,116 +1,117 @@
import { Router } from 'express';
import data from '../../../config/china_area';
import ChinaRegion from '../../models/snoopy/ChinaRegion';
import ChinaArea from '../../models/snoopy/ChinaArea';
import GameShareImage from '../../models/snoopy/GameShareImage';
import {Router} from 'express'
import data from '../../../config/china_area'
import ChinaRegion from '../../models/snoopy/ChinaRegion'
import ChinaArea from '../../models/snoopy/ChinaArea'
import getGameShareImage from '../../models/snoopy/GameShareImage'
import logger from '../../utils/logger'
const router = new Router();
const GameShareImage = getGameShareImage()
const router = new Router()
/* 获取省市列表, id为地区英文名*/
router.get('/china_region', async (req, res, next) => {
try {
const provinces = await ChinaRegion.find({ level: 1 });
const citys = await ChinaRegion.find({ level: 2, pinyin: { $ne: null } });
const result = [];
const map = new Map();
const pIdx = {};
const provinces = await ChinaRegion.find({level: 1})
const citys = await ChinaRegion.find({level: 2, pinyin: {$ne: null}})
const result = []
const map = new Map()
const pIdx = {}
for (let i = 0; i < provinces.length; i++) {
result.push({
id: provinces[i].pinyin,
parent: '#',
text: provinces[i].name,
children: []
});
map.set(provinces[i]._id, provinces[i]);
children: [],
})
map.set(provinces[i]._id, provinces[i])
if (!pIdx[provinces[i]._id]) {
pIdx[provinces[i]._id] = i;
pIdx[provinces[i]._id] = i
}
}
for (const c of citys) {
if (map.has(c.parent_id)) {
const pIndex = pIdx[c.parent_id];
const pIndex = pIdx[c.parent_id]
result[pIndex].children.push({
id: `${map.get(c.parent_id).pinyin}_${c.pinyin}`,
parent: map.get(c.parent_id).pinyin,
text: c.name
});
text: c.name,
})
}
}
res.json({
errcode: 0,
records: result
});
records: result,
})
} catch (err) {
next(err);
next(err)
}
});
})
/* 获取所有定义好的地域列表*/
router.get('/china_area', async (req, res, next) => {
try {
const records = await ChinaArea.find({ deleted: false });
res.json({ errcode: 0, records: records });
const records = await ChinaArea.find({deleted: false})
res.json({errcode: 0, records: records})
} catch (err) {
next(err);
next(err)
}
});
})
/* 更新*/
router.post('/china_area', async (req, res, next) => {
logger.db(req, '公共', '地域', '保存地域');
const body = req.body;
const id = body.id;
const name = body.name;
const locations = body.locations;
let record;
logger.db(req, '公共', '地域', '保存地域')
const body = req.body
const id = body.id
const name = body.name
const locations = body.locations
let record
try {
if (id) {
record = await ChinaArea.findById(id);
record = await ChinaArea.findById(id)
} else {
record = new ChinaArea({});
record = new ChinaArea({})
}
record.name = name;
record.locations = locations;
await record.save();
res.json({ errcode: 0, record: record });
record.name = name
record.locations = locations
await record.save()
res.json({errcode: 0, record: record})
} catch (err) {
next(err);
next(err)
}
});
})
/* 删除*/
router.delete('/china_area', async (req, res, next) => {
logger.db(req, '公共', '地域', '删除地域');
const body = req.body;
const id = body.id;
logger.db(req, '公共', '地域', '删除地域')
const body = req.body
const id = body.id
try {
if (!id) {
return res.json({ errcode: 101, errmsg: '未定义要删除的地域id' });
return res.json({errcode: 101, errmsg: '未定义要删除的地域id'})
}
const record = await ChinaArea.findById(id);
const record = await ChinaArea.findById(id)
if (!record) {
return res.json({ errcode: 102, errmsg: '未找到要删除的地域' });
return res.json({errcode: 102, errmsg: '未找到要删除的地域'})
}
const usedRecord = await GameShareImage.findOne({
area: id,
deleted: false
});
deleted: false,
})
if (usedRecord) {
return res.json({
errcode: 103,
errmsg: '要删除的记录已被使用,不能删除!'
});
errmsg: '要删除的记录已被使用,不能删除!',
})
}
record.deleted = true;
record.delete_time = new Date();
await record.save();
res.json({ errcode: 0, record: record });
record.deleted = true
record.delete_time = new Date()
await record.save()
res.json({errcode: 0, record: record})
} catch (err) {
next(err);
next(err)
}
});
})
export default router;
export default router

View File

@ -4,6 +4,8 @@ import config from '../../../config/config'
import logger from '../../utils/logger'
import AdArea from '../../models/admin/AdArea'
import AdUid from '../../models/admin/AdUid'
import validPerm from '../../utils/valid-perm'
import {builtinModules} from 'module'
const router = new Router()
@ -14,19 +16,22 @@ const adApiUrl = config.ad_api
// 获取单个游戏广告位
router.get('/pos', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏广告位查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const query = req.query
try {
@ -58,18 +63,22 @@ router.get('/pos', async (req, res, next) => {
// 为游戏添加广告位
router.post('/pos', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏广告编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '广告位管理', '添加广告位')
@ -105,18 +114,22 @@ router.post('/pos', async (req, res, next) => {
// 修改广告位信息
router.put('/pos', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏广告编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '广告位管理', '修改广告位')
@ -156,18 +169,22 @@ router.put('/pos', async (req, res, next) => {
// 删除广告位信息
router.delete('/pos', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏广告编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '广告位管理', '删除广告位')
const body = req.body
@ -214,9 +231,24 @@ router.get('/area', async (req, res, next) => {
// 新增区域
router.post('/area', async (req, res, next) => {
/* 权限验证 */
/* 广告区域管理-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'ad-area',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 403,
errmsg: '用户权限不足!',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '广告区域管理', '新增广告区域')
// 权限判断
const hasPerm = req.user.permissions.includes(`ad-area-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
@ -249,15 +281,22 @@ router.post('/area', async (req, res, next) => {
// 编辑区域信息
router.put('/area', async (req, res, next) => {
logger.db(req, '游戏管理', '广告区域管理', '修改广告区域信息')
// 权限判断
const hasPerm = req.user.permissions.includes(`ad-area-writeable`)
/* 权限验证 */
/* 广告区域管理-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'ad-area',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无广告区域编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const search = await AdArea.findOne({area_id: body.area_id})
@ -287,16 +326,25 @@ router.put('/area', async (req, res, next) => {
// 编辑区域信息
router.delete('/area', async (req, res, next) => {
logger.db(req, '游戏管理', '广告区域管理', '删除广告区域')
// 权限判断
const hasPerm = req.user.permissions.includes(`ad-area-writeable`)
/* 权限验证 */
/* 广告区域管理-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'ad-area',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无广告区域编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '广告区域管理', '删除广告区域')
const body = req.body
try {
const search = await AdArea.findOne({area_id: body.area_id})
@ -340,18 +388,23 @@ router.get('/uid', async (req, res, next) => {
// 新增Uid
router.post('/uid', async (req, res, next) => {
logger.db(req, '游戏管理', '广告Uid', '新增广告Uid')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const newAdUid = new AdUid({
@ -374,18 +427,23 @@ router.post('/uid', async (req, res, next) => {
// 编辑Uid信息
router.put('/uid', async (req, res, next) => {
logger.db(req, '游戏管理', '广告Uid', '修改广告Uid信息')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const search = await AdUid.findOne({_id: body._id})
@ -418,18 +476,23 @@ router.put('/uid', async (req, res, next) => {
// 编辑Uid信息
router.delete('/uid', async (req, res, next) => {
logger.db(req, '游戏管理', '广告Uid', '删除广告Uid')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const search = await AdUid.findOne({_id: body._id})

View File

@ -1,231 +0,0 @@
// 获取单个游戏广告位
import {Router} from 'express'
import axios from 'axios'
import config from '../../../config/config'
const router = new Router()
const gameReportApiUrl = config.game_report
// 获取游戏日报
router.get('/report', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏数据查看权限!',
})
return
}
const query = req.query
const game_id = parseInt(query.game_id)
const platform_id = parseInt(query.platform_id)
const date = query.date
const isNew = parseInt(query.isNew)
try {
const categoryRes = await axios({
url: gameReportApiUrl,
method: 'get',
params: {
c: 'Ops',
a: 'descField',
body: JSON.stringify({
gameid: game_id,
channel: platform_id,
}),
},
})
if (categoryRes.data.errcode === 0) {
const categoryInfo = categoryRes.data.result
const category = []
for (const key in categoryInfo) {
if (categoryInfo.hasOwnProperty(key)) {
category.push(key)
}
}
if (category.length === 0) {
res.send({
errcode: 404,
errmsg: '暂无数据!',
})
return
}
const getDataArr = []
category.map(item => {
getDataArr.push(
getCategoryData(item, date, isNew, game_id, platform_id)
)
})
const dataArr = await Promise.all(getDataArr)
const allData = Object.assign(...dataArr)
const result = {}
for (const key in categoryInfo) {
if (categoryInfo.hasOwnProperty(key)) {
const cate = categoryInfo[key]
result[key] = []
for (let i = 0; i < cate.length; i++) {
const field = cate[i]
const fieldName = field.name
if (fieldName.endsWith('_%')) {
let idx = 1
let tempName = fieldName.replace(/%/, idx)
while (allData[tempName]) {
const obj = JSON.parse(JSON.stringify(field))
obj.name = tempName
obj.explan += `_${idx}`
obj.value = allData[tempName]
result[key].push(obj)
idx++
tempName = fieldName.replace(/%/, idx)
}
} else {
field.value = allData[fieldName]
result[key].push(field)
}
}
}
}
res.send({
errcode: 0,
result: result,
})
} else {
res.send({
errcode: categoryRes.errcode,
errmsg: categoryRes.errmsg,
})
return
}
} catch (err) {
next(err)
}
})
function getCategoryData(cateName, date, is_new, game_id, platform_id) {
return new Promise(async (resolve, reject) => {
const dataRes = await axios({
url: gameReportApiUrl,
method: 'get',
params: {
c: 'Ops',
a: 'gameReport',
body: JSON.stringify({
gameid: game_id,
channel: platform_id,
times: date,
is_new: is_new,
category: cateName,
}),
},
})
if (dataRes.data.errcode === 0) {
const data = dataRes.data.result
resolve(data)
} else {
reject({
errcode: 404,
errmsg: '数据获取失败,暂无数据!',
})
}
})
}
// 获取游戏数据(画图表用)
router.get('/game-data', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏数据查看权限!',
})
return
}
const query = req.query
console.log(query)
const gameid = parseInt(query.gameid)
const channelid = parseInt(query.channelid)
const ad_channelid = query.ad_channelid
const method = query.method
const time_partice = parseInt(query.time_partice)
const time_begin = query.isNew
const time_end = query.isNew
try {
// TODO: 接口对接
// const searchRes = await axios({
// url: gameReportApiUrl,
// method: 'get',
// params: {
// c: 'Ops',
// a: 'descField',
// body: JSON.stringify({
// gameid: game_id,
// channel: platform_id,
// }),
// },
// })
// if (searchRes.data.errcode === 0) {
// res.send({
// errcode: 0,
// errmsg: '',
// message: {
// totoal: 2,
// result: [
// {
// '2019-08-01 01:00:00': 100,
// '2019-08-01 02:00:00': 120,
// },
// ],
// },
// })
// } else {
// res.send({
// errcode: searchRes.errcode,
// errmsg: searchRes.errmsg,
// })
// }
// TODO: 数据示例
res.send({
errcode: 0,
errmsg: '',
message: {
totoal: 2,
result: [
{
'2019-08-01 01:00:00': 100,
'2019-08-01 02:00:00': 120,
},
],
},
})
} catch (err) {
next(err)
}
})
export default router

View File

@ -1,10 +1,9 @@
// 获取单个游戏广告位
import {Router} from 'express'
import axios from 'axios'
import GameItem from '../../models/admin/GameItem'
import config from '../../../config/config'
import validPerm from '../../utils/valid-perm'
const router = new Router()
@ -12,19 +11,22 @@ const gameReportApiUrl = config.game_report
// 获取游戏日报
router.get('/report', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏数据查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const query = req.query
const game_id = query.game_id
@ -194,19 +196,23 @@ function getMethodData(method, opt) {
// 获取游戏数据(画图表用)
router.get('/game-data', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏数据查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const query = req.query
const gameid = parseInt(query.gameid)
const channelid = parseInt(query.channelid)

View File

@ -0,0 +1,510 @@
import getGameInfoModel from '../../models/admin/GameInfo'
import {Router} from 'express'
import axios from 'axios'
import config from '../../../config/config'
import logger from '../../utils/logger'
import getOpsToken from '../../utils/get-ops-token'
import validPerm from '../../utils/valid-perm'
const router = new Router()
// 正式服 model
const GameInfo = getGameInfoModel()
// 测试服 model
const GameInfoTest = getGameInfoModel('test')
// 获取游戏列表
router.get('/list', async (req, res, next) => {
const query = req.query || {}
const userPerms = req.user.permissions
try {
let search = []
let result = []
if (query.type === 'all') {
// 返回所有游戏信息仅包含游戏_id与游戏名
// logger.db(req, '游戏管理', '游戏列表', '获取所有游戏非权限信息');
result = await GameInfo.find({deleted: false})
} else {
// 有权限查阅的游戏
// logger.db(req, '游戏管理', '游戏列表', '获取权限游戏所有信息');
search = await GameInfo.find({deleted: false})
result = search.filter(game => {
const uid = game._id
return (
userPerms.includes(`${uid}-readable`) ||
userPerms.includes(`${uid}-edit`) ||
userPerms.includes(`${uid}-publish`) ||
userPerms.includes(`games-writeable`)
)
})
}
res.send({
errcode: 0,
gameList: result,
user: req.user,
})
} catch (err) {
next(err)
}
})
// 保存游戏信息
router.post('/save', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '添加游戏')
// 权限判断
const hasPerm = req.user.permissions.includes('games-writeable')
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
})
return
}
const body = req.body
try {
const search = await GameInfo.findOne({
$or: [
{game_id: body.game_id},
{game_name: body.game_name},
{game_name_en: body.game_name_en},
],
})
if (search && !search.deleted) {
res.send({
errcode: 1,
errmsg: '游戏已存在!',
})
} else {
const newGameInfo = new GameInfo(body)
const result = await newGameInfo.save()
res.send({
errcode: 0,
gameInfo: result,
})
}
} catch (err) {
next(err)
}
})
// 查找单个游戏信息
router.get('/info', async (req, res, next) => {
// logger.db(req, '游戏管理', '游戏列表', '查询单个游戏信息');
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏查看权限!',
})
return
}
const query = req.query
const data_type = query.data_type
const GameInfoModel = data_type === 'dev' ? GameInfoTest : GameInfo
delete req.query.data_type
try {
const search = await GameInfoModel.findOne({
_id: query.uid,
deleted: false,
})
if (search) {
res.send({
errcode: 0,
gameInfo: search,
})
} else {
res.send({
errcode: 1,
errmsg: '游戏信息不存在!',
})
}
} catch (err) {
next(err)
}
})
// 更新游戏信息
router.post('/update', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '更新单个游戏信息')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body._id}-edit`) ||
req.user.permissions.includes(`${req.body._id}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
})
return
}
const body = req.body
const method = body.method
const platformIndex = body.platformIndex
try {
const search = await GameInfo.findOne({
_id: body._id,
deleted: false,
})
if (search) {
const platforms = search.platforms
if (method === 'savePlatform') {
const curPlatform = body.platform
const prePlatform = platforms[platformIndex] || {}
delete curPlatform.newPlatform
if (curPlatform.platform.platform_id !== "6000" && (curPlatform.status !== prePlatform.status)) {
const token = await getOpsToken()
const statusRes = await axios({
url: config.minigame.api + 'minigame/',
method: 'post',
data: {
action: 'game_status_change',
data: {
game: search.game_name,
game_name: search.game_name_en,
game_id: search.game_id,
platform: curPlatform.platform.name_en,
platform_name: curPlatform.platform.name,
platform_id: curPlatform.platform.platform_id,
status_id: curPlatform.status,
},
},
headers: {
authorization: 'Bearer ' + token,
},
})
const statusStatus = statusRes.status
if (statusStatus !== 200) {
res.send({
errcode: 1,
errmsg: '游戏状态修改发生异常!',
})
return
}
}
platforms[platformIndex] = curPlatform
const result = await GameInfo.updateOne(
{
_id: body._id,
deleted: false,
},
{platforms, platforms}
)
res.send({
errcode: 0,
})
} else if (method === 'delPlatform') {
platforms.splice(platformIndex, 1)
const result = await GameInfo.updateOne(
{
_id: body._id,
deleted: false,
},
{platforms, platforms}
)
res.send({
errcode: 0,
})
} else {
const result = await GameInfo.updateOne(
{
_id: body._id,
deleted: false,
},
body
)
res.send({
errcode: 0,
})
}
} else {
res.send({
errcode: 1,
errmsg: '游戏信息不存在!',
})
}
} catch (err) {
if (err.response && err.response.data.error) {
next({
message: err.response.data.error,
})
} else {
next(err)
}
}
})
// 更新推荐信息
router.post('/update_rc', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '更新游戏推荐列表')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body._id}-edit`) ||
req.user.permissions.includes(`${req.body._id}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
})
return
}
const body = req.body
const isDev = body.isDev
const GameInfoModel = isDev ? GameInfoTest : GameInfo
delete body.isDev
try {
const search = await GameInfoModel.findOne({
_id: body._id,
deleted: false,
})
if (search) {
// 更新
const recommendation = search.recommendation ? search.recommendation : {}
if (body.platform_id) {
recommendation[body.platform_id] = body.RCList
}
const result = await GameInfoModel.updateOne(
{
_id: body._id,
deleted: false,
},
{recommendation: recommendation, rc_published: body.published}
)
res.send({
errcode: 0,
})
} else {
// 新建
const gameInfo = body.gameInfo
gameInfo.recommendation = {}
if (body.platform_id) {
gameInfo.recommendation[body.platform_id] = body.RCList
}
gameInfo.rc_published = body.published
const newGameInfo = new GameInfoModel(gameInfo)
const result = await newGameInfo.save()
res.send({
errcode: 0,
})
}
} catch (err) {
next(err)
}
})
// 删除一个游戏
router.post('/del', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '删除单个游戏')
const body = req.body
// 权限判断
const hasPerm =
req.user.permissions.includes(`${body.uid}-edit`) ||
req.user.permissions.includes(`${body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
})
return
}
try {
const search = await GameInfo.findOne({
_id: body.uid,
deleted: false,
})
if (search) {
const result = await GameInfo.updateOne(
{
_id: body.uid,
deleted: false,
},
{deleted: true}
)
res.send({
errcode: 0,
})
} else {
res.send({
errcode: 1,
errmsg: '游戏信息不存在!',
})
}
} catch (err) {
next(err)
}
})
// 创建新平台获取ftp账号
router.post('/create-ftp', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '为游戏添加一个平台账号')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
})
return
}
const body = req.body
try {
const token = await getOpsToken()
const ftpRes = await axios({
url: config.minigame.api + 'minigame/',
method: 'post',
data: {
action: 'game_deploy',
data: {
game: body.game_name,
game_name: body.game_name_en,
game_id: body.game_id,
platform: body.platformInfo.platform.name_en,
platform_id: body.platformInfo.platform.platform_id,
},
},
headers: {
authorization: 'Bearer ' + token,
},
})
const ftpStatus = ftpRes.status
if (ftpStatus === 200) {
// 通知用户刷新页面等待ftp账号
res.send({
errcode: 0,
msg: '正在创建ftp账号请等待一段时间后刷新页面',
})
} else {
res.send({
errcode: 1,
errmsg: '创建ftp账号时发生错误',
})
return
}
} catch (err) {
if (err.response && err.response.data.error) {
next({
message: err.response.data.error,
})
} else {
next(err)
}
}
})
// 发布游戏配置
router.post('/deploy-config', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '修改游戏平台信息')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
})
return
}
const body = req.body
try {
const info = body.platformInfo
const search = await GameInfo.findOne({
game_id: body.game_id,
deleted: false,
})
if (search) {
const platforms = search.platforms
for (let i = 0; i < platforms.length; i++) {
if (platforms[i].platform.name_en === body.platform) {
platforms[i] = info
break
}
}
await GameInfo.updateOne(
{game_id: body.game_id, deleted: false},
{
platforms: platforms,
}
)
} else {
res.send({
errcode: 1,
errmsg: '游戏信息不存在!',
})
return
}
const token = await getOpsToken()
const cfgRes = await axios({
url: config.minigame.api + 'minigame/',
method: 'post',
data: {
action: 'config_deploy',
data: {
config: {
app_id: body.app_id,
app_secret: body.app_secret,
},
game_id: body.game_id,
platform: body.platform,
},
},
headers: {
authorization: 'Bearer ' + token,
},
})
const cfgStatus = cfgRes.status
if (cfgStatus === 200) {
res.send({
errcode: 0,
})
} else {
res.send({
errcode: 1,
errmsg: '发布配置时发生错误!',
})
}
} catch (err) {
if (err.response && err.response.data.error) {
next({
message: err.response.data.error,
})
} else {
next(err)
}
}
})
export default router

View File

@ -4,10 +4,13 @@ import axios from 'axios'
import config from '../../../config/config'
import logger from '../../utils/logger'
import getOpsToken from '../../utils/get-ops-token'
import validPerm from '../../utils/valid-perm'
const router = new Router()
// 正式服 model
const GameInfo = getGameInfoModel()
// 测试服 model
const GameInfoTest = getGameInfoModel('test')
// 获取游戏列表
@ -49,15 +52,24 @@ router.get('/list', async (req, res, next) => {
// 保存游戏信息
router.post('/save', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '添加游戏')
// 权限判断
const hasPerm = req.user.permissions.includes('games-writeable')
/* 权限验证 */
/* 游戏页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'games',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const search = await GameInfo.findOne({
@ -87,21 +99,22 @@ router.post('/save', async (req, res, next) => {
// 查找单个游戏信息
router.get('/info', async (req, res, next) => {
// logger.db(req, '游戏管理', '游戏列表', '查询单个游戏信息');
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏查看权限!',
errcode: 403,
errmsg: '用户权限不足!',
})
return
}
/* 权限验证 end */
const query = req.query
@ -132,18 +145,23 @@ router.get('/info', async (req, res, next) => {
// 更新游戏信息
router.post('/update', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '更新单个游戏信息')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body._id}-edit`) ||
req.user.permissions.includes(`${req.body._id}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body._id,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
const method = body.method
@ -163,7 +181,10 @@ router.post('/update', async (req, res, next) => {
delete curPlatform.newPlatform
if (curPlatform.platform.platform_id !== "6000" && (curPlatform.status !== prePlatform.status)) {
if (
curPlatform.platform.platform_id !== '6000' &&
curPlatform.status !== prePlatform.status
) {
const token = await getOpsToken()
const statusRes = await axios({
@ -251,18 +272,23 @@ router.post('/update', async (req, res, next) => {
// 更新推荐信息
router.post('/update_rc', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '更新游戏推荐列表')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body._id}-edit`) ||
req.user.permissions.includes(`${req.body._id}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body._id,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
const isDev = body.isDev
@ -315,19 +341,26 @@ router.post('/update_rc', async (req, res, next) => {
// 删除一个游戏
router.post('/del', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '删除单个游戏')
const body = req.body
// 权限判断
const hasPerm =
req.user.permissions.includes(`${body.uid}-edit`) ||
req.user.permissions.includes(`${body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const search = await GameInfo.findOne({
_id: body.uid,
@ -358,18 +391,24 @@ router.post('/del', async (req, res, next) => {
// 创建新平台获取ftp账号
router.post('/create-ftp', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '为游戏添加一个平台账号')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
@ -420,18 +459,22 @@ router.post('/create-ftp', async (req, res, next) => {
router.post('/deploy-config', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏列表', '修改游戏平台信息')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {

View File

@ -1,5 +1,6 @@
import { Router } from 'express';
import gamesRouter from './games';
// import gameRouter from './game';
import settingsRouter from './settings';
import platformsRouter from './platforms';
import shareRouter from './share';
@ -9,7 +10,7 @@ import adRouter from './ad';
import itemRouter from './item';
import dataRouter from './data';
// TODO: 整理路由关系
// 小程序 关联
import mpShareRouter from './mp_share';
@ -26,5 +27,6 @@ router.use('/ad', adRouter);
router.use('/item', itemRouter);
router.use('/data', dataRouter);
router.use('/', gamesRouter);
// router.use('/', gameRouter);
export default router;

View File

@ -2,6 +2,7 @@ import {Router} from 'express'
import axios from 'axios'
import logger from '../../utils/logger'
import GameItem from '../../models/admin/GameItem'
import validPerm from '../../utils/valid-perm'
const router = new Router()
@ -26,18 +27,22 @@ router.get('/', async (req, res, next) => {
// 新增游戏道具
router.post('/', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏道具', '新增游戏道具')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const newGameItem = new GameItem({
@ -57,18 +62,22 @@ router.post('/', async (req, res, next) => {
// 编辑游戏道具信息
router.put('/', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏道具', '修改游戏道具信息')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const search = await GameItem.findOne({_id: body._id})
@ -98,18 +107,22 @@ router.put('/', async (req, res, next) => {
// 删除游戏道具信息
router.delete('/', async (req, res, next) => {
logger.db(req, '游戏管理', '游戏道具', '删除广告Uid')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {
const search = await GameItem.findOne({_id: body._id})

View File

@ -1,6 +1,7 @@
import {Router} from 'express'
import logger from '../../utils/logger'
import GameLib from '../../models/admin/GameLib'
import validPerm from '../../utils/valid-perm'
const router = new Router()

View File

@ -5,6 +5,7 @@ import path from 'path'
import painter from '../../utils/painter'
import config from '../../../config/config'
import Template from '../../models/mp_share/Template'
import validPerm from '../../utils/valid-perm'
const router = new Router()

View File

@ -1,93 +1,110 @@
import Platform from '../../models/admin/Platform';
import { Router } from 'express';
import logger from '../../utils/logger';
import Platform from '../../models/admin/Platform'
import {Router} from 'express'
import logger from '../../utils/logger'
import validPerm from '../../utils/valid-perm'
const router = new Router();
const router = new Router()
// 获取平台列表
router.get('/', async (req, res, next) => {
// logger.db(req, '游戏管理', '平台管理', '获取所有平台信息');
try {
const result = await Platform.find({});
const result = await Platform.find({})
res.send({
errcode: 0,
platformList: result
});
platformList: result,
})
} catch (err) {
next(err);
next(err)
}
});
})
// 新增平台
router.post('/', async (req, res, next) => {
logger.db(req, '游戏管理', '平台管理', '新增平台');
// 权限判断
const hasPerm = req.user.permissions.includes(`platforms-writeable`);
logger.db(req, '游戏管理', '平台管理', '新增平台')
/* 权限验证 */
/* 平台页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'platforms',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无平台编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
const body = req.body;
/* 权限验证 end */
const body = req.body
try {
const search = await Platform.findOne({
$or: [
{ name: body.name },
{ name_en: body.name_en },
{ platform_id: body.platform_id }
]
});
{name: body.name},
{name_en: body.name_en},
{platform_id: body.platform_id},
],
})
if (search) {
res.send({
errcode: 1,
errmsg: '平台名称或平台 ID 已存在!'
});
errmsg: '平台名称或平台 ID 已存在!',
})
} else {
const newPlatform = new Platform(body);
const result = await newPlatform.save();
const newPlatform = new Platform(body)
const result = await newPlatform.save()
res.send({
errcode: 0
});
errcode: 0,
})
}
} catch (err) {
next(err);
next(err)
}
});
})
// 编辑平台信息
router.put('/', async (req, res, next) => {
logger.db(req, '游戏管理', '平台管理', '编辑平台信息');
// 权限判断
const hasPerm = req.user.permissions.includes(`platforms-writeable`);
logger.db(req, '游戏管理', '平台管理', '编辑平台信息')
/* 权限验证 */
/* 平台页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'platforms',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无平台编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
const body = req.body;
/* 权限验证 end */
const body = req.body
try {
const search = await Platform.findOne({ platform_id: body.platform_id });
const search = await Platform.findOne({platform_id: body.platform_id})
if (search) {
const result = await Platform.updateOne(
{ platform_id: body.platform_id },
{platform_id: body.platform_id},
{
name: body.name,
comment: body.comment
comment: body.comment,
}
);
)
res.send({
errcode: 0
});
errcode: 0,
})
} else {
res.send({
errcode: 1,
errmsg: '平台不存在,修改失败!'
});
errmsg: '平台不存在,修改失败!',
})
}
} catch (err) {
next(err);
next(err)
}
});
})
export default router;
export default router

View File

@ -5,6 +5,7 @@ import RedisDao from '../../redis/redis.dao'
import getOpsToken from '../../utils/get-ops-token'
import config from '../../../config/config'
import axios from 'axios'
import validPerm from '../../utils/valid-perm'
const router = new Router()
const redisDao = new RedisDao()
@ -14,19 +15,22 @@ const CustomerReplayTest = getCustomerReplayModel('test')
// 获取奖励列表
router.get('/', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏奖励列表查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const query = req.query
const game_id = query.game_id
const currentPage = query.currentPage || 0
@ -60,18 +64,22 @@ router.get('/', async (req, res, next) => {
// 保存奖励配置
router.post('/', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏奖励编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '客服奖励', '更新客服奖励')
@ -106,18 +114,23 @@ router.post('/', async (req, res, next) => {
// 启用禁用奖励配置
router.put('/', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏奖励编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '客服奖励', '切换客服奖励状态')
const body = req.body
const type = body.type // 启用: true 禁用 false
@ -143,18 +156,23 @@ router.put('/', async (req, res, next) => {
// 删除奖励配置
router.delete('/', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏奖励编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '客服奖励', '删除客服奖励')
const body = req.body
const isDev = body.isDev
@ -181,19 +199,22 @@ router.delete('/', async (req, res, next) => {
// 获取客服配置
router.get('/kefu-cfg', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏客服配置查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
try {
const query = req.query
@ -210,18 +231,22 @@ router.get('/kefu-cfg', async (req, res, next) => {
// 发布客服配置
router.post('/kefu-cfg', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏客服配置编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
try {
const body = req.body

View File

@ -1,378 +1,405 @@
import _ from 'lodash';
import SystemDic from '../../models/admin/SystemDic';
import GameInfo from '../../models/snoopy/GameInfo';
import RedisDao from '../../redis/redis.dao';
import { Router } from 'express';
import redis from 'redis';
import config from '../../../config/config';
import logger from '../../utils/logger';
import _ from 'lodash'
import SystemDic from '../../models/admin/SystemDic'
import GameInfo from '../../models/snoopy/GameInfo'
import RedisDao from '../../redis/redis.dao'
import {Router} from 'express'
import redis from 'redis'
import config from '../../../config/config'
import logger from '../../utils/logger'
import validPerm from '../../utils/valid-perm'
const router = new Router();
const redisDao = new RedisDao();
const router = new Router()
const redisDao = new RedisDao()
/* 获取所有游戏配置*/
router.get('/games', async (req, res, next) => {
// logger.db(req, '游戏管理', '配置管理', '获取所有游戏配置信息');
const type = parseInt(req.query.type);
const type = parseInt(req.query.type)
try {
const pattern = !type ? 'config*' : 'private_config*';
const results = await redisDao.scanAsync('0', pattern, []);
let games = [];
const gameList = await GameInfo.find({ deleted: false });
const gameMap = new Map();
const pattern = !type ? 'config*' : 'private_config*'
const results = await redisDao.scanAsync('0', pattern, [])
let games = []
const gameList = await GameInfo.find({deleted: false})
const gameMap = new Map()
for (const g of gameList) {
gameMap.set(g.game_id, g.game_name);
gameMap.set(g.game_id, g.game_name)
}
const platforms = await SystemDic.find({
type: 'platform',
deleted: false
});
const platformMap = new Map();
deleted: false,
})
const platformMap = new Map()
for (const p of platforms) {
platformMap.set(p.key, p.value);
platformMap.set(p.key, p.value)
}
for (const result of results) {
const infos = result.split(':');
const infos = result.split(':')
const gameObj = {
id: infos[1],
platform_id: infos[2]
};
if (infos.length > 2) {
gameObj.name = gameMap.get(infos[1]);
gameObj.platform = platformMap.get(infos[2]);
platform_id: infos[2],
}
games.push(gameObj);
if (infos.length > 2) {
gameObj.name = gameMap.get(infos[1])
gameObj.platform = platformMap.get(infos[2])
}
games.push(gameObj)
}
games = _.sortBy(games, o => {
return o.id;
});
res.json({ errcode: 0, errmsg: '', rows: games, total: games.length });
return o.id
})
res.json({errcode: 0, errmsg: '', rows: games, total: games.length})
} catch (err) {
next(err);
next(err)
}
});
})
/* 获取单个游戏的配置*/
router.get('/one_game_cfg', async (req, res, next) => {
// logger.db(req, '游戏管理', '配置管理', '获取单个游戏配置信息');
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`);
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足!',
})
return
}
/* 权限验证 end */
const id = req.query.id;
const pid = req.query.pid;
const type = parseInt(req.query.type);
const key = !type ? `config:${id}:${pid}` : `private_config:${id}:${pid}`;
const id = req.query.id
const pid = req.query.pid
const type = parseInt(req.query.type)
const key = !type ? `config:${id}:${pid}` : `private_config:${id}:${pid}`
const flag = !type
? `config_publish:${id}:${pid}`
: `private_config_publish:${id}:${pid}`;
: `private_config_publish:${id}:${pid}`
try {
let records = await redisDao.getByKey(key);
let published = await redisDao.getByKey(flag);
let records = await redisDao.getByKey(key)
let published = await redisDao.getByKey(flag)
const platforms = await SystemDic.find({
type: 'game_cfg',
deleted: false
});
const platformMap = new Map();
deleted: false,
})
const platformMap = new Map()
for (const p of platforms) {
platformMap.set(p.key, p.value);
platformMap.set(p.key, p.value)
}
if (records) {
records = JSON.parse(records);
records = JSON.parse(records)
for (const record of records) {
const cfg = platformMap.get(record.key);
record.title = !cfg || !cfg.title ? record.key : cfg.title;
record.type = !cfg || !cfg.type ? 'string' : cfg.type;
const cfg = platformMap.get(record.key)
record.title = !cfg || !cfg.title ? record.key : cfg.title
record.type = !cfg || !cfg.type ? 'string' : cfg.type
}
} else {
records = [];
records = []
}
res.json({
errcode: 0,
errmsg: '',
records: records,
published: published === '1' ? true : false
});
published: published === '1' ? true : false,
})
} catch (err) {
next(err);
next(err)
}
});
})
/* 还原配置(获取正式配置) */
router.get('/reset_one_game_cfg', async (req, res, next) => {
// logger.db(req, '游戏管理', '配置管理', '获取单个游戏正式服配置信息');
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`);
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足!',
})
return
}
/* 权限验证 end */
const id = req.query.id;
const pid = req.query.pid;
const type = parseInt(req.query.type);
const key = !type ? `config:${id}:${pid}` : `private_config:${id}:${pid}`;
const id = req.query.id
const pid = req.query.pid
const type = parseInt(req.query.type)
const key = !type ? `config:${id}:${pid}` : `private_config:${id}:${pid}`
const client = redis.createClient({
host: config.redisPublish.host,
port: config.redisPublish.port,
password: config.redisPublish.password
});
password: config.redisPublish.password,
})
try {
let records = await client.getAsync(key);
let records = await client.getAsync(key)
const platforms = await SystemDic.find({
type: 'game_cfg',
deleted: false
});
const platformMap = new Map();
deleted: false,
})
const platformMap = new Map()
for (const p of platforms) {
platformMap.set(p.key, p.value);
platformMap.set(p.key, p.value)
}
if (records) {
records = JSON.parse(records);
records = JSON.parse(records)
for (const record of records) {
const cfg = platformMap.get(record.key);
record.title = !cfg || !cfg.title ? record.key : cfg.title;
record.type = !cfg || !cfg.type ? 'string' : cfg.type;
const cfg = platformMap.get(record.key)
record.title = !cfg || !cfg.title ? record.key : cfg.title
record.type = !cfg || !cfg.type ? 'string' : cfg.type
}
} else {
records = [];
records = []
}
res.json({
errcode: 0,
errmsg: '',
records: records
});
records: records,
})
} catch (err) {
next(err);
next(err)
}
});
})
/* 删除一个游戏配置*/
router.post('/delete_cfg', async (req, res, next) => {
logger.db(req, '游戏管理', '配置管理', '删除单个游戏配置信息');
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`);
logger.db(req, '游戏管理', '配置管理', '删除单个游戏配置信息')
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
const games = req.body.games;
const type = parseInt(req.body.type);
let keys;
/* 权限验证 end */
const games = req.body.games
const type = parseInt(req.body.type)
let keys
if (type) {
keys = games.map(o => `private_config:${o.id}:${o.platform_id}`);
keys = games.map(o => `private_config:${o.id}:${o.platform_id}`)
} else {
keys = games.map(o => `config:${o.id}:${o.platform_id}`);
keys = games.map(o => `config:${o.id}:${o.platform_id}`)
}
try {
await redisDao.deleteKeys(keys);
res.json({ errcode: 0, errmsg: '' });
await redisDao.deleteKeys(keys)
res.json({errcode: 0, errmsg: ''})
} catch (err) {
next(err);
next(err)
}
});
})
/* 更新配置*/
router.post('/save_cfg', async (req, res, next) => {
logger.db(req, '游戏管理', '配置管理', '更新单个游戏配置信息');
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`);
logger.db(req, '游戏管理', '配置管理', '更新单个游戏配置信息')
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
const body = req.body;
const cfgs = body.cfgs;
const gameId = body.gameId;
const platform = body.platform;
const type = parseInt(body.type);
/* 权限验证 end */
const body = req.body
const cfgs = body.cfgs
const gameId = body.gameId
const platform = body.platform
const type = parseInt(body.type)
const key = !type
? `config:${gameId}:${platform}`
: `private_config:${gameId}:${platform}`;
: `private_config:${gameId}:${platform}`
const flag = !type
? `config_publish:${gameId}:${platform}`
: `private_config_publish:${gameId}:${platform}`;
: `private_config_publish:${gameId}:${platform}`
for (const cfg of cfgs) {
if (cfg.type === 'bool' || cfg.type === 'num') {
cfg.value = Number(cfg.value);
cfg.value = Number(cfg.value)
}
delete cfg.title;
delete cfg.type;
delete cfg.title
delete cfg.type
}
const cfgStr = JSON.stringify(cfgs);
const cfgStr = JSON.stringify(cfgs)
try {
await redisDao.updateOneKey(key, cfgStr);
await redisDao.updateOneKey(flag, 0);
res.json({ errcode: 0, errmsg: '' });
await redisDao.updateOneKey(key, cfgStr)
await redisDao.updateOneKey(flag, 0)
res.json({errcode: 0, errmsg: ''})
} catch (err) {
next(err);
next(err)
}
});
})
/* 发布配置*/
router.post('/publish_cfg', async (req, res, next) => {
logger.db(req, '游戏管理', '配置管理', '发布游戏配置信息');
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`);
logger.db(req, '游戏管理', '配置管理', '发布游戏配置信息')
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无游戏编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
const body = req.body;
const cfgs = body.cfgs;
const gameId = body.gameId;
const platform = body.platform;
const type = parseInt(body.type);
/* 权限验证 end */
const body = req.body
const cfgs = body.cfgs
const gameId = body.gameId
const platform = body.platform
const type = parseInt(body.type)
const key = !type
? `config:${gameId}:${platform}`
: `private_config:${gameId}:${platform}`;
: `private_config:${gameId}:${platform}`
const flag = !type
? `config_publish:${gameId}:${platform}`
: `private_config_publish:${gameId}:${platform}`;
: `private_config_publish:${gameId}:${platform}`
const client = redis.createClient({
host: config.redisPublish.host,
port: config.redisPublish.port,
password: config.redisPublish.password
});
password: config.redisPublish.password,
})
for (const cfg of cfgs) {
if (cfg.type === 'bool' || cfg.type === 'num') {
cfg.value = Number(cfg.value);
cfg.value = Number(cfg.value)
}
delete cfg.title;
delete cfg.type;
delete cfg.title
delete cfg.type
}
const cfgStr = JSON.stringify(cfgs);
const cfgStr = JSON.stringify(cfgs)
try {
await client.setAsync(key, cfgStr);
await client.setAsync(flag, 1);
res.json({ errcode: 0, errmsg: '' });
await client.setAsync(key, cfgStr)
await client.setAsync(flag, 1)
res.json({errcode: 0, errmsg: ''})
} catch (err) {
next(err);
next(err)
}
});
})
/* 获取所有配置项*/
router.get('/sys_dics', async (req, res, next) => {
// logger.db(req, '游戏管理', '配置管理', '获取所有配置项');
const type = req.query.type;
const type = req.query.type
try {
const cfgs = await SystemDic.find({ type: type, deleted: false }).select(
const cfgs = await SystemDic.find({type: type, deleted: false}).select(
'key value comment disabled'
);
)
res.json({ errcode: 0, errmsg: '', records: cfgs });
res.json({errcode: 0, errmsg: '', records: cfgs})
} catch (err) {
next(err);
next(err)
}
});
})
/* 保存一个新的配置项*/
router.post('/save_sys_dic', async (req, res, next) => {
logger.db(req, '游戏管理', '配置管理', '添加一个配置项');
// 权限判断
logger.db(req, '游戏管理', '配置管理', '添加一个配置项')
/* 权限验证 */
/* 配置页/游戏页-可写 */
const hasPerm =
req.user.permissions.includes(`settings-writeable`) ||
req.user.permissions.includes(`games-writeable`);
validPerm(req.user.permissions, {
type: 'page',
page: 'settings',
level: 'writeable',
}) ||
validPerm(req.user.permissions, {
type: 'page',
page: 'games',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无配置项编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
const body = req.body;
const record = body.record;
const user = req.user;
const type = !body.type ? 'game_cfg' : body.type;
/* 权限验证 end */
const body = req.body
const record = body.record
const user = req.user
const type = !body.type ? 'game_cfg' : body.type
const id = record ? record.id : '';
const id = record ? record.id : ''
try {
const cfg = await SystemDic.findOne({
type: type,
deleted: false,
key: record.key
});
key: record.key,
})
if (cfg) {
if (!id) {
return res.json({ errcode: 101, errmsg: 'key已存在' });
return res.json({errcode: 101, errmsg: 'key已存在'})
} else {
if (cfg.id !== id) {
return res.json({ errcode: 101, errmsg: 'key已存在' });
return res.json({errcode: 101, errmsg: 'key已存在'})
}
}
}
let val;
let val
if (record.val) {
val = record.val;
val = record.val
} else {
val = {
title: record.title,
type: record.type
};
type: record.type,
}
}
let recordDb;
let recordDb
if (id) {
recordDb = await SystemDic.findById(id);
recordDb = await SystemDic.findById(id)
} else {
recordDb = new SystemDic({
type: type,
createdBy: user.username
});
createdBy: user.username,
})
}
recordDb.key = record.key;
recordDb.value = val;
recordDb.comment = record.comment;
recordDb.disabled = record.disabled;
recordDb.lastModifiedBy = user.username;
recordDb.key = record.key
recordDb.value = val
recordDb.comment = record.comment
recordDb.disabled = record.disabled
recordDb.lastModifiedBy = user.username
await recordDb.save();
await recordDb.save()
res.json({
errcode: 0,
errmsg: '',
record: { _id: recordDb.id, key: recordDb.key, value: recordDb.value }
});
record: {_id: recordDb.id, key: recordDb.key, value: recordDb.value},
})
} catch (err) {
next(err);
next(err)
}
});
})
export default router;
export default router

View File

@ -4,6 +4,7 @@ import SystemDic from '../../models/admin/SystemDic'
import ChinaArea from '../../models/snoopy/ChinaArea'
import {Router} from 'express'
import logger from '../../utils/logger'
import validPerm from '../../utils/valid-perm'
const router = new Router()
const GameInfo = getGameInfoModel()
const GameInfoTest = getGameInfoModel('test')
@ -44,19 +45,22 @@ router.get('/sys_dics', async (req, res, next) => {
// 获取游戏所有分享图
router.post('/list', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-readable`) ||
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'readable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏分享图查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
const gameId = body.gameId
@ -81,7 +85,7 @@ router.post('/list', async (req, res, next) => {
if (shareType) {
opt.share_type = shareType
}
if(platform_id) {
if (platform_id) {
opt.platform_id = platform_id
}
if (type || type === 0) {
@ -130,19 +134,22 @@ router.post('/list', async (req, res, next) => {
// 获取单个分享图详情
router.get('/get_share', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.query.uid}-readable`) ||
req.user.permissions.includes(`${req.query.uid}-edit`) ||
req.user.permissions.includes(`${req.query.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.query.uid,
level: 'readable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏分享图查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const id = req.query.id
const game_id = req.query.game_id
const data_type = req.query.data_type
@ -177,24 +184,31 @@ router.post('/save_share', async (req, res, next) => {
// 权限判断
let hasPerm
if (req.body.published) {
hasPerm =
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-发布 */
hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'publish',
})
} else {
hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
}
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏分享图编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
const isDev = body.isDev
@ -230,19 +244,23 @@ router.post('/save_share', async (req, res, next) => {
// 更新一个分享图
router.post('/update_share', async (req, res, next) => {
logger.db(req, '游戏管理', '分享图', '更新分享图')
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-readable`) ||
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏分享图编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
const id = body._id
@ -269,18 +287,22 @@ router.post('/update_share', async (req, res, next) => {
// 删除分享图
router.post('/del_share', async (req, res, next) => {
// 权限判断
const hasPerm =
req.user.permissions.includes(`${req.body.uid}-edit`) ||
req.user.permissions.includes(`${req.body.uid}-publish`) ||
req.user.permissions.includes(`games-writeable`)
if (!hasPerm) {
/* 权限验证 */
/* 游戏-编辑 */
const hasPerm = validPerm(req.user.permissions, {
type: 'game',
uid: req.body.uid,
level: 'edit',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无此游戏分享图编辑权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
logger.db(req, '游戏管理', '分享图', '删除分享图')
const user = req.user
const body = req.body

View File

@ -2,7 +2,7 @@ import {Router} from 'express'
import path from 'path'
import cors from 'cors'
import Fontmin from 'fontmin'
import validPerm from '../../utils/valid-perm'
const router = new Router()
const whitelist = ['https://servicewechat.com']

View File

@ -2,8 +2,10 @@
import {Router} from 'express'
import getGameInfoModel from '../../models/admin/GameInfo'
import validPerm from '../../utils/valid-perm'
const GameInfo = getGameInfoModel()
import cors from 'cors'
import {platform} from 'os'

View File

@ -3,6 +3,7 @@
import {Router} from 'express'
import AdArea from '../../models/admin/AdArea'
import AdUid from '../../models/admin/AdUid'
import validPerm from '../../utils/valid-perm'
import cors from 'cors'
const router = new Router()

View File

@ -1,21 +1,27 @@
import OpLog from '../../models/admin/OpLog';
import { Router } from 'express';
import logger from '../../utils/logger';
import validPerm from '../../utils/valid-perm'
const router = new Router();
router.get('/', async function permissionListCtrl(req, res, next) {
// logger.db(req, '系统管理', '操作日志', '获取所有操作日志');
// 权限判断
const hasPerm =
req.user.permissions.includes(`logs-readable`) ||
req.user.permissions.includes(`logs-writeable`);
/* 权限验证 */
/* 日志页-可读 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'logs',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无日志查看权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const query = req.query;
const start = (query.currentPage - 1) * query.pageSize;
const limit = Number(query.pageSize);

View File

@ -1,133 +1,144 @@
import { Role } from '../../models/admin/User';
import { Router } from 'express';
import logger from '../../utils/logger';
const router = new Router();
import {Role} from '../../models/admin/User'
import {Router} from 'express'
import logger from '../../utils/logger'
import validPerm from '../../utils/valid-perm'
const router = new Router()
router.get('/', async function permissionListCtrl(req, res, next) {
// logger.db(req, '系统管理', '权限管理', '获取所有角色信息');
// 权限判断
// const hasPerm =
// req.user.permissions.includes(`permission-readable`) ||
// req.user.permissions.includes(`permission-writeable`);
// if (!hasPerm) {
// res.status(403).send({
// errcode: 1,
// errmsg: '用户无权限查看权限!'
// });
// return;
// }
try {
const result = await Role.find({});
const result = await Role.find({})
res.send({
errcode: 0,
roleList: result
});
roleList: result,
})
} catch (err) {
next(err);
next(err)
}
});
})
router.post('/', async function permissionAddCtrl(req, res, next) {
logger.db(req, '系统管理', '权限管理', '添加角色');
logger.db(req, '系统管理', '权限管理', '添加角色')
/* 权限验证 */
/* 权限页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'permission',
level: 'writeable',
})
// 权限判断
const hasPerm = req.user.permissions.includes(`permission-writeable`);
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无权限编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body;
const newRole = new Role(body);
const body = req.body
const newRole = new Role(body)
try {
const searchResult = await Role.findOne({ rolename: body.rolename });
const searchResult = await Role.findOne({rolename: body.rolename})
if (searchResult !== null) {
res.send({
errcode: 1,
errmsg: '已有该角色,不可重复'
});
errmsg: '已有该角色,不可重复',
})
} else {
await newRole.save();
await newRole.save()
res.send({
errcode: 0
});
errcode: 0,
})
}
} catch (err) {
next(err);
next(err)
}
});
})
router.put('/', async function permissionEditCtrl(req, res, next) {
logger.db(req, '系统管理', '权限管理', '编辑角色权限');
// 权限判断
const hasPerm = req.user.permissions.includes(`permission-writeable`);
logger.db(req, '系统管理', '权限管理', '编辑角色权限')
/* 权限验证 */
/* 权限页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'permission',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无权限编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body;
const rolename = body.rolename;
delete body.rolename;
const body = req.body
const rolename = body.rolename
delete body.rolename
try {
const searchResult = await Role.findOne({ rolename });
const searchResult = await Role.findOne({rolename})
if (searchResult) {
const updateResult = await Role.updateOne({ rolename }, body);
const updateResult = await Role.updateOne({rolename}, body)
res.send({
errcode: 0
});
errcode: 0,
})
} else {
res.send({
errcode: 1,
errmsg: '角色不存在。'
});
errmsg: '角色不存在。',
})
}
} catch (err) {
next(err);
next(err)
}
});
})
router.delete('/', async function permissionDelCtrl(req, res, next) {
logger.db(req, '系统管理', '权限管理', '删除角色');
// 权限判断
const hasPerm = req.user.permissions.includes(`permission-writeable`);
logger.db(req, '系统管理', '权限管理', '删除角色')
/* 权限验证 */
/* 权限页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'permission',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无权限编辑权限!'
});
return;
errcode: 403,
errmsg: '用户权限不足',
})
return
}
const body = req.body;
/* 权限验证 end */
const body = req.body
// 批量删除
if (body.roleList) {
try {
for (let i = 0; i < body.roleList.length; i++) {
await Role.deleteOne({ rolename: body.roleList[i].rolename });
await Role.deleteOne({rolename: body.roleList[i].rolename})
}
res.send({
errcode: 0
});
errcode: 0,
})
} catch (err) {
next(err);
next(err)
}
} else {
try {
const delResult = await Role.deleteOne({ rolename: body.rolename });
const delResult = await Role.deleteOne({rolename: body.rolename})
res.send({
errcode: 0
});
errcode: 0,
})
} catch (err) {
next(err);
next(err)
}
}
});
})
export default router;
export default router

View File

@ -4,6 +4,7 @@ import {User, LdapUser} from '../../models/admin/User'
import {combPer, combRole} from '../../utils/comb-permissions'
import {Router} from 'express'
import logger from '../../utils/logger'
import validPerm from '../../utils/valid-perm'
import getOpsToken from '../../utils/get-ops-token'
const router = new Router()
@ -14,8 +15,8 @@ router.get('/list', async function userListCtrl(req, res, next) {
const hasPerm = !req.user.permissions.includes(`users-hidden`)
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无用户列表查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
@ -96,15 +97,24 @@ router.get('/list', async function userListCtrl(req, res, next) {
router.post('/edit', async function userEditCtrl(req, res, next) {
logger.db(req, '系统管理', '用户列表', '编辑用户信息')
// 权限判断
const hasPerm = req.user.permissions.includes(`users-writeable`)
/* 权限验证 */
/* 用户页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'users',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无用户列表查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
const username = body.username
delete body.username
@ -129,15 +139,22 @@ router.post('/edit', async function userEditCtrl(req, res, next) {
router.post('/save', async (req, res, next) => {
logger.db(req, '系统管理', '用户列表', '新增用户')
// 权限判断
const hasPerm = req.user.permissions.includes(`users-writeable`)
/* 权限验证 */
/* 用户页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'users',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无用户列表查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
@ -180,15 +197,23 @@ router.post('/save', async (req, res, next) => {
// 删除用户
router.post('/del', async (req, res, next) => {
logger.db(req, '系统管理', '用户列表', '删除用户')
// 权限判断
const hasPerm = req.user.permissions.includes(`users-writeable`)
/* 权限验证 */
/* 用户页-可写 */
const hasPerm = validPerm(req.user.permissions, {
type: 'page',
page: 'users',
level: 'writeable',
})
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无用户列表查看权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
/* 权限验证 end */
const body = req.body
try {

View File

@ -3,6 +3,7 @@ import {Router} from 'express'
import axios from 'axios'
import config from '../../../config/config'
import logger from '../../utils/logger'
import validPerm from '../../utils/valid-perm'
import getOpsToken from '../../utils/get-ops-token'
const router = new Router()
@ -13,8 +14,8 @@ router.post('/edit', async function(req, res, next) {
const hasPerm = req.user.username === req.body.username
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无修改权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}
@ -46,8 +47,8 @@ router.post('/change-pwd', async function(req, res, next) {
const hasPerm = req.user.username === req.body.username
if (!hasPerm) {
res.status(403).send({
errcode: 1,
errmsg: '用户无修改权限!',
errcode: 403,
errmsg: '用户权限不足',
})
return
}

View File

@ -4,6 +4,7 @@ import { LdapUser, User } from '../../models/admin/User';
import { combPer, combRole } from '../../utils/comb-permissions';
import { Router } from 'express';
import logger from '../../utils/logger';
import validPerm from '../../utils/valid-perm'
const router = new Router();
router.get('/info', function(req, res, next) {
@ -12,8 +13,8 @@ router.get('/info', function(req, res, next) {
if (!BearerToken) {
// 无权限
res.send({
errcode: 1,
errmsg: '用户无权限。'
errcode: 403,
errmsg: '用户权限不足!',
});
} else {
const token = getToken(BearerToken);

53
src/utils/valid-perm.js Normal file
View File

@ -0,0 +1,53 @@
// 验证用户是否有接口访问权限
// const opt = {
// type: 'game', // game/page
// uid: '5cf0d4f066d0143794be12bc',
// page: 'games',
// level: 'publish', // 'readable/writeable'
// }
export default function(userPerms, opt) {
let result = false
const perms = []
if (opt.type === 'game') {
const uid = opt.uid
switch (opt.level) {
case 'readable':
perms.push(
`${uid}-readable`,
`${uid}-edit`,
`${uid}-publish`,
'games-writeable'
)
break
case 'edit':
perms.push(`${uid}-edit`, `${uid}-publish`, 'games-writeable')
break
case 'publish':
perms.push(`${uid}-publish`, 'games-writeable')
break
default:
break
}
} else if (opt.type === 'page') {
const page = opt.page
switch (opt.level) {
case 'readable':
perms.push(`${page}-readable`, `${page}-writeable`)
break
case 'writeable':
perms.push(`${page}-writeable`)
break
default:
break
}
}
perms.forEach(perm => {
if (userPerms.includes(perm)) result = true
})
return result
}