From 1fb6b66da97c73d4bf45cd734d62116ec9021c81 Mon Sep 17 00:00:00 2001
From: yangduo <yangduo@kingsome.cn>
Date: Tue, 6 Aug 2024 10:25:21 +0800
Subject: [PATCH 1/3] whitelist

---
 .../adminserver/api/v1/system/block_player.go |  35 ++-
 server/adminserver/api/v1/system/enter.go     |   1 +
 server/adminserver/api/v1/system/whitelist.go | 285 ++++++++++++++++++
 .../adminserver/model/system/block_player.go  |   1 +
 server/adminserver/model/system/whitelist.go  |  13 +
 server/adminserver/router/routermgr.go        |   1 +
 server/adminserver/router/system/enter.go     |   1 +
 server/adminserver/router/system/whitelist.go |  23 ++
 8 files changed, 350 insertions(+), 10 deletions(-)
 create mode 100644 server/adminserver/api/v1/system/whitelist.go
 create mode 100644 server/adminserver/model/system/whitelist.go
 create mode 100644 server/adminserver/router/system/whitelist.go

diff --git a/server/adminserver/api/v1/system/block_player.go b/server/adminserver/api/v1/system/block_player.go
index b0e5b9ef..789a8879 100644
--- a/server/adminserver/api/v1/system/block_player.go
+++ b/server/adminserver/api/v1/system/block_player.go
@@ -30,7 +30,7 @@ func (bpa *BlockPlayerApi) List(c *gin.Context) {
 		constant.CONF_DB,
 		q5.ToInt32(req.PageDto.PageSize),
 		q5.ToInt32(req.PageDto.Page),
-		"SELECT * FROM t_blockplayer WHERE 1=1",
+		"SELECT * FROM t_blockplayer WHERE 1=1 AND deleted = 0",
 		[]string{},
 		f5.GetDbFilter().Comp([]f5.DbQueryFilter{}...),
 		" ORDER BY account_id ",
@@ -74,17 +74,32 @@ func (bpa *BlockPlayerApi) Add(c *gin.Context) {
 		return
 	}
 
+	info := new(system.BlockPlayer)
+	nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
+
 	var count int64 = 0
-	if err := f5.GetApp().GetOrmDb(constant.CONF_DB).Table("t_blockplayer").Where("account_id =?", req.Account).Count(&count).Error; err == nil && count > 0 {
-		c.JSON(http.StatusOK, gin.H{
-			"code":    1,
-			"message": "数据存在",
-		})
+	db := f5.GetApp().GetOrmDb(constant.CONF_DB).Table("t_blockplayer").Where("account_id =?", req.Account)
+	if err := db.Count(&count).Error; err == nil && count > 0 {
+		db.Take(info)
+		if info.Deleted == 0 {
+			c.JSON(http.StatusOK, gin.H{
+				"code":    1,
+				"message": "数据存在",
+			})
+		} else {
+			info.Blocked = 1
+			info.Deleted = 0
+			info.ModifyTime = nowDaySeconds
+			db.Save(info)
+
+			c.JSON(http.StatusOK, gin.H{
+				"code":    0,
+				"message": "添加成功",
+			})
+		}
 		return
 	}
 
-	info := new(system.BlockPlayer)
-	nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
 	info.Account = req.Account
 	info.Blocked = 1
 	info.CreateTime = nowDaySeconds
@@ -180,9 +195,9 @@ func (bpa *BlockPlayerApi) Del(c *gin.Context) {
 	} else {
 	}
 	nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
-	blockplayer.Blocked = -1
+	blockplayer.Deleted = 1
 	blockplayer.ModifyTime = nowDaySeconds
-	if err := db.Where("account_id = ?", req.Account).Delete(blockplayer).Error; err != nil {
+	if err := db.Where("account_id = ?", req.Account).Save(blockplayer).Error; err != nil {
 		c.JSON(http.StatusOK, gin.H{
 			"code":    500,
 			"message": "sever internal error:" + err.Error(),
diff --git a/server/adminserver/api/v1/system/enter.go b/server/adminserver/api/v1/system/enter.go
index 9797bfb0..a3781d1e 100644
--- a/server/adminserver/api/v1/system/enter.go
+++ b/server/adminserver/api/v1/system/enter.go
@@ -12,4 +12,5 @@ type ApiGroup struct {
 	NFTApi
 	GameSwitchApi
 	BlockPlayerApi
+	WhiteListApi
 }
diff --git a/server/adminserver/api/v1/system/whitelist.go b/server/adminserver/api/v1/system/whitelist.go
new file mode 100644
index 00000000..8f21508e
--- /dev/null
+++ b/server/adminserver/api/v1/system/whitelist.go
@@ -0,0 +1,285 @@
+package system
+
+import (
+	"f5"
+	"main/constant"
+	"main/model/system"
+	"net/http"
+	"q5"
+
+	"github.com/gin-gonic/gin"
+	"github.com/xuri/excelize/v2"
+)
+
+type WhiteListApi struct {
+}
+
+func (bpa *WhiteListApi) List(c *gin.Context) {
+	req := struct {
+		Type    string         `json:"type"`
+		PageDto system.PageDto `json:"page_dto"`
+	}{}
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": err.Error(),
+		})
+		return
+	}
+	sql := "SELECT * FROM t_whitelist WHERE 1=1 AND deleted = 0"
+	params := []string{}
+	if req.Type != "" {
+		sql += " AND type = ?"
+		params = append(params, req.Type)
+	}
+	result := []*system.WhiteListItem{}
+	f5.GetGoStyleDb().PageQuery(
+		constant.CONF_DB,
+		q5.ToInt32(req.PageDto.PageSize),
+		q5.ToInt32(req.PageDto.Page),
+		sql,
+		params,
+		f5.GetDbFilter().Comp([]f5.DbQueryFilter{}...),
+		" ORDER BY account_id ",
+		func(err error, pg *f5.Pagination) {
+			if err != nil {
+				c.JSON(http.StatusOK, gin.H{
+					"code":    1,
+					"message": err.Error(),
+				})
+				return
+			}
+
+			for pg.Rows.Next() {
+				p := new(system.WhiteListItem)
+				p.Type = pg.Rows.GetByName("type")
+				p.Account = pg.Rows.GetByName("account_id")
+				p.CreateTime = q5.SafeToInt32(pg.Rows.GetByName("createtime"))
+				p.ModifyTime = q5.SafeToInt32(pg.Rows.GetByName("modifytime"))
+				q5.AppendSlice(&result, p)
+			}
+			c.JSON(http.StatusOK, gin.H{
+				"code":       0,
+				"message":    "获取成功",
+				"data":       result,
+				"total":      pg.Total,
+				"total_page": pg.TotalPages,
+				"cur_page":   pg.CurrentPage,
+			})
+		})
+}
+
+func (bpa *WhiteListApi) Add(c *gin.Context) {
+	req := struct {
+		Account string `binding:"required" json:"account_id"`
+		Type    string `binding:"required" json:"type"`
+	}{}
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": err.Error(),
+		})
+		return
+	}
+
+	info := new(system.WhiteListItem)
+	nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
+
+	var count int64 = 0
+	db := f5.GetApp().GetOrmDb(constant.CONF_DB).Table("t_whitelist").Where("account_id = ? AND type = ?", req.Account, req.Type)
+	if err := db.Count(&count).Error; err == nil && count > 0 {
+		db.Take(info)
+		if info.Deleted == 0 {
+			c.JSON(http.StatusOK, gin.H{
+				"code":    1,
+				"message": "数据存在",
+			})
+		} else {
+			info.Deleted = 0
+			info.ModifyTime = nowDaySeconds
+			db.Save(info)
+
+			c.JSON(http.StatusOK, gin.H{
+				"code":    0,
+				"message": "添加成功",
+			})
+		}
+		return
+	}
+
+	info.Account = req.Account
+	info.Type = req.Type
+	info.CreateTime = nowDaySeconds
+	info.ModifyTime = nowDaySeconds
+	if err := f5.GetApp().GetOrmDb(constant.CONF_DB).Create(info).Error; err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": err.Error(),
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"code":    0,
+		"message": "添加成功",
+	})
+}
+
+func (bpa *WhiteListApi) Edit(c *gin.Context) {
+	// req := struct {
+	// 	Account string `binding:"required" json:"account_id"`
+	// 	Type    string  `json:"type"`
+	// }{}
+	// if err := c.ShouldBindJSON(&req); err != nil {
+	// 	c.JSON(http.StatusOK, gin.H{
+	// 		"code":    1,
+	// 		"message": err.Error(),
+	// 	})
+	// 	return
+	// }
+
+	// whitelistitem := new(system.WhiteListItem)
+	// db := f5.GetApp().GetOrmDb(constant.CONF_DB)
+	// if err := db.Take(whitelistitem, "account_id =?", req.Account).Error; err != nil {
+	// 	if !f5.IsOrmErrRecordNotFound(err) {
+	// 		c.JSON(http.StatusOK, gin.H{
+	// 			"code":    500,
+	// 			"message": "sever internal error:" + err.Error(),
+	// 		})
+	// 		return
+	// 	} else {
+	// 		c.JSON(http.StatusOK, gin.H{
+	// 			"code":    2,
+	// 			"message": "无法查到记录",
+	// 		})
+	// 		return
+	// 	}
+	// }
+
+	// nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
+	// whiteListItem.Blocked = req.Blocked
+	// whiteListItem.ModifyTime = nowDaySeconds
+	// if err := db.Where("account_id = ?", req.Account).Save(whiteListItem).Error; err != nil {
+	// 	c.JSON(http.StatusOK, gin.H{
+	// 		"code":    500,
+	// 		"message": "sever internal error:" + err.Error(),
+	// 	})
+	// 	return
+	// }
+	// c.JSON(http.StatusOK, gin.H{
+	// 	"code":    0,
+	// 	"message": "",
+	// })
+}
+
+func (bpa *WhiteListApi) Del(c *gin.Context) {
+	req := struct {
+		Account string `binding:"required" json:"account_id"`
+		Type    string `json:"type"`
+	}{}
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": err.Error(),
+		})
+		return
+	}
+
+	whiteListItem := new(system.WhiteListItem)
+	db := f5.GetApp().GetOrmDb(constant.CONF_DB).Where("account_id = ?", req.Account)
+	if req.Type != "" {
+		db = db.Where("type = ?", req.Type)
+	}
+
+	if err := db.Take(whiteListItem).Error; err != nil {
+		if !f5.IsOrmErrRecordNotFound(err) {
+			c.JSON(http.StatusOK, gin.H{
+				"code":    500,
+				"message": "sever internal error:" + err.Error(),
+			})
+			return
+		} else {
+			c.JSON(http.StatusOK, gin.H{
+				"code":    2,
+				"message": "无法查到记录",
+			})
+			return
+		}
+	} else {
+		if whiteListItem.Deleted == 1 {
+			c.JSON(http.StatusOK, gin.H{
+				"code":    0,
+				"message": "",
+			})
+
+			return
+		}
+	}
+	nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
+	whiteListItem.Deleted = 1
+	whiteListItem.ModifyTime = nowDaySeconds
+
+	if err := db.Save(whiteListItem).Error; err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    500,
+			"message": "sever internal error:" + err.Error(),
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"code":    0,
+		"message": "",
+	})
+}
+
+func (bpa *WhiteListApi) UploadExcel(c *gin.Context) {
+	file, _, err := c.Request.FormFile("file")
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": "上传文件失败",
+		})
+		return
+	}
+	xlsx, err := excelize.OpenReader(file)
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": "解析文件失败",
+		})
+		return
+	}
+	rows, err := xlsx.GetRows(xlsx.GetSheetName(xlsx.GetActiveSheetIndex()))
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": err.Error(),
+		})
+		return
+	}
+	nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
+	whitelist := []*system.WhiteListItem{}
+	for i, row := range rows {
+		if i == 0 {
+			continue
+		}
+		member := new(system.WhiteListItem)
+		member.Account = row[0]
+		member.Type = row[1]
+		member.Deleted = 0
+		member.CreateTime = nowDaySeconds
+		member.ModifyTime = nowDaySeconds
+		whitelist = append(whitelist, member)
+	}
+
+	if err := f5.GetApp().GetOrmDb(constant.CONF_DB).Create(whitelist).Error; err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": "",
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"code":    0,
+		"message": "添加成功",
+	})
+}
diff --git a/server/adminserver/model/system/block_player.go b/server/adminserver/model/system/block_player.go
index e9669106..4b3b5f1e 100644
--- a/server/adminserver/model/system/block_player.go
+++ b/server/adminserver/model/system/block_player.go
@@ -3,6 +3,7 @@ package system
 type BlockPlayer struct {
 	Account    string `gorm:"column:account_id" json:"account_id"`
 	Blocked    int32  `gorm:"column:blocked" json:"blocked"`
+	Deleted    int32  `gorm:"column:deleted" json:"deleted"`
 	CreateTime int32  `gorm:"column:createtime" json:"createtime"`
 	ModifyTime int32  `gorm:"column:modifytime" json:"modifytime"`
 }
diff --git a/server/adminserver/model/system/whitelist.go b/server/adminserver/model/system/whitelist.go
new file mode 100644
index 00000000..dad8ebd8
--- /dev/null
+++ b/server/adminserver/model/system/whitelist.go
@@ -0,0 +1,13 @@
+package system
+
+type WhiteListItem struct {
+	Account    string `gorm:"column:account_id" json:"account_id"`
+	Type       string `gorm:"column:type" json:"type"`
+	Deleted    int32  `gorm:"column:deleted" json:"deleted"`
+	CreateTime int32  `gorm:"column:createtime" json:"createtime"`
+	ModifyTime int32  `gorm:"column:modifytime" json:"modifytime"`
+}
+
+func (WhiteListItem) TableName() string {
+	return "t_whitelist"
+}
diff --git a/server/adminserver/router/routermgr.go b/server/adminserver/router/routermgr.go
index 90e31ed0..dd22a7e7 100644
--- a/server/adminserver/router/routermgr.go
+++ b/server/adminserver/router/routermgr.go
@@ -28,6 +28,7 @@ func (this *routerMgr) Init() {
 	this.system.InitNFTRouter(priGroup)
 	this.system.InitGameSwitchRouter(priGroup)
 	this.system.InitBlockPlayerRouter(priGroup)
+	this.system.InitWhiteListRouter(priGroup)
 
 	f5.GetSysLog().Info("routerMgr.init")
 }
diff --git a/server/adminserver/router/system/enter.go b/server/adminserver/router/system/enter.go
index e79255f7..5a467cbf 100644
--- a/server/adminserver/router/system/enter.go
+++ b/server/adminserver/router/system/enter.go
@@ -12,4 +12,5 @@ type RouterGroup struct {
 	NFTRouter
 	GameSwitchRoute
 	BlockPlayerRoute
+	WhiteListRoute
 }
diff --git a/server/adminserver/router/system/whitelist.go b/server/adminserver/router/system/whitelist.go
new file mode 100644
index 00000000..b41f3983
--- /dev/null
+++ b/server/adminserver/router/system/whitelist.go
@@ -0,0 +1,23 @@
+package system
+
+import (
+	v1 "main/api/v1"
+	"main/middleware"
+
+	"github.com/gin-gonic/gin"
+)
+
+type WhiteListRoute struct {
+}
+
+func (this *WhiteListRoute) InitWhiteListRouter(priRouter *gin.RouterGroup) {
+	group := priRouter.Group("white_list")
+	api := v1.ApiGroupApp.SystemApiGroup.WhiteListApi
+	{
+		group.POST("add", middleware.Permission("api/v1/white_list/add", api.Add))
+		//group.POST("edit", middleware.Permission("api/v1/white_list/edit", api.Edit))
+		group.POST("del", middleware.Permission("api/v1/white_list/del", api.Del))
+		group.POST("list", middleware.Permission("api/v1/white_list/list", api.List))
+		group.POST("uploadExcel", middleware.Permission("api/v1/white_list/uploadExcel", api.UploadExcel))
+	}
+}

From 50223f1204cb9d059e1050c32ce8ed1b4038b49f Mon Sep 17 00:00:00 2001
From: yangduo <yangduo@kingsome.cn>
Date: Tue, 6 Aug 2024 15:21:10 +0800
Subject: [PATCH 2/3] op log

---
 server/adminserver/middleware/actlog.go     | 75 +++++++++++++++++++++
 server/adminserver/middleware/permission.go | 11 ++-
 2 files changed, 84 insertions(+), 2 deletions(-)
 create mode 100644 server/adminserver/middleware/actlog.go

diff --git a/server/adminserver/middleware/actlog.go b/server/adminserver/middleware/actlog.go
new file mode 100644
index 00000000..fd7102c3
--- /dev/null
+++ b/server/adminserver/middleware/actlog.go
@@ -0,0 +1,75 @@
+package middleware
+
+import (
+	"adminserver/constant"
+	"bytes"
+	"encoding/json"
+	"f5"
+	"io"
+	"main/common"
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+/*
+ */
+func ActLog(c *gin.Context) bool {
+	s := c.MustGet("session").(common.Session)
+	account := s.GetAccountAddress()
+	httpmethod := c.Request.Method
+	if len(httpmethod) > 10 {
+		return false
+	}
+
+	url := c.Request.URL.String()
+	if len(url) > 64*1024 {
+		return false
+	}
+
+	if len(c.Request.URL.RawQuery) > 64*1024 {
+		return false
+	}
+
+	info := struct {
+		Account    string `gorm:"column:account_address" json:"account_address"`
+		Method     string `gorm:"column:http_method" json:"http_method"`
+		URL        string `gorm:"column:url" json:"url"`
+		Params     string `gorm:"column:params" json:"params"`
+		Postdata   string `gorm:"column:postdata" json:"postdata"`
+		CreateTime int32  `gorm:"column:createtime;<-:create" json:"createtime"`
+		ModifyTime int32  `gorm:"column:modifytime" json:"modifytime"`
+	}{}
+
+	nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
+	info.Account = account
+	info.Method = httpmethod
+	info.URL = url
+	if len(c.Request.URL.RawQuery) > 0 {
+		params := map[string]string{}
+		for k, v := range c.Request.URL.Query() {
+			params[k] = v[0]
+		}
+		data, _ := json.Marshal(params)
+		info.Params = string(data)
+	}
+	info.CreateTime = nowDaySeconds
+	info.ModifyTime = nowDaySeconds
+	if strings.ToUpper(httpmethod) == "POST" {
+		var bodyBytes []byte
+		bodyBytes, err := io.ReadAll(c.Request.Body)
+		if err == nil {
+			c.Request.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
+			info.Postdata = string(bodyBytes)
+		}
+	}
+	if err := f5.GetApp().GetOrmDb(constant.ADMIN_DB).Table("t_op_log").Create(info).Error; err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": err.Error(),
+		})
+	}
+
+	return true
+}
diff --git a/server/adminserver/middleware/permission.go b/server/adminserver/middleware/permission.go
index 69884ef6..84e1506b 100644
--- a/server/adminserver/middleware/permission.go
+++ b/server/adminserver/middleware/permission.go
@@ -1,7 +1,7 @@
 package middleware
 
 import (
-	"adminserver/common"
+	"main/common"
 	"net/http"
 
 	"main/mt"
@@ -16,7 +16,14 @@ func Permission(funcName string, cb func(*gin.Context)) gin.HandlerFunc {
 		s := c.MustGet("session").(common.Session)
 		acc := s.GetAccountAddress()
 		if mt.Table.Permission.CheckAPIPermission(acc, funcName) {
-			cb(c)
+			if ActLog(c) {
+				cb(c)
+			} else {
+				c.JSON(http.StatusOK, gin.H{
+					"code":    3,
+					"message": "Request Too Long",
+				})
+			}
 		} else {
 			c.JSON(http.StatusOK, gin.H{
 				"code":    3,

From ff0a7c1fae2625aa7f9c02aaba77ed5332a97eba Mon Sep 17 00:00:00 2001
From: yangduo <yangduo@kingsome.cn>
Date: Tue, 6 Aug 2024 15:52:41 +0800
Subject: [PATCH 3/3] fix

---
 server/adminserver/middleware/actlog.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/server/adminserver/middleware/actlog.go b/server/adminserver/middleware/actlog.go
index fd7102c3..d2c52dd4 100644
--- a/server/adminserver/middleware/actlog.go
+++ b/server/adminserver/middleware/actlog.go
@@ -60,6 +60,9 @@ func ActLog(c *gin.Context) bool {
 		var bodyBytes []byte
 		bodyBytes, err := io.ReadAll(c.Request.Body)
 		if err == nil {
+			if len(bodyBytes) > 16*1024*1024 {
+				return false
+			}
 			c.Request.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
 			info.Postdata = string(bodyBytes)
 		}