APIJSON/APIJSON-GoFramePublic

NotificationsYou must be signed in to change notification settings
Fork0
Star1

Commit0d4646d

committed

## Changed

- AccessVerify 改成 NoAccessVerify (禁用权限限制, 默认为否, 如需禁用手动赋值true)

1 parentc303379 commit0d4646dCopy full SHA for 0d4646d

File tree

11 files changed

+83

-80

lines changed

.github/workflows
- todo.yml
action
- action.go
- node.go
config
- access.go
- executor
  - query.go
framework
- gf_orm
  - query.go
- handler
  - handler.go
go.mod
go.sum
query
- node.go
- query.go

11 files changed

+83

-80

lines changed

`‎.github/workflows/todo.yml`

Lines changed: 45 additions & 45 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,45 +1,45 @@`
`1`		`-name:Todo tests`
`2`		`-`
`3`		`-on:`
`4`		`-push:`
`5`		`-branches:[ "main" ,"dev"]`
`6`		`-pull_request:`
`7`		`-branches:[ "main", "dev" ]`
`8`		`-`
`9`		`-jobs:`
`10`		`-`
`11`		`-build:`
`12`		`-runs-on:ubuntu-latest`
`13`		`-services:`
`14`		`-mysql:`
`15`		`-image:mysql:5.7.37`
`16`		`-env:`
`17`		`-MYSQL_ROOT_PASSWORD:'yourpassword'`
`18`		`-MYSQL_DATABASE:'my_apijson'`
`19`		`-ports:`
`20`		`- -3306:3306`
`21`		`-options:>-`
`22`		`- --health-cmd="mysqladmin ping"`
`23`		`- --health-interval=10s`
`24`		`- --health-timeout=5s`
`25`		`- --health-retries=3`
`26`		`-steps:`
`27`		`- -uses:actions/checkout@v3`
`28`		`-`
`29`		`- -name:Set up Go`
`30`		`-uses:actions/setup-go@v3`
`31`		`-with:`
`32`		`-go-version:1.18`
`33`		`-`
`34`		`-`
`35`		`-`
`36`		`- -name:Test`
`37`		`-run:\|`
`38`		`-`
`39`		`- mysql -uroot -h 127.0.0.1 --port 3306 -pyourpassword my_apijson < @demo/todo/doc/todo.sql`
`40`		`-`
`41`		`- cd ./@demo/todo`
`42`		`- mv config.yaml.example config.yaml`
`43`		`-`
`44`		`- cd tests`
`45`		`- go test -v`
	`1`	`+#name: Todo tests`
	`2`	`+#`
	`3`	`+#on:`
	`4`	`+# push:`
	`5`	`+# branches: [ "main" ,"dev"]`
	`6`	`+# pull_request:`
	`7`	`+# branches: [ "main", "dev" ]`
	`8`	`+#`
	`9`	`+#jobs:`
	`10`	`+#`
	`11`	`+# build:`
	`12`	`+# runs-on: ubuntu-latest`
	`13`	`+# services:`
	`14`	`+# mysql:`
	`15`	`+# image: mysql:5.7.37`
	`16`	`+# env:`
	`17`	`+# MYSQL_ROOT_PASSWORD: 'yourpassword'`
	`18`	`+# MYSQL_DATABASE: 'my_apijson'`
	`19`	`+# ports:`
	`20`	`+# - 3306:3306`
	`21`	`+# options: >-`
	`22`	`+# --health-cmd="mysqladmin ping"`
	`23`	`+# --health-interval=10s`
	`24`	`+# --health-timeout=5s`
	`25`	`+# --health-retries=3`
	`26`	`+# steps:`
	`27`	`+# - uses: actions/checkout@v3`
	`28`	`+#`
	`29`	`+# - name: Set up Go`
	`30`	`+# uses: actions/setup-go@v3`
	`31`	`+# with:`
	`32`	`+# go-version: 1.18`
	`33`	`+#`
	`34`	`+#`
	`35`	`+#`
	`36`	`+# - name: Test`
	`37`	`+# run: \|`
	`38`	`+#`
	`39`	`+# mysql -uroot -h 127.0.0.1 --port 3306 -pyourpassword my_apijson < @demo/todo/doc/todo.sql`
	`40`	`+#`
	`41`	`+# cd ./@demo/todo`
	`42`	`+# mv config.yaml.example config.yaml`
	`43`	`+#`
	`44`	`+# cd tests`
	`45`	`+# go test -v`

`‎action/action.go`

Lines changed: 4 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,10 @@ type Action struct {`
`25`	`25`	`childrenmap[string]*Node`
`26`	`26`	`keyNodemap[string]*Node`
`27`	`27`
`28`		`-AccessVerifybool`
	`28`	`+// 关闭 access 权限验证, 默认否`
	`29`	`+NoAccessVerifybool`
	`30`	`+// 关闭 request 验证开关, 默认否`
	`31`	`+NoRequestVerifybool`
`29`	`32`	`}`
`30`	`33`
`31`	`34`	`funcNew(ctx context.Context,methodstring,req model.Map)*Action {`

`‎action/node.go`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -97,7 +97,7 @@ func (n *Node) parse(ctx context.Context, method string) error {`
`97`	`97`	`returnerr`
`98`	`98`	`}`
`99`	`99`
`100`		`-ifn.action.AccessVerify {`
	`100`	`+ifn.action.NoAccessVerify==false {`
`101`	`101`	`// 1. 检查权限, 无权限就不用做参数检查了`
`102`	`102`	`varaccessRoles []string`
`103`	`103`

`‎config/access.go`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -28,8 +28,8 @@ type AccessCondition func(ctx context.Context, req AccessConditionReq) (g.Map, e`
`28`	`28`	`typeDefaultRolefunc(ctx context.Context,reqRoleReq) (string,error)`
`29`	`29`
`30`	`30`	`var (`
`31`		`-// AccessVerify是否权限验证`
`32`		`-AccessVerify=true`
	`31`	`+// AccessVerify是否禁用权限验证`
	`32`	`+NoAccessVerify=true`
`33`	`33`	`// AccessConditionFunc 自定义权限限制条件`
`34`	`34`	`AccessConditionFuncAccessCondition`
`35`	`35`	`// DefaultRoleFunc 自定义获取节点的默认角色`

`‎config/executor/query.go`

Lines changed: 4 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -15,19 +15,19 @@ type QueryExecutor interface {`
`15`	`15`	`EmptyResult()`
`16`	`16`	`}`
`17`	`17`
`18`		`-typequeryExecutorBuilderfunc(ctx context.Context,accessVerifybool,rolestring,access*db.Access) (QueryExecutor,error)`
	`18`	`+typequeryExecutorBuilderfunc(ctx context.Context,noAccessVerifybool,rolestring,access*db.Access) (QueryExecutor,error)`
`19`	`19`
`20`	`20`	`varqueryExecutorBuilderMap=map[string]queryExecutorBuilder{}`
`21`	`21`
`22`	`22`	`funcRegQueryExecutor(namestring,equeryExecutorBuilder) {`
`23`	`23`	`queryExecutorBuilderMap[name]=e`
`24`	`24`	`}`
`25`	`25`
`26`		`-funcNewQueryExecutor(namestring,ctx context.Context,accessVerifybool,rolestring,access*db.Access) (QueryExecutor,error) {`
	`26`	`+funcNewQueryExecutor(namestring,ctx context.Context,noAccessVerifybool,rolestring,access*db.Access) (QueryExecutor,error) {`
`27`	`27`	`ifv,exists:=queryExecutorBuilderMap[name];exists {`
`28`		`-returnv(ctx,accessVerify,role,access)`
	`28`	`+returnv(ctx,noAccessVerify,role,access)`
`29`	`29`	`}`
`30`		`-returnqueryExecutorBuilderMap["default"](ctx,accessVerify,role,access)`
	`30`	`+returnqueryExecutorBuilderMap["default"](ctx,noAccessVerify,role,access)`
`31`	`31`	`}`
`32`	`32`
`33`	`33`	`funcQueryExecutorList() []string {`

`‎framework/gf_orm/query.go`

Lines changed: 6 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -32,12 +32,12 @@ type SqlExecutor struct {`
`32`	`32`	`// 是否最终为空结果, 用于node中中断数据获取`
`33`	`33`	`WithEmptyResultbool`
`34`	`34`
`35`		`-accessVerifybool`
	`35`	`+noAccessVerifybool`
`36`	`36`
`37`	`37`	`access*db.Access`
`38`	`38`	`}`
`39`	`39`
`40`		`-funcNew(ctx context.Context,accessVerifybool,rolestring,access*db.Access) (executor.QueryExecutor,error) {`
	`40`	`+funcNew(ctx context.Context,noAccessVerifybool,rolestring,access*db.Access) (executor.QueryExecutor,error) {`
`41`	`41`
`42`	`42`	`return&SqlExecutor{`
`43`	`43`	`ctx:ctx,`
`@@ -47,7 +47,7 @@ func New(ctx context.Context, accessVerify bool, role string, access *db.Access)`
`47`	`47`	`Order:"",`
`48`	`48`	`Group:"",`
`49`	`49`	`WithEmptyResult:false,`
`50`		`-accessVerify:accessVerify,`
	`50`	`+noAccessVerify:noAccessVerify,`
`51`	`51`	`access:access,`
`52`	`52`	`},nil`
`53`	`53`	`}`
`@@ -67,7 +67,7 @@ func (e *SqlExecutor) ParseCondition(conditions model.MapStrAny, accessVerify bo`
`67`	`67`	`casestrings.HasSuffix(key,consts.OpRegexp):`
`68`	`68`	`e.Where=append(e.Where, []any{key[0 :len(key)-1],consts.SqlRegexp,gconv.String(condition)})`
`69`	`69`
`70`		`-casekey=="@raw"&&!accessVerify:`
	`70`	`+casekey==consts.Raw&&!accessVerify:`
`71`	`71`	`e.accessCondition=condition.(model.Map)`
`72`	`72`
`73`	`73`	`default:`
`@@ -79,7 +79,7 @@ func (e *SqlExecutor) ParseCondition(conditions model.MapStrAny, accessVerify bo`
`79`	`79`	`returnnil`
`80`	`80`	`}`
`81`	`81`
`82`		`-if!e.accessVerify {// 可任意字段搜索`
	`82`	`+ife.noAccessVerify {// 可任意字段搜索`
`83`	`83`	`returnnil`
`84`	`84`	`}`
`85`	`85`
`@@ -302,7 +302,7 @@ func (e *SqlExecutor) column() []string {`
`302`	`302`	`}`
`303`	`303`
`304`	`304`	`// 过滤可访问字段`
`305`		`-if!e.accessVerify\|\|lo.Contains(outFields,dbStyle(e.ctx,tableName,fieldName))\|\|`
	`305`	`+ife.noAccessVerify\|\|lo.Contains(outFields,dbStyle(e.ctx,tableName,fieldName))\|\|`
`306`	`306`	`len(outFields)==0/* 数据库中未设置, 则看成全部可访问 */ {`
`307`	`307`	`fields=append(fields,column)`
`308`	`308`	`}`

`‎framework/handler/handler.go`

Lines changed: 4 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ import (`
`19`	`19`
`20`	`20`	`funcGet(ctx context.Context,req model.Map) (res model.Map,errerror) {`
`21`	`21`	`q:=query.New(ctx,req)`
`22`		`-q.AccessVerify=config.AccessVerify`
	`22`	`+q.NoAccessVerify=config.NoAccessVerify`
`23`	`23`	`q.AccessCondition=config.AccessConditionFunc`
`24`	`24`	`returnq.Result()`
`25`	`25`	`}`
`@@ -30,19 +30,19 @@ func Head(ctx context.Context, req model.Map) (res model.Map, err error) {`
`30`	`30`
`31`	`31`	`funcPost(ctx context.Context,req model.Map) (res model.Map,errerror) {`
`32`	`32`	`act:=action.New(ctx,http.MethodPost,req)`
`33`		`-act.AccessVerify=config.AccessVerify`
	`33`	`+act.NoAccessVerify=config.NoAccessVerify`
`34`	`34`	`returnact.Result()`
`35`	`35`	`}`
`36`	`36`
`37`	`37`	`funcPut(ctx context.Context,req model.Map) (res model.Map,errerror) {`
`38`	`38`	`act:=action.New(ctx,http.MethodPut,req)`
`39`		`-act.AccessVerify=config.AccessVerify`
	`39`	`+act.NoAccessVerify=config.NoAccessVerify`
`40`	`40`	`returnact.Result()`
`41`	`41`	`}`
`42`	`42`
`43`	`43`	`funcDelete(ctx context.Context,req model.Map) (res model.Map,errerror) {`
`44`	`44`	`act:=action.New(ctx,http.MethodDelete,req)`
`45`		`-act.AccessVerify=config.AccessVerify`
	`45`	`+act.NoAccessVerify=config.NoAccessVerify`
`46`	`46`	`returnact.Result()`
`47`	`47`	`}`
`48`	`48`

`‎go.mod`

Lines changed: 5 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,17 +1,13 @@`
`1`	`1`	`modulegithub.com/glennliao/apijson-go`
`2`	`2`
`3`		`-go1.18`
`4`		`-`
`5`	`3`	`require (`
`6`		`-github.com/glennliao/table-syncv0.0.0-00010101000000-000000000000`
`7`		`-github.com/gogf/gf/contrib/drivers/mysql/v2v2.3.1`
`8`		`-github.com/gogf/gf/v2v2.3.1`
	`4`	`+github.com/glennliao/table-syncv0.2.0`
	`5`	`+github.com/gogf/gf/contrib/drivers/mysql/v2v2.3.2`
	`6`	`+github.com/gogf/gf/v2v2.3.2`
`9`	`7`	`github.com/iancoleman/orderedmapv0.2.0`
`10`	`8`	`github.com/samber/lov1.33.0`
`11`	`9`	`)`
`12`	`10`
`13`		`-replacegithub.com/glennliao/table-sync =>../table-sync`
`14`		`-`
`15`	`11`	`require (`
`16`	`12`	`github.com/BurntSushi/tomlv1.1.0// indirect`
`17`	`13`	`github.com/clbanning/mxj/v2v2.5.5// indirect`
`@@ -36,3 +32,5 @@ require (`
`36`	`32`	`golang.org/x/textv0.3.8-0.20211105212822-18b340fc7af2// indirect`
`37`	`33`	`gopkg.in/yaml.v3v3.0.1// indirect`
`38`	`34`	`)`
	`35`	`+`
	`36`	`+go1.18`

`‎go.sum`

Lines changed: 6 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,8 @@ github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4`
`15`	`15`	`github.com/fsnotify/fsnotifyv1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=`
`16`	`16`	`github.com/fsnotify/fsnotifyv1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI=`
`17`	`17`	`github.com/fsnotify/fsnotifyv1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU=`
	`18`	`+github.com/glennliao/table-syncv0.2.0 h1:uxkrgNcDHCA/G27qk00+FqF2a832VVXmFX+/5zRHSkQ=`
	`19`	`+github.com/glennliao/table-syncv0.2.0/go.mod h1:YgVRcaEqwZMQqjN0fuWqOCAo2vMkfbUE9OSXM6jgiYw=`
`18`	`20`	`github.com/go-logr/logrv1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=`
`19`	`21`	`github.com/go-logr/logrv1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=`
`20`	`22`	`github.com/go-logr/logrv1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=`
`@@ -24,11 +26,11 @@ github.com/go-redis/redis/v8 v8.11.4/go.mod h1:2Z2wHZXdQpCDXEGzqMockDpNyYvi2l4Px`
`24`	`26`	`github.com/go-sql-driver/mysqlv1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=`
`25`	`27`	`github.com/go-sql-driver/mysqlv1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=`
`26`	`28`	`github.com/go-task/slim-sprigv0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=`
`27`		`-github.com/gogf/gf/contrib/drivers/mysql/v2v2.3.1 h1:uSZtDmlTFS51A98KPgZElPigSGDi7PPDN6mxeIXtsLo=`
`28`		`-github.com/gogf/gf/contrib/drivers/mysql/v2v2.3.1/go.mod h1:z+/0qiOwMroAnj5ESuobTv0l5P83rf+XR3r6Fj8WJyk=`
	`29`	`+github.com/gogf/gf/contrib/drivers/mysql/v2v2.3.2 h1:BZww6QOFgiN/YvovUtN64sgnq59TIg8vtkG8AL6eSl0=`
	`30`	`+github.com/gogf/gf/contrib/drivers/mysql/v2v2.3.2/go.mod h1:z+/0qiOwMroAnj5ESuobTv0l5P83rf+XR3r6Fj8WJyk=`
`29`	`31`	`github.com/gogf/gf/v2v2.0.0/go.mod h1:apktt6TleWtCIwpz63vBqUnw8MX8gWKoZyxgDpXFtgM=`
`30`		`-github.com/gogf/gf/v2v2.3.1 h1:uptCJK47N6KSRwTBnFAqBWYnYa/OXBkZ0OlhO9CK7bQ=`
`31`		`-github.com/gogf/gf/v2v2.3.1/go.mod h1:tsbmtwcAl2chcYoq/fP9W2FZf06aw4i89X34nbSHo9Y=`
	`32`	`+github.com/gogf/gf/v2v2.3.2 h1:nlJ0zuDWqFb93/faZmr7V+GADx/lzz5Unz/9x6OJ2u8=`
	`33`	`+github.com/gogf/gf/v2v2.3.2/go.mod h1:tsbmtwcAl2chcYoq/fP9W2FZf06aw4i89X34nbSHo9Y=`
`32`	`34`	`github.com/golang/protobufv1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=`
`33`	`35`	`github.com/golang/protobufv1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=`
`34`	`36`	`github.com/golang/protobufv1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=`

`‎query/node.go`

Lines changed: 4 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -109,7 +109,7 @@ func newNode(query Query, key string, path string, nodeReq any) Node {`
`109`	`109`	`}else {`
`110`	`110`	`node.Type=NodeTypeStruct// 结构节点下应该必须存在查询节点`
`111`	`111`
`112`		`-if!query.AccessVerify {`
	`112`	`+ifquery.NoAccessVerify==false {`
`113`	`113`	`iflo.Contains(db.GetTableNameList(),k) {`
`114`	`114`	`node.Type=NodeTypeQuery`
`115`	`115`	`}`
`@@ -210,7 +210,7 @@ func (n *Node) parse() {`
`210`	`210`	`caseNodeTypeQuery:`
`211`	`211`	`tableKey:=parseTableKey(n.Key,n.Path)`
`212`	`212`
`213`		`-access,err:=db.GetAccess(tableKey,n.queryContext.AccessVerify)`
	`213`	`+access,err:=db.GetAccess(tableKey,n.queryContext.NoAccessVerify)`
`214`	`214`	`iferr!=nil {`
`215`	`215`	`n.err=err`
`216`	`216`	`return`
`@@ -225,7 +225,7 @@ func (n *Node) parse() {`
`225`	`225`	`return`
`226`	`226`	`}`
`227`	`227`
`228`		`-ifn.queryContext.AccessVerify {`
	`228`	`+ifn.queryContext.NoAccessVerify!=false {`
`229`	`229`	`has,condition,err:=hasAccess(n,tableKey)`
`230`	`230`	`iferr!=nil {`
`231`	`231`	`n.err=err`
`@@ -240,7 +240,7 @@ func (n *Node) parse() {`
`240`	`240`	`accessWhereCondition=condition`
`241`	`241`	`}`
`242`	`242`
`243`		`-queryExecutor,err:=executor.NewQueryExecutor(access.Executor,n.ctx,n.queryContext.AccessVerify,n.role,access)`
	`243`	`+queryExecutor,err:=executor.NewQueryExecutor(access.Executor,n.ctx,n.queryContext.NoAccessVerify,n.role,access)`
`244`	`244`	`iferr!=nil {`
`245`	`245`	`n.err=err`
`246`	`246`	`return`

`‎query/query.go`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -32,8 +32,8 @@ type Query struct {`
`32`	`32`	`// 输出过程`
`33`	`33`	`PrintProcessLogbool`
`34`	`34`
`35`		`-//是否权限验证`
`36`		`-AccessVerifybool`
	`35`	`+//关闭权限验证 , 默认否`
	`36`	`+NoAccessVerifybool`
`37`	`37`	`// 自定义可访问权限的限定, 例如添加用户id的where条件`
`38`	`38`	`AccessCondition config.AccessCondition`
`39`	`39`	`}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit0d4646d

File tree

11 files changed

11 files changed

`‎.github/workflows/todo.yml`

`‎action/action.go`

`‎action/node.go`

`‎config/access.go`

`‎config/executor/query.go`

`‎framework/gf_orm/query.go`

`‎framework/handler/handler.go`

`‎go.mod`

`‎go.sum`

`‎query/node.go`

`‎query/query.go`

0 commit comments