feat: 完成诸个TODO

idoknow · Apr 27, 2024 · fb29b49 · fb29b49
1 parent 1ff8524
commit fb29b49
Show file tree

Hide file tree

Showing 6 changed files with 99 additions and 11 deletions.
diff --git a/backend/config/config.go b/backend/config/config.go
@@ -13,7 +13,7 @@ func SetDefault() {
 
 	// jwt
 	viper.SetDefault("auth.jwt.secret", "campux")
-	viper.SetDefault("auth.jwt.expire", 3600)
+	viper.SetDefault("auth.jwt.expire", 3600*6)
 
 	// 服务token
 	viper.SetDefault("service.token", "campux")

diff --git a/backend/controller/postapi.go b/backend/controller/postapi.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"strconv"
 
+	"github.com/RockChinQ/Campux/backend/database"
 	"github.com/RockChinQ/Campux/backend/service"
 	"github.com/gin-gonic/gin"
 )
@@ -164,14 +165,21 @@ func (pr *PostRouter) GetSelfPosts(c *gin.Context) {
 // 获取稿件列表
 func (pr *PostRouter) GetPosts(c *gin.Context) {
 
-	_, err := pr.Auth(c, Both)
+	uin, err := pr.Auth(c, Both)
 
 	if err != nil {
 		pr.StatusCode(c, 401, err.Error())
 		return
 	}
 
-	// TODO 检查用户权限
+	// 检查用户权限
+	if !pr.PostService.CheckUserGroup(uin, []database.UserGroup{
+		database.USER_GROUP_ADMIN,
+		database.USER_GROUP_MEMBER,
+	}) {
+		pr.StatusCode(c, 401, "权限不足")
+		return
+	}
 
 	var body GetPostsBody
 
@@ -200,14 +208,21 @@ func (pr *PostRouter) GetPosts(c *gin.Context) {
 }
 
 func (pr *PostRouter) GetPostInfo(c *gin.Context) {
-	_, err := pr.Auth(c, Both)
+	uin, err := pr.Auth(c, Both)
 
 	if err != nil {
 		pr.StatusCode(c, 401, err.Error())
 		return
 	}
 
-	// TODO 检查用户权限
+	// 检查用户权限
+	if !pr.PostService.CheckUserGroup(uin, []database.UserGroup{
+		database.USER_GROUP_ADMIN,
+		database.USER_GROUP_MEMBER,
+	}) {
+		pr.StatusCode(c, 401, "权限不足")
+		return
+	}
 
 	id := c.Param("id")
 
@@ -274,7 +289,14 @@ func (pr *PostRouter) ReviewPost(c *gin.Context) {
 		return
 	}
 
-	// TODO 检查用户权限
+	// 检查用户权限
+	if !pr.PostService.CheckUserGroup(uin, []database.UserGroup{
+		database.USER_GROUP_ADMIN,
+		database.USER_GROUP_MEMBER,
+	}) {
+		pr.StatusCode(c, 401, "权限不足")
+		return
+	}
 
 	// 取body的json里的id, status, comment
 	var body PostReviewBody

diff --git a/backend/oss/minio.go b/backend/oss/minio.go
@@ -66,3 +66,15 @@ func (m *MinioClient) DownloadToIO(objectName string, ioWriter io.Writer) error
 
 	return err
 }
+
+// 检查文件是否存在
+func (m *MinioClient) CheckObjectExist(objectName string) (bool, error) {
+	_, err := m.Client.StatObject(context.Background(), m.Bucket, objectName, minio.StatObjectOptions{})
+	if err != nil {
+		if minio.ToErrorResponse(err).Code == "NoSuchKey" {
+			return false, nil
+		}
+		return false, err
+	}
+	return true, nil
+}
diff --git a/backend/service/account.go b/backend/service/account.go
@@ -60,7 +60,6 @@ func (as *AccountService) CheckAccount(uin int64, pwd string) (string, error) {
 		return "", ErrPasswordIncorrect
 	}
 
-	// TODO: generate jwt token
 	jwt, err := util.GenerateJWTToken(uin)
 
 	return jwt, err

diff --git a/backend/service/post.go b/backend/service/post.go
@@ -11,14 +11,16 @@ import (
 )
 
 type PostService struct {
-	DB  database.MongoDBManager
+	CommonService
 	OSS oss.MinioClient
 	MQ  mq.RedisStreamMQ
 }
 
 func NewPostService(db database.MongoDBManager, oss oss.MinioClient, mq mq.RedisStreamMQ) *PostService {
 	return &PostService{
-		DB:  db,
+		CommonService: CommonService{
+			DB: db,
+		},
 		OSS: oss,
 		MQ:  mq,
 	}
@@ -48,8 +50,30 @@ func (ps *PostService) PostNew(uuid string, uin int64, text string, images []str
 
 	id += 1
 
-	// TODO 检查这个用户是否有未过审的帖子
-	// TODO 检查图片是否存在
+	// 检查这个用户是否有未过审的帖子
+
+	posts, err := ps.DB.GetPosts(uin, database.POST_STATUS_PENDING_APPROVAL, 1, 1, 1)
+
+	if err != nil {
+		return -1, err
+	}
+
+	if len(posts) > 0 {
+		return -1, errors.New("此用户有待审核状态的稿件")
+	}
+
+	// 检查图片是否存在
+	for _, img := range images {
+		exist, err := ps.OSS.CheckObjectExist(img)
+
+		if err != nil {
+			return -1, err
+		}
+
+		if !exist {
+			return -1, errors.New("图片不存在")
+		}
+	}
 
 	err = ps.DB.AddPost(&database.PostPO{
 		ID:        id,

diff --git a/backend/service/service.go b/backend/service/service.go
@@ -0,0 +1,31 @@
+package service
+
+import "github.com/RockChinQ/Campux/backend/database"
+
+type CommonService struct {
+	DB database.MongoDBManager
+}
+
+func (cs *CommonService) CheckUserGroup(uin int64, groups []database.UserGroup) bool {
+
+	if uin == 0 {
+		return true
+	}
+
+	acc, err := cs.DB.GetAccountByUIN(uin)
+	if err != nil {
+		return false
+	}
+
+	if acc == nil {
+		return false
+	}
+
+	for _, group := range groups {
+		if acc.UserGroup == group {
+			return true
+		}
+	}
+
+	return false
+}