github/dootask
1
0
Fork 0
mirror of https://github.com/kuaifan/dootask.git synced 2026-03-07 09:57:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: 新增临时帐号功能

Browse Source
This commit is contained in:
kuaifan 2023-02-19 23:20:19 +08:00
parent 7c4c03bbd4
commit 5f0b858baf
9 changed files with 145 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/Api/DialogController.php
View File

@ -862,7 +862,7 @@ class DialogController extends AbstractController
return Base::retError("请选择转发对话或成员");
}
//
$file = File::permissionFind($file_id);
$file = File::permissionFind($file_id, $user);
$fileLink = $file->getShareLink($user->userid);
$fileMsg = "<a class=\"mention file\" href=\"{{RemoteURL}}single/file/{$fileLink['code']}\" target=\"_blank\">~{$file->getNameAndExt()}</a>";
//

49
app/Http/Controllers/Api/FileController.php
View File

@ -45,9 +45,10 @@ class FileController extends AbstractController
$pid = intval($data['pid']);
//
$permission = 1000;
$userids = $user->isTemp() ? [$user->userid] : [0, $user->userid];
$builder = File::wherePid($pid);
if ($pid > 0) {
File::permissionFind($pid, 0, $permission);
File::permissionFind($pid, $userids, 0, $permission);
} else {
$builder->whereUserid($user->userid);
}
@ -66,7 +67,7 @@ class FileController extends AbstractController
}
$pid = $file->pid;
$temp = $file->toArray();
$temp['permission'] = $file->getPermission($user->userid);
$temp['permission'] = $file->getPermission($userids);
$array[] = $temp;
}
// 去除没有权限的文件
@ -92,9 +93,7 @@ class FileController extends AbstractController
$list = File::select(["files.*", DB::raw("MAX({$pre}file_users.permission) as permission")])
->join('file_users', 'files.id', '=', 'file_users.file_id')
->where('files.userid', '!=', $user->userid)
->where(function ($query) use ($user) {
$query->whereIn('file_users.userid', [0, $user->userid]);
})
->whereIn('file_users.userid', $userids)
->groupBy('files.id')
->take(100)
->get();
@ -135,8 +134,8 @@ class FileController extends AbstractController
//
$permission = 0;
if (Base::isNumber($id)) {
User::auth();
$file = File::permissionFind(intval($id), 0, $permission);
$user = User::auth();
$file = File::permissionFind(intval($id), $user, 0, $permission);
} elseif ($id) {
$fileLink = FileLink::whereCode($id)->first();
$file = $fileLink?->file;
@ -239,7 +238,7 @@ class FileController extends AbstractController
//
if ($id > 0) {
// 修改
$file = File::permissionFind($id, 1);
$file = File::permissionFind($id, $user, 1);
//
$file->name = $name;
$file->handleDuplicateName();
@ -282,7 +281,7 @@ class FileController extends AbstractController
if (File::wherePid($pid)->count() >= 300) {
return Base::retError('每个文件夹里最多只能创建300个文件或文件夹');
}
$row = File::permissionFind($pid, 1);
$row = File::permissionFind($pid, $user, 1);
$userid = $row->userid;
} else {
if (File::whereUserid($user->userid)->wherePid(0)->count() >= 300) {
@ -327,7 +326,7 @@ class FileController extends AbstractController
//
$id = intval(Request::input('id'));
//
$row = File::permissionFind($id);
$row = File::permissionFind($id, $user);
//
$userid = $user->userid;
if ($row->pid > 0) {
@ -397,14 +396,14 @@ class FileController extends AbstractController
}
$toShareFile = false;
if ($pid > 0) {
$tmpFile = File::permissionFind($pid, 1);
$tmpFile = File::permissionFind($pid, $user, 1);
$toShareFile = $tmpFile->getShareInfo();
}
//
$files = [];
AbstractModel::transaction(function() use ($user, $pid, $ids, $toShareFile, &$files) {
foreach ($ids as $id) {
$file = File::permissionFind($id, 1000);
$file = File::permissionFind($id, $user, 1000);
//
if ($pid > 0) {
if ($toShareFile) {
@ -458,7 +457,7 @@ class FileController extends AbstractController
*/
public function remove()
{
User::auth();
$user = User::auth();
//
$ids = Request::input('ids');
//
@ -470,9 +469,9 @@ class FileController extends AbstractController
}
//
$files = [];
AbstractModel::transaction(function() use ($ids, &$files) {
AbstractModel::transaction(function() use ($user, $ids, &$files) {
foreach ($ids as $id) {
$file = File::permissionFind($id, 1000);
$file = File::permissionFind($id, $user, 1000);
$file->deleteFile();
$files[] = $file;
}
@ -513,8 +512,8 @@ class FileController extends AbstractController
$history_id = intval(Request::input('history_id'));
//
if (Base::isNumber($id)) {
User::auth();
$file = File::permissionFind(intval($id));
$user = User::auth();
$file = File::permissionFind(intval($id), $user);
} elseif ($id) {
$fileLink = FileLink::whereCode($id)->first();
$file = $fileLink?->file;
@ -566,7 +565,7 @@ class FileController extends AbstractController
$id = Base::getPostInt('id');
$content = Base::getPostValue('content');
//
$file = File::permissionFind($id, 1);
$file = File::permissionFind($id, $user, 1);
//
$text = '';
if ($file->type == 'document') {
@ -659,7 +658,7 @@ class FileController extends AbstractController
$key = Request::input('key');
$url = Request::input('url');
//
$file = File::permissionFind($id, 1);
$file = File::permissionFind($id, $user, 1);
//
if ($status === 2) {
$parse = parse_url($url);
@ -717,7 +716,7 @@ class FileController extends AbstractController
if (File::wherePid($pid)->count() >= 300) {
return Base::retError('每个文件夹里最多只能创建300个文件或文件夹');
}
$row = File::permissionFind($pid, 1);
$row = File::permissionFind($pid, $user, 1);
$userid = $row->userid;
} else {
if (File::whereUserid($user->userid)->wherePid(0)->count() >= 300) {
@ -863,9 +862,11 @@ class FileController extends AbstractController
*/
public function content__history()
{
$user = User::auth();
//
$id = Request::input('id');
//
$file = File::permissionFind(intval($id));
$file = File::permissionFind(intval($id), $user);
//
$data = FileContent::select(['id', 'size', 'userid', 'created_at'])
->whereFid($file->id)
@ -896,7 +897,7 @@ class FileController extends AbstractController
$id = intval(Request::input('id'));
$history_id = intval(Request::input('history_id'));
//
$file = File::permissionFind($id);
$file = File::permissionFind($id, $user);
//
$history = FileContent::whereFid($file->id)->whereId($history_id)->first();
if (empty($history)) {
@ -1060,7 +1061,7 @@ class FileController extends AbstractController
//
$id = intval(Request::input('id'));
//
$file = File::permissionFind($id);
$file = File::permissionFind($id, $user);
//
if ($file->userid == $user->userid) {
return Base::retError('不能退出自己共享的文件');
@ -1098,7 +1099,7 @@ class FileController extends AbstractController
$id = intval(Request::input('id'));
$refresh = Request::input('refresh', 'no');
//
$file = File::permissionFind($id);
$file = File::permissionFind($id, $user);
$fileLink = $file->getShareLink($user->userid, $refresh == 'yes');
//
return Base::retSuccess('success', $fileLink);

4
app/Http/Controllers/Api/SystemController.php
View File

@ -41,7 +41,7 @@ class SystemController extends AbstractController
* @apiParam {String} type
* - get: 获取(默认)
* - all: 获取所有(需要管理员权限)
* - save: 保存设置(参数:['reg', 'reg_invite', 'login_code', 'password_policy', 'project_invite', 'chat_information', 'auto_archived', 'archived_day', 'all_group_mute', 'all_group_autoin', 'start_home', 'home_footer']
* - save: 保存设置(参数:['reg', 'reg_identity', 'reg_invite', 'login_code', 'password_policy', 'project_invite', 'chat_information', 'auto_archived', 'archived_day', 'all_group_mute', 'all_group_autoin', 'start_home', 'home_footer']
* @apiSuccess {Number} ret 返回状态码1正确、0错误
* @apiSuccess {String} msg 返回信息(错误描述)
@ -59,6 +59,7 @@ class SystemController extends AbstractController
foreach ($all AS $key => $value) {
if (!in_array($key, [
'reg',
'reg_identity',
'reg_invite',
'login_code',
'password_policy',
@ -95,6 +96,7 @@ class SystemController extends AbstractController
}
//
$setting['reg'] = $setting['reg'] ?: 'open';
$setting['reg_identity'] = $setting['reg_identity'] ?: 'normal';
$setting['login_code'] = $setting['login_code'] ?: 'auto';
$setting['password_policy'] = $setting['password_policy'] ?: 'simple';
$setting['project_invite'] = $setting['project_invite'] ?: 'open';

11
app/Http/Controllers/Api/UsersController.php
View File

@ -699,6 +699,8 @@ class UsersController extends AbstractController
* @apiParam {String} [type] 操作
* - setadmin 设为管理员
* - clearadmin 取消管理员
* - settemp 设为临时帐号
* - cleartemp 取消临时身份(取消临时帐号)
* - checkin_macs 修改自动签到mac地址需要参数 checkin_macs
* - department 修改部门(需要参数 department
* - setdisable 设为离职(需要参数 disable_time、transfer_userid
@ -746,6 +748,15 @@ class UsersController extends AbstractController
$upArray['identity'] = array_diff($userInfo->identity, ['admin']);
break;
case 'settemp':
$upArray['identity'] = array_diff($userInfo->identity, ['temp']);
$upArray['identity'][] = 'temp';
break;
case 'cleartemp':
$upArray['identity'] = array_diff($userInfo->identity, ['temp']);
break;
case 'checkin_macs':
$list = is_array($data['checkin_macs']) ? $data['checkin_macs'] : [];
$array = [];

27
app/Models/File.php
View File

@ -96,21 +96,18 @@ class File extends AbstractModel
/**
* 是否有访问权限
* @param $userid
* @param array $userids
* @return int -1:没有权限0:访问权限1:读写权限1000:所有者或创建者
*/
public function getPermission($userid)
public function getPermission(array $userids)
{
if ($userid == $this->userid || $userid == $this->created_id) {
if (in_array($this->userid, $userids) || in_array($this->created_id, $userids)) {
// ① 自己的文件夹 或 自己创建的文件夹
return 1000;
}
$row = $this->getShareInfo();
if ($row) {
$fileUser = FileUser::whereFileId($row->id)->where(function ($query) use ($userid) {
$query->where('userid', 0);
$query->orWhere('userid', $userid);
})->orderByDesc('permission')->first();
$fileUser = FileUser::whereFileId($row->id)->whereIn('userid', $userids)->orderByDesc('permission')->first();
if ($fileUser) {
// ② 在指定共享成员内
return $fileUser->permission;
@ -411,19 +408,25 @@ class File extends AbstractModel
/**
* 获取文件并检测权限
* @param $id
* @param int $limit 要求权限: 0-访问权限、1-读写权限、1000-所有者或创建者
* @param $permission
* @param int $id
* @param User|array|int $user 要求权限的用户,如:[0, 1]
* @param int $limit 要求权限: 0-访问权限、1-读写权限、1000-所有者或创建者
* @param int $permission
* @return File
*/
public static function permissionFind($id, $limit = 0, &$permission = -1)
public static function permissionFind(int $id, $user, int $limit = 0, int &$permission = -1)
{
$file = File::find($id);
if (empty($file)) {
throw new ApiException('文件不存在或已被删除');
}
//
$permission = $file->getPermission(User::userid());
if ($user instanceof User) {
$userids = $user->isTemp() ? [$user->userid] : [0, $user->userid];
} else {
$userids = is_array($user) ? $user : [$user];
}
$permission = $file->getPermission($userids);
if ($permission < $limit) {
$msg = match ($limit) {
1000 => '仅限所有者或创建者操作',

25
app/Models/User.php
View File

@ -179,6 +179,15 @@ class User extends AbstractModel
return in_array('ldap', $this->identity);
}
/**
* 返回是否临时帐号
* @return bool
*/
public function isTemp()
{
return in_array('temp', $this->identity);
}
/**
* 判断是否管理员
*/
@ -260,7 +269,7 @@ class User extends AbstractModel
*/
public static function reg($email, $password, $other = [])
{
//邮箱
// 邮箱
if (!Base::isEmail($email)) {
throw new ApiException('请输入正确的邮箱地址');
}
@ -273,9 +282,9 @@ class User extends AbstractModel
}
throw new ApiException('邮箱地址已存在');
}
//密码
// 密码
self::passwordPolicy($password);
//开始注册
// 开始注册
$encrypt = Base::generatePassword(6);
$inArray = [
'encrypt' => $encrypt,
@ -290,8 +299,16 @@ class User extends AbstractModel
$user->az = Base::getFirstCharter($user->nickname);
$user->pinyin = Base::cn2pinyin($user->nickname);
if ($user->save()) {
$setting = Base::setting('system');
$reg_identity = $setting['reg_identity'] ?: 'normal';
$all_group_autoin = $setting['all_group_autoin'] ?: 'yes';
// 注册临时身份
if ($reg_identity === 'temp') {
$user->identity = Base::arrayImplode(array_merge(array_diff($user->identity, ['temp']), ['temp']));
$user->save();
}
// 加入全员群组
if (Base::settingFind('system', 'all_group_autoin', 'yes') === 'yes') {
if ($all_group_autoin === 'yes') {
$dialog = WebSocketDialog::whereGroupType('all')->orderByDesc('id')->first();
$dialog?->joinGroup($user->userid, 0);
}

2
app/Models/WebSocketDialogMsg.php
View File

@ -677,7 +677,7 @@ class WebSocketDialogMsg extends AbstractModel
$keyId = $matchId[1];
if ($matchChar[1] === "~") {
if (Base::isNumber($keyId)) {
$file = File::permissionFind($keyId);
$file = File::permissionFind($keyId, User::auth());
if ($file->type == 'folder') {
throw new ApiException('文件夹不支持分享');
}

52
resources/assets/js/pages/manage/components/TeamManagement.vue
View File

@ -76,6 +76,8 @@
<Option value="">{{$L('全部')}}</Option>
<Option value="admin">{{$L('管理员')}}</Option>
<Option value="noadmin">{{$L('非管理员')}}</Option>
<Option value="temp">{{$L('临时帐号')}}</Option>
<Option value="notemp">{{$L('非临时帐号')}}</Option>
</Select>
</div>
</li>
@ -329,7 +331,7 @@ export default {
{
title: this.$L('邮箱'),
key: 'email',
minWidth: 100,
minWidth: 160,
render: (h, {row}) => {
const arr = [h('AutoTip', row.email)];
const {email_verity, identity, disable_at} = row;
@ -354,6 +356,13 @@ export default {
}
}, this.$L('管理员')))
}
if (identity.includes("temp")) {
arr.push(h('Tag', {
props: {
color: 'success'
}
}, this.$L('临时')))
}
if (identity.includes("disable")) {
arr.push(h('Tooltip', {
props: {
@ -505,6 +514,21 @@ export default {
}, [h('div', this.$L('设为管理员'))]));
}
if (identity.includes('temp')) {
dropdownItems.push(h('EDropdownItem', {
props: {
command: 'cleartemp',
},
}, [h('div', this.$L('取消临时身份'))]));
} else {
dropdownItems.push(h('EDropdownItem', {
props: {
command: 'settemp',
},
}, [h('div', this.$L('设为临时帐号'))]));
}
dropdownItems.push(h('EDropdownItem', {
props: {
command: 'email',
@ -793,6 +817,32 @@ export default {
dropUser(name, row) {
switch (name) {
case 'settemp':
$A.modalConfirm({
content: `你确定将【ID:${row.userid}${row.nickname}】设为临时帐号吗?(注:临时帐号限制请查看系统设置)`,
loading: true,
onOk: () => {
return this.operationUser({
userid: row.userid,
type: name
});
}
});
break;
case 'cleartemp':
$A.modalConfirm({
content: `你确定取消【ID:${row.userid}${row.nickname}】临时身份吗?`,
loading: true,
onOk: () => {
return this.operationUser({
userid: row.userid,
type: name
});
}
});
break;
case 'email':
$A.modalInput({
title: "修改邮箱",

17
resources/assets/js/pages/manage/setting/components/SystemSetting.vue
View File

@ -15,6 +15,21 @@
</Input>
</template>
</FormItem>
<FormItem v-if="['open', 'invite'].includes(formDatum.reg)" :label="$L('注册身份')" prop="reg_identity">
<RadioGroup v-model="formDatum.reg_identity">
<Radio label="normal">{{$L('正常帐号')}}</Radio>
<Radio label="temp">{{$L('临时帐号')}}</Radio>
</RadioGroup>
<div class="form-tip form-list">
<p>{{$L('临时帐号')}}</p>
<ol>
<li>{{$L('禁止查看共享所有人的文件。')}}</li>
<li>{{$L('禁止发起会话。')}}</li>
<li>{{$L('禁止创建群聊。')}}</li>
<li>{{$L('禁止拨打电话。')}}</li>
</ol>
</div>
</FormItem>
<FormItem :label="$L('登录验证码')" prop="loginCode">
<RadioGroup v-model="formDatum.login_code">
<Radio label="auto">{{$L('自动')}}</Radio>
@ -22,6 +37,8 @@
<Radio label="close">{{$L('关闭')}}</Radio>
</RadioGroup>
<div v-if="formDatum.login_code == 'auto'" class="form-tip">{{$L('自动密码输入错误后必须添加验证码')}}</div>
<div v-else-if="formDatum.login_code == 'open'" class="form-tip">{{$L('开启:每次登录都需要图形验证码。')}}</div>
<div v-else-if="formDatum.login_code == 'close'" class="form-tip">{{$L('关闭:不需要输入图形验证。')}}</div>
</FormItem>
<FormItem :label="$L('密码策略')" prop="passwordPolicy">
<RadioGroup v-model="formDatum.password_policy">