@certd/lib-server 1.39.1 → 1.39.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -111,11 +111,16 @@ export class BaseController {
111
111
  await authService.checkProjectId(service, id, projectId);
112
112
  }
113
113
  else {
114
- if (allowAdmin) {
115
- await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
114
+ if (userId === Constants.systemUserId) {
115
+ //系统级别,不检查权限
116
116
  }
117
117
  else {
118
- await authService.checkUserId(service, id, userId);
118
+ if (allowAdmin) {
119
+ await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
120
+ }
121
+ else {
122
+ await authService.checkUserId(service, id, userId);
123
+ }
119
124
  }
120
125
  }
121
126
  return { projectId, userId };
@@ -11,6 +11,7 @@ import { PermissionException, ValidateException } from './exception/index.js';
11
11
  import { In } from 'typeorm';
12
12
  import { Inject } from '@midwayjs/core';
13
13
  import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
14
+ import { Constants } from './constants.js';
14
15
  /**
15
16
  * 服务基类
16
17
  */
@@ -232,7 +233,7 @@ __decorate([
232
233
  ], BaseService.prototype, "dataSourceManager", void 0);
233
234
  export function checkUserProjectParam(userId, projectId) {
234
235
  if (projectId != null) {
235
- if (userId !== -1) {
236
+ if (userId !== Constants.enterpriseUserId) {
236
237
  throw new ValidateException('userId projectId 错误');
237
238
  }
238
239
  return true;
@@ -112,4 +112,6 @@ export declare const Constants: {
112
112
  message: string;
113
113
  };
114
114
  };
115
+ systemUserId: number;
116
+ enterpriseUserId: number;
115
117
  };
@@ -118,4 +118,6 @@ export const Constants = {
118
118
  message: '用户邮箱还未配置',
119
119
  },
120
120
  },
121
+ systemUserId: 0, // 系统级别userid固定为0
122
+ enterpriseUserId: -1 // 企业模式用户id固定为-1
121
123
  };
@@ -53,6 +53,7 @@ export declare class SysPrivateSettings extends BaseSettings {
53
53
  commonCnameEnabled?: boolean;
54
54
  httpRequestTimeout?: number;
55
55
  pipelineMaxRunningCount?: number;
56
+ environmentVars?: string;
56
57
  sms?: {
57
58
  type?: string;
58
59
  config?: any;
@@ -60,6 +60,7 @@ export class SysPrivateSettings extends BaseSettings {
60
60
  commonCnameEnabled = true;
61
61
  httpRequestTimeout = 30;
62
62
  pipelineMaxRunningCount;
63
+ environmentVars = '';
63
64
  sms = {
64
65
  type: 'aliyun',
65
66
  config: {},
@@ -21,6 +21,7 @@ export declare class SysSettingsService extends BaseService<SysSettingsEntity> {
21
21
  reloadSettings(): Promise<void>;
22
22
  reloadPublicSettings(): Promise<void>;
23
23
  reloadPrivateSettings(): Promise<void>;
24
+ setEnvironmentVars(vars: string): void;
24
25
  updateByKey(key: string, setting: any): Promise<void>;
25
26
  backupSecret(): Promise<void>;
26
27
  getSecret(): Promise<SysSecret>;
@@ -17,8 +17,9 @@ import { cache, logger, mergeUtils, setGlobalProxy } from '@certd/basic';
17
17
  import * as dns from 'node:dns';
18
18
  import { BaseService, setAdminMode } from '../../../basic/index.js';
19
19
  import { executorQueue } from '../../basic/service/executor-queue.js';
20
- import { isComm } from '@certd/plus-core';
20
+ import { isComm, isPlus } from '@certd/plus-core';
21
21
  const { merge } = mergeUtils;
22
+ let lastSaveEnvVars = {};
22
23
  /**
23
24
  * 设置
24
25
  */
@@ -142,7 +143,9 @@ let SysSettingsService = class SysSettingsService extends BaseService {
142
143
  }
143
144
  async reloadPublicSettings() {
144
145
  const publicSetting = await this.getPublicSettings();
145
- setAdminMode(publicSetting.adminMode);
146
+ if (isPlus()) {
147
+ setAdminMode(publicSetting.adminMode);
148
+ }
146
149
  }
147
150
  async reloadPrivateSettings() {
148
151
  const privateSetting = await this.getPrivateSettings();
@@ -158,6 +161,39 @@ let SysSettingsService = class SysSettingsService extends BaseService {
158
161
  executorQueue.setMaxRunningCount(privateSetting.pipelineMaxRunningCount);
159
162
  }
160
163
  setSslProviderReverseProxies(privateSetting.reverseProxies);
164
+ //加载环境变量
165
+ this.setEnvironmentVars(privateSetting.environmentVars);
166
+ }
167
+ setEnvironmentVars(vars) {
168
+ const envVars = {};
169
+ if (typeof vars !== 'string') {
170
+ vars = "";
171
+ }
172
+ vars.split('\n').forEach(line => {
173
+ line = line.trim();
174
+ if (!line || line.startsWith('#')) {
175
+ return;
176
+ }
177
+ const arr = line.split("#");
178
+ if (arr.length > 0) {
179
+ line = arr[0].trim();
180
+ }
181
+ if (!line.includes("=")) {
182
+ return;
183
+ }
184
+ const [key, value] = line.split('=');
185
+ if (key && value) {
186
+ envVars[key.trim()] = value.trim();
187
+ }
188
+ });
189
+ //先删除旧环境变量
190
+ if (lastSaveEnvVars) {
191
+ for (const key in lastSaveEnvVars) {
192
+ delete process.env[key];
193
+ }
194
+ }
195
+ merge(process.env, envVars);
196
+ lastSaveEnvVars = envVars;
161
197
  }
162
198
  async updateByKey(key, setting) {
163
199
  const entity = await this.getByKey(key);
@@ -3,6 +3,7 @@
3
3
  */
4
4
  export declare class AccessEntity {
5
5
  id: number;
6
+ keyId: string;
6
7
  userId: number;
7
8
  name: string;
8
9
  type: string;
@@ -13,6 +13,7 @@ import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
13
13
  */
14
14
  let AccessEntity = class AccessEntity {
15
15
  id;
16
+ keyId;
16
17
  userId; // 0为系统级别, -1为企业,大于1为用户
17
18
  name;
18
19
  type;
@@ -26,6 +27,10 @@ __decorate([
26
27
  PrimaryGeneratedColumn(),
27
28
  __metadata("design:type", Number)
28
29
  ], AccessEntity.prototype, "id", void 0);
30
+ __decorate([
31
+ Column({ name: 'key_id', comment: 'key_id', length: 100 }),
32
+ __metadata("design:type", String)
33
+ ], AccessEntity.prototype, "keyId", void 0);
29
34
  __decorate([
30
35
  Column({ name: 'user_id', comment: '用户id' }),
31
36
  __metadata("design:type", Number)
@@ -44,4 +44,10 @@ export declare class AccessService extends BaseService<AccessEntity> {
44
44
  }[];
45
45
  getDefineByType(type: string): import("@certd/pipeline").Registrable;
46
46
  getSimpleByIds(ids: number[], userId: any, projectId?: number): Promise<AccessEntity[]>;
47
+ /**
48
+ * 复制授权到其他项目
49
+ * @param accessId
50
+ * @param projectId
51
+ */
52
+ copyTo(accessId: number, projectId?: number): Promise<any>;
47
53
  }
@@ -14,6 +14,7 @@ import { AccessGetter, BaseService, PermissionException, ValidateException } fro
14
14
  import { AccessEntity } from '../entity/access.js';
15
15
  import { accessRegistry, newAccess } from '@certd/pipeline';
16
16
  import { EncryptService } from './encrypt-service.js';
17
+ import { logger, utils } from '@certd/basic';
17
18
  /**
18
19
  * 授权
19
20
  */
@@ -46,6 +47,7 @@ let AccessService = class AccessService extends BaseService {
46
47
  }
47
48
  delete param._copyFrom;
48
49
  this.encryptSetting(param, oldEntity);
50
+ param.keyId = "ac_" + utils.id.simpleNanoId();
49
51
  return await super.add(param);
50
52
  }
51
53
  encryptSetting(param, oldSettingEntity) {
@@ -114,6 +116,7 @@ let AccessService = class AccessService extends BaseService {
114
116
  throw new ValidateException('该授权配置不存在,请确认是否已被删除');
115
117
  }
116
118
  this.encryptSetting(param, oldEntity);
119
+ delete param.keyId;
117
120
  return await super.update(param);
118
121
  }
119
122
  async getSimpleInfo(id) {
@@ -203,6 +206,37 @@ let AccessService = class AccessService extends BaseService {
203
206
  },
204
207
  });
205
208
  }
209
+ /**
210
+ * 复制授权到其他项目
211
+ * @param accessId
212
+ * @param projectId
213
+ */
214
+ async copyTo(accessId, projectId) {
215
+ const access = await this.info(accessId);
216
+ if (access == null) {
217
+ throw new Error(`该授权配置不存在,请确认是否已被删除:id=${accessId}`);
218
+ }
219
+ const keyId = access.keyId;
220
+ //检查目标项目里是否已经有相同keyId的配置
221
+ const existAccess = await this.repository.findOne({
222
+ where: {
223
+ keyId,
224
+ projectId,
225
+ },
226
+ });
227
+ if (existAccess) {
228
+ logger.info(`目标项目已存在相同keyId的授权配置,跳过复制:keyId=${keyId}`);
229
+ return existAccess.id;
230
+ }
231
+ const newAccess = {
232
+ ...access,
233
+ userId: -1,
234
+ id: undefined,
235
+ projectId,
236
+ };
237
+ await this.repository.save(newAccess);
238
+ return newAccess.id;
239
+ }
206
240
  };
207
241
  __decorate([
208
242
  InjectEntityModel(AccessEntity),
@@ -2,6 +2,7 @@
2
2
  */
3
3
  export declare class AddonEntity {
4
4
  id: number;
5
+ keyId: string;
5
6
  userId: number;
6
7
  name: string;
7
8
  addonType: string;
@@ -12,6 +12,7 @@ import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
12
12
  */
13
13
  let AddonEntity = class AddonEntity {
14
14
  id;
15
+ keyId;
15
16
  userId;
16
17
  name;
17
18
  addonType;
@@ -27,6 +28,10 @@ __decorate([
27
28
  PrimaryGeneratedColumn(),
28
29
  __metadata("design:type", Number)
29
30
  ], AddonEntity.prototype, "id", void 0);
31
+ __decorate([
32
+ Column({ name: 'key_id', comment: 'key_id', length: 100 }),
33
+ __metadata("design:type", String)
34
+ ], AddonEntity.prototype, "keyId", void 0);
30
35
  __decorate([
31
36
  Column({ name: 'user_id', comment: '用户id' }),
32
37
  __metadata("design:type", Number)
@@ -23,6 +23,7 @@ export declare class AddonService extends BaseService<AddonEntity> {
23
23
  update(param: any): Promise<void>;
24
24
  getSimpleInfo(id: number): Promise<{
25
25
  id: number;
26
+ keyId: string;
26
27
  name: string;
27
28
  userId: number;
28
29
  addonType: string;
@@ -13,6 +13,7 @@ import { In, Repository } from "typeorm";
13
13
  import { BaseService, ValidateException } from "../../../index.js";
14
14
  import { addonRegistry } from "../api/index.js";
15
15
  import { AddonEntity } from "../entity/addon.js";
16
+ import { utils } from "@certd/basic";
16
17
  /**
17
18
  * Addon
18
19
  */
@@ -46,6 +47,7 @@ let AddonService = class AddonService extends BaseService {
46
47
  else {
47
48
  param.isSystem = false;
48
49
  }
50
+ param.keyId = "ad_" + utils.id.simpleNanoId();
49
51
  delete param._copyFrom;
50
52
  return await super.add(param);
51
53
  }
@@ -58,6 +60,7 @@ let AddonService = class AddonService extends BaseService {
58
60
  if (oldEntity == null) {
59
61
  throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
60
62
  }
63
+ delete param.keyId;
61
64
  return await super.update(param);
62
65
  }
63
66
  async getSimpleInfo(id) {
@@ -67,6 +70,7 @@ let AddonService = class AddonService extends BaseService {
67
70
  }
68
71
  return {
69
72
  id: entity.id,
73
+ keyId: entity.keyId,
70
74
  name: entity.name,
71
75
  userId: entity.userId,
72
76
  addonType: entity.addonType,
@@ -95,6 +99,7 @@ let AddonService = class AddonService extends BaseService {
95
99
  },
96
100
  select: {
97
101
  id: true,
102
+ keyId: true,
98
103
  name: true,
99
104
  addonType: true,
100
105
  type: true,
@@ -123,6 +128,7 @@ let AddonService = class AddonService extends BaseService {
123
128
  const setting = JSON.parse(res.setting);
124
129
  return {
125
130
  id: res.id,
131
+ keyId: res.keyId,
126
132
  addonType: res.addonType,
127
133
  type: res.type,
128
134
  name: res.name,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@certd/lib-server",
3
- "version": "1.39.1",
3
+ "version": "1.39.3",
4
4
  "description": "midway with flyway, sql upgrade way ",
5
5
  "private": false,
6
6
  "type": "module",
@@ -28,11 +28,11 @@
28
28
  ],
29
29
  "license": "AGPL",
30
30
  "dependencies": {
31
- "@certd/acme-client": "^1.39.1",
32
- "@certd/basic": "^1.39.1",
33
- "@certd/pipeline": "^1.39.1",
34
- "@certd/plugin-lib": "^1.39.1",
35
- "@certd/plus-core": "^1.39.1",
31
+ "@certd/acme-client": "^1.39.3",
32
+ "@certd/basic": "^1.39.3",
33
+ "@certd/pipeline": "^1.39.3",
34
+ "@certd/plugin-lib": "^1.39.3",
35
+ "@certd/plus-core": "^1.39.3",
36
36
  "@midwayjs/cache": "3.14.0",
37
37
  "@midwayjs/core": "3.20.11",
38
38
  "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
64
64
  "typeorm": "^0.3.11",
65
65
  "typescript": "^5.4.2"
66
66
  },
67
- "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
67
+ "gitHead": "6cb51bc55d8a649797b0b3bdbc6982451b5bfd5e"
68
68
  }