midway-fatcms 0.0.10 → 0.0.12

package/dist/configuration.d.ts

@@ -1,8 +1,6 @@
 import * as koa from '@midwayjs/koa';
-import { RedisService } from '@midwayjs/redis';
 export declare class ContainerLifeCycle {
     app: koa.Application;
-    redisService: RedisService;
     onConfigLoad(): Promise<any>;
     onReady(): Promise<void>;
     /**

package/dist/configuration.js

@@ -89,14 +89,20 @@ let ContainerLifeCycle = class ContainerLifeCycle {
      * 会通过 Redis 广播通知所有节点刷新缓存。
      */
     async initCacheRefreshRedis() {
-        try {
-            (0, CacheRefreshRedisSubscriber_1.initCacheRefreshPublishClient)(this.redisService);
-            (0, CacheRefreshRedisSubscriber_1.initCacheRefreshSubscriber)(this.redisService);
-        }
-        catch (e) {
-            // Redis 未配置或不可用时，降级为单节点模式（仅刷新本节点缓存）
-            this.app.getLogger().warn('ContainerLifeCycle ==> initCacheRefreshRedis Redis不可用，降级为单节点模式:', e.message);
-        }
+        setTimeout(async () => {
+            const app = this.app;
+            const ctx = app.createAnonymousContext();
+            const redisService = await ctx.requestContext.getAsync(redis_1.RedisService);
+            try {
+                (0, CacheRefreshRedisSubscriber_1.initCacheRefreshPublishClient)(redisService);
+                (0, CacheRefreshRedisSubscriber_1.initCacheRefreshSubscriber)(redisService);
+                this.app.getLogger().info('ContainerLifeCycle ==> initCacheRefreshRedis success');
+            }
+            catch (e) {
+                // Redis 未配置或不可用时，降级为单节点模式（仅刷新本节点缓存）
+                this.app.getLogger().warn('ContainerLifeCycle ==> initCacheRefreshRedis Redis不可用，降级为单节点模式:', e.message);
+            }
+        }, 1000 * 60);
     }
     /**
      * 注册各类型缓存的刷新器到 CacheRefreshHub
@@ -159,10 +165,6 @@ __decorate([
     (0, core_1.App)(),
     __metadata("design:type", Object)
 ], ContainerLifeCycle.prototype, "app", void 0);
-__decorate([
-    (0, core_1.Inject)(),
-    __metadata("design:type", redis_1.RedisService)
-], ContainerLifeCycle.prototype, "redisService", void 0);
 ContainerLifeCycle = __decorate([
     (0, core_1.Configuration)({
         // namespace: 'fatcms',

package/dist/controller/gateway/AsyncTaskController.d.ts

@@ -6,6 +6,7 @@ import { BaseApiController } from '../base/BaseApiController';
 export declare class AsyncTaskController extends BaseApiController {
     protected ctx: Context;
     private asyncTaskService;
+    private crudStdService;
     getMyTasks(): Promise<import("../../libs/crud-pro/models/ExecuteContext").ExecuteContext>;
     createTask(): Promise<import("../../libs/crud-pro/models/ExecuteContext").ExecuteContext>;
     cancelTask(id: number): Promise<{

package/dist/controller/gateway/AsyncTaskController.js

@@ -15,6 +15,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.AsyncTaskController = void 0;
 const fs = require("fs");
 const fs2 = require("node:fs/promises");
+const md5 = require("md5");
 const core_1 = require("@midwayjs/core");
 const BaseApiController_1 = require("../base/BaseApiController");
 const AsyncTaskService_1 = require("../../service/asyncTask/AsyncTaskService");
@@ -24,6 +25,8 @@ const SystemTables_1 = require("../../models/SystemTables");
 const exceptions_1 = require("../../libs/crud-pro/exceptions");
 const permission_middleware_1 = require("../../middleware/permission.middleware");
 const functions_1 = require("../../libs/utils/functions");
+const CrudStdService_1 = require("../../service/crudstd/CrudStdService");
+const devops_1 = require("../../models/devops");
 function fixMyTasksCondition(body, ctx) {
     if (!body.condition) {
         throw new exceptions_1.CommonException('参数不正确');
@@ -43,6 +46,27 @@ function fixCancelBodyData(body, id) {
     dataObj.task_status = AsyncTaskModel_1.SysAsyncTaskStatus.CANCELLED;
     body.data = dataObj;
 }
+/**
+ * 验证 STD_CRUD 类型的异步任务权限
+ * 根据 settingKey 配置的权限项进行鉴权
+ */
+async function validateStdCrudTaskPermission(crudStdService, inputParams) {
+    var _a;
+    if (inputParams.appType !== 'STD_CRUD' || !inputParams.settingKey) {
+        return; // 非 STD_CRUD 类型或无 settingKey，无需鉴权
+    }
+    const stdAction = {
+        appCode: inputParams.appCode,
+        settingKey: inputParams.settingKey,
+    };
+    const appInfo = await crudStdService.getParsedCrudStdAppForSettingKey(stdAction);
+    if (!appInfo || appInfo.status !== 1) {
+        throw new devops_1.BizException('应用不存在或已下线：' + inputParams.appCode);
+    }
+    if (!((_a = appInfo.settingKeyActionCfg) === null || _a === void 0 ? void 0 : _a.hasOperationPerm)) {
+        throw new devops_1.BizException('没有操作权限：settingKey=' + inputParams.settingKey);
+    }
+}
 function fixCreateBodyData(body, ctx) {
     if (!body.data) {
         throw new exceptions_1.CommonException('参数不正确');
@@ -57,6 +81,11 @@ function fixCreateBodyData(body, ctx) {
         host: headers.host,
         origin: headers.origin,
     };
+    dataObj.task_uuid = md5(JSON.stringify({
+        input_params: input_params,
+        created_by: sessionInfo.accountId,
+        created_time: Date.now(),
+    }));
     dataObj.task_status = AsyncTaskModel_1.SysAsyncTaskStatus.PENDING;
     dataObj.created_by = sessionInfo.accountId;
     dataObj.created_user_session = JSON.stringify(sessionInfo); // 创建人的session信息。用于执行时的鉴权。
@@ -73,9 +102,14 @@ let AsyncTaskController = class AsyncTaskController extends BaseApiController_1.
     }
     // 创建任务
     async createTask() {
-        //每个用户：5秒内只能创建1次任务
+        var _a;
+        // 每个用户：5秒内只能创建1次任务
         await this.checkUserActionTimeLimit('AsyncTaskController_createTask', 5);
-        fixCreateBodyData(this.ctx.request.body, this.ctx);
+        // 解析 input_params 并进行权限鉴权
+        const body = this.ctx.request.body;
+        const inputParams = (0, functions_1.parseJsonObject)((_a = body.data) === null || _a === void 0 ? void 0 : _a.input_params) || {};
+        await validateStdCrudTaskPermission(this.crudStdService, inputParams);
+        fixCreateBodyData(body, this.ctx);
         const res = await this.executeSysSimpleSQL(SystemTables_1.SystemTables.sys_async_tasks, keys_1.KeysOfSimpleSQL.SIMPLE_INSERT);
         await this.asyncTaskService.startTask();
         return res;
@@ -148,6 +182,10 @@ __decorate([
     (0, core_1.Inject)(),
     __metadata("design:type", AsyncTaskService_1.AsyncTaskService)
 ], AsyncTaskController.prototype, "asyncTaskService", void 0);
+__decorate([
+    (0, core_1.Inject)(),
+    __metadata("design:type", CrudStdService_1.CrudStdService)
+], AsyncTaskController.prototype, "crudStdService", void 0);
 __decorate([
     (0, core_1.Post)('/getMyTasks'),
     __metadata("design:type", Function),

package/dist/controller/gateway/CrudMtdGatewayController.js

@@ -23,6 +23,7 @@ const CurdProService_1 = require("../../service/curd/CurdProService");
 const CurdMixService_1 = require("../../service/curd/CurdMixService");
 const DatabaseName_1 = require("../../libs/crud-pro/utils/DatabaseName");
 const global_config_1 = require("../../libs/global-config/global-config");
+const functions_1 = require("../../libs/utils/functions");
 const QUERY_AS_LIST = ['condition', 'data'];
 function pickAsQuery(query_as_pick, query) {
     if (query_as_pick && typeof query_as_pick === 'string') {
@@ -48,7 +49,7 @@ let CrudMtdGatewayController = class CrudMtdGatewayController extends ApiBaseSer
             return common_dto_1.CommonResult.errorRes('method参数不存在');
         }
         const methodInfo = (await this.curdProService.getCachedCfgByMethod(methodCode));
-        if (!methodInfo || methodInfo.status !== 1 || methodInfo.deletedAt || methodInfo.deleted_at) {
+        if (!methodInfo || !(0, functions_1.isEntityOK)(methodInfo)) {
             return common_dto_1.CommonResult.errorRes('接口不存在或已下线: ' + methodCode);
         }
         this.logInfo('methodInfo=== ', methodInfo);

package/dist/controller/gateway/StaticController.d.ts

@@ -12,10 +12,8 @@ interface HttpGetRes {
 export declare class StaticController extends BaseApiController {
     protected ctx: Context;
     private getLocalPaths;
-    private initNotFoundList;
     private responseLocalFile;
     proxyStaticFile(ossName: string, relativePath: string): Promise<string>;
-    saveNotFoundList(): Promise<void>;
     httpsGet(url: string): Promise<HttpGetRes>;
     writeResponseToFile(httpsGetRes: HttpGetRes, localFilePath: string, localHeaderPath: string): Promise<void>;
     getMimeType(filePath: string): any;

package/dist/controller/gateway/StaticController.js

@@ -37,9 +37,8 @@ function getPathConfig(ossName) {
         remoteBaseUrl,
     };
 }
-// 404列表缓存
+// 404列表缓存: 只再内存中记录。重启后继续
 let notFoundList = new Set();
-let notFoundListIsInit = false;
 /**
  * 静态文件代理功能
  */
@@ -48,31 +47,10 @@ let StaticController = class StaticController extends BaseApiController_1.BaseAp
         const app = schedule_1.ANONYMOUS_CONTEXT.getApp();
         const appDir = app.getAppDir();
         const localDir = path.join(appDir, './public/static'); // 本地文件存储目录
-        const notFoundListFile = path.join(localDir, '__404__list.json'); // 404列表文件
         return {
             localDir,
-            notFoundListFile,
         };
     }
-    async initNotFoundList() {
-        if (notFoundListIsInit) {
-            return;
-        }
-        notFoundListIsInit = true;
-        const { localDir, notFoundListFile } = this.getLocalPaths();
-        try {
-            // 确保本地存储目录存在
-            await fs.mkdir(localDir, { recursive: true });
-            const data = await fs.readFile(notFoundListFile, 'utf8');
-            notFoundList = new Set(JSON.parse(data));
-            console.log(`已加载${notFoundList.size}个404记录`);
-        }
-        catch (error) {
-            if (error.code !== 'ENOENT') {
-                console.error('读取404列表失败:', error);
-            }
-        }
-    }
     async responseLocalFile(localFilePath, localHeaderPath, relativePath) {
         const headers = {
             'Cache-Control': 'public, max-age=31536000',
@@ -84,8 +62,10 @@ let StaticController = class StaticController extends BaseApiController_1.BaseAp
             if (stats.isFile()) {
                 const headerDataStr = await fs.readFile(localHeaderPath, 'utf8');
                 const headerData = (0, functions_1.parseJsonObject)(headerDataStr);
-                if (headerData) {
+                if (headerData && headerData['last-modified']) {
                     headers['last-modified'] = headerData['last-modified'];
+                }
+                if (headerData && headerData['etag']) {
                     headers['etag'] = headerData['etag'];
                 }
             }
@@ -117,7 +97,6 @@ let StaticController = class StaticController extends BaseApiController_1.BaseAp
         return false;
     }
     async proxyStaticFile(ossName, relativePath) {
-        await this.initNotFoundList();
         const { localDir } = this.getLocalPaths();
         const PATH_CONFIG = getPathConfig(ossName);
         // 构建本地路径和远程路径
@@ -149,7 +128,6 @@ let StaticController = class StaticController extends BaseApiController_1.BaseAp
             else if (remoteRes.statusCode === 404) {
                 // 记录404并返回
                 notFoundList.add(relativePath);
-                await this.saveNotFoundList();
                 this.logInfo(`[StaticController]远程文件不存在，已记录404: ${relativePath}`);
                 this.ctx.status = 404;
                 return this.ctx.render('500', { errorMsg: ' 远程文件不存在，已记录404' });
@@ -171,19 +149,6 @@ let StaticController = class StaticController extends BaseApiController_1.BaseAp
         this.ctx.status = 500;
         return this.ctx.render('500', { errorMsg: '未知异常' });
     }
-    // 保存404列表
-    async saveNotFoundList() {
-        const { notFoundListFile } = this.getLocalPaths();
-        try {
-            // 确保存储404列表的目录存在
-            const dir = path.dirname(notFoundListFile);
-            await fs.mkdir(dir, { recursive: true });
-            await fs.writeFile(notFoundListFile, JSON.stringify(Array.from(notFoundList), null), 'utf8');
-        }
-        catch (error) {
-            this.logError('[StaticController]保存404列表失败:', error);
-        }
-    }
     // 封装https请求为异步函数
     async httpsGet(url) {
         return new Promise((resolve, reject) => {

package/dist/controller/manage/AccountRoleManageApi.d.ts

@@ -1,10 +1,11 @@
 import { Context } from '@midwayjs/koa';
 import { BaseApiController } from '../base/BaseApiController';
+import { CommonResult } from '../../libs/utils/common-dto';
 export declare class AccountRoleManageApi extends BaseApiController {
     protected ctx: Context;
     getAccountRoleList(): Promise<import("../../libs/crud-pro/models/ExecuteContext").ExecuteContext>;
     getAccountRoleOne(): Promise<import("../../libs/crud-pro/models/ExecuteContext").ExecuteContext>;
-    createAccountRole(): Promise<import("../../libs/crud-pro/models/ExecuteContext").ExecuteContext>;
+    createAccountRole(): Promise<import("../../libs/crud-pro/models/ExecuteContext").ExecuteContext | CommonResult>;
     updateAccountRole(): Promise<import("../../libs/crud-pro/models/ExecuteContext").ExecuteContext>;
     deleteAccountRole(): Promise<import("../../libs/crud-pro/models/ExecuteContext").ExecuteContext>;
 }

package/dist/controller/manage/AccountRoleManageApi.js

@@ -18,6 +18,9 @@ const cacherefresh_middleware_1 = require("../../middleware/cacherefresh.middlew
 const bizmodels_1 = require("../../models/bizmodels");
 const SystemPerm_1 = require("../../models/SystemPerm");
 const CurdMixUtils_1 = require("../../service/curd/CurdMixUtils");
+const SystemTables_1 = require("../../models/SystemTables");
+const global_config_1 = require("../../libs/global-config/global-config");
+const common_dto_1 = require("../../libs/utils/common-dto");
 let AccountRoleManageApi = class AccountRoleManageApi extends BaseApiController_1.BaseApiController {
     async getAccountRoleList() {
         return this.executeSysSimpleSQL('sys_perm_user_role', keys_1.KeysOfSimpleSQL.SIMPLE_QUERY_PAGE, {
@@ -40,6 +43,37 @@ let AccountRoleManageApi = class AccountRoleManageApi extends BaseApiController_
         return this.executeSysSimpleSQL('sys_perm_user_role', keys_1.KeysOfSimpleSQL.SIMPLE_QUERY_ONE);
     }
     async createAccountRole() {
+        var _a, _b;
+        const { SystemDbName, SystemDbType } = global_config_1.GLOBAL_STATIC_CONFIG.getConfig();
+        const body = this.ctx.request.body;
+        const accountId = (_a = body.data) === null || _a === void 0 ? void 0 : _a.account_id;
+        const roleCode = (_b = body.data) === null || _b === void 0 ? void 0 : _b.role_code;
+        // 校验 account_id 是否存在
+        if (accountId) {
+            const accountInfoRes = await this.curdMixService.getQuickCrud({
+                sqlDatabase: SystemDbName,
+                sqlDbType: SystemDbType,
+                sqlTable: SystemTables_1.SystemTables.sys_user_account,
+            }).isExist({
+                condition: { account_id: accountId }
+            });
+            if (!accountInfoRes.exists) {
+                return common_dto_1.CommonResult.errorRes(`账户ID '${accountId}' 不存在`);
+            }
+        }
+        // 校验 role_code 是否存在
+        if (roleCode) {
+            const roleInfoRes = await this.curdMixService.getQuickCrud({
+                sqlDatabase: SystemDbName,
+                sqlDbType: SystemDbType,
+                sqlTable: SystemTables_1.SystemTables.sys_perm_role,
+            }).isExist({
+                condition: { role_code: roleCode }
+            });
+            if (!roleInfoRes.exists) {
+                return common_dto_1.CommonResult.errorRes(`角色编码 '${roleCode}' 不存在`);
+            }
+        }
         return this.executeSysSimpleSQL('sys_perm_user_role', keys_1.KeysOfSimpleSQL.SIMPLE_INSERT, {
             validateCfg: {
                 'data.account_id': [keys_1.KeysOfValidators.REQUIRED, keys_1.KeysOfValidators.STRING],

package/dist/controller/manage/UserAccountManageApi.js

@@ -13,13 +13,13 @@ exports.UserAccountManageApi = void 0;
 const core_1 = require("@midwayjs/core");
 const keys_1 = require("../../libs/crud-pro/models/keys");
 const BaseApiController_1 = require("../base/BaseApiController");
-const functions_1 = require("../../libs/utils/functions");
 const permission_middleware_1 = require("../../middleware/permission.middleware");
 const SystemPerm_1 = require("../../models/SystemPerm");
 const exceptions_1 = require("../../libs/crud-pro/exceptions");
 const SystemTables_1 = require("../../models/SystemTables");
 const global_config_1 = require("../../libs/global-config/global-config");
 const common_dto_1 = require("../../libs/utils/common-dto");
+const MixinUtils_1 = require("../../libs/crud-pro/utils/MixinUtils");
 const accountNameBlacklist = new Set(['sa', 'root', 'admin', 'superadmin', 'administrator', 'sys', 'sysop', 'schedule_user']);
 function checkAccountCreateBlacklist(value) {
     if (!value) {
@@ -73,16 +73,17 @@ let UserAccountManageApi = class UserAccountManageApi extends BaseApiController_
     }
     async createUserAccount() {
         const body = this.ctx.request.body;
-        body.data.account_id = (0, functions_1.createUniqueId)();
         const { generateUserAccountId } = global_config_1.GLOBAL_STATIC_CONFIG.getConfig();
         if (typeof generateUserAccountId === 'function') {
             body.data.account_id = await generateUserAccountId(body.data);
         }
+        else {
+            body.data.account_id = MixinUtils_1.MixinUtils.generateSnowflakeId();
+        }
         const result = await this.executeSysSimpleSQL(SystemTables_1.SystemTables.sys_user_account, keys_1.KeysOfSimpleSQL.SIMPLE_INSERT, {
             validateCfg: {
                 'data.login_name': LOGIN_NAME_VALIDATE,
                 'data.nick_name': [keys_1.KeysOfValidators.REQUIRED, keys_1.KeysOfValidators.STRING, 'length:2,20', checkAccountCreateBlacklist],
-                'data.avatar': [keys_1.KeysOfValidators.REQUIRED, keys_1.KeysOfValidators.STRING],
             },
         });
         return result;

package/dist/libs/crud-pro/models/keys.d.ts

@@ -8,6 +8,7 @@ export declare enum KeysOfFunCtx {
     CURRENT_VALUE = "$current",
     VISITOR = "visitor",
     VISITOR_ATTR = "visitor.",
+    VISITOR_AVATAR = "visitor.avatar",
     REQUEST = "req.",
     RESULT = "res."
 }

package/dist/libs/crud-pro/models/keys.js

@@ -13,6 +13,7 @@ var KeysOfFunCtx;
     KeysOfFunCtx["CURRENT_VALUE"] = "$current";
     KeysOfFunCtx["VISITOR"] = "visitor";
     KeysOfFunCtx["VISITOR_ATTR"] = "visitor.";
+    KeysOfFunCtx["VISITOR_AVATAR"] = "visitor.avatar";
     KeysOfFunCtx["REQUEST"] = "req.";
     KeysOfFunCtx["RESULT"] = "res.";
 })(KeysOfFunCtx = exports.KeysOfFunCtx || (exports.KeysOfFunCtx = {}));

package/dist/libs/crud-pro/services/CrudProExecuteFuncService.js

@@ -82,8 +82,8 @@ class CrudProExecuteFuncService extends CrudProServiceBase_1.CrudProServiceBase
         if (pickString.startsWith(keys_1.KeysOfFunCtx.VISITOR_ATTR)) {
             const reqModel = funcCtx === null || funcCtx === void 0 ? void 0 : funcCtx.reqModel;
             const attrValue = _.get(reqModel, pickString); // visitor.nickName
-            if (isNil(attrValue)) {
-                throw new exceptions_1.CommonException(exceptions_1.Exceptions.RUN_PICK_ERR_VISITOR_NULL, '获取用户ID失败, 可能用户没有登陆');
+            if (isNil(attrValue) && ![`${keys_1.KeysOfFunCtx.VISITOR_AVATAR}`].includes(pickString)) {
+                throw new exceptions_1.CommonException(exceptions_1.Exceptions.RUN_PICK_ERR_VISITOR_NULL, '获取用户字段${pickString}失败, 可能用户没有登陆');
             }
             return attrValue;
         }

package/dist/libs/crud-pro/services/CrudProFieldUpdateService.js

@@ -43,6 +43,9 @@ class CrudProFieldUpdateService extends CrudProServiceBase_1.CrudProServiceBase
         }
         catch (e) {
             this.logger.error('getUpdateNewValueByCfg->executeFuncCfg', e);
+            if (e instanceof exceptions_1.CommonException) {
+                throw e;
+            }
             throw new exceptions_1.CommonException(exceptions_1.Exceptions.UPDATE_EXCEPTION, key + '.' + e);
         }
         return result;

package/dist/libs/crud-pro/services/CrudProTableMetaService.js

@@ -142,11 +142,11 @@ class CrudProTableMetaService extends CrudProServiceBase_1.CrudProServiceBase {
     async loadMySQLAllTableInfos(query) {
         const dbUtil = { sqlDatabase: query.sqlDatabase, sqlDbType: query.sqlDbType };
         // 获取物理表
-        const tableSql = `SHOW TABLES FROM ${query.sqlDatabase}`;
+        const tableSql = `SHOW TABLES`;
         const tableRes = await this.executeUnsafeQuery(dbUtil, tableSql);
         const tableNames = (tableRes.rows || []).map((row) => Object.values(row)[0]);
         // 获取视图
-        const viewSql = `SHOW FULL TABLES FROM ${query.sqlDatabase} WHERE Table_type = 'VIEW'`;
+        const viewSql = `SHOW FULL TABLES WHERE Table_type = 'VIEW'`;
         const viewRes = await this.executeUnsafeQuery(dbUtil, viewSql);
         const viewNames = (viewRes.rows || []).map((row) => Object.values(row)[0]);
         const tables = [

package/dist/libs/crud-pro/utils/DatabaseName.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.toDatabaseNameStr = exports.parseDatabaseName = exports.SPLIT_CONST = void 0;
 const keys_1 = require("../models/keys");
+const global_config_1 = require("../../global-config/global-config");
 const SPLIT_CONST = '_________';
 exports.SPLIT_CONST = SPLIT_CONST;
 const PREFIX_MYSQL = `${keys_1.SqlDbType.mysql}${SPLIT_CONST}`;
@@ -27,6 +28,16 @@ function parseDatabaseName(databaseName) {
             dbName: dbNameArr[1],
         };
     }
+    const gConfig = global_config_1.GLOBAL_STATIC_CONFIG.getConfig();
+    // 访问系统库
+    if (databaseName === 'fatcms' || databaseName === gConfig.SystemDbName) {
+        if (dbNameArr.length === 1) {
+            return {
+                dbType: gConfig.SystemDbType,
+                dbName: dbNameArr[0],
+            };
+        }
+    }
     if (dbNameArr.length === 1) {
         return {
             dbType: keys_1.SqlDbType.mysql,

package/dist/libs/crud-pro/utils/DateTimeUtils.js

@@ -8,7 +8,7 @@ const DateTimeUtils = {
         return Date.now();
     },
     getCurrentTimeString() {
-        return moment().format('YYYY-MM-DD HH:mm:ss');
+        return moment().format('YYYY-MM-DD HH:mm:ss.SSS');
     },
     // 以秒为单位的时间戳
     getCurrentTimeStampSecond() {

package/dist/libs/utils/functions.d.ts

@@ -8,4 +8,11 @@ declare function getCurrentFullMoment(): string;
  * @returns 仅包含 ASCII 字符返回 true，否则返回 false；非字符串输入返回 false
  */
 declare function isOnlyAscii(str: string): boolean;
-export { createUniqueId, parseJsonObject, parseStringTrimArray, getCurrentFullMoment, isOnlyAscii };
+/**
+ * 如果entity不存在删除属性或属性为0，表示未删除
+ * @param entity
+ * @returns
+ */
+declare function isEntityDeleted(entity: any): boolean;
+declare function isEntityOK(entity: any): boolean;
+export { createUniqueId, parseJsonObject, parseStringTrimArray, getCurrentFullMoment, isOnlyAscii, isEntityDeleted, isEntityOK };

package/dist/libs/utils/functions.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isOnlyAscii = exports.getCurrentFullMoment = exports.parseStringTrimArray = exports.parseJsonObject = exports.createUniqueId = void 0;
+exports.isEntityOK = exports.isEntityDeleted = exports.isOnlyAscii = exports.getCurrentFullMoment = exports.parseStringTrimArray = exports.parseJsonObject = exports.createUniqueId = void 0;
 const md5 = require("md5");
 const moment = require("moment");
 let createUniqueIdIndex = 0;
@@ -97,3 +97,28 @@ function isOnlyAscii(str) {
     return true;
 }
 exports.isOnlyAscii = isOnlyAscii;
+/**
+ * 如果entity不存在删除属性或属性为0，表示未删除
+ * @param entity
+ * @returns
+ */
+function isEntityDeleted(entity) {
+    if (!entity) {
+        return true;
+    }
+    const deletedAt = Number(entity.deleted_at);
+    if (deletedAt && deletedAt > 0) {
+        return true;
+    }
+    const deletedAt2 = Number(entity.deletedAt);
+    if (deletedAt2 && deletedAt2 > 0) {
+        return true;
+    }
+    return false;
+}
+exports.isEntityDeleted = isEntityDeleted;
+function isEntityOK(entity) {
+    const isOK = (entity === null || entity === void 0 ? void 0 : entity.status) === 1 || (entity === null || entity === void 0 ? void 0 : entity.status) === '1';
+    return isOK && !isEntityDeleted(entity);
+}
+exports.isEntityOK = isEntityOK;

package/dist/service/AuthService.js

@@ -119,7 +119,7 @@ let AuthService = class AuthService extends BaseService_1.BaseService {
         const { publicKey, privateKey } = await AsymmetricCrypto_1.AsymmetricCrypto.generateKeyPair();
         const sessionInfo = {
             nickName: userAccount.nick_name,
-            avatar: userAccount.avatar,
+            avatar: userAccount.avatar || "",
             roleCodes,
             functionCodes,
             loginName,

package/dist/service/crudstd/CrudStdService.d.ts

@@ -2,7 +2,7 @@ import { Context } from '@midwayjs/koa';
 import { CurdMixService } from '../curd/CurdMixService';
 import { IRequestModel } from '../../libs/crud-pro/interfaces';
 import { KeysOfSimpleSQL } from '../../libs/crud-pro/models/keys';
-import { ICrudStdAppInfo } from '../../models/bizmodels';
+import { ICrudStdAppInfo, ICrudStdAppInfoForSettingKey } from '../../models/bizmodels';
 import { ExecuteContext } from '../../libs/crud-pro/models/ExecuteContext';
 import { CrudStdActionService } from './CrudStdActionService';
 import { CrudStdRelationService } from './CrudStdRelationService';
@@ -37,9 +37,8 @@ export declare class CrudStdService extends ApiBaseService {
      * 获取appInfo 并且拿到当前settingKey相关的信息
      * @param appCode
      * @param settingKey
-     * @private
      */
-    private getParsedCrudStdAppForSettingKey;
+    getParsedCrudStdAppForSettingKey(stdAction: ICrudStdActionParams): Promise<ICrudStdAppInfoForSettingKey>;
     /**
      * 执行动作
      * @param stdAction

package/dist/service/crudstd/CrudStdService.js

@@ -68,6 +68,9 @@ let CrudStdService = class CrudStdService extends ApiBaseService_1.ApiBaseServic
         const stdCrudCfgObj = appInfo.stdCrudCfgObj;
         //删除策略
         const deleteStrategy = _.get(stdCrudCfgObj, 'othersSetting.values.deleteStrategy');
+        // 自动
+        const enableStandardUpdateCfg = _.get(stdCrudCfgObj, 'othersSetting.values.enableStandardUpdateCfg');
+        const enableStandardUpdateCfgCondition = _.get(stdCrudCfgObj, 'othersSetting.values.enableStandardUpdateCfgCondition');
         const databaseName = stdCrudCfgObj.tableBaseInfo.databaseName;
         const { dbType, dbName } = (0, DatabaseName_1.parseDatabaseName)(databaseName);
         const cfgModel = {
@@ -76,7 +79,9 @@ let CrudStdService = class CrudStdService extends ApiBaseService_1.ApiBaseServic
             sqlTable: getExecuteTableNameBySettingKey(appInfo, stdAction, sqlSimpleName),
             sqlSimpleName,
             updateCfg: {},
-            enableSoftDelete: deleteStrategy === 'soft' // 软删除
+            enableSoftDelete: deleteStrategy === 'soft',
+            enableStandardUpdateCfg: Array.isArray(enableStandardUpdateCfg) && enableStandardUpdateCfg.length > 0 ? enableStandardUpdateCfg : ['by', 'at'],
+            enableStandardUpdateCfgCondition: Array.isArray(enableStandardUpdateCfgCondition) && enableStandardUpdateCfgCondition.length > 0 ? enableStandardUpdateCfgCondition : false, // 默认为false
         };
         // 接口返回最大值
         const maxLimit = _.get(stdCrudCfgObj, 'othersSetting.values.maxLimit');
@@ -152,7 +157,6 @@ let CrudStdService = class CrudStdService extends ApiBaseService_1.ApiBaseServic
      * 获取appInfo 并且拿到当前settingKey相关的信息
      * @param appCode
      * @param settingKey
-     * @private
      */
     async getParsedCrudStdAppForSettingKey(stdAction) {
         const { appCode, settingKey, buttonSettingKey } = stdAction || {};

package/dist/service/curd/fixCfgModel.js

@@ -30,7 +30,7 @@ function fixCfgModel(cfgModel) {
             return enableStandardUpdateCfg;
         }
         // update 、insert 添加 by
-        return ['by']; // 创建/修改语句默认添加by
+        return ['by', 'at']; // 创建/修改语句默认添加by
     };
     const getConditionCfgArray = () => {
         // 明确有配置
@@ -47,10 +47,12 @@ function fixCfgModel(cfgModel) {
     const mapping = {
         'condition.created_by': { contextAsString: bizmodels_1.CTX_VISITOR_ID },
         'condition.created_account_type': { contextAsString: bizmodels_1.CTX_VISITOR_ACCOUNT_TYPE },
+        'data.created_at': { functionName: 'getCurrentTimeString' },
         'data.created_by': { contextAsString: bizmodels_1.CTX_VISITOR_ID },
         'data.created_avatar': { contextAsString: bizmodels_1.CTX_VISITOR_AVATAR },
         'data.created_nickname': { contextAsString: bizmodels_1.CTX_VISITOR_NICKNAME },
         'data.created_account_type': { contextAsString: bizmodels_1.CTX_VISITOR_ACCOUNT_TYPE },
+        'data.modified_at': { functionName: 'getCurrentTimeString' },
         'data.modified_by': { contextAsString: bizmodels_1.CTX_VISITOR_ID },
         'data.modified_avatar': { contextAsString: bizmodels_1.CTX_VISITOR_AVATAR },
         'data.modified_nickname': { contextAsString: bizmodels_1.CTX_VISITOR_NICKNAME },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "midway-fatcms",
-  "version": "0.0.10",
+  "version": "0.0.12",
   "description": "This is a midway component sample",
   "main": "dist/index.js",
   "typings": "index.d.ts",

package/src/configuration.ts

@@ -1,4 +1,4 @@
-import { Configuration, App, Inject } from '@midwayjs/core';
+import { Configuration, App } from '@midwayjs/core';
 import * as koa from '@midwayjs/koa';
 import * as validate from '@midwayjs/validate';
 import * as info from '@midwayjs/info';
@@ -45,9 +45,6 @@ export class ContainerLifeCycle {
   @App()
   app: koa.Application;
 
-  @Inject()
-  redisService: RedisService;
-
   async onConfigLoad(): Promise<any> {
     const config = this.app.getConfig();
     const logger = this.app.getLogger();
@@ -110,13 +107,23 @@ export class ContainerLifeCycle {
    * 会通过 Redis 广播通知所有节点刷新缓存。
    */
   private async initCacheRefreshRedis() {
-    try {
-      initCacheRefreshPublishClient(this.redisService);
-      initCacheRefreshSubscriber(this.redisService);
-    } catch (e) {
-      // Redis 未配置或不可用时，降级为单节点模式（仅刷新本节点缓存）
-      this.app.getLogger().warn('ContainerLifeCycle ==> initCacheRefreshRedis Redis不可用，降级为单节点模式:', e.message);
-    }
+    setTimeout(async () => {
+
+      const app = this.app;
+      const ctx: koa.IMidwayKoaContext = app.createAnonymousContext();
+      const redisService = await ctx.requestContext.getAsync(RedisService);
+
+      try {
+        initCacheRefreshPublishClient(redisService);
+        initCacheRefreshSubscriber(redisService);
+        this.app.getLogger().info('ContainerLifeCycle ==> initCacheRefreshRedis success');        
+      } catch (e) {
+        // Redis 未配置或不可用时，降级为单节点模式（仅刷新本节点缓存）
+        this.app.getLogger().warn('ContainerLifeCycle ==> initCacheRefreshRedis Redis不可用，降级为单节点模式:', e.message);
+      }
+
+    }, 1000 * 60);
+
   }
 
   /**

package/src/controller/gateway/AsyncTaskController.ts

@@ -1,5 +1,6 @@
 import * as fs from 'fs';
 import * as fs2 from 'node:fs/promises';
+import * as md5 from 'md5';
 import { Controller, Inject, Post, Query, Get } from '@midwayjs/core';
 import { Context } from '@midwayjs/koa';
 import { BaseApiController } from '../base/BaseApiController';
@@ -10,6 +11,8 @@ import { SystemTables } from '@/models/SystemTables';
 import { CommonException } from '@/libs/crud-pro/exceptions';
 import { checkLogin } from '@/middleware/permission.middleware';
 import { parseJsonObject } from '@/libs/utils/functions';
+import { CrudStdService, ICrudStdActionParams } from '@/service/crudstd/CrudStdService';
+import { BizException } from '@/models/devops';
 
 function fixMyTasksCondition(body: any, ctx: Context) {
   if (!body.condition) {
@@ -34,6 +37,31 @@ function fixCancelBodyData(body: any, id: number) {
   body.data = dataObj;
 }
 
+/**
+ * 验证 STD_CRUD 类型的异步任务权限
+ * 根据 settingKey 配置的权限项进行鉴权
+ */
+async function validateStdCrudTaskPermission(
+  crudStdService: CrudStdService,
+  inputParams: any
+): Promise<void> {
+  if (inputParams.appType !== 'STD_CRUD' || !inputParams.settingKey) {
+    return; // 非 STD_CRUD 类型或无 settingKey，无需鉴权
+  }
+
+  const stdAction: ICrudStdActionParams = {
+    appCode: inputParams.appCode,
+    settingKey: inputParams.settingKey,
+  }; 
+  const appInfo = await crudStdService.getParsedCrudStdAppForSettingKey(stdAction);
+  if (!appInfo || appInfo.status !== 1) {
+    throw new BizException('应用不存在或已下线：' + inputParams.appCode);
+  }
+  if (!appInfo.settingKeyActionCfg?.hasOperationPerm) {
+    throw new BizException('没有操作权限：settingKey=' + inputParams.settingKey);
+  }
+}
+
 function fixCreateBodyData(body: any, ctx: Context) {
   if (!body.data) {
     throw new CommonException('参数不正确');
@@ -49,6 +77,11 @@ function fixCreateBodyData(body: any, ctx: Context) {
     host: headers.host,
     origin: headers.origin,
   };
+  dataObj.task_uuid = md5(JSON.stringify({
+    input_params: input_params,
+    created_by: sessionInfo.accountId,
+    created_time: Date.now(),
+  }));
   dataObj.task_status = SysAsyncTaskStatus.PENDING;
   dataObj.created_by = sessionInfo.accountId;
   dataObj.created_user_session = JSON.stringify(sessionInfo); // 创建人的session信息。用于执行时的鉴权。
@@ -66,6 +99,9 @@ export class AsyncTaskController extends BaseApiController {
   @Inject()
   private asyncTaskService: AsyncTaskService;
 
+  @Inject()
+  private crudStdService: CrudStdService;
+
   // 获取任务列表
   @Post('/getMyTasks')
   async getMyTasks() {
@@ -76,10 +112,15 @@ export class AsyncTaskController extends BaseApiController {
   // 创建任务
   @Post('/createTask')
   async createTask() {
-    //每个用户：5秒内只能创建1次任务
+    // 每个用户：5秒内只能创建1次任务
     await this.checkUserActionTimeLimit('AsyncTaskController_createTask', 5);
 
-    fixCreateBodyData(this.ctx.request.body, this.ctx);
+    // 解析 input_params 并进行权限鉴权
+    const body = this.ctx.request.body as any;
+    const inputParams = parseJsonObject(body.data?.input_params) || {};
+    await validateStdCrudTaskPermission(this.crudStdService, inputParams);
+
+    fixCreateBodyData(body, this.ctx);
     const res = await this.executeSysSimpleSQL(SystemTables.sys_async_tasks, KeysOfSimpleSQL.SIMPLE_INSERT);
     await this.asyncTaskService.startTask();
     return res;

package/src/controller/gateway/CrudMtdGatewayController.ts

@@ -10,6 +10,7 @@ import { CurdMixService } from '@/service/curd/CurdMixService';
 import { IRequestCfgModel2 } from '@/models/bizmodels';
 import { parseDatabaseName } from '@/libs/crud-pro/utils/DatabaseName';
 import { GLOBAL_STATIC_CONFIG } from '@/libs/global-config/global-config';
+import { isEntityOK } from '@/libs/utils/functions';
 
 const QUERY_AS_LIST = ['condition', 'data'];
 
@@ -53,7 +54,7 @@ export class CrudMtdGatewayController extends ApiBaseService {
     }
 
     const methodInfo = (await this.curdProService.getCachedCfgByMethod(methodCode)) as any;
-    if (!methodInfo || methodInfo.status !== 1 || methodInfo.deletedAt || methodInfo.deleted_at) {
+    if (!methodInfo || !isEntityOK(methodInfo)) {
       return CommonResult.errorRes('接口不存在或已下线: ' + methodCode);
     }
 

package/src/controller/gateway/StaticController.ts

@@ -31,9 +31,8 @@ function getPathConfig(ossName: string) {
   };
 }
 
-// 404列表缓存
+// 404列表缓存: 只再内存中记录。重启后继续
 let notFoundList = new Set();
-let notFoundListIsInit = false;
 
 /**
  * 静态文件代理功能
@@ -47,33 +46,11 @@ export class StaticController extends BaseApiController {
     const app = ANONYMOUS_CONTEXT.getApp();
     const appDir = app.getAppDir();
     const localDir = path.join(appDir, './public/static'); // 本地文件存储目录
-    const notFoundListFile = path.join(localDir, '__404__list.json'); // 404列表文件
     return {
       localDir,
-      notFoundListFile,
     };
   }
 
-  private async initNotFoundList() {
-    if (notFoundListIsInit) {
-      return;
-    }
-    notFoundListIsInit = true;
-
-    const { localDir, notFoundListFile } = this.getLocalPaths();
-    try {
-      // 确保本地存储目录存在
-      await fs.mkdir(localDir, { recursive: true });
-      const data = await fs.readFile(notFoundListFile, 'utf8');
-
-      notFoundList = new Set(JSON.parse(data));
-      console.log(`已加载${notFoundList.size}个404记录`);
-    } catch (error) {
-      if (error.code !== 'ENOENT') {
-        console.error('读取404列表失败:', error);
-      }
-    }
-  }
 
   private async responseLocalFile(localFilePath: string, localHeaderPath: string, relativePath: string): Promise<boolean> {
     const headers = {
@@ -87,13 +64,18 @@ export class StaticController extends BaseApiController {
       if (stats.isFile()) {
         const headerDataStr = await fs.readFile(localHeaderPath, 'utf8');
         const headerData = parseJsonObject(headerDataStr);
-        if (headerData) {
+
+        if (headerData && headerData['last-modified']) {
           headers['last-modified'] = headerData['last-modified'];
+        }
+
+        if (headerData && headerData['etag']) {
           headers['etag'] = headerData['etag'];
         }
+
       }
     } catch (error) {
-      this.logDebug('[StaticController]responseLocalFile not found header file => ' + localHeaderPath );
+      this.logDebug('[StaticController]responseLocalFile not found header file => ' + localHeaderPath);
     }
 
     try {
@@ -125,7 +107,7 @@ export class StaticController extends BaseApiController {
 
   @All('/:ossName/:relativePath+')
   async proxyStaticFile(@Param('ossName') ossName: string, @Param('relativePath') relativePath: string) {
-    await this.initNotFoundList();
+
     const { localDir } = this.getLocalPaths();
     const PATH_CONFIG = getPathConfig(ossName);
 
@@ -161,9 +143,10 @@ export class StaticController extends BaseApiController {
           return;
         }
       } else if (remoteRes.statusCode === 404) {
+
         // 记录404并返回
         notFoundList.add(relativePath);
-        await this.saveNotFoundList();
+
         this.logInfo(`[StaticController]远程文件不存在，已记录404: ${relativePath}`);
         this.ctx.status = 404;
         return this.ctx.render('500', { errorMsg: ' 远程文件不存在，已记录404' });
@@ -185,19 +168,7 @@ export class StaticController extends BaseApiController {
     return this.ctx.render('500', { errorMsg: '未知异常' });
   }
 
-  // 保存404列表
-  async saveNotFoundList() {
-    const { notFoundListFile } = this.getLocalPaths();
-    try {
-      // 确保存储404列表的目录存在
-      const dir = path.dirname(notFoundListFile);
-      await fs.mkdir(dir, { recursive: true });
 
-      await fs.writeFile(notFoundListFile, JSON.stringify(Array.from(notFoundList), null), 'utf8');
-    } catch (error) {
-      this.logError('[StaticController]保存404列表失败:', error);
-    }
-  }
 
   // 封装https请求为异步函数
   async httpsGet(url: string): Promise<HttpGetRes> {

package/src/controller/manage/AccountRoleManageApi.ts

@@ -7,6 +7,9 @@ import { refreshCache } from '@/middleware/cacherefresh.middleware';
 import { CacheNameEnum } from '@/models/bizmodels';
 import { SystemFuncCode } from '@/models/SystemPerm';
 import { RelatedType } from '@/service/curd/CurdMixUtils';
+import { SystemTables } from '@/models/SystemTables';
+import { GLOBAL_STATIC_CONFIG } from '@/libs/global-config/global-config';
+import { CommonResult } from '@/libs/utils/common-dto';
 
 @Controller('/ns/api/manage/accountRole', { middleware: [checkPermission(SystemFuncCode.AccountRoleManageRead)] })
 export class AccountRoleManageApi extends BaseApiController {
@@ -39,6 +42,41 @@ export class AccountRoleManageApi extends BaseApiController {
 
   @Post('/createAccountRole', { middleware: [checkPermission(SystemFuncCode.AccountRoleManageWrite), refreshCache(CacheNameEnum.CurdMixByAccount)] })
   async createAccountRole() {
+    const { SystemDbName, SystemDbType } = GLOBAL_STATIC_CONFIG.getConfig();
+    const body = this.ctx.request.body as any;
+    const accountId = body.data?.account_id;
+    const roleCode = body.data?.role_code;
+
+    // 校验 account_id 是否存在
+    if (accountId) {
+      const accountInfoRes = await this.curdMixService.getQuickCrud({
+        sqlDatabase: SystemDbName,
+        sqlDbType: SystemDbType,
+        sqlTable: SystemTables.sys_user_account,
+      }).isExist({
+        condition: { account_id: accountId }
+      });
+      
+      if (!accountInfoRes.exists) {
+        return CommonResult.errorRes(`账户ID '${accountId}' 不存在`);
+      }
+    }
+
+    // 校验 role_code 是否存在
+    if (roleCode) {
+      const roleInfoRes = await this.curdMixService.getQuickCrud({
+        sqlDatabase: SystemDbName,
+        sqlDbType: SystemDbType,
+        sqlTable: SystemTables.sys_perm_role,
+      }).isExist({
+        condition: { role_code: roleCode }
+      });
+      
+      if (!roleInfoRes.exists) {
+        return CommonResult.errorRes(`角色编码 '${roleCode}' 不存在`);
+      }
+    }
+
     return this.executeSysSimpleSQL('sys_perm_user_role', KeysOfSimpleSQL.SIMPLE_INSERT, {
       validateCfg: {
         'data.account_id': [KeysOfValidators.REQUIRED, KeysOfValidators.STRING],

package/src/controller/manage/UserAccountManageApi.ts

@@ -2,13 +2,13 @@ import { Controller, Inject, Post } from '@midwayjs/core';
 import { Context } from '@midwayjs/koa';
 import { KeysOfSimpleSQL, KeysOfValidators } from '../../libs/crud-pro/models/keys';
 import { BaseApiController } from '../base/BaseApiController';
-import { createUniqueId } from '../../libs/utils/functions';
 import { checkPermission } from '../../middleware/permission.middleware';
 import { SystemFuncCode } from '../../models/SystemPerm';
 import { CommonException, Exceptions } from '../../libs/crud-pro/exceptions';
 import { SystemTables } from '../../models/SystemTables';
 import { GLOBAL_STATIC_CONFIG } from '@/libs/global-config/global-config';
 import { CommonResult } from "@/libs/utils/common-dto";
+import { MixinUtils } from '@/libs/crud-pro/utils/MixinUtils';
 
 const accountNameBlacklist = new Set(['sa', 'root', 'admin', 'superadmin', 'administrator', 'sys', 'sysop', 'schedule_user']);
 function checkAccountCreateBlacklist(value: string) {
@@ -80,23 +80,24 @@ export class UserAccountManageApi extends BaseApiController {
   @Post('/createUserAccount', { middleware: [checkPermission(SystemFuncCode.UserAccountMangeWrite)] })
   async createUserAccount() {
     const body = this.ctx.request.body as any;
-    body.data.account_id = createUniqueId();
 
     const { generateUserAccountId } = GLOBAL_STATIC_CONFIG.getConfig();
     if (typeof generateUserAccountId === 'function') {
       body.data.account_id = await generateUserAccountId(body.data);
+    } else {
+      body.data.account_id = MixinUtils.generateSnowflakeId();
     }
 
     const result = await this.executeSysSimpleSQL(SystemTables.sys_user_account, KeysOfSimpleSQL.SIMPLE_INSERT, {
       validateCfg: {
         'data.login_name': LOGIN_NAME_VALIDATE,
         'data.nick_name': [KeysOfValidators.REQUIRED, KeysOfValidators.STRING, 'length:2,20', checkAccountCreateBlacklist],
-        'data.avatar': [KeysOfValidators.REQUIRED, KeysOfValidators.STRING],
       },
     });
     return result;
   }
 
+
   @Post('/deleteUserAccount', { middleware: [checkPermission(SystemFuncCode.UserAccountMangeWrite)] })
   async deleteUserAccount() {
     const result = await this.executeSysSimpleSQL(SystemTables.sys_user_account, KeysOfSimpleSQL.SIMPLE_DELETE, {

package/src/libs/crud-pro/models/keys.ts

@@ -9,6 +9,7 @@ export enum KeysOfFunCtx {
   CURRENT_VALUE = '$current',
   VISITOR = 'visitor',
   VISITOR_ATTR = 'visitor.',
+  VISITOR_AVATAR = 'visitor.avatar',
   REQUEST = 'req.',
   RESULT = 'res.',
 }

package/src/libs/crud-pro/services/CrudProExecuteFuncService.ts

@@ -95,8 +95,9 @@ class CrudProExecuteFuncService extends CrudProServiceBase {
     if (pickString.startsWith(KeysOfFunCtx.VISITOR_ATTR)) {
       const reqModel = funcCtx?.reqModel;
       const attrValue = _.get(reqModel, pickString); // visitor.nickName
-      if (isNil(attrValue)) {
-        throw new CommonException(Exceptions.RUN_PICK_ERR_VISITOR_NULL, '获取用户ID失败, 可能用户没有登陆');
+      
+      if (isNil(attrValue) && ![`${KeysOfFunCtx.VISITOR_AVATAR}`].includes(pickString)) {
+        throw new CommonException(Exceptions.RUN_PICK_ERR_VISITOR_NULL, '获取用户字段${pickString}失败, 可能用户没有登陆');
       }
       return attrValue;
     }

package/src/libs/crud-pro/services/CrudProFieldUpdateService.ts

@@ -49,7 +49,12 @@ class CrudProFieldUpdateService extends CrudProServiceBase {
 
       result = this.serviceHub.executeFuncCfg(updateCfg, exeFunCtx);
     } catch (e) {
+
       this.logger.error('getUpdateNewValueByCfg->executeFuncCfg', e);
+      if (e instanceof CommonException) {
+        throw e;
+      }
+
       throw new CommonException(Exceptions.UPDATE_EXCEPTION, key + '.' + e);
     }
 

package/src/libs/crud-pro/services/CrudProTableMetaService.ts

@@ -166,12 +166,12 @@ class CrudProTableMetaService extends CrudProServiceBase {
     const dbUtil = { sqlDatabase: query.sqlDatabase, sqlDbType: query.sqlDbType } as IExecuteUnsafeQueryCtx;
 
     // 获取物理表
-    const tableSql = `SHOW TABLES FROM ${query.sqlDatabase}`;
+    const tableSql = `SHOW TABLES`;
     const tableRes = await this.executeUnsafeQuery(dbUtil, tableSql);
     const tableNames: string[] = (tableRes.rows || []).map((row: any) => Object.values(row)[0] as string);
 
     // 获取视图
-    const viewSql = `SHOW FULL TABLES FROM ${query.sqlDatabase} WHERE Table_type = 'VIEW'`;
+    const viewSql = `SHOW FULL TABLES WHERE Table_type = 'VIEW'`;
     const viewRes = await this.executeUnsafeQuery(dbUtil, viewSql);
     const viewNames: string[] = (viewRes.rows || []).map((row: any) => Object.values(row)[0] as string);
 

package/src/libs/crud-pro/utils/DatabaseName.ts

@@ -1,4 +1,5 @@
 import { SqlDbType } from '../models/keys';
+import { GLOBAL_STATIC_CONFIG } from '../../global-config/global-config'
 
 interface IDbTypeAndName {
   dbType: SqlDbType;
@@ -35,6 +36,17 @@ function parseDatabaseName(databaseName: string): IDbTypeAndName {
     };
   }
 
+  const gConfig = GLOBAL_STATIC_CONFIG.getConfig();
+  // 访问系统库
+  if (databaseName === 'fatcms' || databaseName === gConfig.SystemDbName) {
+    if (dbNameArr.length === 1) {
+      return {
+        dbType: gConfig.SystemDbType,
+        dbName: dbNameArr[0],
+      };
+    }
+  }
+
   if (dbNameArr.length === 1) {
     return {
       dbType: SqlDbType.mysql, // 默认

package/src/libs/crud-pro/utils/DateTimeUtils.ts

@@ -6,7 +6,7 @@ const DateTimeUtils = {
     return Date.now();
   },
   getCurrentTimeString(): string {
-    return moment().format('YYYY-MM-DD HH:mm:ss');
+    return moment().format('YYYY-MM-DD HH:mm:ss.SSS');
   },
   // 以秒为单位的时间戳
   getCurrentTimeStampSecond(): number {

package/src/libs/utils/functions.ts

@@ -7,7 +7,7 @@ function createUniqueId(): string {
   if (createUniqueIdIndex > Date.now()) {
     createUniqueIdIndex = 0;
   }
-  const p1 = md5(Date.now() + '' + Math.random() + '_' + createUniqueIdIndex + '_' +  Math.random());
+  const p1 = md5(Date.now() + '' + Math.random() + '_' + createUniqueIdIndex + '_' + Math.random());
   const p2 = `${Date.now().toString(32)}`.padStart(10, '0');
   const p3 = `${createUniqueIdIndex.toString(32)}`.padStart(10, '0');
   return p1 + p2 + p3;
@@ -106,4 +106,36 @@ function isOnlyAscii(str: string): boolean {
 }
 
 
-export { createUniqueId, parseJsonObject, parseStringTrimArray, getCurrentFullMoment , isOnlyAscii };
+/**
+ * 如果entity不存在删除属性或属性为0，表示未删除
+ * @param entity 
+ * @returns 
+ */
+function isEntityDeleted(entity: any): boolean {
+  if (!entity) {
+    return true;
+  }
+
+  const deletedAt = Number(entity.deleted_at);
+  if (deletedAt && deletedAt > 0) {
+    return true;
+  }
+
+  const deletedAt2 = Number(entity.deletedAt);
+  if (deletedAt2 && deletedAt2 > 0) {
+    return true;
+  }
+  return false;
+}
+
+
+function isEntityOK(entity: any): boolean {
+  const isOK = entity?.status === 1 ||  entity?.status === '1';
+  return isOK && !isEntityDeleted(entity); 
+}
+
+
+
+
+
+export { createUniqueId, parseJsonObject, parseStringTrimArray, getCurrentFullMoment, isOnlyAscii, isEntityDeleted, isEntityOK };

package/src/service/AuthService.ts

@@ -142,8 +142,8 @@ export class AuthService extends BaseService {
     const { publicKey, privateKey } = await AsymmetricCrypto.generateKeyPair();
 
     const sessionInfo: ISessionInfo = {
-      nickName: userAccount.nick_name,
-      avatar: userAccount.avatar,
+      nickName: userAccount.nick_name ,
+      avatar: userAccount.avatar || "",
       roleCodes,
       functionCodes,
       loginName,

package/src/service/crudstd/CrudStdService.ts

@@ -103,6 +103,9 @@ export class CrudStdService extends ApiBaseService {
 
     //删除策略
     const deleteStrategy = _.get(stdCrudCfgObj, 'othersSetting.values.deleteStrategy');
+    // 自动
+    const enableStandardUpdateCfg: string[] = _.get(stdCrudCfgObj, 'othersSetting.values.enableStandardUpdateCfg');
+    const enableStandardUpdateCfgCondition: string[] = _.get(stdCrudCfgObj, 'othersSetting.values.enableStandardUpdateCfgCondition');
 
     const databaseName = stdCrudCfgObj.tableBaseInfo.databaseName;
 
@@ -114,7 +117,9 @@ export class CrudStdService extends ApiBaseService {
       sqlTable: getExecuteTableNameBySettingKey(appInfo, stdAction, sqlSimpleName),
       sqlSimpleName,
       updateCfg: {},
-      enableSoftDelete: deleteStrategy === 'soft' // 软删除
+      enableSoftDelete: deleteStrategy === 'soft', // 软删除
+      enableStandardUpdateCfg: Array.isArray(enableStandardUpdateCfg) && enableStandardUpdateCfg.length > 0 ? enableStandardUpdateCfg : ['by', 'at'], // 默认为 ['by', 'at']
+      enableStandardUpdateCfgCondition: Array.isArray(enableStandardUpdateCfgCondition) && enableStandardUpdateCfgCondition.length > 0 ? enableStandardUpdateCfgCondition : false, // 默认为false
     };
 
     // 接口返回最大值
@@ -216,9 +221,8 @@ export class CrudStdService extends ApiBaseService {
    * 获取appInfo 并且拿到当前settingKey相关的信息
    * @param appCode
    * @param settingKey
-   * @private
    */
-  private async getParsedCrudStdAppForSettingKey(stdAction: ICrudStdActionParams): Promise<ICrudStdAppInfoForSettingKey> {
+  public async getParsedCrudStdAppForSettingKey(stdAction: ICrudStdActionParams): Promise<ICrudStdAppInfoForSettingKey> {
     const { appCode, settingKey, buttonSettingKey } = stdAction || {};
     if (!appCode) {
       throw new BizException('缺少参数:curdStdAppCode');

package/src/service/curd/fixCfgModel.ts

@@ -34,7 +34,7 @@ function fixCfgModel(cfgModel: IRequestCfgModel2) {
       return enableStandardUpdateCfg;
     }
     // update 、insert 添加 by
-    return ['by']; // 创建/修改语句默认添加by
+    return ['by', 'at']; // 创建/修改语句默认添加by
   };
 
   const getConditionCfgArray = () => {
@@ -55,11 +55,13 @@ function fixCfgModel(cfgModel: IRequestCfgModel2) {
     'condition.created_by': { contextAsString: CTX_VISITOR_ID },
     'condition.created_account_type': { contextAsString: CTX_VISITOR_ACCOUNT_TYPE },
 
+    'data.created_at': { functionName: 'getCurrentTimeString' },
     'data.created_by': { contextAsString: CTX_VISITOR_ID },
     'data.created_avatar': { contextAsString: CTX_VISITOR_AVATAR },
     'data.created_nickname': { contextAsString: CTX_VISITOR_NICKNAME },
     'data.created_account_type': { contextAsString: CTX_VISITOR_ACCOUNT_TYPE },
 
+    'data.modified_at': { functionName: 'getCurrentTimeString' },
     'data.modified_by': { contextAsString: CTX_VISITOR_ID },
     'data.modified_avatar': { contextAsString: CTX_VISITOR_AVATAR },
     'data.modified_nickname': { contextAsString: CTX_VISITOR_NICKNAME },