fix user tmpfile permission

backend/global/regex.go

@@ -63,18 +63,14 @@ func (u *UserDatabase) SetUserRegex(id int, reg *Regex) error {
 }
 
 // GetUserRegex default newRegex()
-func (u *UserDatabase) GetUserRegex(id int) (*Regex, error) {
-	user, err := UserDB.GetUserByID(id)
-	if err != nil {
-		return nil, err
-	}
-	if !user.IsSuper() || id != *user.ID {
+func (u *UserDatabase) GetUserRegex(oper *User, id int) (*Regex, error) {
+	if !oper.IsSuper() && id != *oper.ID {
 		return nil, ErrInvalidRole
 	}
 	u.mu.RLock()
 	reg, _ := sql.Find[Regex](&u.db, UserTableRegex, "WHERE ID="+strconv.Itoa(id))
 	u.mu.RUnlock()
-	reg.ID = *user.ID
+	reg.ID = *oper.ID
 	rf := reflect.ValueOf(&reg).Elem()
 	defaultrf := reflect.ValueOf(GetDefaultRegex())
 	for i := 1; i < rf.NumField(); i++ {

backend/paper.go

@@ -67,7 +67,7 @@ func init() {
 			writeresult(w, codeError, nil, err.Error(), typeError)
 			return
 		}
-		reg, err := global.UserDB.GetUserRegex(*user.ID)
+		reg, err := global.UserDB.GetUserRegex(user, id)
 		if err != nil {
 			writeresult(w, codeError, nil, err.Error(), typeError)
 			return

backend/regex.go

@@ -12,7 +12,7 @@ func getUserRegex(token string) (*global.Regex, error) {
 	if user == nil {
 		return nil, errInvalidToken
 	}
-	return global.UserDB.GetUserRegex(*user.ID)
+	return global.UserDB.GetUserRegex(user, *user.ID)
 }
 
 func init() {

backend/upload.go

@@ -99,10 +99,6 @@ func UploadHandler(w http.ResponseWriter, r *http.Request) {
 	ff, h, err = r.FormFile("paper")
 	if err == nil {
 		defer ff.Close()
-		if !user.IsFileManager() {
-			writeresult(w, codeError, nil, "no upload permission", typeError)
-			return
-		}
 		ct := h.Header.Get("Content-Type")
 		fn := h.Filename
 		logrus.Infoln("[file.UploadHandler] receive paper, name:", fn)

main.go

@@ -10,7 +10,6 @@ import (
 	"github.com/sirupsen/logrus"
 
 	"github.com/fumiama/paper-manager/backend"
-	"github.com/fumiama/paper-manager/frontend"
 )
 
 func line() int {
@@ -34,7 +33,7 @@ func main() {
 	http.HandleFunc("/file/", backend.FileHandler)
 	http.HandleFunc("/paper/", backend.PaperHandler)
 	http.HandleFunc("/upload", backend.UploadHandler)
-	http.Handle("/", frontend.StaticHandler)
+	//http.Handle("/", frontend.StaticHandler)
 
 	logrus.Infoln("[http.Serve] start at", l.Addr())
 	logrus.Errorln("[http.Serve]", http.Serve(l, nil))