From 9c9b6e4eae97f59ce84ddd901ec92d3cc1ad36fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=BA=90=E6=96=87=E9=9B=A8?=
 <41315874+fumiama@users.noreply.github.com>
Date: Wed, 10 May 2023 00:34:02 +0800
Subject: [PATCH] fix user tmpfile permission

---
 backend/global/regex.go | 10 +++-------
 backend/paper.go        |  2 +-
 backend/regex.go        |  2 +-
 backend/upload.go       |  4 ----
 main.go                 |  3 +--
 5 files changed, 6 insertions(+), 15 deletions(-)

diff --git a/backend/global/regex.go b/backend/global/regex.go
index 2224441..745cb25 100644
--- a/backend/global/regex.go
+++ b/backend/global/regex.go
@@ -63,18 +63,14 @@ func (u *UserDatabase) SetUserRegex(id int, reg *Regex) error {
 }
 
 // GetUserRegex default newRegex()
-func (u *UserDatabase) GetUserRegex(id int) (*Regex, error) {
-	user, err := UserDB.GetUserByID(id)
-	if err != nil {
-		return nil, err
-	}
-	if !user.IsSuper() || id != *user.ID {
+func (u *UserDatabase) GetUserRegex(oper *User, id int) (*Regex, error) {
+	if !oper.IsSuper() && id != *oper.ID {
 		return nil, ErrInvalidRole
 	}
 	u.mu.RLock()
 	reg, _ := sql.Find[Regex](&u.db, UserTableRegex, "WHERE ID="+strconv.Itoa(id))
 	u.mu.RUnlock()
-	reg.ID = *user.ID
+	reg.ID = *oper.ID
 	rf := reflect.ValueOf(&reg).Elem()
 	defaultrf := reflect.ValueOf(GetDefaultRegex())
 	for i := 1; i < rf.NumField(); i++ {
diff --git a/backend/paper.go b/backend/paper.go
index ea024d5..53daed8 100644
--- a/backend/paper.go
+++ b/backend/paper.go
@@ -67,7 +67,7 @@ func init() {
 			writeresult(w, codeError, nil, err.Error(), typeError)
 			return
 		}
-		reg, err := global.UserDB.GetUserRegex(*user.ID)
+		reg, err := global.UserDB.GetUserRegex(user, id)
 		if err != nil {
 			writeresult(w, codeError, nil, err.Error(), typeError)
 			return
diff --git a/backend/regex.go b/backend/regex.go
index 5511e6e..79e1e5d 100644
--- a/backend/regex.go
+++ b/backend/regex.go
@@ -12,7 +12,7 @@ func getUserRegex(token string) (*global.Regex, error) {
 	if user == nil {
 		return nil, errInvalidToken
 	}
-	return global.UserDB.GetUserRegex(*user.ID)
+	return global.UserDB.GetUserRegex(user, *user.ID)
 }
 
 func init() {
diff --git a/backend/upload.go b/backend/upload.go
index 3b13ade..ca8b932 100644
--- a/backend/upload.go
+++ b/backend/upload.go
@@ -99,10 +99,6 @@ func UploadHandler(w http.ResponseWriter, r *http.Request) {
 	ff, h, err = r.FormFile("paper")
 	if err == nil {
 		defer ff.Close()
-		if !user.IsFileManager() {
-			writeresult(w, codeError, nil, "no upload permission", typeError)
-			return
-		}
 		ct := h.Header.Get("Content-Type")
 		fn := h.Filename
 		logrus.Infoln("[file.UploadHandler] receive paper, name:", fn)
diff --git a/main.go b/main.go
index da0bde8..9aaf7d1 100644
--- a/main.go
+++ b/main.go
@@ -10,7 +10,6 @@ import (
 	"github.com/sirupsen/logrus"
 
 	"github.com/fumiama/paper-manager/backend"
-	"github.com/fumiama/paper-manager/frontend"
 )
 
 func line() int {
@@ -34,7 +33,7 @@ func main() {
 	http.HandleFunc("/file/", backend.FileHandler)
 	http.HandleFunc("/paper/", backend.PaperHandler)
 	http.HandleFunc("/upload", backend.UploadHandler)
-	http.Handle("/", frontend.StaticHandler)
+	//http.Handle("/", frontend.StaticHandler)
 
 	logrus.Infoln("[http.Serve] start at", l.Addr())
 	logrus.Errorln("[http.Serve]", http.Serve(l, nil))