fumiama/paper-manager
1
0
Fork 0
mirror of https://github.com/fumiama/paper-manager.git synced 2026-06-05 07:50:23 +08:00
Code Activity

fix user tmpfile permission

Browse Source
This commit is contained in:
源文雨
2023-05-10 00:34:02 +08:00
parent 125b47e5f7
commit 9c9b6e4eae
5 changed files with 6 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
backend/global/regex.go
View File

@@ -63,18 +63,14 @@ func (u *UserDatabase) SetUserRegex(id int, reg *Regex) error {
} }
// GetUserRegex default newRegex() // GetUserRegex default newRegex()
func (u *UserDatabase) GetUserRegex(id int) (*Regex, error) { func (u *UserDatabase) GetUserRegex(oper *User, id int) (*Regex, error) {
user, err := UserDB.GetUserByID(id) if !oper.IsSuper() && id != *oper.ID {
if err != nil {
return nil, err
}
if !user.IsSuper() || id != *user.ID {
return nil, ErrInvalidRole return nil, ErrInvalidRole
} }
u.mu.RLock() u.mu.RLock()
reg, _ := sql.Find[Regex](&u.db, UserTableRegex, "WHERE ID="+strconv.Itoa(id)) reg, _ := sql.Find[Regex](&u.db, UserTableRegex, "WHERE ID="+strconv.Itoa(id))
u.mu.RUnlock() u.mu.RUnlock()
reg.ID = *user.ID reg.ID = *oper.ID
rf := reflect.ValueOf(&reg).Elem() rf := reflect.ValueOf(&reg).Elem()
defaultrf := reflect.ValueOf(GetDefaultRegex()) defaultrf := reflect.ValueOf(GetDefaultRegex())
for i := 1; i < rf.NumField(); i++ { for i := 1; i < rf.NumField(); i++ {

2
backend/paper.go
View File

@@ -67,7 +67,7 @@ func init() {
writeresult(w, codeError, nil, err.Error(), typeError) writeresult(w, codeError, nil, err.Error(), typeError)
return return
} }
reg, err := global.UserDB.GetUserRegex(*user.ID) reg, err := global.UserDB.GetUserRegex(user, id)
if err != nil { if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError) writeresult(w, codeError, nil, err.Error(), typeError)
return return

2
backend/regex.go
View File

@@ -12,7 +12,7 @@ func getUserRegex(token string) (*global.Regex, error) {
if user == nil { if user == nil {
return nil, errInvalidToken return nil, errInvalidToken
} }
return global.UserDB.GetUserRegex(*user.ID) return global.UserDB.GetUserRegex(user, *user.ID)
} }
func init() { func init() {

4
backend/upload.go
View File

@@ -99,10 +99,6 @@ func UploadHandler(w http.ResponseWriter, r *http.Request) {
ff, h, err = r.FormFile("paper") ff, h, err = r.FormFile("paper")
if err == nil { if err == nil {
defer ff.Close() defer ff.Close()
if !user.IsFileManager() {
writeresult(w, codeError, nil, "no upload permission", typeError)
return
}
ct := h.Header.Get("Content-Type") ct := h.Header.Get("Content-Type")
fn := h.Filename fn := h.Filename
logrus.Infoln("[file.UploadHandler] receive paper, name:", fn) logrus.Infoln("[file.UploadHandler] receive paper, name:", fn)

3
main.go
View File

@@ -10,7 +10,6 @@ import (
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/fumiama/paper-manager/backend" "github.com/fumiama/paper-manager/backend"
"github.com/fumiama/paper-manager/frontend"
) )
func line() int { func line() int {
@@ -34,7 +33,7 @@ func main() {
http.HandleFunc("/file/", backend.FileHandler) http.HandleFunc("/file/", backend.FileHandler)
http.HandleFunc("/paper/", backend.PaperHandler) http.HandleFunc("/paper/", backend.PaperHandler)
http.HandleFunc("/upload", backend.UploadHandler) http.HandleFunc("/upload", backend.UploadHandler)
http.Handle("/", frontend.StaticHandler) //http.Handle("/", frontend.StaticHandler)
logrus.Infoln("[http.Serve] start at", l.Addr()) logrus.Infoln("[http.Serve] start at", l.Addr())
logrus.Errorln("[http.Serve]", http.Serve(l, nil)) logrus.Errorln("[http.Serve]", http.Serve(l, nil))