Feat: admin username password, room password

1 year ago · d1e3a49925
parent fb5da53233
commit d1e3a49925
3 changed files with 171 additions and 0 deletions
--- a/server/handlers/admin.go
+++ b/server/handlers/admin.go
@ -554,3 +554,93 @@ func DeleteUser(ctx *gin.Context) {

 	ctx.Status(http.StatusNoContent)
 }
+
+func AdminUserPassword(ctx *gin.Context) {
+	user := ctx.MustGet("user").(*op.User)
+
+	req := model.AdminUserPasswordReq{}
+	if err := model.Decode(ctx, &req); err != nil {
+		ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp(err.Error()))
+		return
+	}
+
+	u, err := op.LoadOrInitUserByID(req.ID)
+	if err != nil {
+		ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("user not found"))
+		return
+	}
+
+	if u.IsAdmin() && !user.IsRoot() {
+		ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("cannot change admin password"))
+		return
+	}
+
+	if err := u.SetPassword(req.Password); err != nil {
+		ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorStringResp(err.Error()))
+		return
+	}
+
+	ctx.Status(http.StatusNoContent)
+}
+
+func AdminUsername(ctx *gin.Context) {
+	user := ctx.MustGet("user").(*op.User)
+
+	req := model.AdminUsernameReq{}
+	if err := model.Decode(ctx, &req); err != nil {
+		ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp(err.Error()))
+		return
+	}
+
+	u, err := op.LoadOrInitUserByID(req.ID)
+	if err != nil {
+		ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("user not found"))
+		return
+	}
+
+	if u.IsAdmin() && !user.IsRoot() {
+		ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("cannot change admin username"))
+		return
+	}
+
+	if err := u.SetUsername(req.Username); err != nil {
+		ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorStringResp(err.Error()))
+		return
+	}
+
+	ctx.Status(http.StatusNoContent)
+}
+
+func AdminRoomPassword(ctx *gin.Context) {
+	user := ctx.MustGet("user").(*op.User)
+
+	req := model.AdminRoomPasswordReq{}
+	if err := model.Decode(ctx, &req); err != nil {
+		ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp(err.Error()))
+		return
+	}
+
+	r, err := op.LoadOrInitRoomByID(req.ID)
+	if err != nil {
+		ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("room not found"))
+		return
+	}
+
+	creator, err := op.LoadOrInitUserByID(r.CreatorID)
+	if err != nil {
+		ctx.AbortWithStatusJSON(http.StatusBadRequest, model.NewApiErrorStringResp("room creator not found"))
+		return
+	}
+
+	if creator.IsAdmin() && !user.IsRoot() {
+		ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("cannot change admin room password"))
+		return
+	}
+
+	if err := r.SetPassword(req.Password); err != nil {
+		ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorStringResp(err.Error()))
+		return
+	}
+
+	ctx.Status(http.StatusNoContent)
+}
--- a/server/handlers/init.go
+++ b/server/handlers/init.go
@ -43,6 +43,10 @@ func Init(e *gin.Engine) {

 					user.POST("/delete", DeleteUser)

+					user.POST("/password", AdminUserPassword)
+
+					user.POST("/username", AdminUsername)
+
 					// 查找用户
 					user.GET("/list", Users)

@ -59,6 +63,8 @@ func Init(e *gin.Engine) {
 				{
 					room := admin.Group("/room")

+					room.POST("/password", AdminRoomPassword)
+
 					// 查找房间
 					room.GET("/list", Rooms)

--- a/server/model/admin.go
+++ b/server/model/admin.go
@ -53,3 +53,78 @@ func (aur *AddUserReq) Validate() error {
 func (aur *AddUserReq) Decode(ctx *gin.Context) error {
 	return json.NewDecoder(ctx.Request.Body).Decode(aur)
 }
+
+type AdminUserPasswordReq struct {
+	ID       string `json:"id"`
+	Password string `json:"password"`
+}
+
+func (aur *AdminUserPasswordReq) Validate() error {
+	if aur.ID == "" {
+		return ErrInvalidID
+	}
+
+	if aur.Password == "" {
+		return FormatEmptyPasswordError("user")
+	} else if len(aur.Password) > 32 {
+		return ErrPasswordTooLong
+	} else if !alnumPrintReg.MatchString(aur.Password) {
+		return ErrPasswordHasInvalidChar
+	}
+
+	return nil
+}
+
+func (aur *AdminUserPasswordReq) Decode(ctx *gin.Context) error {
+	return json.NewDecoder(ctx.Request.Body).Decode(aur)
+}
+
+type AdminUsernameReq struct {
+	ID       string `json:"id"`
+	Username string `json:"username"`
+}
+
+func (aur *AdminUsernameReq) Validate() error {
+	if aur.ID == "" {
+		return ErrInvalidID
+	}
+
+	if aur.Username == "" {
+		return errors.New("username is empty")
+	} else if len(aur.Username) > 32 {
+		return ErrUsernameTooLong
+	} else if !alnumPrintHanReg.MatchString(aur.Username) {
+		return ErrUsernameHasInvalidChar
+	}
+
+	return nil
+}
+
+func (aur *AdminUsernameReq) Decode(ctx *gin.Context) error {
+	return json.NewDecoder(ctx.Request.Body).Decode(aur)
+}
+
+type AdminRoomPasswordReq struct {
+	ID       string `json:"id"`
+	Password string `json:"password"`
+}
+
+func (aur *AdminRoomPasswordReq) Validate() error {
+	if aur.ID == "" {
+		return ErrInvalidID
+	}
+
+	if aur.Password == "" {
+		return FormatEmptyPasswordError("room")
+	} else if len(aur.Password) > 32 {
+		return ErrPasswordTooLong
+	} else if !alnumPrintReg.MatchString(aur.Password) {
+		return ErrPasswordHasInvalidChar
+	}
+
+	return nil
+}
+
+func (aur *AdminRoomPasswordReq) Decode(ctx *gin.Context) error {
+	return json.NewDecoder(ctx.Request.Body).Decode(aur)
+}