Ecosystem/ai-gateway
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: check user's role when manage user (#30)

Browse Source
This commit is contained in:
JustSong 2023-04-28 09:47:03 +08:00
parent c76027a210
commit 7a5057f02d
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
controller/user.go
View File

@ -539,9 +539,23 @@ func ManageUser(c *gin.Context) {
switch req.Action { switch req.Action {
case "disable": case "disable":
user.Status = common.UserStatusDisabled user.Status = common.UserStatusDisabled
if user.Role == common.RoleRootUser {
c.JSON(http.StatusOK, gin.H{
"success": false,
"message": "无法禁用超级管理员用户",
})
return
}
case "enable": case "enable":
user.Status = common.UserStatusEnabled user.Status = common.UserStatusEnabled
case "delete": case "delete":
if user.Role == common.RoleRootUser {
c.JSON(http.StatusOK, gin.H{
"success": false,
"message": "无法删除超级管理员用户",
})
return
}
if err := user.Delete(); err != nil { if err := user.Delete(); err != nil {
c.JSON(http.StatusOK, gin.H{ c.JSON(http.StatusOK, gin.H{
"success": false, "success": false,
@ -557,6 +571,13 @@ func ManageUser(c *gin.Context) {
}) })
return return
} }
if user.Role >= common.RoleAdminUser {
c.JSON(http.StatusOK, gin.H{
"success": false,
"message": "该用户已经是管理员",
})
return
}
user.Role = common.RoleAdminUser user.Role = common.RoleAdminUser
case "demote": case "demote":
if user.Role == common.RoleRootUser { if user.Role == common.RoleRootUser {
@ -566,6 +587,13 @@ func ManageUser(c *gin.Context) {
}) })
return return
} }
if user.Role == common.RoleCommonUser {
c.JSON(http.StatusOK, gin.H{
"success": false,
"message": "该用户已经是普通用户",
})
return
}
user.Role = common.RoleCommonUser user.Role = common.RoleCommonUser
} }