赞助内容审核管理，漏洞补丁

2024-01-06 22:41:38 +08:00 · 2024-01-06 22:41:38 +08:00 · c1601e53a2
commit c1601e53a2
parent 930876a93f
13 changed files with 230 additions and 9 deletions
--- a/api/interface.go
+++ b/api/interface.go
@ -35,4 +35,6 @@ type IUserV1 interface {
 type ISponsorV1 interface {
 	GetSponsor(context.Context, *request.GetSponsorReq) (*request.GetSponsorRes, error)
 	AddSponsor(context.Context, *request.AddSponsorReq) (*request.AddSponsorRes, error)
+	GetCheckSponsor(context.Context, *request.GetCheckSponsorReq) (*request.GetCheckSponsorRes, error)
+	CheckSponsor(context.Context, *request.CheckSponsorReq) (*request.CheckSponsorRes, error)
 }
--- a/api/request/sponsorApi.go
+++ b/api/request/sponsorApi.go
@ -8,6 +8,14 @@ type GetSponsorReq struct {
 type AddSponsorReq struct {
 	g.Meta `path:"/add" tags:"添加赞助" method:"post" summary:"添加赞助"`
 }
+type GetCheckSponsorReq struct {
+	g.Meta `path:"/list" tags:"获取检查赞助" method:"get" summary:"获取检查赞助"`
+}
+type CheckSponsorReq struct {
+	g.Meta `path:"/" tags:"检查赞助" method:"patch" summary:"检查赞助"`
+}

 type GetSponsorRes struct{}
 type AddSponsorRes struct{}
+type GetCheckSponsorRes struct{}
+type CheckSponsorRes struct{}
--- a/internal/cmd/cmd.go
+++ b/internal/cmd/cmd.go
@ -54,8 +54,16 @@ var (
 						})
 						group.Group("/sponsor", func(group *ghttp.RouterGroup) {
 							group.Bind(
-								sponsor.NewSponsorV1(),
+								sponsor.NewSponsorV1().AddSponsor,
+								sponsor.NewSponsorV1().GetSponsor,
 							)
+							group.Group("/check", func(group *ghttp.RouterGroup) {
+								group.Middleware(middleware.VerifyTokenMiddleware)
+								group.Bind(
+									sponsor.NewSponsorV1().CheckSponsor,
+									sponsor.NewSponsorV1().GetCheckSponsor,
+								)
+							})
 						})
 						group.Group("/location", func(group *ghttp.RouterGroup) {
 							//location.NewLinkCustomLocationV1()
--- a/internal/controller/auth/link/custom/sponsor/sponsorController.go
+++ b/internal/controller/auth/link/custom/sponsor/sponsorController.go
@ -42,3 +42,27 @@ func (*ControllerV1) AddSponsor(ctx context.Context, _ *request.AddSponsorReq) (
 	}
 	return res, err
 }
+
+// GetCheckSponsor
+//
+// 获取检查赞助
+func (*ControllerV1) GetCheckSponsor(ctx context.Context, _ *request.GetCheckSponsorReq) (res *request.GetCheckSponsorRes, err error) {
+	req := ghttp.RequestFromCtx(ctx)
+	// 获取业务
+	sponorService().GetCheckSponsor(req)
+	return res, err
+}
+
+// CheckSponsor
+//
+// 检查赞助
+func (*ControllerV1) CheckSponsor(ctx context.Context, _ *request.CheckSponsorReq) (res *request.CheckSponsorRes, err error) {
+	req := ghttp.RequestFromCtx(ctx)
+	// 获取业务
+	checkSponsorVO := entity.CheckSponsorVO{}
+	err = req.GetRequestStruct(&checkSponsorVO)
+	if err == nil {
+		sponorService().CheckSponsor(req, checkSponsorVO)
+	}
+	return res, err
+}
--- a/internal/dao/sponsorDAO/sponsorDAO.go
+++ b/internal/dao/sponsorDAO/sponsorDAO.go
@ -28,6 +28,28 @@ func GetSponsor() *[]do.SponsorDO {
 	}
 }

+// GetSponsorById
+//
+// 获取赞助
+func GetSponsorById(id uint64) *do.SponsorDO {
+	// 获取相应id数据信息
+	var sponsorDO do.SponsorDO
+	result, err := g.Model("xf_sponsor").Where("id", id).One()
+	if err == nil {
+		if !result.IsEmpty() {
+			_ = result.Struct(&sponsorDO)
+			g.Log().Cat("Database").Cat("Sponor").Notice(context.Background(), "xf_sponor 数据表", id, "数据提取成功")
+			return &sponsorDO
+		} else {
+			g.Log().Cat("Database").Cat("Sponor").Notice(context.Background(), "xf_sponor 数据表中没有", id, "赞助信息")
+			return nil
+		}
+	} else {
+		g.Log().Cat("Database").Cat("Sponor").Error(context.Background(), err.Error())
+		return nil
+	}
+}
+
 // AddSponsor
 //
 // 添加赞助
@ -43,6 +65,9 @@ func AddSponsor(getSponsorDO do.SponsorDO) bool {
 	}
 }

+// GetSponsorType
+//
+// 获取检查赞助
 func GetSponsorType(t uint8) *do.SponsorTypeDO {
 	var getSponsorTypeDO do.SponsorTypeDO
 	result, err := g.Model("xf_sponsor_type").Where("id", t).One()
@ -59,5 +84,56 @@ func GetSponsorType(t uint8) *do.SponsorTypeDO {
 		g.Log().Cat("Database").Cat("Sponor").Error(context.Background(), err.Error())
 		return nil
 	}
-
+}
+
+// GetCheckSponsor
+//
+// 获取检查赞助
+func GetCheckSponsor() *[]do.SponsorDO {
+	// 获取数据表全部数据
+	var getSponorDO []do.SponsorDO
+	result, err := g.Model("xf_sponsor").Where("check", false).OrderDesc("created_at").All()
+	if err == nil {
+		if !result.IsEmpty() {
+			_ = result.Structs(&getSponorDO)
+			g.Log().Cat("Database").Cat("Sponor").Notice(context.Background(), "xf_sponor 数据表数据提取成功")
+			return &getSponorDO
+		} else {
+			g.Log().Cat("Database").Cat("Sponor").Notice(context.Background(), "xf_sponor 数据表中没有赞助相关信息")
+			return nil
+		}
+	} else {
+		g.Log().Cat("Database").Cat("Sponor").Error(context.Background(), err.Error())
+		return nil
+	}
+}
+
+// CheckSponsorSuccess
+//
+// 检查赞助
+func CheckSponsorSuccess(id uint64, check bool) bool {
+	// 获取相应id数据信息
+	_, err := g.Model("xf_sponsor").Data(g.Map{"check": check}).Where("id", id).Update()
+	if err == nil {
+		g.Log().Cat("Database").Cat("Sponor").Notice(context.Background(), "xf_sponor 数据表", id, "数据更新成功")
+		return true
+	} else {
+		g.Log().Cat("Database").Cat("Sponor").Error(context.Background(), err.Error())
+		return false
+	}
+}
+
+// DeleteSponsor
+//
+// 删除赞助
+func DeleteSponsor(id uint64) bool {
+	// 获取相应id数据信息
+	_, err := g.Model("xf_sponsor").Where("id", id).Delete()
+	if err == nil {
+		g.Log().Cat("Database").Cat("Sponor").Notice(context.Background(), "xf_sponor 数据表", id, "数据删除成功")
+		return true
+	} else {
+		g.Log().Cat("Database").Cat("Sponor").Error(context.Background(), err.Error())
+		return false
+	}
 }
--- a/internal/dao/tokenDAO/tokenDAO.go
+++ b/internal/dao/tokenDAO/tokenDAO.go
@ -79,14 +79,19 @@ func UpdateToken(token string, userId *uint64) (*do.TokenDO, error) {
 	getTokenDO := GetToken(token)
 	if getTokenDO != nil {
 		if getTokenDO.UserId == nil {
-			newTokenDO := do.TokenDO{
-				Id:        nil,
-				UserId:    userId,
-				Token:     (*getTokenDO).Token,
-				ExpiredAt: time.Now().Add(time.Hour * 24),
-				CreatedAt: (*getTokenDO).CreatedAt,
+			// 获取数据库信息
+			result, err := g.Model("xf_token").Where("token = ?", getTokenDO.Token).One()
+			if err != nil {
+				g.Log().Cat("Database").Cat("Token").Error(context.Background(), err.Error())
+				errorData := &CustomError.CustomError{Message: "DatabaseError"}
+				return nil, errorData
 			}
-			_, err := g.Model("xf_token").Data(newTokenDO).Where("token = ?", getTokenDO.Token).Update()
+			// 更新数据库信息
+			var newTokenDO = do.TokenDO{}
+			_ = result.Struct(&newTokenDO)
+			newTokenDO.UserId = userId
+			newTokenDO.ExpiredAt = time.Now().Add(time.Hour * 24)
+			_, err = g.Model("xf_token").Data(newTokenDO).Where("token = ?", getTokenDO.Token).Update()
 			if err != nil {
 				g.Log().Cat("Database").Cat("Token").Error(context.Background(), err.Error())
 				errorData := &CustomError.CustomError{Message: "DatabaseError"}
--- a/internal/logic/SponsorServiceImpl/sponsorServiceImpl.go
+++ b/internal/logic/SponsorServiceImpl/sponsorServiceImpl.go
@ -86,3 +86,59 @@ func (*SponsorServiceImpl) GetSponsor(req *ghttp.Request) {
 		ResultUtil.ErrorNoData(req, ErrorCode.NoSponsor)
 	}
 }
+
+// GetCheckSponsor
+//
+// 获取检查赞助
+func (*SponsorServiceImpl) GetCheckSponsor(req *ghttp.Request) {
+	// 检查用户是否是管理员
+	if userService().CheckAdministrator(req) {
+		// 获取赞助
+		getSponorDO := sponsorDAO.GetCheckSponsor()
+		if getSponorDO != nil {
+			ResultUtil.Success(req, "Success", getSponorDO)
+		} else {
+			ResultUtil.ErrorNoData(req, ErrorCode.NoSponsorInNoCheck)
+		}
+	} else {
+		ResultUtil.ErrorNoData(req, ErrorCode.NoPermission)
+	}
+}
+
+// CheckSponsor
+//
+// 检查赞助
+func (*SponsorServiceImpl) CheckSponsor(req *ghttp.Request, vo entity.CheckSponsorVO) {
+	// 检查用户是否是管理员
+	if userService().CheckAdministrator(req) {
+		// 获取此单位注册信息
+		getSponsorDO := sponsorDAO.GetSponsorById(vo.Id)
+		if getSponsorDO != nil {
+			// 检查是否已经审核过
+			if getSponsorDO.Check {
+				ResultUtil.ErrorNoData(req, ErrorCode.SponsorAlreadyCheck)
+			} else {
+				// 对内容内容进行审核管理
+				if vo.Check {
+					// 更新数据
+					if sponsorDAO.CheckSponsorSuccess(vo.Id, true) {
+						ResultUtil.SuccessOther(req, "CheckSuccess", "审核通过，内容已处理")
+					} else {
+						ResultUtil.ErrorNoData(req, ErrorCode.ServerDatabaseInteriorError)
+					}
+				} else {
+					// 删除数据
+					if sponsorDAO.DeleteSponsor(vo.Id) {
+						ResultUtil.SuccessOther(req, "CheckDenied", "审核不通过，内容已处理")
+					} else {
+						ResultUtil.ErrorNoData(req, ErrorCode.ServerDatabaseInteriorError)
+					}
+				}
+			}
+		} else {
+			ResultUtil.ErrorNoData(req, ErrorCode.NoSponsor)
+		}
+	} else {
+		ResultUtil.ErrorNoData(req, ErrorCode.NoPermission)
+	}
+}
--- a/internal/logic/UserServiceImpl/userServiceImpl.go
+++ b/internal/logic/UserServiceImpl/userServiceImpl.go
@ -124,3 +124,21 @@ func (*DefaultUserImpl) UserCurrent(req *ghttp.Request) *do.UserDO {
 		return nil
 	}
 }
+
+// CheckAdministrator
+//
+// 检查管理员
+func (*DefaultUserImpl) CheckAdministrator(req *ghttp.Request) bool {
+	// 获取token
+	getTokenDO := tokenService().GetToken(req)
+	if getTokenDO != nil {
+		userDO := userDAO.GetUserByToken(getTokenDO.Token)
+		if userDO != nil {
+			return userDO.Permission
+		} else {
+			return false
+		}
+	} else {
+		return false
+	}
+}
--- a/internal/model/entity/checkSponsorVO.go
+++ b/internal/model/entity/checkSponsorVO.go
@ -0,0 +1,6 @@
+package entity
+
+type CheckSponsorVO struct {
+	Id    uint64 `json:"id"`
+	Check bool   `json:"check"`
+}
--- a/internal/service/SponsorService/sponsorService.go
+++ b/internal/service/SponsorService/sponsorService.go
@ -13,4 +13,6 @@ func NewSponsorService() SponsorService {
 type SponsorService interface {
 	GetSponsor(*ghttp.Request)
 	AddSponsor(*ghttp.Request, entity.SponsorAddVO)
+	GetCheckSponsor(*ghttp.Request)
+	CheckSponsor(*ghttp.Request, entity.CheckSponsorVO)
 }
--- a/internal/service/UserService/userService.go
+++ b/internal/service/UserService/userService.go
@ -17,4 +17,5 @@ type UserService interface {
 	CheckLogin(*ghttp.Request)
 	UserLogout(*ghttp.Request)
 	UserCurrent(*ghttp.Request) *do.UserDO
+	CheckAdministrator(*ghttp.Request) bool
 }
--- a/utility/ErrorCode/ErrorCode.go
+++ b/utility/ErrorCode/ErrorCode.go
@ -21,6 +21,7 @@ var (
 	TokenNotFound               = ErrorCode{output: "TokenNotFound", code: 40102, message: "Token 不存在"}
 	PasswordNotMatch            = ErrorCode{output: "PasswordNotMatch", code: 40103, message: "密码错误"}
 	AlreadyLogin                = ErrorCode{output: "AlreadyLogin", code: 40104, message: "已经登录"}
+	NoPermission                = ErrorCode{output: "NoPermission", code: 40105, message: "没有权限"}
 	RequestBodyMismatching      = ErrorCode{output: "RequestBodyMismatching", code: 40200, message: "请求体不匹配"}
 	RequestBodyError            = ErrorCode{output: "RequestBodyError", code: 40201, message: "请求体错误"}
 	UserExist                   = ErrorCode{output: "UserExists", code: 40300, message: "用户已存在"}
@ -33,6 +34,8 @@ var (
 	NoSponsor                   = ErrorCode{output: "NoSponsor", code: 40307, message: "没有赞助"}
 	AddSponsorFailed            = ErrorCode{output: "AddSponsorFailed", code: 40308, message: "添加赞助失败"}
 	NoSponsorType               = ErrorCode{output: "NoSponsorType", code: 40309, message: "没有此赞助类型"}
+	SponsorAlreadyCheck         = ErrorCode{output: "SponsorAlreadyCheck", code: 40310, message: "此赞助已经审核过"}
+	NoSponsorInNoCheck          = ErrorCode{output: "NoSponsorInNoCheck", code: 40311, message: "没有未审核的赞助"}
 	ServerUnknownError          = ErrorCode{output: "ServerUnknownError", code: 50000, message: "服务器未知错误"}
 	ServerDatabaseInteriorError = ErrorCode{output: "ServerDatabaseInteriorError", code: 50001, message: "服务器数据库内部错误"}
 )
--- a/utility/ResultUtil/ResultUtil.go
+++ b/utility/ResultUtil/ResultUtil.go
@ -32,6 +32,18 @@ func SuccessNoData(req *ghttp.Request, message string) {
 	})
 }

+// SuccessOther
+//
+// 内容输出（不含 data）
+func SuccessOther(req *ghttp.Request, output string, message string) {
+	g.Log().Cat("Result").Debug(context.WithValue(context.Background(), req.RequestURI, req.RequestURI), req.RequestURI, "<", output, "[200]>", message)
+	req.Response.WriteJson(g.Map{
+		"output":  output,
+		"code":    200,
+		"message": message,
+	})
+}
+
 // Error
 //
 // 错误输出（包含 data）