cardidi/Flawless-Version-Control
1
0
Fork 0
Code

fix: repoen permissions

Browse Source
This commit is contained in:
Ca2didi 2025-05-19 20:51:03 +08:00
parent c63a2506d2
commit 89ed49ab93
3 changed files with 44 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Flawless.Client/Views/ModalBox/IssueDetailEditView.axaml
View File

@ -9,7 +9,7 @@
MinWidth="400"
x:Class="Flawless.Client.Views.ModalBox.IssueDetailEditView">
<u:Form>
<u:Form HorizontalAlignment="Stretch">
<u:FormItem Label="Title" IsRequired="True">
<TextBox Text="{Binding Title}"/>
</u:FormItem>

46
Flawless.Server/Controllers/AdminController.cs
View File

@ -1,5 +1,4 @@
using System.Net;
using Flawless.Communication.Request;
using Flawless.Communication.Request;
using Flawless.Communication.Response;
using Flawless.Server.Models;
using Flawless.Server.Services;
@ -10,15 +9,26 @@ using Microsoft.EntityFrameworkCore;
namespace Flawless.Server.Controllers;
[ApiController, Authorize(Roles = "admin"), Route("api/admin")]
[ApiController, Authorize, Route("api/admin")]
public class AdminController(
UserManager<AppUser> userManager,
AccessControlService accessControlService,
AppDbContext dbContext) : ControllerBase
{
private async ValueTask<ActionResult?> TestIfValid()
{
var user = (await userManager.GetUserAsync(HttpContext.User))!;
if (user.Admin == false) return BadRequest(new FailedResponse("Only admin can do this!"));
return null;
}
[HttpPost("superuser/{username}")]
public async Task<IActionResult> SetSuperuserAsync(string username, bool toSuper)
{
var t = await TestIfValid();
if (t != null) return t;
var user = await userManager.FindByNameAsync(username);
var optUser = (await userManager.GetUserAsync(HttpContext.User))!;
@ -34,6 +44,9 @@ public class AdminController(
[HttpGet("superuser/{username}")]
public async Task<ActionResult<bool>> GetSuperuserAsync(string username)
{
var t = await TestIfValid();
if (t != null) return t;
var user = await userManager.FindByNameAsync(username);
if (user == null) return BadRequest(new FailedResponse("User does not exist!"));
@ -43,6 +56,9 @@ public class AdminController(
[HttpGet("user/list")]
public async Task<ActionResult<List<AppUser>>> GetUsersAsync()
{
var t = await TestIfValid();
if (t != null) return t;
var users = await userManager.Users.ToListAsync();
return users;
}
@ -50,6 +66,9 @@ public class AdminController(
[HttpPost("user/delete/{username}")]
public async Task<IActionResult> DeleteUserAsync(string username)
{
var t = await TestIfValid();
if (t != null) return t;
var user = await userManager.FindByNameAsync(username);
if (user == null) return BadRequest(new FailedResponse("User does not exist!"));
@ -74,6 +93,9 @@ public class AdminController(
[HttpPost("user/disable/{username}")]
public async Task<IActionResult> DisableUserAsync(string username)
{
var t = await TestIfValid();
if (t != null) return t;
var user = await userManager.FindByNameAsync(username);
if (user == null) return BadRequest(new FailedResponse("User does not exist!"));
@ -86,6 +108,9 @@ public class AdminController(
[HttpPost("user/reset_password")]
public async Task<IActionResult> ResetPasswordAsync(ResetPasswordRequest r)
{
var t = await TestIfValid();
if (t != null) return t;
if (r.Identity == null) return BadRequest(new FailedResponse("Identity (User Id) is not set!"));
var user = await userManager.FindByIdAsync(r.Identity);
@ -100,6 +125,9 @@ public class AdminController(
[HttpPost("access_control/ip_whitelist")]
public async Task<IActionResult> SetIpWhitelistAsync([FromBody] string[] ips)
{
var t = await TestIfValid();
if (t != null) return t;
await accessControlService.UpdatePolicyAsync(IpPolicyType.Whitelist, ips);
return Ok();
}
@ -107,12 +135,18 @@ public class AdminController(
[HttpGet("access_control/ip_whitelist")]
public async Task<ActionResult<IEnumerable<string>>> GetIpWhitelistAsync()
{
var t = await TestIfValid();
if (t != null) return t;
return Ok(await accessControlService.GetIpListAsync(IpPolicyType.Whitelist));
}
[HttpPost("access_control/ip_blacklist")]
public async Task<IActionResult> SetIpBlacklistAsync([FromBody] string[] ips)
{
var t = await TestIfValid();
if (t != null) return t;
await accessControlService.UpdatePolicyAsync(IpPolicyType.Blacklist, ips);
return Ok();
}
@ -120,6 +154,9 @@ public class AdminController(
[HttpGet("access_control/ip_blacklist")]
public async Task<ActionResult<IEnumerable<string>>> GetIpBlacklistAsync()
{
var t = await TestIfValid();
if (t != null) return t;
return Ok(await accessControlService.GetIpListAsync(IpPolicyType.Blacklist));
}
@ -131,6 +168,9 @@ public class AdminController(
[FromQuery] int page = 1,
[FromQuery] int pageSize = 50)
{
var t = await TestIfValid();
if (t != null) return t;
var query = dbContext.SystemLogs.AsQueryable();
// 时间过滤

3
Flawless.Server/Program.cs
View File

@ -189,7 +189,6 @@ public static class Program
if (auth?.Any() ?? false)
{
var adminOnly = auth.Any(a => a.Policy?.ToLower() == "admin");
var id = p.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (id == null) throw new SecurityTokenExpiredException("User is not defined in the token!");
@ -201,8 +200,6 @@ public static class Program
var u = await db.FindByIdAsync(id!);
if (u == null) throw new SecurityTokenExpiredException("User is not existed.");
if (adminOnly && u.Admin == false)
throw new SecurityException("This api is Admin called only!");
if (u.SecurityStamp != stamp) throw new SecurityTokenExpiredException("SecurityStamp is mismatched.");
// if (u.LockoutEnabled) throw new SecurityTokenExpiredException("User has been locked."); //todo Fix lockout prob