forked from TruthHun/BookStack
/
BookMemberController.go
166 lines (137 loc) · 4.31 KB
/
BookMemberController.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
package controllers
import (
"errors"
"github.com/TruthHun/BookStack/conf"
"github.com/TruthHun/BookStack/models"
"github.com/astaxie/beego/logs"
"github.com/astaxie/beego/orm"
)
type BookMemberController struct {
BaseController
}
// AddMember 参加参与用户.
func (this *BookMemberController) AddMember() {
identify := this.GetString("identify")
account := this.GetString("account")
roleId, _ := this.GetInt("role_id", 3)
if identify == "" || account == "" {
this.JsonResult(6001, "参数错误")
}
book, err := this.IsPermission()
if err != nil {
this.JsonResult(6001, err.Error())
}
member := models.NewMember()
if _, err := member.FindByAccount(account); err != nil {
this.JsonResult(404, "用户不存在")
}
if member.Status == 1 {
this.JsonResult(6003, "用户已被禁用")
}
if _, err := models.NewRelationship().FindForRoleId(book.BookId, member.MemberId); err == nil {
this.JsonResult(6003, "用户已存在该书籍中")
}
relationship := models.NewRelationship()
relationship.BookId = book.BookId
relationship.MemberId = member.MemberId
relationship.RoleId = roleId
if err := relationship.Insert(); err != nil {
this.JsonResult(500, err.Error())
}
result := models.NewMemberRelationshipResult().FromMember(member)
result.RoleId = roleId
result.RelationshipId = relationship.RelationshipId
result.BookId = book.BookId
result.ResolveRoleName()
this.JsonResult(0, "ok", result)
}
// 变更指定用户在指定书籍中的权限
func (this *BookMemberController) ChangeRole() {
identify := this.GetString("identify")
memberId, _ := this.GetInt("member_id", 0)
role, _ := this.GetInt("role_id", 0)
if identify == "" || memberId <= 0 {
this.JsonResult(6001, "参数错误")
}
if memberId == this.Member.MemberId {
this.JsonResult(6006, "不能变更自己的权限")
}
book, err := models.NewBookResult().FindByIdentify(identify, this.Member.MemberId)
if err != nil {
if err == models.ErrPermissionDenied {
this.JsonResult(403, "权限不足")
}
if err == orm.ErrNoRows {
this.JsonResult(404, "书籍不存在")
}
this.JsonResult(6002, err.Error())
}
if book.RoleId != 0 && book.RoleId != 1 {
this.JsonResult(403, "权限不足")
}
member := models.NewMember()
if _, err := member.Find(memberId); err != nil {
this.JsonResult(6003, "用户不存在")
}
if member.Status == 1 {
this.JsonResult(6004, "用户已被禁用")
}
relationship, err := models.NewRelationship().UpdateRoleId(book.BookId, memberId, role)
if err != nil {
logs.Error("变更用户在书籍中的权限 => ", err)
this.JsonResult(6005, err.Error())
}
result := models.NewMemberRelationshipResult().FromMember(member)
result.RoleId = relationship.RoleId
result.RelationshipId = relationship.RelationshipId
result.BookId = book.BookId
result.ResolveRoleName()
this.JsonResult(0, "ok", result)
}
// 删除参与者.
func (this *BookMemberController) RemoveMember() {
identify := this.GetString("identify")
memberId, _ := this.GetInt("member_id", 0)
if identify == "" || memberId <= 0 {
this.JsonResult(6001, "参数错误")
}
if memberId == this.Member.MemberId {
this.JsonResult(6006, "不能删除自己")
}
book, err := models.NewBookResult().FindByIdentify(identify, this.Member.MemberId)
if err != nil {
if err == models.ErrPermissionDenied {
this.JsonResult(403, "权限不足")
}
if err == orm.ErrNoRows {
this.JsonResult(404, "书籍不存在")
}
this.JsonResult(6002, err.Error())
}
//如果不是创始人也不是管理员则不能操作
if book.RoleId != conf.BookFounder && book.RoleId != conf.BookAdmin {
this.JsonResult(403, "权限不足")
}
err = models.NewRelationship().DeleteByBookIdAndMemberId(book.BookId, memberId)
if err != nil {
this.JsonResult(6007, err.Error())
}
this.JsonResult(0, "ok")
}
func (this *BookMemberController) IsPermission() (*models.BookResult, error) {
identify := this.GetString("identify")
book, err := models.NewBookResult().FindByIdentify(identify, this.Member.MemberId)
if err != nil {
if err == models.ErrPermissionDenied {
return book, errors.New("权限不足")
}
if err == orm.ErrNoRows {
return book, errors.New("书籍不存在")
}
return book, err
}
if book.RoleId != conf.BookAdmin && book.RoleId != conf.BookFounder {
return book, errors.New("权限不足")
}
return book, nil
}