Beispiel #1
0
func (f *File) Find(c *gin.Context) {
	if !isGranted(c, "file.list") {
		c.JSON(403, utils.NewNoAccessPermissionError(""))
		return
	}

	page := queryInt(c, "page", 1)
	pagesize := queryInt(c, "pagesize", 30)
	userid := queryInt64(c, "user_id", 0)
	ext := c.Query("ext")
	name := c.Query("name")

	engine := models.Engine()
	session := func() *xorm.Session {
		where := engine.Where("")
		if userid > 0 {
			where = where.Where("user_id = ?", userid)
		}

		if ext != "" {
			exts := strings.Split(ext, ",")
			where = where.In("ext", exts)
		}

		if name != "" {
			where = where.Where("name like ?", "%"+name+"%")
		}

		return where
	}

	total, _ := session().Count(&models.File{})
	files := make([]models.File, 0)

	if err := session().Limit(pagesize, pagesize*(page-1)).Desc("created_at").Find(&files); err != nil {
		c.JSON(400, utils.NewError("find files failed - %s", err.Error()))
		return
	}

	result := models.NewQueryResult(page, pagesize, total, files)

	c.JSON(200, result)

}
Beispiel #2
0
// liist all user
// is_active 1/0
func (u *User) List(c *gin.Context) {
	if !isGranted(c, "user.list") {
		c.JSON(403, utils.NewNoAccessPermissionError(""))
		return
	}

	page := queryInt(c, "page", 1)
	pagesize := queryInt(c, "pagesize", 30)
	isActive := strings.ToLower(c.Query("is_active"))

	engine := models.Engine()
	session := func() *xorm.Session {
		where := engine.Where("nickname like ? and username like ? and email like ? ",
			"%"+c.Query("nickname")+"%", "%"+c.Query("username")+"%", "%"+c.Query("email")+"%")

		if isActive != "" {
			if isActive == "1" || isActive == "true" {
				where = where.Where("is_active = ?", true)
			} else if isActive == "0" || isActive == "false" {
				where = where.Where("is_active = ?", false)
			}
		}

		return where
	}

	total, _ := session().Count(&models.User{})
	users := make([]models.User, 0)

	if err := session().Limit(pagesize, pagesize*(page-1)).Asc("created_at").Find(&users); err != nil {
		c.JSON(400, utils.NewError("find users failed - %s", err.Error()))
		return
	}

	result := models.NewQueryResult(page, pagesize, total, users)

	c.JSON(200, result)

}
Beispiel #3
0
func (f *File) Upload(c *gin.Context) {
	if !isGranted(c, "file.upload") {
		c.JSON(403, utils.NewNoAccessPermissionError(""))
		return
	}
	cu := currentUser(c)
	file, header, err := c.Request.FormFile("file")
	if err != nil {
		c.JSON(400, utils.NewError("read file content failed - %s", err.Error()))
		return
	}

	ext := filepath.Ext(header.Filename)
	filename := fmt.Sprintf("%v%v%s", cu.Id, time.Now().UnixNano(), ext)
	filefolder := "/" + time.Now().Format("20060102")
	path := f.Config.File.UploadPath + filefolder

	buf, err := ioutil.ReadAll(file)
	if err != nil {
		c.JSON(400, utils.NewError("read file content failed - %s", err.Error()))
		return
	}

	fileModel := models.File{}
	fileModel.Key = filename
	fileModel.Name = header.Filename
	fileModel.Path = filefolder
	fileModel.Size = len(buf)
	fileModel.UserId = cu.Id
	fileModel.Ext = ext

	if err := fileModel.CheckValid(); err != nil {
		c.JSON(400, utils.NewError("upload file failed - %s", err.Error()))
		return
	}

	if _, err := os.Stat(path); err != nil {
		os.MkdirAll(path, os.ModePerm)
	}

	fmt.Println("file path:", path)

	x := models.Engine()
	s := x.NewSession()
	s.Begin()

	if _, err := s.Insert(&fileModel); err != nil {
		c.JSON(400, utils.NewError("write database failed - %s", err.Error()))
		return
	}

	if err := ioutil.WriteFile(path+"/"+filename, buf, os.ModePerm); err != nil {
		s.Rollback()
		c.JSON(400, utils.NewError("write file failed - %s", err.Error()))
		return
	}

	s.Commit()

	c.JSON(200, fileModel)

}
Beispiel #4
0
func New(engine *xorm.Engine, c config.Config, logger utils.ILogger) (r *gin.Engine, err error) {

	r = gin.New()
	if c.CORS.Enable {
		options := cors.Config{}
		options.Origins = c.CORS.Origins
		options.Methods = c.CORS.Methods
		options.RequestHeaders = c.CORS.Headers
		r.Use(cors.Middleware(options))

	}
	// static
	r.Static("/files", c.File.UploadPath)

	public := r.Group("/api")
	loginMiddleware := middlewares.Auth(c.TokenSecret)

	base := controllers.Base{
		Config: c,
		Engine: engine,
		Logger: logger,
	}

	account := controllers.Account{base}
	public.POST("/login", account.Login)
	public.POST("/register", account.Register)
	public.GET("/tables", func(c *gin.Context) {
		x := models.Engine()
		for _, v := range x.Tables {
			fmt.Println(v.Name)
			for _, c := range v.Columns() {
				fmt.Println(c.Name, c.FieldName, c.MapType)
			}
			fmt.Println("\n")
		}

	})

	userRouter := r.Group("/api/users")
	userRouter.Use(loginMiddleware)

	user := controllers.User{base}
	userRouter.GET("/", user.List)
	userRouter.GET("/:id", user.Get)
	userRouter.POST("/:id/active", user.Active)
	userRouter.GET("/:id/roles", user.Roles)

	// 用token来获取用户, 为防止和用id获取用户信息路由冲突, 固放到跟目录下
	public.GET("/me", loginMiddleware, user.Me)

	// roles
	roleRouter := r.Group("/api/roles")
	roleRouter.Use(loginMiddleware)

	role := controllers.Role{base}
	roleRouter.GET("/", role.List)
	roleRouter.POST("/", role.Create)
	roleRouter.DELETE("/:id", role.Delete)
	roleRouter.POST("/:id/users", role.AddUser)
	roleRouter.GET("/:id/users", role.Users)
	roleRouter.DELETE("/:id/users", role.DeleteUsers)
	roleRouter.GET("/:id/permissions", role.Permissions)
	roleRouter.POST("/:id/permissions", role.AddPermissions)
	roleRouter.DELETE("/:id/permissions", role.DeletePermissions)

	// files
	fileRouter := r.Group("/api/files")
	fileRouter.Use(loginMiddleware)

	file := controllers.File{base}
	fileRouter.GET("/", file.Find)
	fileRouter.POST("/", file.Upload)
	fileRouter.POST("/:id/resize", file.ResizeImage)

	permissions := controllers.PermissionList()
	err = models.AddPermissionsByList(permissions)

	return
}