func (f *File) Find(c *gin.Context) {
if !isGranted(c, "file.list") {
c.JSON(403, utils.NewNoAccessPermissionError(""))
return
}
page := queryInt(c, "page", 1)
pagesize := queryInt(c, "pagesize", 30)
userid := queryInt64(c, "user_id", 0)
ext := c.Query("ext")
name := c.Query("name")
engine := models.Engine()
session := func() *xorm.Session {
where := engine.Where("")
if userid > 0 {
where = where.Where("user_id = ?", userid)
}
if ext != "" {
exts := strings.Split(ext, ",")
where = where.In("ext", exts)
}
if name != "" {
where = where.Where("name like ?", "%"+name+"%")
}
return where
}
total, _ := session().Count(&models.File{})
files := make([]models.File, 0)
if err := session().Limit(pagesize, pagesize*(page-1)).Desc("created_at").Find(&files); err != nil {
c.JSON(400, utils.NewError("find files failed - %s", err.Error()))
return
}
result := models.NewQueryResult(page, pagesize, total, files)
c.JSON(200, result)
}
// liist all user
// is_active 1/0
func (u *User) List(c *gin.Context) {
if !isGranted(c, "user.list") {
c.JSON(403, utils.NewNoAccessPermissionError(""))
return
}
page := queryInt(c, "page", 1)
pagesize := queryInt(c, "pagesize", 30)
isActive := strings.ToLower(c.Query("is_active"))
engine := models.Engine()
session := func() *xorm.Session {
where := engine.Where("nickname like ? and username like ? and email like ? ",
"%"+c.Query("nickname")+"%", "%"+c.Query("username")+"%", "%"+c.Query("email")+"%")
if isActive != "" {
if isActive == "1" || isActive == "true" {
where = where.Where("is_active = ?", true)
} else if isActive == "0" || isActive == "false" {
where = where.Where("is_active = ?", false)
}
}
return where
}
total, _ := session().Count(&models.User{})
users := make([]models.User, 0)
if err := session().Limit(pagesize, pagesize*(page-1)).Asc("created_at").Find(&users); err != nil {
c.JSON(400, utils.NewError("find users failed - %s", err.Error()))
return
}
result := models.NewQueryResult(page, pagesize, total, users)
c.JSON(200, result)
}
func (f *File) Upload(c *gin.Context) {
if !isGranted(c, "file.upload") {
c.JSON(403, utils.NewNoAccessPermissionError(""))
return
}
cu := currentUser(c)
file, header, err := c.Request.FormFile("file")
if err != nil {
c.JSON(400, utils.NewError("read file content failed - %s", err.Error()))
return
}
ext := filepath.Ext(header.Filename)
filename := fmt.Sprintf("%v%v%s", cu.Id, time.Now().UnixNano(), ext)
filefolder := "/" + time.Now().Format("20060102")
path := f.Config.File.UploadPath + filefolder
buf, err := ioutil.ReadAll(file)
if err != nil {
c.JSON(400, utils.NewError("read file content failed - %s", err.Error()))
return
}
fileModel := models.File{}
fileModel.Key = filename
fileModel.Name = header.Filename
fileModel.Path = filefolder
fileModel.Size = len(buf)
fileModel.UserId = cu.Id
fileModel.Ext = ext
if err := fileModel.CheckValid(); err != nil {
c.JSON(400, utils.NewError("upload file failed - %s", err.Error()))
return
}
if _, err := os.Stat(path); err != nil {
os.MkdirAll(path, os.ModePerm)
}
fmt.Println("file path:", path)
x := models.Engine()
s := x.NewSession()
s.Begin()
if _, err := s.Insert(&fileModel); err != nil {
c.JSON(400, utils.NewError("write database failed - %s", err.Error()))
return
}
if err := ioutil.WriteFile(path+"/"+filename, buf, os.ModePerm); err != nil {
s.Rollback()
c.JSON(400, utils.NewError("write file failed - %s", err.Error()))
return
}
s.Commit()
c.JSON(200, fileModel)
}
func New(engine *xorm.Engine, c config.Config, logger utils.ILogger) (r *gin.Engine, err error) {
r = gin.New()
if c.CORS.Enable {
options := cors.Config{}
options.Origins = c.CORS.Origins
options.Methods = c.CORS.Methods
options.RequestHeaders = c.CORS.Headers
r.Use(cors.Middleware(options))
}
// static
r.Static("/files", c.File.UploadPath)
public := r.Group("/api")
loginMiddleware := middlewares.Auth(c.TokenSecret)
base := controllers.Base{
Config: c,
Engine: engine,
Logger: logger,
}
account := controllers.Account{base}
public.POST("/login", account.Login)
public.POST("/register", account.Register)
public.GET("/tables", func(c *gin.Context) {
x := models.Engine()
for _, v := range x.Tables {
fmt.Println(v.Name)
for _, c := range v.Columns() {
fmt.Println(c.Name, c.FieldName, c.MapType)
}
fmt.Println("\n")
}
})
userRouter := r.Group("/api/users")
userRouter.Use(loginMiddleware)
user := controllers.User{base}
userRouter.GET("/", user.List)
userRouter.GET("/:id", user.Get)
userRouter.POST("/:id/active", user.Active)
userRouter.GET("/:id/roles", user.Roles)
// 用token来获取用户, 为防止和用id获取用户信息路由冲突, 固放到跟目录下
public.GET("/me", loginMiddleware, user.Me)
// roles
roleRouter := r.Group("/api/roles")
roleRouter.Use(loginMiddleware)
role := controllers.Role{base}
roleRouter.GET("/", role.List)
roleRouter.POST("/", role.Create)
roleRouter.DELETE("/:id", role.Delete)
roleRouter.POST("/:id/users", role.AddUser)
roleRouter.GET("/:id/users", role.Users)
roleRouter.DELETE("/:id/users", role.DeleteUsers)
roleRouter.GET("/:id/permissions", role.Permissions)
roleRouter.POST("/:id/permissions", role.AddPermissions)
roleRouter.DELETE("/:id/permissions", role.DeletePermissions)
// files
fileRouter := r.Group("/api/files")
fileRouter.Use(loginMiddleware)
file := controllers.File{base}
fileRouter.GET("/", file.Find)
fileRouter.POST("/", file.Upload)
fileRouter.POST("/:id/resize", file.ResizeImage)
permissions := controllers.PermissionList()
err = models.AddPermissionsByList(permissions)
return
}