feat: (rbac) update user password

2022-04-26 20:04:11 +08:00 · 2022-04-26 20:04:11 +08:00 · 8bcda063fb
parent 236d340b3b
commit 8bcda063fb
5 changed files with 80 additions and 13 deletions
--- a/internal/biz/role.go
+++ b/internal/biz/role.go
@ -72,10 +72,12 @@ func (role ConsoleRole) Update(localUser *User, model rbac.Role) (err error) {
 	if err != nil {
 		return
 	}
-	RoleMap[role.Name] = Role{
+
 	RoleMap[model.Name] = Role{
 		Name:     model.Name,
 		Platform: model.Platform,
 	}
 	err = orm.Save(GenerateEvent(event.ActivityMetadata{
 		Category: "platform",
 		Group:    "rbac",
@ -107,7 +109,7 @@ func (role ElasticsearchRole) Update(localUser *User, model rbac.Role) (err erro
 	if err != nil {
 		return
 	}
-	RoleMap[role.Name] = Role{
+	RoleMap[model.Name] = Role{
 		Name:             model.Name,
 		Cluster:          model.Cluster,
 		ClusterPrivilege: model.ClusterPrivilege,
@ -227,7 +229,7 @@ func (role ElasticsearchRole) Create(localUser *User) (id string, err error) {
 		return
 	}
 	id = newRole.ID
-	RoleMap[role.Name] = Role{
+	RoleMap[newRole.Name] = Role{
 		Name:             newRole.Name,
 		Cluster:          newRole.Cluster,
 		ClusterPrivilege: newRole.ClusterPrivilege,
--- a/internal/biz/user.go
+++ b/internal/biz/user.go
@ -21,7 +21,6 @@ func DeleteUser(localUser *User, id string) (err error) {
 	user.ID = id
 	_, err = orm.Get(&user)
 	if err != nil {
 		err = ErrNotFound
 		return
 	}
 	err = orm.Delete(user)
@ -55,7 +54,7 @@ func DeleteUser(localUser *User, id string) (err error) {
 	}, nil))
 	return
 }
-func CreateUser(localUser *User, req dto.CreateUser) (id string, err error) {
+func CreateUser(localUser *User, req dto.CreateUser) (id string, password string, err error) {
 	q := orm.Query{Size: 1000}
 	q.Conds = orm.And(orm.Eq("username", req.Username))
@ -75,10 +74,9 @@ func CreateUser(localUser *User, req dto.CreateUser) (id string, err error) {
 			Name: v.Name,
 		})
 	}
-
+	randStr := util.GenerateRandomString(8)
-	hash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
+	hash, err := bcrypt.GenerateFromPassword([]byte(randStr), bcrypt.DefaultCost)
 	if err != nil {
 		return
 	}
 	user := rbac.User{
@ -99,6 +97,7 @@ func CreateUser(localUser *User, req dto.CreateUser) (id string, err error) {
 		return
 	}
 	id = user.ID
 	password = randStr
 	err = orm.Save(GenerateEvent(event.ActivityMetadata{
 		Category: "platform",
 		Group:    "rbac",
@ -128,7 +127,6 @@ func UpdateUser(localUser *User, id string, req dto.UpdateUser) (err error) {
 	user.ID = id
 	_, err = orm.Get(&user)
 	if err != nil {
 		err = ErrNotFound
 		return
 	}
 	roles := make([]rbac.UserRole, 0)
@ -175,7 +173,7 @@ func UpdateUserRole(localUser *User, id string, req dto.UpdateUserRole) (err err
 	user.ID = id
 	_, err = orm.Get(&user)
 	if err != nil {
-		err = ErrNotFound
+
 		return
 	}
 	changeLog, _ := util.DiffTwoObject(user, req)
@ -239,5 +237,38 @@ func SearchUser(keyword string, from, size int) (users orm.Result, err error) {
 }
 func UpdateUserPassword(localUser *User, id string, password string) (err error) {
 	user := rbac.User{}
 	user.ID = id
 	_, err = orm.Get(&user)
 	if err != nil {
 		return
 	}
 	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
 	if err != nil {
 		return
 	}
 	user.Password = string(hash)
 	user.Updated = time.Now()
 	err = orm.Save(&user)
 	if err != nil {
 		return
 	}
 	err = orm.Save(GenerateEvent(event.ActivityMetadata{
 		Category: "platform",
 		Group:    "rbac",
 		Name:     "user",
 		Type:     "update",
 		Labels: util.MapStr{
 			"id":       id,
 			"password": password,
 			"updated":  user.Updated,
 		},
 		User: util.MapStr{
 			"userid":   localUser.UserId,
 			"username": localUser.Username,
 		},
 	}, nil, nil))
 	return
 }
--- a/internal/dto/role.go
+++ b/internal/dto/role.go
@ -38,3 +38,6 @@ type UpdateUser struct {
 type UpdateUserRole struct {
 	Roles []Role `json:"roles"`
 }
 type UpdateUserPassword struct {
 	Password string `json:"password"`
 }
--- a/plugin/api/rbac/api.go
+++ b/plugin/api/rbac/api.go
@ -34,7 +34,7 @@ func init() {
 	api.HandleAPIMethod(api.PUT, "/user/:id", m.PermissionRequired(r.UpdateUser, enum.UserAll...))
 	api.HandleAPIMethod(api.PUT, "/user/:id/role", m.PermissionRequired(r.UpdateUserRole, enum.UserAll...))
 	api.HandleAPIMethod(api.GET, "/user/_search", m.PermissionRequired(r.SearchUser, enum.UserRead...))
-
+	api.HandleAPIMethod(api.PUT, "/user/:id/password", m.PermissionRequired(r.UpdateUserPassword, enum.UserAll...))
 }
 func loadJsonConfig() {
--- a/plugin/api/rbac/user.go
+++ b/plugin/api/rbac/user.go
@ -6,6 +6,7 @@ import (
 	"infini.sh/console/internal/core"
 	"infini.sh/console/internal/dto"
 	httprouter "infini.sh/framework/core/api/router"
 	"infini.sh/framework/core/util"
 	"infini.sh/framework/modules/elastic"
 	"net/http"
 	log "src/github.com/cihub/seelog"
@ -39,13 +40,17 @@ func (h Rbac) CreateUser(w http.ResponseWriter, r *http.Request, ps httprouter.P
 		h.Error(w, err)
 		return
 	}
-	id, err := biz.CreateUser(localUser, req)
+	id, pass, err := biz.CreateUser(localUser, req)
 	if err != nil {
 		_ = log.Error(err.Error())
 		h.Error(w, err)
 		return
 	}
-	_ = h.WriteOKJSON(w, core.CreateResponse(id))
+	_ = h.WriteOKJSON(w, util.MapStr{
 		"_id":      id,
 		"password": pass,
 		"result":   "created",
 	})
 	return
 }
@ -159,3 +164,29 @@ func (h Rbac) SearchUser(w http.ResponseWriter, r *http.Request, ps httprouter.P
 	return
 }
 func (h Rbac) UpdateUserPassword(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	id := ps.MustGetParameter("id")
 	var req dto.UpdateUserPassword
 	err := h.DecodeJSON(r, &req)
 	if err != nil {
 		_ = log.Error(err.Error())
 		h.Error400(w, err.Error())
 		return
 	}
 	localUser, err := biz.FromUserContext(r.Context())
 	if err != nil {
 		log.Error(err.Error())
 		h.Error(w, err)
 		return
 	}
 	err = biz.UpdateUserPassword(localUser, id, req.Password)
 	if err != nil {
 		_ = log.Error(err.Error())
 		h.Error(w, err)
 		return
 	}
 	_ = h.WriteOKJSON(w, core.UpdateResponse(id))
 	return
 }