✨ feat: 增加部分管理员接口

apis/Lepao/Account/Admin/GetAccountList.js

@@ -0,0 +1,168 @@
+const API = require("../../../../lib/API")
+const db = require("../../../../plugin/DataBase/db")
+const AccessControl = require("../../../../lib/AccessControl")
+const { BaseStdResponse } = require("../../../../BaseStdResponse")
+
+class GetAccountList extends API {
+    constructor() {
+        super();
+
+        this.setPath('/Admin/Lepao/Account')
+        this.setMethod('get')
+    }
+
+    async onRequest(req, res) {
+        let { uuid, session, email, area, user_uuid, username, student_num, state, pagesize, current } = req.query
+
+        if ([uuid, session, pagesize, current].some(value => value === '' || value === null || value === undefined))
+            return res.json({
+                ...BaseStdResponse.MISSING_PARAMETER
+            })
+
+        // 校验分页参数
+        if (isNaN(pagesize) || pagesize <= 0 || pagesize > 50) {
+            return res.json({
+                ...BaseStdResponse.ERR,
+                msg: '参数错误'
+            })
+        }
+
+        if (isNaN(current) || current <= 0) {
+            return res.json({
+                ...BaseStdResponse.ERR,
+                msg: '参数错误'
+            })
+        }
+
+        // 检查 session
+        if (!await AccessControl.checkSession(uuid, session))
+            return res.status(401).json({
+                ...BaseStdResponse.ACCESS_DENIED
+            })
+
+        // 检查权限
+        let permission = await AccessControl.getPermission(uuid)
+        if (!permission.includes("admin") && !permission.includes("service"))
+            return res.json({
+                ...BaseStdResponse.PERMISSION_DENIED
+            })
+
+        // 计算分页的 offset
+        const offset = (current - 1) * pagesize
+
+        let sql = `
+                SELECT 
+                    l.id,
+                    u.username AS create_user,
+                    u.avatar,
+                    l.name,
+                    l.email,
+                    l.student_num,
+                    l.create_time,
+                    l.update_time,
+                    l.user_avatar,
+                    l.academy_name,
+                    l.sex,
+                    l.area,
+                    l.grade_id,
+                    l.total_num,
+                    l.term_num,
+                    l.auto_run,
+                    l.auto_time,
+                    l.state
+                FROM 
+                    lepao_account l
+                JOIN 
+                    users u
+                ON 
+                    l.create_user = u.uuid
+                WHERE 
+                    1 = 1
+            `
+
+        let countSql = `
+            SELECT COUNT(*) AS total
+            FROM 
+                lepao_account l
+            JOIN 
+                users u
+            ON 
+                l.create_user = u.uuid
+            WHERE 1 = 1
+        `
+
+        let params = []
+        let countParams = []
+
+        if (user_uuid) {
+            sql += ` AND l.create_user = ?`
+            countSql += ` AND l.create_user = ?`
+            params.push(user_uuid)
+            countParams.push(user_uuid)
+        }
+
+        if (email) {
+            sql += ` AND l.email = ?`
+            countSql += ` AND l.email = ?`
+            params.push(email)
+            countParams.push(email)
+        }
+
+        if (area) {
+            sql += ` AND l.area = ?`
+            countSql += ` AND l.area = ?`
+            params.push(area)
+            countParams.push(area)
+        }
+
+        if (student_num) {
+            sql += ` AND l.student_num = ?`
+            countSql += ` AND l.student_num = ?`
+            params.push(student_num)
+            countParams.push(student_num)
+        }
+
+        if (username) {
+            sql += ` AND l.name LIKE ?`
+            countSql += ` AND l.name LIKE ?`
+            params.push(`%${username}%`)
+            countParams.push(`%${username}%`)
+        }
+
+        if (state !== -1) {
+            sql += ` AND l.state = ?`
+            countSql += ` AND l.state = ?`
+            params.push(state)
+            countParams.push(state)
+        }
+
+        sql += `
+            ORDER BY id DESC
+            LIMIT ? OFFSET ?;
+        `
+        params.push(String(pagesize), String(offset))
+
+        let rows = await db.query(sql, params)
+        let countResult = await db.query(countSql, countParams)
+
+        if (!rows || !countResult)
+            return res.json({
+                ...BaseStdResponse.MISSING_FILE,
+                msg: '获取乐跑账号数据失败！'
+            })
+
+        let total = countResult[0].total
+
+        res.json({
+            ...BaseStdResponse.OK,
+            data: rows,
+            pagination: {
+                current,
+                pagesize,
+                total
+            }
+        })
+    }
+}
+
+module.exports.GetAccountList = GetAccountList

apis/Lepao/Account/DeleteAccount.js

@@ -25,8 +25,25 @@ class DeleteAccount extends API {
                 ...BaseStdResponse.ACCESS_DENIED
             })
 
-        let sql = 'DELETE FROM lepao_account WHERE id = ? AND create_user = ?'
-        let r = await db.query(sql, [id, uuid])
+        let selectSql = 'SELECT create_user FROM lepao_account WHERE id = ?'
+        let selectRows = await db.query(selectSql, [id])
+        if (!selectRows || selectRows.length === 0)
+            return res.json({
+                ...BaseStdResponse.ERR,
+                msg: '解绑账号失败！未找到账户信息'
+            })
+
+        if (selectRows[0].create_user !== uuid) {
+            let permission = await AccessControl.getPermission(uuid)
+            if (!permission.includes("admin") && !permission.includes("service"))
+                return res.json({
+                    ...BaseStdResponse.ERR,
+                    msg: '解绑账号失败！未找到账户信息'
+                })
+        }
+
+        let sql = 'DELETE FROM lepao_account WHERE id = ?'
+        let r = await db.query(sql, [id])
 
         try {
             if (r && r.affectedRows > 0) {
@@ -34,13 +51,16 @@ class DeleteAccount extends API {
                     ...BaseStdResponse.OK
                 })
             } else {
-                res.json({ ...BaseStdResponse.ERR, endpoint: 7894378, msg: '删除账号失败！数据库错误' })
+                return res.json({
+                    ...BaseStdResponse.ERR,
+                    msg: '解绑账号失败！数据库错误'
+                })
             }
         } catch (err) {
-            this.logger.error(`删除账号失败！${err.stack}`)
+            this.logger.error(`解绑账号失败！${err.stack}`)
             res.json({
                 ...BaseStdResponse.ERR,
-                msg: "删除账号失败！",
+                msg: "解绑账号失败！",
             });
         }
     }

apis/Lepao/ChangeAutoRun.js

@@ -14,17 +14,34 @@ class ChangeAutoRun extends API {
     async onRequest(req, res) {
         let { uuid, session, id } = req.query
 
-        if ([uuid, session, id].some(value => value === '' || value === null || value === undefined)) 
+        if ([uuid, session, id].some(value => value === '' || value === null || value === undefined))
             return res.json({
                 ...BaseStdResponse.MISSING_PARAMETER,
                 endpoint: 1513126
             });
 
-        if (!await AccessControl.checkSession(uuid, session)) 
+        if (!await AccessControl.checkSession(uuid, session))
             return res.status(401).json({
                 ...BaseStdResponse.ACCESS_DENIED
             })
-        
+
+        let selectSql = 'SELECT create_user FROM lepao_account WHERE id = ?'
+        let selectRows = await db.query(selectSql, [id])
+        if (!selectRows || selectRows.length === 0)
+            return res.json({
+                ...BaseStdResponse.ERR,
+                msg: '切换自动乐跑状态失败！未找到账户信息'
+            })
+
+        if (selectRows[0].create_user !== uuid) {
+            let permission = await AccessControl.getPermission(uuid)
+            if (!permission.includes("admin") && !permission.includes("service"))
+                return res.json({
+                    ...BaseStdResponse.ERR,
+                    msg: '切换自动乐跑状态失败！未找到账户信息'
+                })
+        }
+
         let sql = 'UPDATE lepao_account SET auto_run = 1 - auto_run WHERE id = ?';
         try {
             let r = await db.query(sql, [id]);

apis/Lepao/Record/Admin/GetLepaoRecords.js

@@ -56,7 +56,8 @@ class AdminGetLepaoRecords extends API {
                     r.time,
                     r.result,
                     r.lepao_account,
-                    a.name
+                    a.name,
+                    a.user_avatar
                 FROM 
                     lepao_record r
                 JOIN 

apis/Lepao/Record/GetLepaoRecords.js

@@ -49,7 +49,8 @@ class GetLepaoRecords extends API {
                     r.time,
                     r.result,
                     r.lepao_account,
-                    a.name
+                    a.name,
+                    a.user_avatar
                 FROM 
                     lepao_record r
                 JOIN 

apis/Lepao/SingleRun.js

@@ -27,9 +27,26 @@ class SingleRun extends API {
                 ...BaseStdResponse.ACCESS_DENIED
             })
 
-        let sql = 'SELECT token, uid, school_id, state FROM lepao_account WHERE create_user = ? AND student_num = ?'
-        let rows = await db.query(sql, [uuid, student_num])
-        if(!rows || rows.length === 0)
+        let selectSql = 'SELECT create_user FROM lepao_account WHERE student_num = ?'
+        let selectRows = await db.query(selectSql, [student_num])
+        if (!selectRows || selectRows.length === 0)
+            return res.json({
+                ...BaseStdResponse.ERR,
+                msg: '发起乐跑失败！未找到账户信息'
+            })
+
+        if (selectRows[0].create_user !== uuid) {
+            let permission = await AccessControl.getPermission(uuid)
+            if (!permission.includes("admin") && !permission.includes("service"))
+                return res.json({
+                    ...BaseStdResponse.ERR,
+                    msg: '发起乐跑失败！未找到账户信息'
+                })
+        }
+
+        let sql = 'SELECT token, uid, school_id, state FROM lepao_account WHERE student_num = ?'
+        let rows = await db.query(sql, [student_num])
+        if (!rows || rows.length === 0)
             return res.json({
                 ...BaseStdResponse.ERR,
                 msg: '发起乐跑失败！未找到对应的账号信息'
@@ -39,7 +56,7 @@ class SingleRun extends API {
             ...BaseStdResponse.OK
         })
 
-        lepao.beginLepao(uuid, student_num, rows[0].token, rows[0].uid, rows[0].school_id, rows[0].state)
+        lepao.beginLepao(selectRows[0].create_user, student_num, rows[0].token, rows[0].uid, rows[0].school_id, rows[0].state)
 
     } catch(err) {
         this.logger.error(`手动乐跑失败！${err.stack}`);

apis/User/Admin/AddUser.js

@@ -103,4 +103,4 @@ class AddUser extends API {
     }
 }
 
-module.exports.AddUser = AddUser;
+module.exports.AddUser = AddUser

apis/User/Admin/GetUserList.js

@@ -0,0 +1,128 @@
+const API = require("../../../lib/API")
+const db = require("../../../plugin/DataBase/db")
+const AccessControl = require("../../../lib/AccessControl")
+const { BaseStdResponse } = require("../../../BaseStdResponse")
+
+class GetUserList extends API {
+    constructor() {
+        super();
+
+        this.setPath('/Admin/User/GetUserList')
+        this.setMethod('get')
+    }
+
+    async onRequest(req, res) {
+        let { uuid, session, email, user_uuid, username, nickname, pagesize, current } = req.query
+
+        if ([uuid, session, pagesize, current].some(value => value === '' || value === null || value === undefined))
+            return res.json({
+                ...BaseStdResponse.MISSING_PARAMETER
+            })
+
+        // 校验分页参数
+        if (isNaN(pagesize) || pagesize <= 0 || pagesize > 50) {
+            return res.json({
+                ...BaseStdResponse.ERR,
+                msg: '参数错误'
+            })
+        }
+
+        if (isNaN(current) || current <= 0) {
+            return res.json({
+                ...BaseStdResponse.ERR,
+                msg: '参数错误'
+            })
+        }
+
+        // 检查 session
+        if (!await AccessControl.checkSession(uuid, session))
+            return res.status(401).json({
+                ...BaseStdResponse.ACCESS_DENIED
+            })
+
+        // 检查权限
+        let permission = await AccessControl.getPermission(uuid)
+        if (!permission.includes("admin") && !permission.includes("service"))
+            return res.json({
+                ...BaseStdResponse.PERMISSION_DENIED
+            })
+
+        // 计算分页的 offset
+        const offset = (current - 1) * pagesize
+
+        let sql = `
+            SELECT
+                uuid, username, nickname, email, registTime, avatar, lepao_count, social_type, lastTime
+            FROM
+                users
+            WHERE 
+                1 = 1
+        `
+
+        let countSql = `
+            SELECT COUNT(*) AS total
+            FROM users
+            WHERE 1 = 1
+        `
+
+        let params = []
+        let countParams = []
+
+        if (user_uuid) {
+            sql += ` AND uuid = ?`
+            countSql += ` AND uuid = ?`
+            params.push(user_uuid)
+            countParams.push(user_uuid)
+        }
+
+        if (email) {
+            sql += ` AND email = ?`
+            countSql += ` AND email = ?`
+            params.push(email)
+            countParams.push(email)
+        }
+
+        if (username) {
+            sql += ` AND username LIKE ?`
+            countSql += ` AND username LIKE ?`
+            params.push(`%${username}%`)
+            countParams.push(`%${username}%`)
+        }
+
+        if (nickname) {
+            sql += ` AND nickname LIKE ?`
+            countSql += ` AND nickname LIKE ?`
+            params.push(`%${nickname}%`)
+            countParams.push(`%${nickname}%`)
+        }
+
+        sql += `
+            ORDER BY id DESC
+            LIMIT ? OFFSET ?;
+        `
+        params.push(String(pagesize), String(offset))
+
+        let rows = await db.query(sql, params)
+        let countResult = await db.query(countSql, countParams)
+
+        if (!rows || !countResult)
+            return res.json({
+                ...BaseStdResponse.MISSING_FILE,
+                msg: '获取用户数据失败！'
+            })
+
+        let total = countResult[0].total
+
+        res.json({
+            ...BaseStdResponse.OK,
+            data: rows,
+            pagination: {
+                current,
+                pagesize,
+                total
+            }
+        })
+    }
+}
+
+module.exports.GetUserList = GetUserList