const API = require("../../../lib/API.js") const db = require("../../../plugin/DataBase/db.js") const { BaseStdResponse } = require("../../../BaseStdResponse.js") const AccessControl = require("../../../lib/AccessControl.js") function parseBookList(value) { if (value === null || value === undefined || value === '') return [] if (Array.isArray(value)) return value try { const parsed = JSON.parse(value) return Array.isArray(parsed) ? parsed : [] } catch { return [] } } function extractClassName(bookList) { if (!Array.isArray(bookList) || bookList.length === 0) return '' const book = bookList.find(b => b && b.className) return book?.className ?? '' } class AdminQxsAccountDetail extends API { constructor() { super() this.setPath('/Admin/QXS/Account/Detail') this.setMethod('GET') } async onRequest(req, res) { let { uuid, session, id } = req.query if ([uuid, session, id].some(v => v === '' || v === null || v === undefined)) return res.json({ ...BaseStdResponse.MISSING_PARAMETER }) if (!await AccessControl.checkSession(uuid, session)) return res.status(401).json({ ...BaseStdResponse.ACCESS_DENIED }) const permission = await AccessControl.getPermission(uuid) if (!permission.includes('admin') && !permission.includes('server') && !permission.includes('service')) return res.json({ ...BaseStdResponse.PERMISSION_DENIED }) const sql = ` SELECT id, username, create_time, realname, email, mobile, termName, book_list FROM qsx_account WHERE id = ? LIMIT 1 ` const rows = await db.query(sql, [id]) if (!rows) return res.json({ ...BaseStdResponse.DATABASE_ERR }) if (!rows.length) return res.json({ ...BaseStdResponse.ERR, msg: '记录不存在' }) const row = rows[0] const bookList = parseBookList(row.book_list) return res.json({ ...BaseStdResponse.OK, data: { id: row.id, username: row.username, create_time: row.create_time, realname: row.realname, email: row.email, mobile: row.mobile, termName: row.termName, className: extractClassName(bookList), bookList } }) } } module.exports.AdminQxsAccountDetail = AdminQxsAccountDetail