| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 |
- const API = require("../../../lib/API");
- const db = require("../../../plugin/DataBase/db");
- const AccessControl = require("../../../lib/AccessControl");
- const { BaseStdResponse } = require("../../../BaseStdResponse");
- // 管理后台获取文章内容
- class GetArticle extends API {
- constructor() {
- super();
- this.setPath('/Admin/Article')
- this.setMethod('GET')
- }
- async onRequest(req, res) {
- let { uuid, session, id } = req.query
- if ([uuid, session, id].some(value => value === '' || value === null || value === undefined))
- return res.json({
- ...BaseStdResponse.MISSING_PARAMETER
- })
- // 检查 session
- if (!await AccessControl.checkSession(uuid, session))
- return res.status(401).json({
- ...BaseStdResponse.ACCESS_DENIED
- })
- // 检查权限
- let permission = await AccessControl.getPermission(uuid)
- if (!permission.includes("admin") && !permission.includes("article"))
- return res.json({
- ...BaseStdResponse.PERMISSION_DENIED
- })
- let sql = `
- SELECT
- a.id,
- a.title,
- a.cover,
- a.describe,
- a.content,
- a.type,
- a.state,
- a.views,
- a.time,
- u.username AS author
- FROM
- article a
- LEFT JOIN
- users u
- ON
- a.author = u.uuid
- WHERE
- a.id = ?
- `
- let rows = await db.query(sql, [id])
- if (!rows || rows.length !== 1)
- return res.json({
- ...BaseStdResponse.MISSING_FILE,
- msg: '文章不存在'
- })
- res.json({
- ...BaseStdResponse.OK,
- data: rows
- })
- }
- }
- module.exports.GetArticle = GetArticle;
|
