Home Explore 引导页 在线工具 Blog
Register Sign In
Pchen0
/
ic-ctbu-backend
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 49d4473eae
Branches Tags
ic-ctbu-backend
/
apis
/
User
/
Admin
/
SetUserBan.js

SetUserBan.js 2.8 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. const API = require("../../../lib/API")
    2. 

  2. const db = require("../../../plugin/DataBase/db")
    3. 

  3. const AccessControl = require("../../../lib/AccessControl")
    4. 

  4. const { BaseStdResponse } = require("../../../BaseStdResponse")
    5. 

  5. 

  6. class SetUserBan extends API {
    7. 

  7.     constructor() {
    8. 

  8.         super()
    9. 

  9.         this.setPath("/Admin/User/SetUserBan")
    10. 

  10.         this.setMethod("POST")
    11. 

  11.     }
    12. 

  12. 

  13.     async onRequest(req, res) {
    14. 

  14.         let { uuid, session, userid, is_banned } = req.body
    15. 

  15.         const flag = Number(is_banned)
    16. 

  16. 

  17.         if ([uuid, session, userid].some(value => value === "" || value === null || value === undefined))
    18. 

  18.             return res.json({ ...BaseStdResponse.MISSING_PARAMETER })
    19. 

  19. 

  20.         if (![0, 1].includes(flag))
    21. 

  21.             return res.json({ ...BaseStdResponse.ERR, msg: "参数错误" })
    22. 

  22. 

  23.         if (!await AccessControl.checkSession(uuid, session))
    24. 

  24.             return res.status(401).json({ ...BaseStdResponse.ACCESS_DENIED })
    25. 

  25. 

  26.         const permission = await AccessControl.getPermission(uuid)
    27. 

  27.         if (!permission.includes("admin") && !permission.includes("service"))
    28. 

  28.             return res.json({ ...BaseStdResponse.PERMISSION_DENIED })
    29. 

  29. 

  30.         if (userid === uuid)
    31. 

  31.             return res.json({ ...BaseStdResponse.ERR, msg: "不能封禁自己的账号" })
    32. 

  32. 

  33.         const targetRows = await db.query(
    34. 

  34.             "SELECT permission FROM users WHERE uuid = ? LIMIT 1",
    35. 

  35.             [userid]
    36. 

  36.         )
    37. 

  37.         if (!targetRows || targetRows.length === 0)
    38. 

  38.             return res.json({ ...BaseStdResponse.MISSING_FILE, msg: "未找到用户" })
    39. 

  39. 

  40.         const targetPermission = targetRows[0].permission || []
    41. 

  41.         if (targetPermission.includes("admin") || targetPermission.includes("service"))
    42. 

  42.             return res.json({ ...BaseStdResponse.ERR, msg: "不能封禁管理员或客服账号" })
    43. 

  43. 

  44.         const conn = await db.connect()
    45. 

  45.         try {
    46. 

  46.             const [r] = await conn.execute(
    47. 

  47.                 "UPDATE users SET is_banned = ? WHERE uuid = ?",
    48. 

  48.                 [flag, userid]
    49. 

  49.             )
    50. 

  50.             if (!r || r.affectedRows !== 1)
    51. 

  51.                 return res.json({ ...BaseStdResponse.MISSING_FILE, msg: "未找到用户或更新失败" })
    52. 

  52. 

  53.             if (flag === 1)
    54. 

  54.                 await AccessControl.invalidateSession(userid)
    55. 

  55. 

  56.             return res.json({
    57. 

  57.                 ...BaseStdResponse.OK,
    58. 

  58.                 msg: flag === 1 ? "已封禁该用户" : "已解除封禁"
    59. 

  59.             })
    60. 

  60.         } catch (err) {
    61. 

  61.             this.logger.error(`设置用户封禁状态失败: ${err.message || err}`)
    62. 

  62.             return res.json({ ...BaseStdResponse.ERR, msg: "操作失败,请稍后再试" })
    63. 

  63.         } finally {
    64. 

  64.             if (conn?.connection && typeof conn.connection.release === "function" && typeof conn?.release === "function") {
    65. 

  65.                 conn.release()
    66. 

  66.             }
    67. 

  67.         }
    68. 

  68.     }
    69. 

  69. }
    70. 

  70. 

  71. module.exports.SetUserBan = SetUserBan
    72.