| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- const API = require("../../../lib/API")
- const AccessControl = require("../../../lib/AccessControl")
- const db = require("../../../plugin/DataBase/db")
- const { BaseStdResponse } = require("../../../BaseStdResponse")
- class GetUserPermissions extends API {
- constructor() {
- super()
- this.setPath("/Admin/Permission/User")
- this.setMethod("GET")
- this.setPermissionCode("action.user.permissionManage")
- }
- async onRequest(req, res) {
- const { userid } = req.query
- if ([userid].some(value => value === "" || value === null || value === undefined))
- return res.json({ ...BaseStdResponse.MISSING_PARAMETER })
- const rows = await db.query(
- "SELECT uuid, username, permission FROM users WHERE uuid = ? LIMIT 1",
- [userid]
- )
- if (!rows || rows.length !== 1)
- return res.json({ ...BaseStdResponse.MISSING_FILE, msg: "未找到用户" })
- const directPermissionCodes = await AccessControl.getUserDirectPermissionCodes(userid)
- const deniedBasicPermissionCodes = await AccessControl.getUserDeniedBasicPermissionCodes(userid)
- const effectivePermissionCodes = await AccessControl.getUserPermissionCodes(userid)
- return res.json({
- ...BaseStdResponse.OK,
- data: {
- user: {
- uuid: rows[0].uuid,
- username: rows[0].username,
- roles: AccessControl.parseArray(rows[0].permission)
- },
- directPermissionCodes,
- deniedBasicPermissionCodes,
- effectivePermissionCodes
- }
- })
- }
- }
- module.exports.GetUserPermissions = GetUserPermissions
|
