feat: access control owner

2023-11-22 23:25:06 +08:00 · 2023-11-22 23:25:06 +08:00 · f9bc24c358
commit f9bc24c358
parent 8619858f05
1 changed files with 20 additions and 0 deletions
--- a/access-control-template/actemplate/IODAC.yjs
+++ b/access-control-template/actemplate/IODAC.yjs
@ -28,6 +28,9 @@ module DOAuth {
    @ArgSchema({
        "doId" : "string", "publicKey" : "string", "info": "string"
    })
+    @Access({
+        "ACFunction":"acceptOwner"
+    })
    export function addAuthedUser(arg) {
    //把requester和 arg.doId放到accessInfo里即可。
        addDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
@ -55,10 +58,21 @@ module DOAuth {
        } else print("acceptJudgement, requester:" + argPack.requester + "true!!");
    }

+    function acceptOwner(argPack) {
+        if (argPack.requester !== Global.owner) {
+            YancloudUtil.exceptionReturn({
+                "code" : 401, "msg" : "no permission: " + argPack.action
+            });
+        }
+    }
+
    @Description("针对某一DO，删除用户的访问权限")
    @ArgSchema({
        "doId" : "string", "publicKey" : "string"
    })
+    @Access({
+        "ACFunction":"acceptOwner"
+    })
    export function deleteAuthedUser(arg) {
        deleteDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
        return {
@ -70,6 +84,9 @@ module DOAuth {
    @ArgSchema({
        "doId" : "string", "publicKey" : "string", "info" : "string"
    })
+    @Access({
+        "ACFunction":"acceptOwner"
+    })
    export function addAuthedNode(arg) {
        addDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
        if(arg.info != null) {
@ -85,6 +102,9 @@ module DOAuth {
    @ArgSchema({
        "doId" : "string", "publicKey" : "string"
    })
+    @Access({
+        "ACFunction":"acceptOwner"
+    })
    export function deleteAuthedNode(arg) {
        deleteDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
        return {