feat: access control owner

This commit is contained in:
Xuxin Wang 2023-11-22 23:25:06 +08:00
parent 8619858f05
commit f9bc24c358

View File

@ -28,6 +28,9 @@ module DOAuth {
@ArgSchema({ @ArgSchema({
"doId" : "string", "publicKey" : "string", "info": "string" "doId" : "string", "publicKey" : "string", "info": "string"
}) })
@Access({
"ACFunction":"acceptOwner"
})
export function addAuthedUser(arg) { export function addAuthedUser(arg) {
//把requester和 arg.doId放到accessInfo里即可。 //把requester和 arg.doId放到accessInfo里即可。
addDBSetItem(Global.accessInfo, arg.doId, arg.publicKey); addDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
@ -55,10 +58,21 @@ module DOAuth {
} else print("acceptJudgement, requester:" + argPack.requester + "true!!"); } else print("acceptJudgement, requester:" + argPack.requester + "true!!");
} }
function acceptOwner(argPack) {
if (argPack.requester !== Global.owner) {
YancloudUtil.exceptionReturn({
"code" : 401, "msg" : "no permission: " + argPack.action
});
}
}
@Description("针对某一DO删除用户的访问权限") @Description("针对某一DO删除用户的访问权限")
@ArgSchema({ @ArgSchema({
"doId" : "string", "publicKey" : "string" "doId" : "string", "publicKey" : "string"
}) })
@Access({
"ACFunction":"acceptOwner"
})
export function deleteAuthedUser(arg) { export function deleteAuthedUser(arg) {
deleteDBSetItem(Global.accessInfo, arg.doId, arg.publicKey); deleteDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
return { return {
@ -70,6 +84,9 @@ module DOAuth {
@ArgSchema({ @ArgSchema({
"doId" : "string", "publicKey" : "string", "info" : "string" "doId" : "string", "publicKey" : "string", "info" : "string"
}) })
@Access({
"ACFunction":"acceptOwner"
})
export function addAuthedNode(arg) { export function addAuthedNode(arg) {
addDBSetItem(Global.accessInfo, arg.doId, arg.publicKey); addDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
if(arg.info != null) { if(arg.info != null) {
@ -85,6 +102,9 @@ module DOAuth {
@ArgSchema({ @ArgSchema({
"doId" : "string", "publicKey" : "string" "doId" : "string", "publicKey" : "string"
}) })
@Access({
"ACFunction":"acceptOwner"
})
export function deleteAuthedNode(arg) { export function deleteAuthedNode(arg) {
deleteDBSetItem(Global.accessInfo, arg.doId, arg.publicKey); deleteDBSetItem(Global.accessInfo, arg.doId, arg.publicKey);
return { return {