Skip to content

Commit

Permalink
feat(system): add debug token & file token; fix debug & file feat;
Browse files Browse the repository at this point in the history
  • Loading branch information
maslow committed Sep 4, 2021
1 parent 2b52907 commit d6eea7a
Show file tree
Hide file tree
Showing 6 changed files with 82 additions and 64 deletions.
4 changes: 2 additions & 2 deletions packages/system-client/src/api/func.js
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ export function publishFunctions() {
export async function launchFunction(functionName, data, debug = false) {
const appid = store.state.app.appid
const res = await axios({
url: `/app-api/${appid}/func/invoke/${functionName}`,
url: process.env.VUE_APP_BASE_API_APP + `/${appid}/func/invoke/${functionName}`,
method: 'post',
data: data,
headers: {
Expand All @@ -114,7 +114,7 @@ export async function launchFunction(functionName, data, debug = false) {
export async function loadPackageTypings(packageName) {
const appid = store.state.app.appid
const res = await axios({
url: `/app-api/${appid}/typing/package?packageName=${packageName}`,
url: process.env.VUE_APP_BASE_API_APP + `/${appid}/typing/package?packageName=${packageName}`,
method: 'GET'
})

Expand Down
24 changes: 23 additions & 1 deletion packages/system-client/src/store/modules/app.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,26 @@ const state = {
*/
application: null,
appid: null,

/**
* 用户在当前应用的角色
*/
roles: [],

/**
* 用户对当前应用的权限
*/
permissions: []
permissions: [],

/**
* The token of debugging cloud function
*/
debug_token: null,

/**
* The token of file uploading and downloading
*/
file_token: null
}

const mutations = {
Expand All @@ -28,11 +40,19 @@ const mutations = {
SET_APP_PERMISSIONS: (state, payload) => {
state.permissions = payload || []
},
SET_DEBUG_TOKEN: (state, payload) => {
state.debug_token = payload || []
},
SET_FILE_TOKEN: (state, payload) => {
state.file_token = payload || []
},
CLEAR_STATE: (state) => {
state.application = null
state.appid = null
state.roles = []
state.permissions = []
state.debug_token = null
state.file_token = null
}
}

Expand All @@ -46,6 +66,8 @@ const actions = {
commit('SET_APPLICATION', res.data?.application)
commit('SET_APP_ROLES', res.data?.roles)
commit('SET_APP_PERMISSIONS', res.data?.permissions)
commit('SET_DEBUG_TOKEN', res.data?.debug_token)
commit('SET_FILE_TOKEN', res.data?.file_token)
},
clearStates({ commit }) {
commit('CLEAR_STATE')
Expand Down
33 changes: 0 additions & 33 deletions packages/system-client/src/utils/auth.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ export function getToken() {

if (!expire || expire <= Date.now() / 1000) {
removeToken()
removeDebugToken()
}

return token
Expand All @@ -23,35 +22,3 @@ export function removeToken() {
localStorage.removeItem(kExpire)
return localStorage.removeItem(kToken)
}

/**
* 获取调试云函数的 token
*/
export function getDebugToken() {
const token = localStorage.getItem('debug_token')
return token
}

export function setDebugToken(token) {
return localStorage.setItem('debug_token', token)
}

export function removeDebugToken() {
return localStorage.removeItem('debug_token')
}

/**
* 获取文件上传下载的 token
*/
export function getFileToken() {
const token = localStorage.getItem('file_token')
return token
}

export function setFileToken(token) {
return localStorage.setItem('file_token', token)
}

export function removeFileToken() {
return localStorage.removeItem('file_token')
}
11 changes: 6 additions & 5 deletions packages/system-client/src/views/database/files.vue
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,6 @@
import Pagination from '@/components/Pagination' // secondary package based on el-pagination
import * as fs from '@/api/file'
import { assert } from '@/utils/assert'
import { getFileToken } from '@/utils/auth'
export default {
name: 'BucketsListPage',
Expand Down Expand Up @@ -207,20 +206,22 @@ export default {
// 拼装文件下载 URL
getFileUrl(file) {
assert(file && file.filename, 'invalid file or filename')
const base_url = process.env.VUE_APP_BASE_API_APP + '/file'
const appid = this.$store.state.app.appid
const base_url = process.env.VUE_APP_BASE_API_APP + `/${appid}/file`
const file_url = `${base_url}/${this.bucket}/${file.filename}`
if (this.bucket === 'public') {
return file_url
}
const token = getFileToken()
const token = this.$store.state.app.file_token
return file_url + `?token=${token}`
},
// 拼装文件上传地址
getUploadUrl() {
assert(this.bucket, 'empty bucket name got')
const base_url = process.env.VUE_APP_BASE_API_APP + '/file'
const appid = this.$store.state.app.appid
const base_url = process.env.VUE_APP_BASE_API_APP + `/${appid}/file`
const file_url = `${base_url}/upload/${this.bucket}`
const token = getFileToken()
const token = this.$store.state.app.file_token
return file_url + `?token=${token}`
},
getContentType(row) {
Expand Down
3 changes: 1 addition & 2 deletions packages/system-client/src/views/development/function.vue
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,6 @@ import jsonEditor from '@/components/JsonEditor/param'
import { db } from '../../api/cloud'
import { getFunctionById, launchFunction } from '../../api/func'
import { publishFunctions } from '../../api/func'
import { getDebugToken } from '../../utils/auth'
import { Constants } from '../../api/constants'
const defaultParamValue = {
Expand Down Expand Up @@ -258,7 +257,7 @@ export default {
* 运行函数代码
*/
async launch() {
const debug_token = getDebugToken()
const debug_token = this.$store.state.app.debug_token
// await this.updateFunc(false)
if (this.loading) {
return
Expand Down
71 changes: 50 additions & 21 deletions packages/system-server/src/router/application/get.ts
Original file line number Diff line number Diff line change
@@ -1,14 +1,18 @@
/*
* @Author: Maslow<wangfugen@126.com>
* @Date: 2021-08-30 15:22:34
* @LastEditTime: 2021-09-03 20:21:48
* @LastEditTime: 2021-09-05 00:45:55
* @Description:
*/

import { Request, Response } from 'express'
import { getApplicationByAppid, getMyApplications, getMyJoinedApplications } from '../../api/application'
import { ApplicationStruct, getApplicationByAppid, getMyApplications, getMyJoinedApplications } from '../../api/application'
import { getPermissionsOfRoles } from '../../api/permission'
import { Constants } from '../../constants'
import { getToken } from '../../utils/token'
import Config from '../../config'

const { FUNCTION_DEBUG, FILE_ADD } = Constants.permissions

/**
* The handler of getting my applications(created & joined)
Expand Down Expand Up @@ -45,34 +49,59 @@ export async function handleGetApplicationByAppid(req: Request, res: Response) {
if (!app)
return res.status(422).send('invalid appid')

app.config = undefined
// return directly if the author here
if (app.created_by === uid) {
const roles = [Constants.roles.owner.name]
const permissions = getPermissionsOfRoles(roles)
return res.send({
data: {
application: app,
permissions,
roles
}
})
}

// reject if not the collaborator
const [found] = app.collaborators.filter(co => co.uid === uid)
if (!found) {
// get user roles of the application
const roles = getUserRolesOfApplication(uid, app)
if (!roles.length) {
return res.status(403).send()
}

const roles = found.roles
// get user permissions of the application
const permissions = getPermissionsOfRoles(roles)

// generate token of debugging cloud function
const exp = Math.floor(Date.now() / 1000) + 60 * 60 * Config.TOKEN_EXPIRED_TIME
let debug_token = undefined
if (permissions.includes(FUNCTION_DEBUG.name)) {
debug_token = getToken({ appid, type: 'debug', exp }, app.config.server_secret_salt)
}

// generate token of file uploading & downloading
let file_token = undefined
if (permissions.includes(FILE_ADD.name)) {
const payload = {
exp, appid, bucket: '*', ops: ['create', 'read']
}
file_token = getToken(payload, app.config.server_secret_salt)
}

app.config = undefined
return res.send({
data: {
application: app,
permissions,
roles
roles,
debug_token,
file_token
}
})
}

/**
* Get user's roles of an application
* @param uid
* @param app
* @returns
*/
function getUserRolesOfApplication(uid: string, app: ApplicationStruct) {
if (app.created_by === uid) {
return [Constants.roles.owner.name]
}

// reject if not the collaborator
const [found] = app.collaborators.filter(co => co.uid === uid)
if (!found) {
return []
}

return found.roles
}

0 comments on commit d6eea7a

Please sign in to comment.