Merge branch 'dev' of Pchen0/Double_X_Attendance into master

apis/ClockIn/DeleteAttendanceItem.js

@@ -53,7 +53,7 @@ class DeleteAttendanceItem extends API {
 
         // 检查用户权限
         let permission = await AccessControl.getPermission(uuid);
-        if (item.createUser !== uuid && !permission.includes('admin') && !projectData.admin.includes(uuid)) {
+        if (projectData.createUser !== uuid && !permission.includes('admin') && !projectData.admin.includes(uuid)) {
             return res.json({
                 ...BaseStdResponse.PERMISSION_DENIED,
                 endpoint: 481454,

apis/User/UserInfo/ChangeUsername.js

@@ -0,0 +1,79 @@
+const API = require("../../../lib/API");
+const db = require("../../../plugin/DataBase/db");
+const { BaseStdResponse } = require("../../../BaseStdResponse");
+const AccessControl = require("../../../lib/AccessControl");
+
+class ChangeUsername extends API {
+    constructor() {
+        super();
+
+        this.setMethod("POST");
+        this.setPath("/User/ChangeUsername");
+    }
+
+    checkUsername(username) {
+        const regex = /^[\u4e00-\u9fa5A-Za-z0-9]{2,8}$/;
+        return regex.test(username);
+    }
+
+    async onRequest(req, res) {
+        let { uuid, session, username } = req.body;
+
+        if ([uuid, session, username].some(value => value === '' || value === null || value === undefined)) {
+            return res.json({
+                ...BaseStdResponse.MISSING_PARAMETER,
+                endpoint: 1513126
+            });
+        }
+
+        if (!this.checkUsername(username))
+            return res.json({
+                ...BaseStdResponse.ERR,
+                msg: '用户名需在2到8位之间，且只能含有英文字母和汉字'
+            })
+
+        // 检查 session 是否有效
+        if (!await AccessControl.checkSession(uuid, session)) {
+            return res.json({
+                ...BaseStdResponse.ACCESS_DENIED,
+                endpoint: 48153145
+            });
+        }
+
+        let sql = 'SELECT username FROM users WHERE username = ?';
+        let UserRows = await db.query(sql, [username]);
+        if (UserRows.length > 0)
+            return res.json({
+                ...BaseStdResponse.USER_ALREADY_EXISTS,
+                msg: '该用户名已被占用！'
+            })
+
+        sql = 'UPDATE users SET username = ? WHERE uuid = ?';
+        let result = await db.query(sql, [username, uuid]);
+
+        if (result && result.affectedRows > 0) {
+            sql = 'SELECT wxid, avatar, email FROM users WHERE uuid = ?';
+            let rows = await db.query(sql, [uuid]);
+            if(!rows || rows.length === 0)
+                return res.json({
+                    ...BaseStdResponse.DATABASE_ERR
+                })
+
+            res.json({
+                ...BaseStdResponse.OK,
+                data: {
+                    uuid,
+                    username: username,
+                    wxid: rows[0].wxid,
+                    email: rows[0].email,
+                    avatar: rows[0].avatar,
+                    session
+                }
+            });
+        } else {
+            res.json({ ...BaseStdResponse.ERR, endpoint: 7894378, msg: '操作失败！' });
+        }
+    }
+}
+
+module.exports.ChangeUsername = ChangeUsername;