const API = require("../../lib/API"); const { BaseStdResponse } = require("../../BaseStdResponse"); const db = require("../../plugin/DataBase/db"); const AccessControl = require("../../lib/AccessControl"); class GetUserList extends API { constructor() { super(); this.setPath('/Admin/User'); this.setMethod('GET'); } async onRequest(req, res) { let { uuid, session } = req.query; if (!uuid || !session) { res.json({ ...BaseStdResponse.MISSING_PARAMETER, endpoint: 1513123 }); return; } //检查session if (!await AccessControl.checkSession(uuid, session)) { res.json({ ...BaseStdResponse.ACCESS_DENIED, endpoint: 4815312 }); return; } //确认操作人权限 let permission = await AccessControl.getPermission(uuid); if (!permission.includes("admin")) { res.json({ ...BaseStdResponse.PERMISSION_DENIED, endpoint: 4815456, }); return; } let sql = `SELECT id, uuid, username, wxid, avatar, admin, manage FROM users`; let result = await db.query(sql); if (!result) { res.json({ ...BaseStdResponse.ERR, endpoint: 132456, }); return; } res.json({ ...BaseStdResponse.OK, data: result, }); } } module.exports.GetUserList = GetUserList;