Double_X_Attendance/apis/Admin/GetUserList.js

const API = require("../../lib/API");
const { BaseStdResponse } = require("../../BaseStdResponse");
const db = require("../../plugin/DataBase/db");
const AccessControl = require("../../lib/AccessControl");

class GetUserList extends API {
    constructor() {
        super();

        this.setPath('/Admin/User');
        this.setMethod('GET');
    }

    async onRequest(req, res) {
        let {
            uuid,
            session
        } = req.query;

        if (!uuid || !session) {
            res.json({
                ...BaseStdResponse.MISSING_PARAMETER,
                endpoint: 1513123
            });
            return;
        }

        //检查session
        if (!await AccessControl.checkSession(uuid, session)) {
            res.json({
                ...BaseStdResponse.ACCESS_DENIED,
                endpoint: 4815312
            });
            return;
        }

        //确认操作人权限
        let permission = await AccessControl.getPermission(uuid);

        if (!permission.includes("admin")) {
            res.json({
                ...BaseStdResponse.PERMISSION_DENIED,
                endpoint: 4815456,
            });
            return;
        }

        let sql = `SELECT id, uuid, username, wxid, avatar, admin, manage FROM users`;
        let result = await db.query(sql);

        if (!result) {
            res.json({
                ...BaseStdResponse.ERR,
                endpoint: 132456,
            });
            return;
        }

        res.json({
            ...BaseStdResponse.OK,
            data: result,
        });
    }
}

module.exports.GetUserList = GetUserList;