Home Explore 引导页 在线工具 Blog
Register Sign In
Pchen0
/
Double_X_Attendance
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
Double_X_Attend...
/
apis
/
Admin
/
SetPermission.js

SetPermission.js 1.7 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. const API = require("../../lib/API");
    2. 

  2. const { BaseStdResponse } = require("../../BaseStdResponse");
    3. 

  3. const db = require("../../plugin/DataBase/db");
    4. 

  4. const AccessControl = require("../../lib/AccessControl");
    5. 

  5. 

  6. class SetPermission extends API {
    7. 

  7.     constructor() {
    8. 

  8.         super();
    9. 

  9. 

  10.         this.setPath('/Admin/SetPermission');
    11. 

  11.         this.setMethod('POST');
    12. 

  12.     }
    13. 

  13. 

  14.     async onRequest(req, res) {
    15. 

  15.         let {
    16. 

  16.             uuid,
    17. 

  17.             session,
    18. 

  18.             userid,
    19. 

  19.             manage
    20. 

  20.         } = req.body;
    21. 

  21. 

  22.         if ([uuid, session, userid, manage].some(value => value === '' || value === null || value === undefined)) {
    23. 

  23.             res.json({
    24. 

  24.                 ...BaseStdResponse.MISSING_PARAMETER,
    25. 

  25.                 endpoint: 151456
    26. 

  26.             });
    27. 

  27.             return;
    28. 

  28.         }
    29. 

  29. 

  30.         //检查session
    31. 

  31.         if (!await AccessControl.checkSession(uuid, session)) {
    32. 

  32.             res.json({
    33. 

  33.                 ...BaseStdResponse.ACCESS_DENIED,
    34. 

  34.                 endpoint: 485367
    35. 

  35.             });
    36. 

  36.             return;
    37. 

  37.         }
    38. 

  38. 

  39.         //确认操作人权限
    40. 

  40.         let permission = await AccessControl.getPermission(uuid);
    41. 

  41.         if (!permission.includes("admin")) {
    42. 

  42.             res.json({
    43. 

  43.                 ...BaseStdResponse.PERMISSION_DENIED,
    44. 

  44.                 endpoint: 4815478,
    45. 

  45.             });
    46. 

  46.             return;
    47. 

  47.         }
    48. 

  48. 

  49.         let sql = `UPDATE users SET manage = ? WHERE id = ?`;
    50. 

  50.         let result = await db.query(sql, [manage, userid]);
    51. 

  51. 

  52.         if (!result || result.affectedRows !== 1) {
    53. 

  53.             res.json({
    54. 

  54.                 ...BaseStdResponse.DATABASE_ERR,
    55. 

  55.                 endpoint: 5135135
    56. 

  56.             });
    57. 

  57.             return;
    58. 

  58.         }
    59. 

  59. 

  60.         res.json({
    61. 

  61.             ...BaseStdResponse.OK
    62. 

  62.         });
    63. 

  63.     }
    64. 

  64. }
    65. 

  65. 

  66. module.exports.SetPermission = SetPermission;
    67.