From f39e20d7a7185e44f7bbd9df06ab5f95cbce50da Mon Sep 17 00:00:00 2001 From: MaysWind Date: Wed, 21 Jun 2023 23:57:04 +0800 Subject: [PATCH] support setting user disabled --- cmd/user_data.go | 66 +++++++++++++++++++++++++++++++++++++++ pkg/api/authorizations.go | 5 +++ pkg/cli/user_data.go | 34 ++++++++++++++++++++ pkg/errs/user.go | 1 + pkg/models/user.go | 1 + pkg/services/users.go | 46 +++++++++++++++++++++++++++ src/locales/en.js | 1 + src/locales/zh_Hans.js | 1 + 8 files changed, 155 insertions(+) diff --git a/cmd/user_data.go b/cmd/user_data.go index 610e1ae1..6432cc77 100644 --- a/cmd/user_data.go +++ b/cmd/user_data.go @@ -86,6 +86,32 @@ var UserData = &cli.Command{ }, }, }, + { + Name: "user-enable", + Usage: "Enable specified user", + Action: enableUser, + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: "username", + Aliases: []string{"n"}, + Required: true, + Usage: "Specific user name", + }, + }, + }, + { + Name: "user-disable", + Usage: "Disable specified user", + Action: disableUser, + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: "username", + Aliases: []string{"n"}, + Required: true, + Usage: "Specific user name", + }, + }, + }, { Name: "user-delete", Usage: "Delete specified user", @@ -239,6 +265,46 @@ func modifyUserPassword(c *cli.Context) error { return nil } +func enableUser(c *cli.Context) error { + _, err := initializeSystem(c) + + if err != nil { + return err + } + + username := c.String("username") + err = clis.UserData.EnableUser(c, username) + + if err != nil { + log.BootErrorf("[user_data.enableUser] error occurs when setting user enabled") + return err + } + + log.BootInfof("[user_data.enableUser] user \"%s\" has been set enabled", username) + + return nil +} + +func disableUser(c *cli.Context) error { + _, err := initializeSystem(c) + + if err != nil { + return err + } + + username := c.String("username") + err = clis.UserData.DisableUser(c, username) + + if err != nil { + log.BootErrorf("[user_data.disableUser] error occurs when setting user disabled") + return err + } + + log.BootInfof("[user_data.disableUser] user \"%s\" has been set disabled", username) + + return nil +} + func deleteUser(c *cli.Context) error { _, err := initializeSystem(c) diff --git a/pkg/api/authorizations.go b/pkg/api/authorizations.go index 33147cfe..f75a8df6 100644 --- a/pkg/api/authorizations.go +++ b/pkg/api/authorizations.go @@ -43,6 +43,11 @@ func (a *AuthorizationsApi) AuthorizeHandler(c *core.Context) (interface{}, *err return nil, errs.ErrLoginNameOrPasswordWrong } + if user.Disabled { + log.WarnfWithRequestId(c, "[authorizations.AuthorizeHandler] login failed for user \"%s\", because user is disabled", credential.LoginName) + return nil, errs.ErrUserIsDisabled + } + err = a.users.UpdateUserLastLoginTime(user.Uid) if err != nil { diff --git a/pkg/cli/user_data.go b/pkg/cli/user_data.go index f6023c8b..0e1a12ec 100644 --- a/pkg/cli/user_data.go +++ b/pkg/cli/user_data.go @@ -161,6 +161,40 @@ func (l *UserDataCli) ModifyUserPassword(c *cli.Context, username string, passwo return nil } +// EnableUser sets user enabled according to the specified user name +func (l *UserDataCli) EnableUser(c *cli.Context, username string) error { + if username == "" { + log.BootErrorf("[user_data.EnableUser] user name is empty") + return errs.ErrUsernameIsEmpty + } + + err := l.users.EnableUser(username) + + if err != nil { + log.BootErrorf("[user_data.EnableUser] failed to set user enabled by user name \"%s\", because %s", username, err.Error()) + return err + } + + return nil +} + +// DisableUser sets user disabled according to the specified user name +func (l *UserDataCli) DisableUser(c *cli.Context, username string) error { + if username == "" { + log.BootErrorf("[user_data.DisableUser] user name is empty") + return errs.ErrUsernameIsEmpty + } + + err := l.users.DisableUser(username) + + if err != nil { + log.BootErrorf("[user_data.DisableUser] failed to set user disabled by user name \"%s\", because %s", username, err.Error()) + return err + } + + return nil +} + // DeleteUser deletes user according to the specified user name func (l *UserDataCli) DeleteUser(c *cli.Context, username string) error { if username == "" { diff --git a/pkg/errs/user.go b/pkg/errs/user.go index 698461c7..54159b7c 100644 --- a/pkg/errs/user.go +++ b/pkg/errs/user.go @@ -22,4 +22,5 @@ var ( ErrUserEmailAlreadyExists = NewNormalError(NormalSubcategoryUser, 13, http.StatusBadRequest, "email already exists") ErrUserRegistrationNotAllowed = NewNormalError(NormalSubcategoryUser, 14, http.StatusBadRequest, "user registration not allowed") ErrUserDefaultAccountIsInvalid = NewNormalError(NormalSubcategoryUser, 15, http.StatusBadRequest, "user default account is invalid") + ErrUserIsDisabled = NewNormalError(NormalSubcategoryUser, 16, http.StatusBadRequest, "user is disabled") ) diff --git a/pkg/models/user.go b/pkg/models/user.go index 91c653c7..32f9541e 100644 --- a/pkg/models/user.go +++ b/pkg/models/user.go @@ -63,6 +63,7 @@ type User struct { ShortDateFormat ShortDateFormat `xorm:"TINYINT"` LongTimeFormat LongTimeFormat `xorm:"TINYINT"` ShortTimeFormat ShortTimeFormat `xorm:"TINYINT"` + Disabled bool `xorm:"NOT NULL"` Deleted bool `xorm:"NOT NULL"` EmailVerified bool `xorm:"NOT NULL"` CreatedUnixTime int64 diff --git a/pkg/services/users.go b/pkg/services/users.go index c22a735e..a3b0a257 100644 --- a/pkg/services/users.go +++ b/pkg/services/users.go @@ -256,6 +256,52 @@ func (s *UserService) UpdateUserLastLoginTime(uid int64) error { }) } +// EnableUser sets user enabled +func (s *UserService) EnableUser(username string) error { + if username == "" { + return errs.ErrUsernameIsEmpty + } + + now := time.Now().Unix() + + updateModel := &models.User{ + Disabled: false, + UpdatedUnixTime: now, + } + + updatedRows, err := s.UserDB().Cols("disabled", "updated_unix_time").Where("username=? AND deleted=?", username, false).Update(updateModel) + + if err != nil { + return err + } else if updatedRows < 1 { + return errs.ErrUserNotFound + } + return nil +} + +// DisableUser sets user disabled +func (s *UserService) DisableUser(username string) error { + if username == "" { + return errs.ErrUsernameIsEmpty + } + + now := time.Now().Unix() + + updateModel := &models.User{ + Disabled: true, + UpdatedUnixTime: now, + } + + updatedRows, err := s.UserDB().Cols("disabled", "updated_unix_time").Where("username=? AND deleted=?", username, false).Update(updateModel) + + if err != nil { + return err + } else if updatedRows < 1 { + return errs.ErrUserNotFound + } + return nil +} + // DeleteUser deletes an existed user from database func (s *UserService) DeleteUser(username string) error { if username == "" { diff --git a/src/locales/en.js b/src/locales/en.js index 2b5208e1..101f5c5f 100644 --- a/src/locales/en.js +++ b/src/locales/en.js @@ -577,6 +577,7 @@ export default { 'login name is invalid': 'Login name is invalid', 'login name or password is invalid': 'Login name or password is invalid', 'login name or password is wrong': 'Login name or password is wrong', + 'user is disabled': 'User is disabled', 'unauthorized access': 'Unauthorized access', 'current token is invalid': 'Current token is invalid', 'current token is expired': 'Current token is expired', diff --git a/src/locales/zh_Hans.js b/src/locales/zh_Hans.js index 1e4ebcf9..fc444c56 100644 --- a/src/locales/zh_Hans.js +++ b/src/locales/zh_Hans.js @@ -577,6 +577,7 @@ export default { 'login name is invalid': '登录名无效', 'login name or password is invalid': '登录名或密码无效', 'login name or password is wrong': '登录名或密码错误', + 'user is disabled': '用户已禁用', 'unauthorized access': '未授权的登录', 'current token is invalid': '当前认证令牌无效', 'current token is expired': '当前认证令牌已过期',