人员信息获取保护

3 years ago · c61874771a
6 changed files with 64 additions and 63 deletions
--- a/api/app/lib/controllers/alarm/data.js
+++ b/api/app/lib/controllers/alarm/data.js
@ -2,12 +2,24 @@
 async function list (ctx) {
   try {
-      const models = ctx.fs.dc.models;
+      const { models } = ctx.fs.dc;
      const { clickHouse } = ctx.app.fs
      const { utils: { judgeSuper, anxinStrucRange } } = ctx.app.fs
      const { database: anxinyun } = clickHouse.anxinyun.opts.config
      const isSuper = judgeSuper(ctx)
      let anxinStrucIds = null
      if (!isSuper) {
         anxinStrucIds = await anxinStrucRange(ctx)
      }
      const alarmRes = await clickHouse.dataAlarm.query(`
-         SELECT * FROM alarms
+         SELECT 
-      `)
+            AlarmId, SourceName, name
         FROM 
            alarms 
         LEFT JOIN ${anxinyun}.t_structure 
         ON ${anxinyun}.t_structure.id = alarms.StructureId
      `).toPromise();
      ctx.status = 200;
      ctx.body = []
--- a/api/app/lib/controllers/organization/index.js
+++ b/api/app/lib/controllers/organization/index.js
@ -218,13 +218,13 @@ async function user (ctx) {
      for (let u of userRes.rows.concat(adminRes)) {
         const corUsers = userPepRes.filter(up => up.id == u.pepUserId)
-         u.dataValues.name = corUsers[0].name
+         u.dataValues.name = corUsers.length ? corUsers[0].name : ''
-         u.dataValues.departments = corUsers.map(cu => {
+         u.dataValues.departments = corUsers.length ? corUsers.map(cu => {
            return {
               name: cu.depName,
               id: cu.depId
            }
-         })
+         }) : []
      }
      ctx.status = 200
--- a/api/app/lib/controllers/project/bind.js
+++ b/api/app/lib/controllers/project/bind.js
@ -166,7 +166,7 @@ async function del (ctx) {
      ctx.status = 204;
   } catch (error) {
-      ctx.fs.logger.error(`path: ${ctx.path}, error: error`);
+      ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`);
      ctx.status = 400;
      ctx.body = {
         message: typeof error == 'string' ? error : undefined
--- a/api/app/lib/middlewares/authenticator.js
+++ b/api/app/lib/middlewares/authenticator.js
@ -80,13 +80,13 @@ let authorizeToken = async function (ctx, token) {
               where: {
                  pepUserId: userInfo.id
               }
-            })
+            }) || {}
            rslt = {
               'authorized': userInfo.authorized,
               'resources': (userInfo || {}).resources || [],
            };
            ctx.fs.api.userId = pomsUser.id;
-            ctx.fs.api.userInfo = pomsUser;
+            ctx.fs.api.userInfo = pomsUser.dataValues;
            ctx.fs.api.pepUserId = userInfo.id;
            ctx.fs.api.pepUserInfo = userInfo;
            ctx.fs.api.token = token;
--- a/api/app/lib/utils/dataRange.js
+++ b/api/app/lib/utils/dataRange.js
@ -0,0 +1,43 @@
 'use strict';
 const fs = require('fs');
 const moment = require('moment')
 module.exports = function (app, opts) {
   function judgeSuper (ctx) {
      try {
         const { userInfo = {} } = ctx.fs.api || {};
         const { role = [] } = userInfo
         return role.includes('SuperAdmin')
      } catch (error) {
         ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`);
      }
   }
   async function anxinStrucRange (ctx) {
      try {
         const { models } = ctx.fs.dc;
         const { userInfo = {} } = ctx.fs.api || {};
         const { correlationProject = [] } = userInfo
         const bindRes = await models.ProjectCorrelation.findAll({
            where: {
               pepProjectId: { $in: correlationProject }
            }
         })
         return bindRes.reduce((arr, b) => {
            for (let sid of b.anxinProjectId) {
               arr.add(sid);
            }
            return arr;
         }, new Set())
      } catch (error) {
         ctx.fs.logger.error(`path: ${ctx.path}, error: ${error}`);
      }
   }
   return {
      judgeSuper,
      anxinStrucRange
   }
 }
--- a/api/app/lib/utils/oauth2.js
+++ b/api/app/lib/utils/oauth2.js
@ -1,54 +0,0 @@
 const fs = require('fs');
 module.exports = function (app, opts) {
    async function oauthParseAuthHeader (auth) {
        if (!auth) {
            throw new Error('参数无效: 未包含Authorization头');
        }
        const authSplit = auth.split('Basic');
        if (authSplit.length != 2) {
            throw new Error('参数无效: Authorization头格式无效，请检查是否包含了"Basic "');
        }
        const authCode = authSplit[1];
        const apikey = Buffer.from(authCode, 'base64').toString();
        const keySplit = apikey.split(':');
        if (keySplit.length != 2) {
            throw new Error('参数无效：请检查Authorization头内容是否经过正确Base64编码');
        }
        return keySplit;
    }
    async function oauthParseBody (body, type) {
        let checked = true, token = '';
        if (type == 'apply' && body['grant_type'] != 'client_credentials') {
            checked = false;
        } else if (type == 'refresh') {
            if (body['grant_type'] != 'refresh_token' || body['token'] == null) {
                checked = false;
            } else {
                token = body['token'];
            }
        } else if (type == 'invalidate') {
            if (body['token'] == null) {
                checked = false;
            } else {
                token = body['token'];
            }
        }
        if (!checked) {
            throw new Error('参数无效：请求正文中未包含正确的信息');
        }
        return token;
    }
    return {
        oauthParseAuthHeader,
        oauthParseBody
    }
 }