x/ContextOS
1
0
Fork 1
mirror of https://shylinux.com/x/ContextOS synced 2025-04-25 16:58:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

opt web.session

Browse Source
This commit is contained in:
shaoying 2019-01-15 09:11:28 +08:00
parent 36dec6ca32
commit 5a0ac5646e
7 changed files with 205 additions and 161 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/init.shy
View File

@ -1,9 +1,9 @@
~ssh
remote listen :9090
~aaa
user root shy shy
role tech componet index command source
user tech shy shy
~web
serve
~aaa
user root shy shy

192
src/contexts/aaa/aaa.go
View File

@ -531,6 +531,11 @@ var Index = &ctx.Context{Name: "aaa", Help: "认证中心",
case 1:
m.Auto("username", "username", "查看用户")
m.Auto("userrole", "userrole", "查看角色")
m.Auto("bench", "bench", "查看空间")
m.Auto("ip", "ip", "查看设备")
m.Cmd("aaa.auth", arg[0], "ship", "username").Table(func(node map[string]string) {
m.Auto(node["meta"], node["type"], node["create_time"])
})
}
return true
},
@ -543,108 +548,131 @@ var Index = &ctx.Context{Name: "aaa", Help: "认证中心",
case 2:
switch arg[1] {
case "username":
m.Cmd("aaa.auth", arg[0], "ship", "username").CopyTo(m, "append").Table()
case "username", "ip", "bench":
m.Cmd("aaa.auth", arg[0], "ship", arg[1]).CopyTo(m, "append").Table()
case "userrole":
for _, user := range m.Cmd("aaa.auth", arg[0], "ship", "username").Meta["meta"] {
msg := m.Cmd("aaa.user", user)
for _, role := range msg.Meta["meta"] {
m.Log("fuck", "what %v", user)
m.Add("append", "username", user)
m.Add("append", "userrole", role)
}
}
m.Cmd("aaa.auth", arg[0], "ship", "username").Table(func(user map[string]string) {
m.Cmd("aaa.user", user).Table(func(role map[string]string) {
m.Add("append", "username", user["meta"])
m.Add("append", "userrole", role["meta"])
})
})
m.Table()
default:
m.Cmd("aaa.auth", arg[0], "ship", "username", arg[1], "userrole").CopyTo(m, "append").Table()
}
case 3:
m.Cmdy("aaa.auth", "ship", "session", arg[0], arg[1], arg[2])
case 4:
if arg[0] == "create" {
m.Cmdy("aaa.auth", "ship", "session", arg[1], arg[2], arg[3])
break
}
m.Cmdy("aaa.auth", arg[0], "ship", "username", arg[1], arg[2], arg[3])
}
return
}},
"work": &ctx.Command{Name: "work [sessid create|select]|[benchid] [right [userrole [componet name [command name [argument name]]]]]", Help: "工作任务", Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) (e error) {
if len(arg) == 0 {
m.Cmdy("aaa.auth", "ship", "bench")
return
}
"work": &ctx.Command{Name: "work [sessid create|select]|[benchid] [right [userrole [componet name [command name [argument name]]]]]", Help: "工作任务",
Auto: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) (goon bool) {
switch len(arg) {
case 0:
Auto(m, "ship", "bench")
Auto(m, "ship", "session")
default:
switch m.Conf("auth", []string{arg[0], "type"}) {
case "session":
if len(arg) == 1 {
m.Auto("create", "create", "创建空间")
m.Auto("select", "select", "查找空间")
} else {
bid := ""
switch m.Conf("auth", []string{arg[0], "type"}) {
case "session":
if len(arg) == 1 {
m.Confm("auth", []string{arg[0], "ship"}, func(key string, ship map[string]interface{}) {
m.Add("append", "key", key)
m.Add("append", "type", ship["type"])
m.Add("append", "meta", ship["meta"])
m.Add("append", "create_time", ship["create_time"])
})
m.Table()
return
}
switch arg[1] {
case "create":
bid, arg = m.Cmdx("aaa.auth", arg[0], "ship", "bench", arg[2]), arg[3:]
m.Cmd("aaa.auth", bid, "data", "name", "web")
defer func() { m.Set("result").Echo(bid) }()
case "select":
m.Cmd("aaa.auth", arg[0], "ship", "bench").Table(func(maps map[string]string, list []string, line int) bool {
if strings.Contains(maps["meta"], arg[2]) || strings.HasPrefix(maps["key"], arg[2]) || strings.HasSuffix(maps["key"], arg[2]) {
bid = maps["key"]
return false
}
return true
})
arg = arg[3:]
case "delete":
case "bench":
if len(arg) == 1 {
m.Auto("delete", "delete", "删除空间")
m.Auto("rename", "rename", "命名空间")
m.Auto("right", "right [username [componet [command]]]", "权限检查")
} else {
}
default:
m.Auto("invalid id")
}
}
case "bench":
bid, arg = arg[0], arg[1:]
default:
return
}
if len(arg) == 0 {
m.Echo(bid)
return
}
switch arg[0] {
case "delete":
m.Cmd("aaa.auth", bid, "delete", "node")
case "rename":
m.Cmd("aaa.auth", bid, "data", "name", arg[1])
case "right":
if arg[1] == "root" {
m.Echo("true")
return true
},
Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) (e error) {
if len(arg) == 0 {
m.Cmdy("aaa.auth", "ship", "bench")
return
}
if len(arg) >= 6 {
if m.Cmds("aaa.auth", bid, "ship", "check", arg[5]) {
m.Echo("true")
} else if cid := m.Cmdx("aaa.auth", bid, "ship", "userrole", arg[1], "componet", arg[3], "check", arg[5]); kit.Right(cid) {
m.Cmd("aaa.auth", bid, cid)
m.Echo("true")
bid := ""
switch m.Conf("auth", []string{arg[0], "type"}) {
case "session":
if len(arg) == 1 {
m.Confm("auth", []string{arg[0], "ship"}, func(key string, ship map[string]interface{}) {
m.Add("append", "key", key)
m.Add("append", "type", ship["type"])
m.Add("append", "meta", ship["meta"])
m.Add("append", "create_time", ship["create_time"])
})
m.Table()
return
}
} else if len(arg) >= 4 {
if m.Cmds("aaa.auth", bid, "ship", "check", arg[3]) {
m.Echo("true")
} else if cid := m.Cmdx("aaa.auth", bid, "ship", "userrole", arg[1], "check", arg[3]); kit.Right(cid) {
m.Cmd("aaa.auth", bid, cid)
m.Echo("true")
switch arg[1] {
case "create":
bid, arg = m.Cmdx("aaa.auth", arg[0], "ship", "bench", arg[2]), arg[3:]
m.Cmd("aaa.auth", bid, "data", "name", "web")
defer func() { m.Set("result").Echo(bid) }()
case "select":
m.Cmd("aaa.auth", arg[0], "ship", "bench").Table(func(node map[string]string) {
if strings.Contains(node["meta"], arg[2]) || strings.HasPrefix(node["key"], arg[2]) || strings.HasSuffix(node["key"], arg[2]) {
bid = node["key"]
}
})
arg = arg[3:]
}
case "bench":
bid, arg = arg[0], arg[1:]
default:
return
}
default:
m.Cmdx("aaa.auth", bid, "data", arg)
}
return
}},
if len(arg) == 0 {
m.Echo(bid)
return
}
switch arg[0] {
case "delete":
m.Cmd("aaa.auth", bid, "delete", "node")
case "rename":
m.Cmd("aaa.auth", bid, "data", "name", arg[1])
case "right":
m.Cmd("aaa.auth", "ship", "username", arg[1], "userrole").Table(func(node map[string]string) {
if node["meta"] == "root" {
m.Echo("true")
} else if len(arg) >= 4 {
if m.Cmds("aaa.auth", bid, "ship", "check", arg[3]) {
m.Echo("true")
} else if cid := m.Cmdx("aaa.auth", "ship", "userrole", node["meta"], "componet", arg[2], "check", arg[3]); kit.Right(cid) {
m.Cmd("aaa.auth", bid, cid)
m.Echo("true")
}
} else if len(arg) >= 3 {
if m.Cmds("aaa.auth", bid, "ship", "check", arg[2]) {
m.Echo("true")
} else if cid := m.Cmdx("aaa.auth", "ship", "userrole", node["meta"], "check", arg[2]); kit.Right(cid) {
m.Cmd("aaa.auth", bid, cid)
m.Echo("true")
}
}
})
default:
m.Cmdx("aaa.auth", bid, arg)
}
return
}},
"login": &ctx.Command{Name: "login [sessid]|[username password]",
Form: map[string]int{"ip": 1, "openid": 1, "cert": 1, "pub": 1, "key": 1},

11
src/contexts/ctx/ctx_init.go
View File

@ -529,11 +529,14 @@ var Index = &Context{Name: "ctx", Help: "模块中心", Server: &CTX{},
switch action {
case "cmd":
if m.Options("sso_bench") && m.Options("sso_username") &&
!m.Cmds("aaa.work", m.Option("sso_bench"), "right", m.Option("sso_username"), "componet", "source", "command", arg[0]) {
m.Log("fuck", "what %v", m.Option("bench"))
m.Log("fuck", "what %v", m.Option("username"))
m.Log("info", "sso check %v: %v failure", m.Option("sso_componet"), m.Option("sso_command"))
m.Echo("error: ").Echo("no right [%s: %s %s]", m.Option("sso_componet"), m.Option("sso_command"), arg[0])
if m.Options("bench") && m.Options("username") &&
!m.Cmds("aaa.work", m.Option("bench"), "right", m.Option("username"), "source", arg[0]) {
m.Log("info", "check %v: %v failure", m.Option("componet"), arg[0])
m.Echo("error: ").Echo("no right [%s: %s]", m.Option("componet"), arg[0])
break
}

19
src/contexts/ctx/ctx_type.go
View File

@ -840,11 +840,26 @@ func (m *Message) Appendv(key string, arg ...interface{}) interface{} {
}
return nil
}
func (m *Message) Table(cbs ...func(maps map[string]string, list []string, line int) (goon bool)) *Message {
func (m *Message) Table(cbs ...interface{}) *Message {
if len(m.Meta["append"]) == 0 {
return m
}
if len(cbs) > 0 {
switch cb := cbs[0].(type) {
case func(map[string]string):
nrow := len(m.Meta[m.Meta["append"][0]])
line := map[string]string{}
for i := 0; i < nrow; i++ {
for _, k := range m.Meta["append"] {
line[k] = m.Meta[k][i]
}
cb(line)
}
return m
}
}
//计算列宽
depth, width := 0, map[string]int{}
for _, k := range m.Meta["append"] {
@ -862,7 +877,7 @@ func (m *Message) Table(cbs ...func(maps map[string]string, list []string, line
space := m.Confx("table_space")
var cb func(maps map[string]string, list []string, line int) (goon bool)
if len(cbs) > 0 {
cb = cbs[0]
cb = cbs[0].(func(maps map[string]string, list []string, line int) (goon bool))
} else {
row := m.Confx("table_row_sep")
col := m.Confx("table_col_sep")

4
src/contexts/log/log.go
View File

@ -138,6 +138,10 @@ var Index = &ctx.Context{Name: "log", Help: "日志中心",
"cli": map[string]interface{}{
"cmd": map[string]interface{}{"value": map[string]interface{}{"file": "debug.log", "meta": []interface{}{"time", "ship"}, "color_begin": "\033[31m", "color_end": "\033[0m"}},
},
"aaa": map[string]interface{}{
// "auth": map[string]interface{}{"value": map[string]interface{}{"file": "debug.log", "meta": []interface{}{"time", "ship"}, "color_begin": "\033[31m", "color_end": "\033[0m"}},
// "hash": map[string]interface{}{"value": map[string]interface{}{"file": "debug.log", "meta": []interface{}{"time", "ship"}, "color_begin": "\033[31m", "color_end": "\033[0m"}},
},
},
}, Help: "日志输出配置"},
},

1
src/contexts/nfs/nfs.go
View File

@ -1061,6 +1061,7 @@ var Index = &ctx.Context{Name: "nfs", Help: "存储中心",
},
Commands: map[string]*ctx.Command{
"pwd": &ctx.Command{Name: "pwd [all] | [[index] path] ", Help: "工作目录all: 查看所有, index path: 设置路径, path: 设置当前路径", Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) (e error) {
m.Log("fuck", "what %v", m.Format("stack", "chain"))
if len(arg) > 0 && arg[0] == "all" {
m.Cmdy("nfs.config", "paths")
return

135
src/contexts/web/web.go
View File

@ -19,6 +19,7 @@ import (
"runtime"
"strings"
"time"
"toolkit"
)
type MUX interface {
@ -132,8 +133,8 @@ func Merge(m *ctx.Message, uri string, arg ...string) string {
}
func (web *WEB) Login(msg *ctx.Message, w http.ResponseWriter, r *http.Request) bool {
if msg.Confs("cas_url") {
if !cas.IsAuthenticated(r) && !msg.Confs("skip_cas") {
if msg.Confs("cas_url") && !msg.Confs("skip_cas") {
if !cas.IsAuthenticated(r) {
r.URL, _ = r.URL.Parse(r.Header.Get("index_url"))
cas.RedirectToLogin(w, r)
return false
@ -146,28 +147,21 @@ func (web *WEB) Login(msg *ctx.Message, w http.ResponseWriter, r *http.Request)
}
if msg.Options("ticket") {
msg.Option("uuid", msg.Option(msg.Conf("cas_uuid")))
msg.Option("username", cas.Username(r))
if lark := msg.Find("web.chat.lark"); lark != nil {
msg.Option("username", lark.Cmdx("user", msg.Option("email"), "id"))
}
msg.Option("uuid", msg.Option(msg.Conf("cas_uuid")))
msg.Option("sessid", msg.Spawn().Cmd("session", "uuid").Result(0))
uri, _ := r.URL.Parse(r.Header.Get("index_url"))
redirect := uri.Path
if b := uri.Query().Get("bench"); b != "" {
redirect += "?bench=" + b
}
http.Redirect(w, r, redirect, http.StatusTemporaryRedirect)
http.SetCookie(w, &http.Cookie{Name: "sessid", Value: msg.Cmdx("web.session", "login", "uuid"), Path: "/"})
http.Redirect(w, r, merge(msg, r.Header.Get("index_url"), "ticket", ""), http.StatusTemporaryRedirect)
return false
}
} else if msg.Options("username") && msg.Options("password") {
if sessid := msg.Spawn().Cmd("session", "password").Result(0); sessid != "" {
msg.Option("sessid", sessid)
msg.Option("password", "")
if sessid := msg.Cmd("web.session", "login", "password").Result(0); sessid != "" {
http.SetCookie(w, &http.Cookie{Name: "sessid", Value: msg.Option("sessid", sessid), Path: "/"})
} else {
w.WriteHeader(http.StatusUnauthorized)
msg.Option("username", "")
}
return false
}
@ -401,7 +395,7 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
"cert": &ctx.Config{Name: "cert", Value: "etc/cert.pem", Help: "证书"},
"key": &ctx.Config{Name: "key", Value: "etc/key.pem", Help: "密钥"},
"login_right": &ctx.Config{Name: "login_right", Value: "1", Help: "登录认证"},
"login_check": &ctx.Config{Name: "login_check", Value: "1", Help: "登录认证"},
"sess_void": &ctx.Config{Name: "sess_void", Value: "0", Help: "匿名会话"},
"cas_url": &ctx.Config{Name: "cas_url", Value: "", Help: "单点登录"},
"cas_uuid": &ctx.Config{Name: "cas_uuid", Value: "email", Help: "单点登录"},
@ -973,28 +967,45 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
}
return
}},
"session": &ctx.Command{Name: "session [secrete]", Help: "用户登录", Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) (e error) {
sessid := m.Option("sessid")
if sessid == "" || !m.Cmds("aaa.sess", sessid) {
if !m.Confs("sess_void") && !m.Options("username") {
return
}
// 创建会话
sessid = m.Cmdx("aaa.sess", "create", "web", "ip", m.Option("remote_ip"))
http.SetCookie(m.Optionv("response").(http.ResponseWriter), &http.Cookie{Name: "sessid", Value: sessid, Path: "/"})
}
if len(arg) > 0 { // 用户认证
if m.Options("username") && m.Options(arg[0]) && m.Cmds("aaa.sess", sessid, m.Option("username"), arg[0], m.Option(arg[0])) {
m.Echo(sessid)
}
"session": &ctx.Command{Name: "session [login secrete] bench [check [componet [command]]]", Help: "用户登录", Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) (e error) {
if len(arg) == 0 {
return
}
// 用户角色
m.Cmd("aaa.sess", m.Option("sessid"), "userrole").CopyTo(m, "append")
m.Log("info", "username: %v userrole: %v", m.Meta["username"], m.Meta["userrole"])
username := m.Option("username")
sessid := m.Option("sessid")
switch arg[0] {
case "login":
if len(arg) == 1 {
m.Echo(m.Cmd("aaa.sess", sessid, "username").Append("meta"))
break
}
if username == "" || !m.Options(arg[1]) {
break
}
if sessid == "" || !m.Cmds("aaa.sess", sessid) {
sessid = m.Cmdx("aaa.sess", "web", "ip", m.Option("remote_ip"))
}
if m.Cmds("aaa.sess", sessid, m.Option("username"), arg[1], m.Option(arg[1])) {
m.Echo(sessid)
}
case "bench":
if len(arg) == 1 {
bench := m.Option("bench")
if bench == "" || !m.Cmds("aaa.work", bench) { // 创建空间
bench = m.Cmdx("aaa.work", sessid, "create", "web")
}
m.Echo(bench)
break
}
m.Cmd("aaa.work", arg[1:])
case "check":
m.Echo(m.Cmdx("aaa.work", arg[1], "right", arg[2:]))
}
return
}},
"bench": &ctx.Command{Name: "bench", Help: "任务列表", Form: map[string]int{"view": 1}, Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) (e error) {
@ -1119,35 +1130,24 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
tmpl.ParseGlob(path.Join(m.Conf("template_dir"), m.Conf("template_sub"), "/*.tmpl"))
}
// 响应模板
group, order, right := m.Option("componet_group", m.Confx("componet_group")), m.Option("componet_name"), m.Options("right", !m.Confs("componet", "login"))
if m.Confs("login_check") {
if m.Option("username", m.Cmdx("web.session", "login")) == "" { // 没有登录
m.Set("option", "componet_group", "login").Set("option", "componet_name", "").Set("option", "bench", "")
// 会话检查
if right || m.Options("right", !m.Confs("login_right")) {
m.Log("info", "no limit") // 禁用权限
} else if userrole := m.Option("userrole", m.Cmd("web.session").Append("userrole")); userrole == "" { // 用户登录
m.Log("info", "no user")
group, order, right = m.Option("componet_group", "login"), m.Option("componet_name", ""), m.Options("right", true)
if m.Options("bench") && !m.Cmds("aaa.work", m.Option("bench")) {
m.Log("info", "no work")
m.Append("redirect", merge(m, m.Option("index_url"), "bench", ""))
} else if bench := m.Cmdx("web.session", "bench"); bench == "" { // 没有空间
m.Set("option", "componet_group", "login").Set("option", "componet_name", "").Set("option", "bench", "")
} else if !m.Cmds("web.session", "check", bench, m.Option("username"), m.Confx("componet_group")) { // 没有权限
m.Set("option", "componet_group", "login").Set("option", "componet_name", "").Set("option", "bench", "")
} else if bench != m.Option("bench") { // 没有匹配
m.Append("redirect", merge(m, m.Option("index_url"), "bench", bench))
return
}
} else if group == "login" { // 登录成功
m.Log("info", "no login")
return
} else if !m.Options("bench") || !m.Cmds("aaa.work", m.Option("bench")) { // 创建空间
m.Append("redirect", merge(m, m.Option("index_url"), "bench", m.Cmdx("aaa.work", m.Option("sessid"), "create", "web")))
return
} else if !m.Options("right", m.Cmds("aaa.work", m.Option("bench"), "right", m.Option("userrole"), "componet", m.Option("componet_group"))) { // 没有权限
group, order = m.Option("componet_group", "login"), m.Option("componet_name", "")
} else { //n访问成功
m.Cmd("aaa.auth", m.Option("bench"), "data", "access_time", m.Time())
// m.Optionv("session", m.Confv("auth", []string{m.Option("sessid")}))
// m.Optionv("bench_data", m.Confv("auth", []string{m.Option("bench"), "data"}))
}
m.Log("info", "json: %v group: %v order: %v userrole: %v right: %v", accept_json, group, order, m.Option("userrole"), m.Option("right"))
// 响应模板
group, order := m.Option("componet_group", m.Confx("componet_group")), m.Option("componet_name")
for _, v := range m.Confv("componet", group).([]interface{}) {
val := v.(map[string]interface{})
@ -1175,7 +1175,7 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
}
// 权限检查
if m.Options("bench") && !m.Cmds("aaa.work", m.Option("bench"), "right", m.Option("userrole"), "componet", m.Option("componet_group"), "command", args[0]) {
if m.Options("bench") && !m.Cmds("web.session", "check", m.Option("bench"), m.Option("username"), m.Option("componet_group"), args[0]) {
continue
}
@ -1206,20 +1206,13 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
}
// 执行命令
if pre_run, _ := val["pre_run"].(bool); pre_run || order != "" {
msg.Option("sso_bench", m.Option("bench"))
msg.Option("sso_username", m.Option("username"))
msg.Cmd(args)
if m.Options("bench") {
name_alias := "action." + msg.Option("componet_name")
if msg.Options("componet_name_alias") {
name_alias = "action." + msg.Option("componet_name_alias")
}
if order != "" || kit.Right(val["pre_run"]) {
if msg.Cmd(args); m.Options("bench") {
name_alias := "action." + kit.Select(msg.Option("componet_name"), msg.Option("componet_name_alias"))
msg.Put("option", name_alias, map[string]interface{}{
"action_time": msg.Time(), "order": m.Option("componet_name_order"), "cmd": args,
}).Cmd("aaa.auth", m.Option("bench"), "data", "option", name_alias, "modify_time", msg.Time())
"cmd": args, "order": m.Option("componet_name_order"), "action_time": msg.Time(),
}).Cmd("web.session", "bench", m.Option("bench"), "data", "option", name_alias, "modify_time", msg.Time())
}
}
} else {