修改:未开启权限验证情况下的消息推送bug
This commit is contained in:
10
app.ini
10
app.ini
@@ -6,13 +6,13 @@ file=zhub.log
|
|||||||
[service]
|
[service]
|
||||||
watch=0.0.0.0:711
|
watch=0.0.0.0:711
|
||||||
addr=0.0.0.0:1216
|
addr=0.0.0.0:1216
|
||||||
auth=1
|
auth=0
|
||||||
|
|
||||||
[data]
|
[data]
|
||||||
dir=./data
|
dir=./data
|
||||||
|
|
||||||
[ztimer]
|
[ztimer]
|
||||||
db.addr=127.0.0.1:3306
|
# db.addr=127.0.0.1:3306
|
||||||
db.user=root
|
# db.user=root
|
||||||
db.password=123456
|
# db.password=123456
|
||||||
db.database=zhub
|
# db.database=zhub
|
||||||
|
|||||||
13
auth.yml
13
auth.yml
@@ -36,8 +36,10 @@ groups:
|
|||||||
description: Group 1
|
description: Group 1
|
||||||
reads:
|
reads:
|
||||||
- ^zcore:* # "zcore:" 开头的订阅
|
- ^zcore:* # "zcore:" 开头的订阅
|
||||||
|
- rpc-t
|
||||||
writes:
|
writes:
|
||||||
- ^zcore:* # "zcore:" 开头的发送
|
- ^zcore:* # "zcore:" 开头的发送
|
||||||
|
- rpc-t
|
||||||
|
|
||||||
- name: zcore
|
- name: zcore
|
||||||
description: Group 2
|
description: Group 2
|
||||||
@@ -59,15 +61,16 @@ tokens:
|
|||||||
|
|
||||||
# 公开频道设置
|
# 公开频道设置
|
||||||
channels:
|
channels:
|
||||||
- name: "-"
|
|
||||||
description: "无效占位符"
|
|
||||||
public: true
|
|
||||||
|
|
||||||
- name: "lock"
|
- name: "lock"
|
||||||
description: "分布式锁通知频道"
|
description: "分布式锁通知频道"
|
||||||
public: true
|
public: true
|
||||||
|
- name: "trylock"
|
||||||
|
description: "分布式锁通知频道"
|
||||||
|
public: true
|
||||||
- name: "app_local"
|
- name: "app_local"
|
||||||
description: "本地appname"
|
description: "本地appname"
|
||||||
public: true
|
public: true
|
||||||
|
- name: "DEV-LOCAL"
|
||||||
|
description: "本地appname"
|
||||||
|
public: true
|
||||||
# ---------------------------------------------
|
# ---------------------------------------------
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
"zhub/internal/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
type User struct {
|
type User struct {
|
||||||
@@ -63,6 +64,12 @@ type PermissionManager struct {
|
|||||||
func (p *PermissionManager) Init() error {
|
func (p *PermissionManager) Init() error {
|
||||||
p.lock.Lock()
|
p.lock.Lock()
|
||||||
defer p.lock.Unlock()
|
defer p.lock.Unlock()
|
||||||
|
|
||||||
|
Conf := config.ReadConfig()
|
||||||
|
if !Conf.Service.Auth {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
// Load YAML configuration from file
|
// Load YAML configuration from file
|
||||||
data, err := os.ReadFile("./auth.yml")
|
data, err := os.ReadFile("./auth.yml")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@@ -79,7 +79,7 @@ func messageHandler(v Message) {
|
|||||||
// auth check
|
// auth check
|
||||||
switch cmd {
|
switch cmd {
|
||||||
case "publish", "broadcast", "delay", "rpc":
|
case "publish", "broadcast", "delay", "rpc":
|
||||||
if !AuthManager.AuthCheck(c.user, rcmd[1], "w") {
|
if Conf.Service.Auth && !AuthManager.AuthCheck(c.user, rcmd[1], "w") {
|
||||||
c.send("-Error: Insufficient permissions to send " + cmd + " [" + rcmd[1] + "] message.")
|
c.send("-Error: Insufficient permissions to send " + cmd + " [" + rcmd[1] + "] message.")
|
||||||
log.Printf("[%d] -Auth: %s [%s]\n", c.sn, cmd, rcmd[1])
|
log.Printf("[%d] -Auth: %s [%s]\n", c.sn, cmd, rcmd[1])
|
||||||
if cmd == "rpc" {
|
if cmd == "rpc" {
|
||||||
@@ -174,7 +174,7 @@ func messageHandler(v Message) {
|
|||||||
// subscribe x y z
|
// subscribe x y z
|
||||||
for _, topic := range rcmd[1:] {
|
for _, topic := range rcmd[1:] {
|
||||||
// auth check
|
// auth check
|
||||||
if !AuthManager.AuthCheck(c.user, rcmd[1], "r") {
|
if Conf.Service.Auth && !AuthManager.AuthCheck(c.user, rcmd[1], "r") {
|
||||||
c.send("-Error: Insufficient permissions to " + cmd + " [" + rcmd[1] + "] message.")
|
c.send("-Error: Insufficient permissions to " + cmd + " [" + rcmd[1] + "] message.")
|
||||||
log.Printf("-Auth: %s [%s]\n", cmd, rcmd[1])
|
log.Printf("-Auth: %s [%s]\n", cmd, rcmd[1])
|
||||||
continue
|
continue
|
||||||
|
|||||||
@@ -156,6 +156,12 @@ func (s *ZBus) timer(rcmd []string, c *ZConn) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (s *ZBus) ReloadTimer() {
|
func (s *ZBus) ReloadTimer() {
|
||||||
|
// 未配置 ztimer 数据库返回
|
||||||
|
if Conf.Ztimer.Db.Addr == "" {
|
||||||
|
log.Println("No found ztimer config in app.ini")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@tcp(%s)/%s?charset=utf8",
|
db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@tcp(%s)/%s?charset=utf8",
|
||||||
Conf.Ztimer.Db.User,
|
Conf.Ztimer.Db.User,
|
||||||
Conf.Ztimer.Db.Password,
|
Conf.Ztimer.Db.Password,
|
||||||
|
|||||||
27
pkg.bat
27
pkg.bat
@@ -1,6 +1,27 @@
|
|||||||
SET GOOS=linux
|
|
||||||
SET GOARCH=amd64
|
@echo off
|
||||||
|
|
||||||
|
rem 删除历史编译文件
|
||||||
|
del zhub.sh zhub.exe zhub
|
||||||
|
|
||||||
|
rem Linux
|
||||||
|
set GOOS=linux
|
||||||
|
set GOARCH=amd64
|
||||||
go build -o zhub.sh -ldflags "-s -w"
|
go build -o zhub.sh -ldflags "-s -w"
|
||||||
upx -9 zhub.sh
|
upx -9 zhub.sh
|
||||||
|
|
||||||
rem scp zhub.sh dev:/opt/zhub
|
rem Windows
|
||||||
|
set GOOS=windows
|
||||||
|
set GOARCH=amd64
|
||||||
|
go build -o zhub.exe -ldflags "-s -w"
|
||||||
|
upx -9 zhub.exe
|
||||||
|
|
||||||
|
rem Mac
|
||||||
|
set GOOS=darwin
|
||||||
|
set GOARCH=amd64
|
||||||
|
go build -o zhub -ldflags "-s -w"
|
||||||
|
upx -9 zhub
|
||||||
|
|
||||||
|
move /Y zhub.sh ./tmp/zhub/
|
||||||
|
move /Y zhub.exe ./tmp/zhub/
|
||||||
|
move /Y zhub ./tmp/zhub/
|
||||||
|
|||||||
Reference in New Issue
Block a user