修改:未开启权限验证情况下的消息推送bug
This commit is contained in:
10
app.ini
10
app.ini
@@ -6,13 +6,13 @@ file=zhub.log
|
||||
[service]
|
||||
watch=0.0.0.0:711
|
||||
addr=0.0.0.0:1216
|
||||
auth=1
|
||||
auth=0
|
||||
|
||||
[data]
|
||||
dir=./data
|
||||
|
||||
[ztimer]
|
||||
db.addr=127.0.0.1:3306
|
||||
db.user=root
|
||||
db.password=123456
|
||||
db.database=zhub
|
||||
# db.addr=127.0.0.1:3306
|
||||
# db.user=root
|
||||
# db.password=123456
|
||||
# db.database=zhub
|
||||
|
||||
13
auth.yml
13
auth.yml
@@ -36,8 +36,10 @@ groups:
|
||||
description: Group 1
|
||||
reads:
|
||||
- ^zcore:* # "zcore:" 开头的订阅
|
||||
- rpc-t
|
||||
writes:
|
||||
- ^zcore:* # "zcore:" 开头的发送
|
||||
- rpc-t
|
||||
|
||||
- name: zcore
|
||||
description: Group 2
|
||||
@@ -59,15 +61,16 @@ tokens:
|
||||
|
||||
# 公开频道设置
|
||||
channels:
|
||||
- name: "-"
|
||||
description: "无效占位符"
|
||||
public: true
|
||||
|
||||
- name: "lock"
|
||||
description: "分布式锁通知频道"
|
||||
public: true
|
||||
|
||||
- name: "trylock"
|
||||
description: "分布式锁通知频道"
|
||||
public: true
|
||||
- name: "app_local"
|
||||
description: "本地appname"
|
||||
public: true
|
||||
- name: "DEV-LOCAL"
|
||||
description: "本地appname"
|
||||
public: true
|
||||
# ---------------------------------------------
|
||||
|
||||
@@ -8,6 +8,7 @@ import (
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
"zhub/internal/config"
|
||||
)
|
||||
|
||||
type User struct {
|
||||
@@ -63,6 +64,12 @@ type PermissionManager struct {
|
||||
func (p *PermissionManager) Init() error {
|
||||
p.lock.Lock()
|
||||
defer p.lock.Unlock()
|
||||
|
||||
Conf := config.ReadConfig()
|
||||
if !Conf.Service.Auth {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Load YAML configuration from file
|
||||
data, err := os.ReadFile("./auth.yml")
|
||||
if err != nil {
|
||||
|
||||
@@ -79,7 +79,7 @@ func messageHandler(v Message) {
|
||||
// auth check
|
||||
switch cmd {
|
||||
case "publish", "broadcast", "delay", "rpc":
|
||||
if !AuthManager.AuthCheck(c.user, rcmd[1], "w") {
|
||||
if Conf.Service.Auth && !AuthManager.AuthCheck(c.user, rcmd[1], "w") {
|
||||
c.send("-Error: Insufficient permissions to send " + cmd + " [" + rcmd[1] + "] message.")
|
||||
log.Printf("[%d] -Auth: %s [%s]\n", c.sn, cmd, rcmd[1])
|
||||
if cmd == "rpc" {
|
||||
@@ -174,7 +174,7 @@ func messageHandler(v Message) {
|
||||
// subscribe x y z
|
||||
for _, topic := range rcmd[1:] {
|
||||
// auth check
|
||||
if !AuthManager.AuthCheck(c.user, rcmd[1], "r") {
|
||||
if Conf.Service.Auth && !AuthManager.AuthCheck(c.user, rcmd[1], "r") {
|
||||
c.send("-Error: Insufficient permissions to " + cmd + " [" + rcmd[1] + "] message.")
|
||||
log.Printf("-Auth: %s [%s]\n", cmd, rcmd[1])
|
||||
continue
|
||||
|
||||
@@ -156,6 +156,12 @@ func (s *ZBus) timer(rcmd []string, c *ZConn) {
|
||||
}
|
||||
|
||||
func (s *ZBus) ReloadTimer() {
|
||||
// 未配置 ztimer 数据库返回
|
||||
if Conf.Ztimer.Db.Addr == "" {
|
||||
log.Println("No found ztimer config in app.ini")
|
||||
return
|
||||
}
|
||||
|
||||
db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@tcp(%s)/%s?charset=utf8",
|
||||
Conf.Ztimer.Db.User,
|
||||
Conf.Ztimer.Db.Password,
|
||||
|
||||
27
pkg.bat
27
pkg.bat
@@ -1,6 +1,27 @@
|
||||
SET GOOS=linux
|
||||
SET GOARCH=amd64
|
||||
|
||||
@echo off
|
||||
|
||||
rem 删除历史编译文件
|
||||
del zhub.sh zhub.exe zhub
|
||||
|
||||
rem Linux
|
||||
set GOOS=linux
|
||||
set GOARCH=amd64
|
||||
go build -o zhub.sh -ldflags "-s -w"
|
||||
upx -9 zhub.sh
|
||||
|
||||
rem scp zhub.sh dev:/opt/zhub
|
||||
rem Windows
|
||||
set GOOS=windows
|
||||
set GOARCH=amd64
|
||||
go build -o zhub.exe -ldflags "-s -w"
|
||||
upx -9 zhub.exe
|
||||
|
||||
rem Mac
|
||||
set GOOS=darwin
|
||||
set GOARCH=amd64
|
||||
go build -o zhub -ldflags "-s -w"
|
||||
upx -9 zhub
|
||||
|
||||
move /Y zhub.sh ./tmp/zhub/
|
||||
move /Y zhub.exe ./tmp/zhub/
|
||||
move /Y zhub ./tmp/zhub/
|
||||
|
||||
Reference in New Issue
Block a user