feat: user roles (#852)

* [WIP] feat: user roles * update * update * admin handler * update * feat: user-specific connection secret * simplify some logics * cleanup * update waf * update user api error handling * update waf api * fix codeql * update waf table * fix several problems * add pagination for waf api * update permission checks * switch to runtime check * 1 * cover? * some changes
2026-03-22 11:01:52 +00:00 · 2024-12-22 00:05:41 +08:00
parent 50ee62172f
commit 653d0cf2e9
35 changed files with 841 additions and 180 deletions
--- a/cmd/dashboard/controller/user.go
+++ b/cmd/dashboard/controller/user.go
@@ -114,6 +114,7 @@ func createUser(c *gin.Context) (uint64, error) {

 	var u model.User
 	u.Username = uf.Username
+	u.Role = model.RoleMember

 	hash, err := bcrypt.GenerateFromPassword([]byte(uf.Password), bcrypt.DefaultCost)
 	if err != nil {
@@ -125,6 +126,7 @@ func createUser(c *gin.Context) (uint64, error) {
 		return 0, err
 	}

+	singleton.OnUserUpdate(&u)
 	return u.ID, nil
 }

@@ -149,5 +151,6 @@ func batchDeleteUser(c *gin.Context) (any, error) {
 		return nil, singleton.Localizer.ErrorT("can't delete yourself")
 	}

-	return nil, singleton.DB.Where("id IN (?)", ids).Delete(&model.User{}).Error
+	err := singleton.OnUserDelete(ids, newGormError)
+	return nil, err
 }