feat: user roles (#852)

* [WIP] feat: user roles * update * update * admin handler * update * feat: user-specific connection secret * simplify some logics * cleanup * update waf * update user api error handling * update waf api * fix codeql * update waf table * fix several problems * add pagination for waf api * update permission checks * switch to runtime check * 1 * cover? * some changes
2026-02-04 04:30:05 +00:00 · 2024-12-22 00:05:41 +08:00
parent 50ee62172f
commit 653d0cf2e9
35 changed files with 841 additions and 180 deletions
--- a/model/alertrule.go
+++ b/model/alertrule.go
@@ -62,10 +62,15 @@ func (r *AlertRule) Enabled() bool {
 }

 // Snapshot 对传入的Server进行该报警规则下所有type的检查 返回每项检查结果
-func (r *AlertRule) Snapshot(cycleTransferStats *CycleTransferStats, server *Server, db *gorm.DB) []bool {
-	point := make([]bool, 0, len(r.Rules))
-	for _, rule := range r.Rules {
-		point = append(point, rule.Snapshot(cycleTransferStats, server, db))
+func (r *AlertRule) Snapshot(cycleTransferStats *CycleTransferStats, server *Server, db *gorm.DB, role uint8) []bool {
+	point := make([]bool, len(r.Rules))
+
+	if r.UserID != server.UserID && role != RoleAdmin {
+		return point
+	}
+
+	for i, rule := range r.Rules {
+		point[i] = rule.Snapshot(cycleTransferStats, server, db)
 	}
 	return point
 }