feat: user roles (#852)

* [WIP] feat: user roles * update * update * admin handler * update * feat: user-specific connection secret * simplify some logics * cleanup * update waf * update user api error handling * update waf api * fix codeql * update waf table * fix several problems * add pagination for waf api * update permission checks * switch to runtime check * 1 * cover? * some changes
2026-02-04 12:40:07 +00:00 · 2024-12-22 00:05:41 +08:00
parent 50ee62172f
commit 653d0cf2e9
35 changed files with 841 additions and 180 deletions
--- a/model/user.go
+++ b/model/user.go
@@ -1,9 +1,41 @@
 package model

+import (
+	"github.com/nezhahq/nezha/pkg/utils"
+	"gorm.io/gorm"
+)
+
+const (
+	RoleAdmin uint8 = iota
+	RoleMember
+)
+
 type User struct {
 	Common
-	Username string `json:"username,omitempty" gorm:"uniqueIndex"`
-	Password string `json:"password,omitempty" gorm:"type:char(72)"`
+	Username    string `json:"username,omitempty" gorm:"uniqueIndex"`
+	Password    string `json:"password,omitempty" gorm:"type:char(72)"`
+	Role        uint8  `json:"role,omitempty"`
+	AgentSecret string `json:"agent_secret,omitempty" gorm:"type:char(32)"`
+}
+
+type UserInfo struct {
+	Role        uint8
+	_           [3]byte
+	AgentSecret string
+}
+
+func (u *User) BeforeSave(tx *gorm.DB) error {
+	if u.AgentSecret != "" {
+		return nil
+	}
+
+	key, err := utils.GenerateRandomString(32)
+	if err != nil {
+		return err
+	}
+
+	u.AgentSecret = key
+	return nil
 }

 type Profile struct {