mirror of
https://github.com/SECTL/SecScore.git
synced 2026-07-19 19:04:23 +08:00
统一修复 sender_id 为空时权限误判导致的管理员操作被拒绝
This commit is contained in:
@@ -61,7 +61,7 @@ pub async fn auth_login(
|
||||
sender_id: Option<u32>,
|
||||
state: State<'_, Arc<RwLock<AppState>>>,
|
||||
) -> Result<IpcResponse<LoginResponse>, String> {
|
||||
let sender = sender_id.ok_or("Invalid sender")?;
|
||||
let sender = sender_id.unwrap_or(0);
|
||||
|
||||
let iv_hex = get_iv_hex();
|
||||
|
||||
@@ -122,7 +122,7 @@ pub async fn auth_set_passwords(
|
||||
sender_id: Option<u32>,
|
||||
state: State<'_, Arc<RwLock<AppState>>>,
|
||||
) -> Result<IpcResponse<SetPasswordsResponse>, String> {
|
||||
let sender = sender_id.ok_or("Invalid sender")?;
|
||||
let sender = sender_id.unwrap_or(0);
|
||||
|
||||
let iv_hex = get_iv_hex();
|
||||
|
||||
@@ -166,7 +166,7 @@ pub async fn auth_generate_recovery(
|
||||
sender_id: Option<u32>,
|
||||
state: State<'_, Arc<RwLock<AppState>>>,
|
||||
) -> Result<IpcResponse<SetPasswordsResponse>, String> {
|
||||
let sender = sender_id.ok_or("Invalid sender")?;
|
||||
let sender = sender_id.unwrap_or(0);
|
||||
|
||||
let iv_hex = get_iv_hex();
|
||||
|
||||
@@ -199,7 +199,7 @@ pub async fn auth_reset_by_recovery(
|
||||
sender_id: Option<u32>,
|
||||
state: State<'_, Arc<RwLock<AppState>>>,
|
||||
) -> Result<IpcResponse<SetPasswordsResponse>, String> {
|
||||
let sender = sender_id.ok_or("Invalid sender")?;
|
||||
let sender = sender_id.unwrap_or(0);
|
||||
|
||||
let iv_hex = get_iv_hex();
|
||||
|
||||
@@ -238,7 +238,7 @@ pub async fn auth_clear_all(
|
||||
sender_id: Option<u32>,
|
||||
state: State<'_, Arc<RwLock<AppState>>>,
|
||||
) -> Result<IpcResponse<()>, String> {
|
||||
let sender = sender_id.ok_or("Invalid sender")?;
|
||||
let sender = sender_id.unwrap_or(0);
|
||||
|
||||
let result = {
|
||||
let state_guard = state.read();
|
||||
|
||||
@@ -14,11 +14,8 @@ fn check_admin_permission(
|
||||
permissions: &mut crate::services::PermissionService,
|
||||
sender_id: Option<u32>,
|
||||
) -> bool {
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
}
|
||||
|
||||
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||||
|
||||
@@ -42,11 +42,8 @@ pub struct DeleteResult {
|
||||
fn check_admin_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
|
||||
let state_guard = state.read();
|
||||
let mut permissions = state_guard.permissions.write();
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
}
|
||||
|
||||
#[tauri::command]
|
||||
|
||||
@@ -38,18 +38,12 @@ fn check_write_permission(
|
||||
match requirement {
|
||||
PermissionRequirement::Any => true,
|
||||
PermissionRequirement::Admin => {
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
}
|
||||
PermissionRequirement::Points => {
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::Points)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::Points)
|
||||
}
|
||||
PermissionRequirement::View => true,
|
||||
}
|
||||
|
||||
@@ -26,21 +26,15 @@ pub struct ImportStudentsParams {
|
||||
fn check_admin_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
|
||||
let state_guard = state.read();
|
||||
let mut permissions = state_guard.permissions.write();
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
}
|
||||
|
||||
fn check_view_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
|
||||
let state_guard = state.read();
|
||||
let mut permissions = state_guard.permissions.write();
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::View)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::View)
|
||||
}
|
||||
|
||||
#[tauri::command]
|
||||
|
||||
@@ -14,21 +14,15 @@ use super::response::{IpcResponse, TagResponse};
|
||||
fn check_admin_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
|
||||
let state_guard = state.read();
|
||||
let mut permissions = state_guard.permissions.write();
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
}
|
||||
|
||||
fn check_view_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
|
||||
let state_guard = state.read();
|
||||
let mut permissions = state_guard.permissions.write();
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::View)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::View)
|
||||
}
|
||||
|
||||
#[tauri::command]
|
||||
|
||||
@@ -11,11 +11,8 @@ fn check_admin_permission(
|
||||
permissions: &mut crate::services::PermissionService,
|
||||
sender_id: Option<u32>,
|
||||
) -> bool {
|
||||
if let Some(id) = sender_id {
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
} else {
|
||||
false
|
||||
}
|
||||
let id = sender_id.unwrap_or(0);
|
||||
permissions.require_permission(id, PermissionLevel::Admin)
|
||||
}
|
||||
|
||||
#[tauri::command]
|
||||
|
||||
Reference in New Issue
Block a user