统一修复 sender_id 为空时权限误判导致的管理员操作被拒绝

This commit is contained in:
JSR
2026-03-18 17:56:26 +08:00
parent 9b095e3b3b
commit 8729b5a294
7 changed files with 23 additions and 50 deletions
+5 -5
View File
@@ -61,7 +61,7 @@ pub async fn auth_login(
sender_id: Option<u32>,
state: State<'_, Arc<RwLock<AppState>>>,
) -> Result<IpcResponse<LoginResponse>, String> {
let sender = sender_id.ok_or("Invalid sender")?;
let sender = sender_id.unwrap_or(0);
let iv_hex = get_iv_hex();
@@ -122,7 +122,7 @@ pub async fn auth_set_passwords(
sender_id: Option<u32>,
state: State<'_, Arc<RwLock<AppState>>>,
) -> Result<IpcResponse<SetPasswordsResponse>, String> {
let sender = sender_id.ok_or("Invalid sender")?;
let sender = sender_id.unwrap_or(0);
let iv_hex = get_iv_hex();
@@ -166,7 +166,7 @@ pub async fn auth_generate_recovery(
sender_id: Option<u32>,
state: State<'_, Arc<RwLock<AppState>>>,
) -> Result<IpcResponse<SetPasswordsResponse>, String> {
let sender = sender_id.ok_or("Invalid sender")?;
let sender = sender_id.unwrap_or(0);
let iv_hex = get_iv_hex();
@@ -199,7 +199,7 @@ pub async fn auth_reset_by_recovery(
sender_id: Option<u32>,
state: State<'_, Arc<RwLock<AppState>>>,
) -> Result<IpcResponse<SetPasswordsResponse>, String> {
let sender = sender_id.ok_or("Invalid sender")?;
let sender = sender_id.unwrap_or(0);
let iv_hex = get_iv_hex();
@@ -238,7 +238,7 @@ pub async fn auth_clear_all(
sender_id: Option<u32>,
state: State<'_, Arc<RwLock<AppState>>>,
) -> Result<IpcResponse<()>, String> {
let sender = sender_id.ok_or("Invalid sender")?;
let sender = sender_id.unwrap_or(0);
let result = {
let state_guard = state.read();
+2 -5
View File
@@ -14,11 +14,8 @@ fn check_admin_permission(
permissions: &mut crate::services::PermissionService,
sender_id: Option<u32>,
) -> bool {
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::Admin)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::Admin)
}
#[derive(Debug, Clone, Serialize, Deserialize)]
+2 -5
View File
@@ -42,11 +42,8 @@ pub struct DeleteResult {
fn check_admin_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
let state_guard = state.read();
let mut permissions = state_guard.permissions.write();
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::Admin)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::Admin)
}
#[tauri::command]
+4 -10
View File
@@ -38,18 +38,12 @@ fn check_write_permission(
match requirement {
PermissionRequirement::Any => true,
PermissionRequirement::Admin => {
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::Admin)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::Admin)
}
PermissionRequirement::Points => {
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::Points)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::Points)
}
PermissionRequirement::View => true,
}
+4 -10
View File
@@ -26,21 +26,15 @@ pub struct ImportStudentsParams {
fn check_admin_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
let state_guard = state.read();
let mut permissions = state_guard.permissions.write();
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::Admin)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::Admin)
}
fn check_view_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
let state_guard = state.read();
let mut permissions = state_guard.permissions.write();
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::View)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::View)
}
#[tauri::command]
+4 -10
View File
@@ -14,21 +14,15 @@ use super::response::{IpcResponse, TagResponse};
fn check_admin_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
let state_guard = state.read();
let mut permissions = state_guard.permissions.write();
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::Admin)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::Admin)
}
fn check_view_permission(state: &Arc<RwLock<AppState>>, sender_id: Option<u32>) -> bool {
let state_guard = state.read();
let mut permissions = state_guard.permissions.write();
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::View)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::View)
}
#[tauri::command]
+2 -5
View File
@@ -11,11 +11,8 @@ fn check_admin_permission(
permissions: &mut crate::services::PermissionService,
sender_id: Option<u32>,
) -> bool {
if let Some(id) = sender_id {
permissions.require_permission(id, PermissionLevel::Admin)
} else {
false
}
let id = sender_id.unwrap_or(0);
permissions.require_permission(id, PermissionLevel::Admin)
}
#[tauri::command]