From 1ee3b64a19fcf055ce19000247b16576dd676369 Mon Sep 17 00:00:00 2001 From: Fu Diwei Date: Thu, 15 May 2025 21:05:22 +0800 Subject: [PATCH] feat: config goedge api user role --- internal/deployer/providers.go | 1 + internal/domain/access.go | 1 + .../core/deployer/providers/goedge/goedge.go | 16 ++++--- internal/pkg/sdk3rd/goedge/api.go | 2 +- internal/pkg/sdk3rd/goedge/client.go | 6 +-- migrations/1747314000_upgrade.go | 44 +++++++++++++++++++ .../access/AccessFormGoEdgeConfig.tsx | 10 ++++- ui/src/domain/access.ts | 1 + ui/src/i18n/locales/en/nls.access.json | 12 +++-- ui/src/i18n/locales/zh/nls.access.json | 12 +++-- 10 files changed, 87 insertions(+), 18 deletions(-) create mode 100644 migrations/1747314000_upgrade.go diff --git a/internal/deployer/providers.go b/internal/deployer/providers.go index 3ad6aa4c..825cfedf 100644 --- a/internal/deployer/providers.go +++ b/internal/deployer/providers.go @@ -581,6 +581,7 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer deployer, err := pGoEdge.NewDeployer(&pGoEdge.DeployerConfig{ ApiUrl: access.ApiUrl, + ApiRole: access.ApiRole, AccessKeyId: access.AccessKeyId, AccessKey: access.AccessKey, AllowInsecureConnections: access.AllowInsecureConnections, diff --git a/internal/domain/access.go b/internal/domain/access.go index 84afd292..b2ff5e94 100644 --- a/internal/domain/access.go +++ b/internal/domain/access.go @@ -149,6 +149,7 @@ type AccessConfigForGoDaddy struct { type AccessConfigForGoEdge struct { ApiUrl string `json:"apiUrl"` + ApiRole string `json:"apiRole"` AccessKeyId string `json:"accessKeyId"` AccessKey string `json:"accessKey"` AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` diff --git a/internal/pkg/core/deployer/providers/goedge/goedge.go b/internal/pkg/core/deployer/providers/goedge/goedge.go index 61153b1b..73eade64 100644 --- a/internal/pkg/core/deployer/providers/goedge/goedge.go +++ b/internal/pkg/core/deployer/providers/goedge/goedge.go @@ -18,9 +18,11 @@ import ( type DeployerConfig struct { // GoEdge URL。 ApiUrl string `json:"apiUrl"` - // GoEdge 用户 AccessKeyId。 + // GoEdge 用户角色。 + ApiRole string `json:"apiRole"` + // GoEdge AccessKeyId。 AccessKeyId string `json:"accessKeyId"` - // GoEdge 用户 AccessKey。 + // GoEdge AccessKey。 AccessKey string `json:"accessKey"` // 是否允许不安全的连接。 AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` @@ -44,7 +46,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { panic("config is nil") } - client, err := createSdkClient(config.ApiUrl, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) + client, err := createSdkClient(config.ApiUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) if err != nil { return nil, fmt.Errorf("failed to create sdk client: %w", err) } @@ -116,11 +118,15 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func createSdkClient(apiUrl, accessKeyId, accessKey string, skipTlsVerify bool) (*goedgesdk.Client, error) { +func createSdkClient(apiUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*goedgesdk.Client, error) { if _, err := url.Parse(apiUrl); err != nil { return nil, errors.New("invalid goedge api url") } + if apiRole != "user" && apiRole != "admin" { + return nil, errors.New("invalid goedge api role") + } + if accessKeyId == "" { return nil, errors.New("invalid goedge access key id") } @@ -129,7 +135,7 @@ func createSdkClient(apiUrl, accessKeyId, accessKey string, skipTlsVerify bool) return nil, errors.New("invalid goedge access key") } - client := goedgesdk.NewClient(apiUrl, "user", accessKeyId, accessKey) + client := goedgesdk.NewClient(apiUrl, apiRole, accessKeyId, accessKey) if skipTlsVerify { client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) } diff --git a/internal/pkg/sdk3rd/goedge/api.go b/internal/pkg/sdk3rd/goedge/api.go index 67ee9194..c217e8ae 100644 --- a/internal/pkg/sdk3rd/goedge/api.go +++ b/internal/pkg/sdk3rd/goedge/api.go @@ -9,7 +9,7 @@ import ( func (c *Client) getAccessToken() error { req := &getAPIAccessTokenRequest{ - Type: c.apiUserType, + Type: c.apiRole, AccessKeyId: c.accessKeyId, AccessKey: c.accessKey, } diff --git a/internal/pkg/sdk3rd/goedge/client.go b/internal/pkg/sdk3rd/goedge/client.go index 96291fb3..e32c7482 100644 --- a/internal/pkg/sdk3rd/goedge/client.go +++ b/internal/pkg/sdk3rd/goedge/client.go @@ -14,7 +14,7 @@ import ( type Client struct { apiHost string - apiUserType string + apiRole string accessKeyId string accessKey string @@ -25,12 +25,12 @@ type Client struct { client *resty.Client } -func NewClient(apiHost, apiUserType, accessKeyId, accessKey string) *Client { +func NewClient(apiHost, apiRole, accessKeyId, accessKey string) *Client { client := resty.New() return &Client{ apiHost: strings.TrimRight(apiHost, "/"), - apiUserType: apiUserType, + apiRole: apiRole, accessKeyId: accessKeyId, accessKey: accessKey, client: client, diff --git a/migrations/1747314000_upgrade.go b/migrations/1747314000_upgrade.go new file mode 100644 index 00000000..19a25bb2 --- /dev/null +++ b/migrations/1747314000_upgrade.go @@ -0,0 +1,44 @@ +package migrations + +import ( + "github.com/pocketbase/pocketbase/core" + m "github.com/pocketbase/pocketbase/migrations" +) + +func init() { + m.Register(func(app core.App) error { + // migrate data + { + accesses, err := app.FindAllRecords("access") + if err != nil { + return err + } + + for _, access := range accesses { + changed := false + + if access.GetString("provider") == "goedge" { + config := make(map[string]any) + if err := access.UnmarshalJSONField("config", &config); err != nil { + return err + } + + config["apiRole"] = "user" + access.Set("config", config) + changed = true + } + + if changed { + err = app.Save(access) + if err != nil { + return err + } + } + } + } + + return nil + }, func(app core.App) error { + return nil + }) +} diff --git a/ui/src/components/access/AccessFormGoEdgeConfig.tsx b/ui/src/components/access/AccessFormGoEdgeConfig.tsx index eb4140f4..ced9b09a 100644 --- a/ui/src/components/access/AccessFormGoEdgeConfig.tsx +++ b/ui/src/components/access/AccessFormGoEdgeConfig.tsx @@ -1,5 +1,5 @@ import { useTranslation } from "react-i18next"; -import { Form, type FormInstance, Input, Switch } from "antd"; +import { Form, type FormInstance, Input, Radio, Switch } from "antd"; import { createSchemaFieldRule } from "antd-zod"; import { z } from "zod"; @@ -18,6 +18,7 @@ export type AccessFormGoEdgeConfigProps = { const initFormModel = (): AccessFormGoEdgeConfigFieldValues => { return { apiUrl: "http://:7788/", + apiRole: "user", accessKeyId: "", accessKey: "", }; @@ -28,6 +29,9 @@ const AccessFormGoEdgeConfig = ({ form: formInst, formName, disabled, initialVal const formSchema = z.object({ apiUrl: z.string().url(t("common.errmsg.url_invalid")), + role: z.union([z.literal("user"), z.literal("admin")], { + message: t("access.form.goedge_api_role.placeholder"), + }), accessKeyId: z .string() .min(1, t("access.form.goedge_access_key_id.placeholder")) @@ -59,6 +63,10 @@ const AccessFormGoEdgeConfig = ({ form: formInst, formName, disabled, initialVal + + ({ label: t(`access.form.goedge_api_role.option.${s}.label`), value: s }))} /> + + https://developer.godaddy.com/", "access.form.goedge_api_url.label": "GoEdge API URL", "access.form.goedge_api_url.placeholder": "Please enter GoEdge API URL", - "access.form.goedge_access_key_id.label": "GoEdge user AccessKeyId", - "access.form.goedge_access_key_id.placeholder": "Please enter GoEdge user AccessKeyId", + "access.form.goedge_api_role.label": "GoEdge user role", + "access.form.goedge_api_role.placeholder": "Please select GoEdge user role", + "access.form.goedge_api_role.option.user.label": "Platform user", + "access.form.goedge_api_role.option.admin.label": "Administrator user", + "access.form.goedge_access_key_id.label": "GoEdge AccessKeyId", + "access.form.goedge_access_key_id.placeholder": "Please enter GoEdge AccessKeyId", "access.form.goedge_access_key_id.tooltip": "For more information, see https://goedge.cloud/docs/API/Auth.md", - "access.form.goedge_access_key.label": "GoEdge user AccessKey", - "access.form.goedge_access_key.placeholder": "Please enter GoEdge user AccessKey", + "access.form.goedge_access_key.label": "GoEdge AccessKey", + "access.form.goedge_access_key.placeholder": "Please enter GoEdge AccessKey", "access.form.goedge_access_key.tooltip": "For more information, see https://goedge.cloud/docs/API/Auth.md", "access.form.goedge_allow_insecure_conns.label": "Insecure SSL/TLS connections", "access.form.goedge_allow_insecure_conns.switch.on": "Allow", diff --git a/ui/src/i18n/locales/zh/nls.access.json b/ui/src/i18n/locales/zh/nls.access.json index 440b19e2..4839d6ad 100644 --- a/ui/src/i18n/locales/zh/nls.access.json +++ b/ui/src/i18n/locales/zh/nls.access.json @@ -195,11 +195,15 @@ "access.form.godaddy_api_secret.tooltip": "这是什么?请参阅 https://developer.godaddy.com/", "access.form.goedge_api_url.label": "GoEdge API URL", "access.form.goedge_api_url.placeholder": "请输入 GoEdge API URL", - "access.form.goedge_access_key_id.label": "GoEdge 用户 AccessKeyId", - "access.form.goedge_access_key_id.placeholder": "请输入 GoEdge 用户 AccessKeyId", + "access.form.goedge_api_role.label": "GoEdge 用户角色", + "access.form.goedge_api_role.placeholder": "请选择 GoEdge 用户角色", + "access.form.goedge_api_role.option.user.label": "平台用户", + "access.form.goedge_api_role.option.admin.label": "系统管理员", + "access.form.goedge_access_key_id.label": "GoEdge AccessKeyId", + "access.form.goedge_access_key_id.placeholder": "请输入 GoEdge AccessKeyId", "access.form.goedge_access_key_id.tooltip": "这是什么?请参阅 https://goedge.cloud/docs/API/Auth.md", - "access.form.goedge_access_key.label": "GoEdge 用户 AccessKey", - "access.form.goedge_access_key.placeholder": "请输入 GoEdge 用户 AccessKey", + "access.form.goedge_access_key.label": "GoEdge AccessKey", + "access.form.goedge_access_key.placeholder": "请输入 GoEdge AccessKey", "access.form.goedge_access_key.tooltip": "这是什么?请参阅 https://goedge.cloud/docs/API/Auth.md", "access.form.goedge_allow_insecure_conns.label": "忽略 SSL/TLS 证书错误", "access.form.goedge_allow_insecure_conns.switch.on": "允许",