fix: 调整路由和增加nginx的权限校验，待验证

server/controllers/file.go

@@ -1,173 +1,180 @@
-package controllers
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"github.com/astaxie/beego/logs"
-	"github.com/astaxie/beego/orm"
-	"os"
-	config2 "server/config"
-	"server/models"
-	nginx2 "server/nginx"
-	"server/utils"
-	"strings"
-	"time"
-)
-
-type FileController struct {
-	BaseController
-}
-
-func getRootDir() (string, error) {
-	root := fmt.Sprintf("%s/files", config2.GetDataDir())
-	if exist := utils.IsExist(root); exist != true {
-		err := os.MkdirAll(root, 0777)
-		if err != nil {
-			return "", err
-		}
-	}
-	return root, nil
-}
-
-// Get getAll
-func (c *FileController) Get() {
-	fileName := c.GetString("filename")
-	logs.Info("get file: {}", fileName)
-	root, err := getRootDir()
-	if err != nil {
-		c.Ctx.Output.SetStatus(404)
-		return
-	}
-
-	fromFile := fmt.Sprintf("%s/%s", root, fileName)
-	c.Ctx.Output.Download(fromFile, fileName)
-}
-
-// Post save certs
-func (c *FileController) Post() {
-	f, header, err := c.GetFile("file")
-	if err != nil {
-		c.Ctx.Output.SetStatus(500)
-		c.ErrorJson(err)
-		return
-	}
-
-	var req models.FileReq
-	err = c.ParseForm(&req)
-	if err != nil {
-		c.Ctx.Output.SetStatus(500)
-		c.ErrorJson(err)
-		return
-	}
-
-	defer f.Close()
-	root, err := getRootDir()
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	if strings.HasPrefix(req.Path, "/") {
-		req.Path = req.Path[1:len(req.Path)]
-	}
-	root = fmt.Sprintf("%s/%s", root, req.Key)
-	index := strings.LastIndex(req.Path, "/")
-	if index > 0 {
-		subDir := req.Path[0:index]
-		root = fmt.Sprintf("%s/%s", root, subDir)
-	}
-	if !utils.IsExist(root) {
-		err = os.MkdirAll(root, 0777)
-	}
-	if err != nil {
-		c.Ctx.Output.SetStatus(500)
-		c.ErrorJson(err)
-		return
-	}
-
-	toFile := fmt.Sprintf("%s/%s", root, header.Filename)
-	err = c.SaveToFile("file", toFile)
-	if err != nil {
-		c.Ctx.Output.SetStatus(500)
-		c.ErrorJson(err)
-		return
-	}
-	c.setData(toFile).json()
-}
-
-// Deploy 部署到服务器
-func (c *FileController) Deploy() {
-	var req models.DeployReq
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &req)
-	if err != nil {
-		logs.Error(err, string(c.Ctx.Input.RequestBody))
-		c.ErrorJson(err)
-		return
-	}
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	err = HandleDeploy(req)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	c.json()
-}
-
-func HandleDeploy(req models.DeployReq) error {
-	root, err := getRootDir()
-	if err != nil {
-		return err
-	}
-	root = fmt.Sprintf("%s/%s", root, req.Key)
-	if !utils.IsExist(root) {
-		logs.Warn("dir not exist: ", root)
-		return errors.New("未上传文件或者文件已被删除！")
-	}
-	o := orm.NewOrm()
-	nginx := models.Nginx{
-		Id: req.NginxId,
-	}
-	err = o.Read(&nginx)
-	if err != nil {
-		return err
-	}
-	ins := nginx2.GetInstance(&nginx)
-	dirs := ins.CheckDirs()
-	if nginx.IsLocal {
-		cmd := fmt.Sprintf("if [ ! -d %s ];then mkdir -p %s;fi && cp -r %s/* %s", req.Dir, req.Dir, root, req.Dir)
-		_, err := ins.Run(cmd)
-		return err
-	}
-
-	tarPath := fmt.Sprintf("%s.tar.gz", root)
-	if !utils.IsExist(tarPath) {
-		err = utils.TarXz(tarPath, root)
-		if err != nil {
-			return err
-		}
-	}
-
-	timeNow := time.Now().Format("20060102150105")
-	dst := fmt.Sprintf("%s/%s_%s.tar.gz", dirs.BackupDir, req.Key, timeNow)
-	err = ins.SendFile(tarPath, dst)
-	if err != nil {
-		return err
-	}
-	cmd := fmt.Sprintf("if [ ! -d %s ];then mkdir -p %s;fi && tar -zxvf %s -C %s", req.Dir, req.Dir, dst, req.Dir)
-	if req.Clear {
-		cmd = fmt.Sprintf("rm -rf %s;%s", req.Dir, cmd)
-	}
-	_, err = ins.Run(cmd)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-// Delete del certs
-func (c *FileController) Delete() {
-
-}
+package controllers
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/astaxie/beego/logs"
+	"github.com/astaxie/beego/orm"
+	"os"
+	config2 "server/config"
+	"server/models"
+	nginx2 "server/nginx"
+	"server/utils"
+	"strings"
+	"time"
+)
+
+type FileController struct {
+	BaseController
+}
+
+func getRootDir() (string, error) {
+	root := fmt.Sprintf("%s/files", config2.GetDataDir())
+	if exist := utils.IsExist(root); exist != true {
+		err := os.MkdirAll(root, 0777)
+		if err != nil {
+			return "", err
+		}
+	}
+	return root, nil
+}
+
+// Get getAll
+func (c *FileController) Get() {
+	fileName := c.GetString("filename")
+	logs.Info("get file: {}", fileName)
+	root, err := getRootDir()
+	if err != nil {
+		c.Ctx.Output.SetStatus(404)
+		return
+	}
+
+	fromFile := fmt.Sprintf("%s/%s", root, fileName)
+	c.Ctx.Output.Download(fromFile, fileName)
+}
+
+// Post 文件长传
+// POST /file
+func (c *FileController) Post() {
+	f, header, err := c.GetFile("file")
+	if err != nil {
+		c.Ctx.Output.SetStatus(500)
+		c.ErrorJson(err)
+		return
+	}
+
+	var req models.FileReq
+	err = c.ParseForm(&req)
+	if err != nil {
+		c.Ctx.Output.SetStatus(500)
+		c.ErrorJson(err)
+		return
+	}
+
+	defer f.Close()
+	root, err := getRootDir()
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	if strings.HasPrefix(req.Path, "/") {
+		req.Path = req.Path[1:len(req.Path)]
+	}
+	root = fmt.Sprintf("%s/%s", root, req.Key)
+	index := strings.LastIndex(req.Path, "/")
+	if index > 0 {
+		subDir := req.Path[0:index]
+		root = fmt.Sprintf("%s/%s", root, subDir)
+	}
+	if !utils.IsExist(root) {
+		err = os.MkdirAll(root, 0777)
+	}
+	if err != nil {
+		c.Ctx.Output.SetStatus(500)
+		c.ErrorJson(err)
+		return
+	}
+
+	toFile := fmt.Sprintf("%s/%s", root, header.Filename)
+	err = c.SaveToFile("file", toFile)
+	if err != nil {
+		c.Ctx.Output.SetStatus(500)
+		c.ErrorJson(err)
+		return
+	}
+	c.setData(toFile).json()
+}
+
+// Deploy 部署到服务器
+// POST /nginx/:id/file/deploy
+func (c *FileController) Deploy() {
+	nginx, err := c.CheckNginxPermission()
+	if err != nil {
+		return
+	}
+	logs.Info("deploy ", nginx.Id)
+	var req models.DeployReq
+	err = json.Unmarshal(c.Ctx.Input.RequestBody, &req)
+	if err != nil {
+		logs.Error(err, string(c.Ctx.Input.RequestBody))
+		c.ErrorJson(err)
+		return
+	}
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	err = HandleDeploy(req)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	c.json()
+}
+
+func HandleDeploy(req models.DeployReq) error {
+	root, err := getRootDir()
+	if err != nil {
+		return err
+	}
+	root = fmt.Sprintf("%s/%s", root, req.Key)
+	if !utils.IsExist(root) {
+		logs.Warn("dir not exist: ", root)
+		return errors.New("未上传文件或者文件已被删除！")
+	}
+	o := orm.NewOrm()
+	nginx := models.Nginx{
+		Id: req.NginxId,
+	}
+	err = o.Read(&nginx)
+	if err != nil {
+		return err
+	}
+	ins := nginx2.GetInstance(&nginx)
+	dirs := ins.CheckDirs()
+	if nginx.IsLocal {
+		cmd := fmt.Sprintf("if [ ! -d %s ];then mkdir -p %s;fi && cp -r %s/* %s", req.Dir, req.Dir, root, req.Dir)
+		_, err := ins.Run(cmd)
+		return err
+	}
+
+	tarPath := fmt.Sprintf("%s.tar.gz", root)
+	if !utils.IsExist(tarPath) {
+		err = utils.TarXz(tarPath, root)
+		if err != nil {
+			return err
+		}
+	}
+
+	timeNow := time.Now().Format("20060102150105")
+	dst := fmt.Sprintf("%s/%s_%s.tar.gz", dirs.BackupDir, req.Key, timeNow)
+	err = ins.SendFile(tarPath, dst)
+	if err != nil {
+		return err
+	}
+	cmd := fmt.Sprintf("if [ ! -d %s ];then mkdir -p %s;fi && tar -zxvf %s -C %s", req.Dir, req.Dir, dst, req.Dir)
+	if req.Clear {
+		cmd = fmt.Sprintf("rm -rf %s;%s", req.Dir, cmd)
+	}
+	_, err = ins.Run(cmd)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// Delete del certs
+func (c *FileController) Delete() {
+
+}

server/controllers/server.go

@@ -1,128 +1,143 @@
-package controllers
-
-import (
-	"encoding/json"
-	"github.com/astaxie/beego/orm"
-	"server/models"
-	nginx2 "server/nginx"
-)
-
-type ServerController struct {
-	BaseController
-}
-
-// Get getAllServers
-func (c *ServerController) Get() {
-
-	id, err := c.GetInt("id", 0)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-
-	o := orm.NewOrm()
-	server := models.ServerHost{Id: id}
-	err = o.Read(&server)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	c.setData(server).json()
-}
-
-// Post add or update nginx instance
-func (c *ServerController) Post() {
-	var server models.ServerHost
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &server)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	o := orm.NewOrm()
-	var saveErr error
-	if server.Id > 0 {
-		tmp := models.ServerHost{Id: server.Id}
-		err := o.Read(&tmp, "last_name")
-		if err == nil {
-			server.LastName = tmp.LastName
-			server.ServerConf = tmp.ServerConf
-		}
-		_, saveErr = o.Update(&server)
-	} else {
-		_, saveErr = o.Insert(&server)
-	}
-
-	if saveErr != nil {
-		c.ErrorJson(saveErr)
-	} else {
-		c.setData(server).json()
-	}
-}
-
-// Delete add or update nginx instance
-func (c *ServerController) Delete() {
-	var server models.ServerHost
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &server)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	o := orm.NewOrm()
-	err = o.Read(&server)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	nginx := models.Nginx{Id: server.NginxId}
-	err = o.Read(&nginx)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	ins := nginx2.GetInstance(&nginx)
-	server.Enable = false
-	err = ins.RefreshServer(server)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	delServer := models.ServerHost{Id: server.Id}
-	_, err = o.Delete(&delServer)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	c.setData("success").json()
-}
-
-// Refresh check and refresh to disk
-func (c *ServerController) Refresh() {
-	var postData models.ServerHost
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &postData)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	o := orm.NewOrm()
-	_, err = o.Update(&postData)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-
-	var nginx = models.Nginx{Id: postData.NginxId}
-	err = o.Read(&nginx)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	ins := nginx2.GetInstance(&nginx)
-	err = ins.RefreshServer(postData)
-	if err != nil {
-		c.ErrorJson(err)
-		return
-	}
-	postData.LastName = postData.Name
-	_, _ = o.Update(&postData)
-	c.setData(true).json()
-}
+package controllers
+
+import (
+	"encoding/json"
+	"github.com/astaxie/beego/orm"
+	"server/models"
+	nginx2 "server/nginx"
+)
+
+type ServerController struct {
+	BaseController
+}
+
+// Get getAllServers
+// Get /nginx/:id/server
+func (c *ServerController) Get() {
+	nginx, err := c.CheckNginxPermission()
+	if err != nil {
+		return
+	}
+
+	id, err := c.GetInt("id", 0)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+
+	o := orm.NewOrm()
+	server := models.ServerHost{Id: id, NginxId: nginx.Id}
+	err = o.Read(&server, "Id", "NginxId")
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	c.setData(server).json()
+}
+
+// Post add or update nginx instance
+// POST /nginx/:id/server
+func (c *ServerController) Post() {
+	nginx, err := c.CheckNginxPermission()
+	if err != nil {
+		return
+	}
+	var server models.ServerHost
+	err = json.Unmarshal(c.Ctx.Input.RequestBody, &server)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	o := orm.NewOrm()
+	var saveErr error
+	server.NginxId = nginx.Id
+	server.Uid = nginx.Uid
+	if server.Id > 0 {
+		tmp := models.ServerHost{Id: server.Id, NginxId: nginx.Id}
+		err := o.Read(&tmp, "Id", "NginxId")
+		if err == nil {
+			server.LastName = tmp.LastName
+			server.ServerConf = tmp.ServerConf
+		}
+		_, saveErr = o.Update(&server)
+	} else {
+		_, saveErr = o.Insert(&server)
+	}
+
+	if saveErr != nil {
+		c.ErrorJson(saveErr)
+	} else {
+		c.setData(server).json()
+	}
+}
+
+// Delete add or update nginx instance
+// DELETE /nginx/:id/server
+func (c *ServerController) Delete() {
+	nginx, err := c.CheckNginxPermission()
+	if err != nil {
+		return
+	}
+	var server models.ServerHost
+	err = json.Unmarshal(c.Ctx.Input.RequestBody, &server)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	o := orm.NewOrm()
+	err = o.Read(&server)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+
+	ins := nginx2.GetInstance(nginx)
+	server.Enable = false
+	err = ins.RefreshServer(server)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	delServer := models.ServerHost{Id: server.Id, NginxId: nginx.Id}
+	_, err = o.Delete(&delServer, "Id", "NginxId")
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	c.setData("success").json()
+}
+
+// Refresh check and refresh to disk
+// POST /nginx/:id/server/refresh
+func (c *ServerController) Refresh() {
+	nginx, err := c.CheckNginxPermission()
+	if err != nil {
+		return
+	}
+	var postData models.ServerHost
+	err = json.Unmarshal(c.Ctx.Input.RequestBody, &postData)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+
+	postData.NginxId = nginx.Id
+	postData.Uid = nginx.Uid
+	
+	o := orm.NewOrm()
+	_, err = o.Update(&postData)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+
+	ins := nginx2.GetInstance(nginx)
+	err = ins.RefreshServer(postData)
+	if err != nil {
+		c.ErrorJson(err)
+		return
+	}
+	postData.LastName = postData.Name
+	_, _ = o.Update(&postData)
+	c.setData(true).json()
+}

server/routers/router.go

@@ -28,11 +28,11 @@ func init() {
 		beego.NSRouter("/nginx/:id/certs", &controllers.CertController{}),
 		beego.NSRouter("/nginx/:id/certs/sync", &controllers.CertController{}, "post:Sync"),
 		// nginx server apis
-		beego.NSRouter("/server", &controllers.ServerController{}),
-		beego.NSRouter("/server/refresh", &controllers.ServerController{}, "post:Refresh"),
+		beego.NSRouter("/nginx/:id/server", &controllers.ServerController{}),
+		beego.NSRouter("/nginx/:id/server/refresh", &controllers.ServerController{}, "post:Refresh"),
 		// file upload download
+		beego.NSRouter("/nginx/:id/file/deploy", &controllers.FileController{}, "post:Deploy"),
 		beego.NSRouter("/file", &controllers.FileController{}),
-		beego.NSRouter("/file/deploy", &controllers.FileController{}, "post:Deploy"),
 
 		beego.NSRouter("/user/login", &controllers.UserController{}, "post:Login"),
 		beego.NSRouter("/user/info", &controllers.UserController{}, "get:User"),

src/api/nginx.ts

@@ -32,6 +32,10 @@ export const NginxApis= {
   },
   getNginx: (id:number) => request.get<BaseResp<{nginx: INginx, servers: IServerHost[]}>>(`/nginx/${id}`),
   delNginx: (id:number) => request.delete(`/nginx/${id}`),
+  status: (id:number) => request.post(`/nginx/${id}/status`, { }, { timeout: 60000 }),
+  startNginx: (id:number) => request.post(`/nginx/${id}/start`, { }, { timeout: 60000 }),
+  stopNginx: (id:number) => request.post(`/nginx/${id}/stop`, { }, { timeout: 60000 }),
+
   /**
    * 不更改配置文件，仅保存数据，方便某些特殊情况，一直手动修改配置文件
    * @param nginx
@@ -42,13 +46,13 @@ export const NginxApis= {
     const serverHost: Partial<IServerHost> = createServerHost(nginx,server);
     // eslint-disable-next-line @typescript-eslint/ban-ts-comment
     // @ts-ignore
-    return request.post<BaseResp<IServerHost>>('/server',serverHost, { disableErrorMsg: true } as any)
-      .then(({data})=>{
-        if (data.data){
-          return createServer(data.data)
-        }
-        return Promise.reject(data)
-      })
+    return request.post<BaseResp<IServerHost>>(`/nginx/${nginx.id}/server`,serverHost, { disableErrorMsg: true } as any)
+        .then(({data})=>{
+          if (data.data){
+            return createServer(data.data)
+          }
+          return Promise.reject(data)
+        })
   },
   /**
    * 更改配置文件，保存数据
@@ -56,13 +60,9 @@ export const NginxApis= {
    * @param server
    */
   refreshServer: (server: Partial<IServerHost>) => {
-    return request.post('/server/refresh', server, { timeout: 60000 })
+    return request.post(`/nginx/${server.nginxId}/server/refresh`, server, { timeout: 60000 })
   },
-  deleteServer: (server: INginxServer) => request.delete(`/server`,{ data: { id: server.id}}),
-  status: (id:number) => request.post(`/nginx/${id}/status`, { }, { timeout: 60000 }),
-  startNginx: (id:number) => request.post(`/nginx/${id}/start`, { }, { timeout: 60000 }),
-  stopNginx: (id:number) => request.post(`/nginx/${id}/stop`, { }, { timeout: 60000 }),
-
+  deleteServer: (nginxId: number,server: INginxServer) => request.delete(`/nginx/${nginxId}/server`,{ data: { id: server.id}}),
   /**
    * 获取证书信息，不传name，则返回所有证书文件信息，传了name，则返回该证书的内容
    * @param id
@@ -122,5 +122,5 @@ export const uploadApis = {
       })
     })
   },
-  deploy:(data: IDeployReq)=>request.post('/file/deploy', data, {timeout: 120000}),
+  deploy:(data: IDeployReq)=>request.post(`/nginx/${data.nginxId}/file/deploy`, data, {timeout: 120000}),
 }

src/pages/nginx/server/index.tsx

@@ -80,7 +80,7 @@ export const NginxServer = () => {
     removeServer.nginxId = current.id
     const handlerDelete = ()=>{
       setLoading(true)
-      NginxApis.deleteServer(removeServer)
+      NginxApis.deleteServer(current.id,removeServer)
           .then(()=>{
             const list = servers.filter(s=>s.id !== removeServer.id);
             dispatch(NginxActions.updateServers(list))