package handlers import ( "errors" "platform/pkg/env" "platform/pkg/u" "platform/web/auth" "platform/web/core" g "platform/web/globals" "platform/web/globals/orm" m "platform/web/models" q "platform/web/queries" "time" "github.com/gofiber/fiber/v2" ) type ListWhitelistReq struct { core.PageReq } type ListWhitelistResp struct { Total int64 `json:"total"` List []*m.Whitelist `json:"list"` Page int `json:"page"` Size int `json:"size"` } func ListWhitelist(c *fiber.Ctx) error { // 检查权限 authCtx, err := auth.GetAuthCtx(c).PermitUser() if err != nil { return err } // 解析请求参数 req := new(ListWhitelistReq) if err := c.BodyParser(req); err != nil { return err } // 获取白名单信息 do := q.Whitelist.Where(q.Whitelist.UserID.Eq(authCtx.User.ID)) list, err := q.Whitelist.Where(do). Offset(req.GetOffset()). Limit(req.GetLimit()). Order(q.Whitelist.CreatedAt.Desc()). Find() if err != nil { return err } var total int64 if len(list) < req.GetLimit() { total = int64(len(list) + req.GetOffset()) } else { total, err = q.Whitelist.Where(do).Count() if err != nil { return err } } // 返回结果 return c.JSON(core.PageResp{ Total: int(total), List: list, Page: req.GetPage(), Size: req.GetSize(), }) } type CreateWhitelistReq struct { Host string `json:"host" validate:"required,ip"` Remark string `json:"remark,omitempty"` } func CreateWhitelist(c *fiber.Ctx) error { // 检查权限 authCtx, err := auth.GetAuthCtx(c).PermitUser() if err != nil { return err } // 解析请求参数 req := new(CreateWhitelistReq) err = g.Validator.ParseBody(c, req) if err != nil { return err } ip, err := secureAddr(req.Host) if err != nil { return core.NewBizErr("IP 地址无效", err) } // 创建白名单 err = q.Whitelist.Create(&m.Whitelist{ UserID: authCtx.User.ID, IP: u.Z(ip), Remark: &req.Remark, }) if err != nil { return core.NewServErr("添加白名单失败", err) } return nil } type UpdateWhitelistReq struct { ID int32 `json:"id" validate:"required"` Host string `json:"host"` Remark string `json:"remark"` } func UpdateWhitelist(c *fiber.Ctx) error { // 检查权限 authCtx, err := auth.GetAuthCtx(c).PermitUser() if err != nil { return err } // 解析请求参数 req := new(UpdateWhitelistReq) if err := c.BodyParser(req); err != nil { return err } if req.ID == 0 { return fiber.NewError(fiber.StatusBadRequest, "id is required") } ip, err := secureAddr(req.Host) if err != nil { return core.NewBizErr("IP 地址无效", err) } // 更新白名单 _, err = q.Whitelist. Where( q.Whitelist.ID.Eq(req.ID), q.Whitelist.UserID.Eq(authCtx.User.ID), ). UpdateSimple( q.Whitelist.IP.Value(ip), q.Whitelist.Remark.Value(req.Remark), ) if err != nil { return err } return nil } type RemoveWhitelistReq struct { ID int32 `json:"id" validate:"required"` } func RemoveWhitelist(c *fiber.Ctx) error { // 检查权限 authCtx, err := auth.GetAuthCtx(c).PermitUser() if err != nil { return err } // 解析请求参数 var req []RemoveWhitelistReq if err := c.BodyParser(&req); err != nil { return err } if len(req) == 0 { return fiber.NewError(fiber.StatusBadRequest, "id is required") } var ids = make([]int32, len(req)) for i, item := range req { if item.ID == 0 { return fiber.NewError(fiber.StatusBadRequest, "id is required") } ids[i] = item.ID } // 删除白名单 _, err = q.Whitelist. Where( q.Whitelist.ID.In(ids...), q.Whitelist.UserID.Eq(authCtx.User.ID), ). Update( q.Whitelist.DeletedAt, time.Now(), ) if err != nil { return err } return nil } func secureAddr(str string) (*orm.Inet, error) { ip, err := orm.ParseInet(str) if err != nil { return nil, err } if !ip.IsGlobalUnicast() && env.RunMode != env.RunModeDev { return nil, errors.New("IP 地址不可用") } return ip, nil }