From a11e3d987197d8df124ead483decd32a98cecc6e Mon Sep 17 00:00:00 2001 From: Liang Ding Date: Fri, 10 Mar 2023 09:37:59 +0800 Subject: [PATCH 1/4] =?UTF-8?q?:art:=20=E6=94=B9=E8=BF=9B=E5=86=85?= =?UTF-8?q?=E6=A0=B8=E5=8F=AA=E8=AF=BB=E6=A8=A1=E5=BC=8F=20https://github.?= =?UTF-8?q?com/siyuan-note/siyuan/issues/7615?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kernel/api/router.go | 207 +++++++++++++++++++++--------------------- kernel/api/storage.go | 31 ------- 2 files changed, 103 insertions(+), 135 deletions(-) diff --git a/kernel/api/router.go b/kernel/api/router.go index 8846ca349..220d20ab2 100644 --- a/kernel/api/router.go +++ b/kernel/api/router.go @@ -37,59 +37,58 @@ func ServeAPI(ginServer *gin.Engine) { // 需要鉴权 ginServer.Handle("POST", "/api/system/getEmojiConf", model.CheckAuth, getEmojiConf) - ginServer.Handle("POST", "/api/system/setAccessAuthCode", model.CheckAuth, setAccessAuthCode) - ginServer.Handle("POST", "/api/system/setNetworkServe", model.CheckAuth, setNetworkServe) - ginServer.Handle("POST", "/api/system/setUploadErrLog", model.CheckAuth, setUploadErrLog) - ginServer.Handle("POST", "/api/system/setAutoLaunch", model.CheckAuth, setAutoLaunch) - ginServer.Handle("POST", "/api/system/setGoogleAnalytics", model.CheckAuth, setGoogleAnalytics) - ginServer.Handle("POST", "/api/system/setDownloadInstallPkg", model.CheckAuth, setDownloadInstallPkg) - ginServer.Handle("POST", "/api/system/setNetworkProxy", model.CheckAuth, setNetworkProxy) - ginServer.Handle("POST", "/api/system/setWorkspaceDir", model.CheckAuth, setWorkspaceDir) + ginServer.Handle("POST", "/api/system/setAccessAuthCode", model.CheckAuth, model.CheckReadonly, setAccessAuthCode) + ginServer.Handle("POST", "/api/system/setNetworkServe", model.CheckAuth, model.CheckReadonly, setNetworkServe) + ginServer.Handle("POST", "/api/system/setUploadErrLog", model.CheckAuth, model.CheckReadonly, setUploadErrLog) + ginServer.Handle("POST", "/api/system/setAutoLaunch", model.CheckAuth, model.CheckReadonly, setAutoLaunch) + ginServer.Handle("POST", "/api/system/setGoogleAnalytics", model.CheckAuth, model.CheckReadonly, setGoogleAnalytics) + ginServer.Handle("POST", "/api/system/setDownloadInstallPkg", model.CheckAuth, model.CheckReadonly, setDownloadInstallPkg) + ginServer.Handle("POST", "/api/system/setNetworkProxy", model.CheckAuth, model.CheckReadonly, setNetworkProxy) + ginServer.Handle("POST", "/api/system/setWorkspaceDir", model.CheckAuth, model.CheckReadonly, setWorkspaceDir) ginServer.Handle("POST", "/api/system/getWorkspaces", model.CheckAuth, getWorkspaces) ginServer.Handle("POST", "/api/system/getMobileWorkspaces", model.CheckAuth, getMobileWorkspaces) - ginServer.Handle("POST", "/api/system/createWorkspaceDir", model.CheckAuth, createWorkspaceDir) - ginServer.Handle("POST", "/api/system/removeWorkspaceDir", model.CheckAuth, removeWorkspaceDir) + ginServer.Handle("POST", "/api/system/createWorkspaceDir", model.CheckAuth, model.CheckReadonly, createWorkspaceDir) + ginServer.Handle("POST", "/api/system/removeWorkspaceDir", model.CheckAuth, model.CheckReadonly, removeWorkspaceDir) ginServer.Handle("POST", "/api/system/setAppearanceMode", model.CheckAuth, setAppearanceMode) ginServer.Handle("POST", "/api/system/getSysFonts", model.CheckAuth, getSysFonts) ginServer.Handle("POST", "/api/system/exit", model.CheckAuth, exit) - ginServer.Handle("POST", "/api/system/setUILayout", model.CheckAuth, setUILayout) + ginServer.Handle("POST", "/api/system/setUILayout", model.CheckAuth, model.CheckReadonly, setUILayout) ginServer.Handle("POST", "/api/system/getConf", model.CheckAuth, getConf) ginServer.Handle("POST", "/api/system/checkUpdate", model.CheckAuth, checkUpdate) ginServer.Handle("POST", "/api/system/exportLog", model.CheckAuth, exportLog) - ginServer.Handle("POST", "/api/storage/setLocalStorage", model.CheckAuth, setLocalStorage) + ginServer.Handle("POST", "/api/storage/setLocalStorage", model.CheckAuth, model.CheckReadonly, setLocalStorage) ginServer.Handle("POST", "/api/storage/getLocalStorage", model.CheckAuth, getLocalStorage) - ginServer.Handle("POST", "/api/storage/setLocalStorageVal", model.CheckAuth, setLocalStorageVal) - ginServer.Handle("POST", "/api/storage/removeLocalStorageVal", model.CheckAuth, removeLocalStorageVal) - ginServer.Handle("POST", "/api/storage/setCriterion", model.CheckAuth, setCriterion) + ginServer.Handle("POST", "/api/storage/setLocalStorageVal", model.CheckAuth, model.CheckReadonly, setLocalStorageVal) + ginServer.Handle("POST", "/api/storage/removeLocalStorageVal", model.CheckAuth, model.CheckReadonly, removeLocalStorageVal) + ginServer.Handle("POST", "/api/storage/setCriterion", model.CheckAuth, model.CheckReadonly, setCriterion) ginServer.Handle("POST", "/api/storage/getCriteria", model.CheckAuth, getCriteria) - ginServer.Handle("POST", "/api/storage/removeCriterion", model.CheckAuth, removeCriterion) - ginServer.Handle("POST", "/api/storage/setRecentDoc", model.CheckAuth, setRecentDoc) + ginServer.Handle("POST", "/api/storage/removeCriterion", model.CheckAuth, model.CheckReadonly, removeCriterion) ginServer.Handle("POST", "/api/storage/getRecentDocs", model.CheckAuth, getRecentDocs) - ginServer.Handle("POST", "/api/account/login", model.CheckAuth, login) - ginServer.Handle("POST", "/api/account/checkActivationcode", model.CheckAuth, checkActivationcode) - ginServer.Handle("POST", "/api/account/useActivationcode", model.CheckAuth, useActivationcode) - ginServer.Handle("POST", "/api/account/deactivate", model.CheckAuth, deactivateUser) - ginServer.Handle("POST", "/api/account/startFreeTrial", model.CheckAuth, startFreeTrial) + ginServer.Handle("POST", "/api/account/login", model.CheckAuth, model.CheckReadonly, login) + ginServer.Handle("POST", "/api/account/checkActivationcode", model.CheckAuth, model.CheckReadonly, checkActivationcode) + ginServer.Handle("POST", "/api/account/useActivationcode", model.CheckAuth, model.CheckReadonly, useActivationcode) + ginServer.Handle("POST", "/api/account/deactivate", model.CheckAuth, model.CheckReadonly, deactivateUser) + ginServer.Handle("POST", "/api/account/startFreeTrial", model.CheckAuth, model.CheckReadonly, startFreeTrial) ginServer.Handle("POST", "/api/notebook/lsNotebooks", model.CheckAuth, lsNotebooks) - ginServer.Handle("POST", "/api/notebook/openNotebook", model.CheckAuth, openNotebook) - ginServer.Handle("POST", "/api/notebook/closeNotebook", model.CheckAuth, closeNotebook) + ginServer.Handle("POST", "/api/notebook/openNotebook", model.CheckAuth, model.CheckReadonly, openNotebook) + ginServer.Handle("POST", "/api/notebook/closeNotebook", model.CheckAuth, model.CheckReadonly, closeNotebook) ginServer.Handle("POST", "/api/notebook/getNotebookConf", model.CheckAuth, getNotebookConf) - ginServer.Handle("POST", "/api/notebook/setNotebookConf", model.CheckAuth, setNotebookConf) - ginServer.Handle("POST", "/api/notebook/createNotebook", model.CheckAuth, createNotebook) - ginServer.Handle("POST", "/api/notebook/removeNotebook", model.CheckAuth, removeNotebook) - ginServer.Handle("POST", "/api/notebook/renameNotebook", model.CheckAuth, renameNotebook) - ginServer.Handle("POST", "/api/notebook/changeSortNotebook", model.CheckAuth, changeSortNotebook) - ginServer.Handle("POST", "/api/notebook/setNotebookIcon", model.CheckAuth, setNotebookIcon) + ginServer.Handle("POST", "/api/notebook/setNotebookConf", model.CheckAuth, model.CheckReadonly, setNotebookConf) + ginServer.Handle("POST", "/api/notebook/createNotebook", model.CheckAuth, model.CheckReadonly, createNotebook) + ginServer.Handle("POST", "/api/notebook/removeNotebook", model.CheckAuth, model.CheckReadonly, removeNotebook) + ginServer.Handle("POST", "/api/notebook/renameNotebook", model.CheckAuth, model.CheckReadonly, renameNotebook) + ginServer.Handle("POST", "/api/notebook/changeSortNotebook", model.CheckAuth, model.CheckReadonly, changeSortNotebook) + ginServer.Handle("POST", "/api/notebook/setNotebookIcon", model.CheckAuth, model.CheckReadonly, setNotebookIcon) ginServer.Handle("POST", "/api/filetree/searchDocs", model.CheckAuth, searchDocs) ginServer.Handle("POST", "/api/filetree/listDocsByPath", model.CheckAuth, listDocsByPath) ginServer.Handle("POST", "/api/filetree/getDoc", model.CheckAuth, getDoc) ginServer.Handle("POST", "/api/filetree/getDocCreateSavePath", model.CheckAuth, getDocCreateSavePath) ginServer.Handle("POST", "/api/filetree/getRefCreateSavePath", model.CheckAuth, getRefCreateSavePath) - ginServer.Handle("POST", "/api/filetree/changeSort", model.CheckAuth, changeSort) + ginServer.Handle("POST", "/api/filetree/changeSort", model.CheckAuth, model.CheckReadonly, changeSort) ginServer.Handle("POST", "/api/filetree/lockFile", model.CheckAuth, lockFile) ginServer.Handle("POST", "/api/filetree/createDocWithMd", model.CheckAuth, model.CheckReadonly, createDocWithMd) ginServer.Handle("POST", "/api/filetree/createDailyNote", model.CheckAuth, model.CheckReadonly, createDailyNote) @@ -112,8 +111,8 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/format/netImg2LocalAssets", model.CheckAuth, model.CheckReadonly, netImg2LocalAssets) ginServer.Handle("POST", "/api/history/getNotebookHistory", model.CheckAuth, getNotebookHistory) - ginServer.Handle("POST", "/api/history/rollbackNotebookHistory", model.CheckAuth, rollbackNotebookHistory) - ginServer.Handle("POST", "/api/history/rollbackAssetsHistory", model.CheckAuth, rollbackAssetsHistory) + ginServer.Handle("POST", "/api/history/rollbackNotebookHistory", model.CheckAuth, model.CheckReadonly, rollbackNotebookHistory) + ginServer.Handle("POST", "/api/history/rollbackAssetsHistory", model.CheckAuth, model.CheckReadonly, rollbackAssetsHistory) ginServer.Handle("POST", "/api/history/getDocHistoryContent", model.CheckAuth, getDocHistoryContent) ginServer.Handle("POST", "/api/history/rollbackDocHistory", model.CheckAuth, model.CheckReadonly, rollbackDocHistory) ginServer.Handle("POST", "/api/history/clearWorkspaceHistory", model.CheckAuth, model.CheckReadonly, clearWorkspaceHistory) @@ -123,11 +122,11 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/outline/getDocOutline", model.CheckAuth, getDocOutline) ginServer.Handle("POST", "/api/bookmark/getBookmark", model.CheckAuth, getBookmark) - ginServer.Handle("POST", "/api/bookmark/renameBookmark", model.CheckAuth, renameBookmark) - ginServer.Handle("POST", "/api/bookmark/removeBookmark", model.CheckAuth, removeBookmark) + ginServer.Handle("POST", "/api/bookmark/renameBookmark", model.CheckAuth, model.CheckReadonly, renameBookmark) + ginServer.Handle("POST", "/api/bookmark/removeBookmark", model.CheckAuth, model.CheckReadonly, removeBookmark) ginServer.Handle("POST", "/api/tag/getTag", model.CheckAuth, getTag) - ginServer.Handle("POST", "/api/tag/renameTag", model.CheckAuth, renameTag) - ginServer.Handle("POST", "/api/tag/removeTag", model.CheckAuth, removeTag) + ginServer.Handle("POST", "/api/tag/renameTag", model.CheckAuth, model.CheckReadonly, renameTag) + ginServer.Handle("POST", "/api/tag/removeTag", model.CheckAuth, model.CheckReadonly, removeTag) ginServer.Handle("POST", "/api/lute/spinBlockDOM", model.CheckAuth, spinBlockDOM) // 未测试 ginServer.Handle("POST", "/api/lute/html2BlockDOM", model.CheckAuth, html2BlockDOM) @@ -142,7 +141,7 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/search/searchEmbedBlock", model.CheckAuth, searchEmbedBlock) ginServer.Handle("POST", "/api/search/fullTextSearchBlock", model.CheckAuth, fullTextSearchBlock) ginServer.Handle("POST", "/api/search/searchAsset", model.CheckAuth, searchAsset) - ginServer.Handle("POST", "/api/search/findReplace", model.CheckAuth, findReplace) + ginServer.Handle("POST", "/api/search/findReplace", model.CheckAuth, model.CheckReadonly, findReplace) ginServer.Handle("POST", "/api/block/getBlockInfo", model.CheckAuth, getBlockInfo) ginServer.Handle("POST", "/api/block/getBlockDOM", model.CheckAuth, getBlockDOM) @@ -160,22 +159,22 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/block/getDocInfo", model.CheckAuth, getDocInfo) ginServer.Handle("POST", "/api/block/checkBlockExist", model.CheckAuth, checkBlockExist) ginServer.Handle("POST", "/api/block/checkBlockFold", model.CheckAuth, checkBlockFold) - ginServer.Handle("POST", "/api/block/insertBlock", model.CheckAuth, insertBlock) - ginServer.Handle("POST", "/api/block/prependBlock", model.CheckAuth, prependBlock) - ginServer.Handle("POST", "/api/block/appendBlock", model.CheckAuth, appendBlock) - ginServer.Handle("POST", "/api/block/updateBlock", model.CheckAuth, updateBlock) - ginServer.Handle("POST", "/api/block/deleteBlock", model.CheckAuth, deleteBlock) - ginServer.Handle("POST", "/api/block/setBlockReminder", model.CheckAuth, setBlockReminder) + ginServer.Handle("POST", "/api/block/insertBlock", model.CheckAuth, model.CheckReadonly, insertBlock) + ginServer.Handle("POST", "/api/block/prependBlock", model.CheckAuth, model.CheckReadonly, prependBlock) + ginServer.Handle("POST", "/api/block/appendBlock", model.CheckAuth, model.CheckReadonly, appendBlock) + ginServer.Handle("POST", "/api/block/updateBlock", model.CheckAuth, model.CheckReadonly, updateBlock) + ginServer.Handle("POST", "/api/block/deleteBlock", model.CheckAuth, model.CheckReadonly, deleteBlock) + ginServer.Handle("POST", "/api/block/setBlockReminder", model.CheckAuth, model.CheckReadonly, setBlockReminder) ginServer.Handle("POST", "/api/block/getHeadingLevelTransaction", model.CheckAuth, getHeadingLevelTransaction) ginServer.Handle("POST", "/api/block/getHeadingDeleteTransaction", model.CheckAuth, getHeadingDeleteTransaction) ginServer.Handle("POST", "/api/block/getHeadingChildrenIDs", model.CheckAuth, getHeadingChildrenIDs) ginServer.Handle("POST", "/api/block/getHeadingChildrenDOM", model.CheckAuth, getHeadingChildrenDOM) - ginServer.Handle("POST", "/api/block/swapBlockRef", model.CheckAuth, swapBlockRef) - ginServer.Handle("POST", "/api/block/transferBlockRef", model.CheckAuth, transferBlockRef) + ginServer.Handle("POST", "/api/block/swapBlockRef", model.CheckAuth, model.CheckReadonly, swapBlockRef) + ginServer.Handle("POST", "/api/block/transferBlockRef", model.CheckAuth, model.CheckReadonly, transferBlockRef) ginServer.Handle("POST", "/api/file/getFile", model.CheckAuth, getFile) - ginServer.Handle("POST", "/api/file/putFile", model.CheckAuth, putFile) - ginServer.Handle("POST", "/api/file/copyFile", model.CheckAuth, copyFile) + ginServer.Handle("POST", "/api/file/putFile", model.CheckAuth, model.CheckReadonly, putFile) + ginServer.Handle("POST", "/api/file/copyFile", model.CheckAuth, model.CheckReadonly, copyFile) ginServer.Handle("POST", "/api/ref/refreshBacklink", model.CheckAuth, refreshBacklink) ginServer.Handle("POST", "/api/ref/getBacklink", model.CheckAuth, getBacklink) @@ -184,31 +183,31 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/ref/getBackmentionDoc", model.CheckAuth, getBackmentionDoc) ginServer.Handle("POST", "/api/attr/getBookmarkLabels", model.CheckAuth, getBookmarkLabels) - ginServer.Handle("POST", "/api/attr/resetBlockAttrs", model.CheckAuth, model.CheckReadonly, resetBlockAttrs) - ginServer.Handle("POST", "/api/attr/setBlockAttrs", model.CheckAuth, model.CheckReadonly, setBlockAttrs) + ginServer.Handle("POST", "/api/attr/resetBlockAttrs", model.CheckAuth, model.CheckReadonly, model.CheckReadonly, resetBlockAttrs) + ginServer.Handle("POST", "/api/attr/setBlockAttrs", model.CheckAuth, model.CheckReadonly, model.CheckReadonly, setBlockAttrs) ginServer.Handle("POST", "/api/attr/getBlockAttrs", model.CheckAuth, getBlockAttrs) ginServer.Handle("POST", "/api/cloud/getCloudSpace", model.CheckAuth, getCloudSpace) - ginServer.Handle("POST", "/api/sync/setSyncEnable", model.CheckAuth, setSyncEnable) - ginServer.Handle("POST", "/api/sync/setSyncGenerateConflictDoc", model.CheckAuth, setSyncGenerateConflictDoc) - ginServer.Handle("POST", "/api/sync/setSyncMode", model.CheckAuth, setSyncMode) - ginServer.Handle("POST", "/api/sync/setSyncProvider", model.CheckAuth, setSyncProvider) - ginServer.Handle("POST", "/api/sync/setSyncProviderS3", model.CheckAuth, setSyncProviderS3) - ginServer.Handle("POST", "/api/sync/setSyncProviderWebDAV", model.CheckAuth, setSyncProviderWebDAV) - ginServer.Handle("POST", "/api/sync/setCloudSyncDir", model.CheckAuth, setCloudSyncDir) + ginServer.Handle("POST", "/api/sync/setSyncEnable", model.CheckAuth, model.CheckReadonly, setSyncEnable) + ginServer.Handle("POST", "/api/sync/setSyncGenerateConflictDoc", model.CheckAuth, model.CheckReadonly, setSyncGenerateConflictDoc) + ginServer.Handle("POST", "/api/sync/setSyncMode", model.CheckAuth, model.CheckReadonly, setSyncMode) + ginServer.Handle("POST", "/api/sync/setSyncProvider", model.CheckAuth, model.CheckReadonly, setSyncProvider) + ginServer.Handle("POST", "/api/sync/setSyncProviderS3", model.CheckAuth, model.CheckReadonly, setSyncProviderS3) + ginServer.Handle("POST", "/api/sync/setSyncProviderWebDAV", model.CheckAuth, model.CheckReadonly, setSyncProviderWebDAV) + ginServer.Handle("POST", "/api/sync/setCloudSyncDir", model.CheckAuth, model.CheckReadonly, setCloudSyncDir) ginServer.Handle("POST", "/api/sync/createCloudSyncDir", model.CheckAuth, model.CheckReadonly, createCloudSyncDir) ginServer.Handle("POST", "/api/sync/removeCloudSyncDir", model.CheckAuth, model.CheckReadonly, removeCloudSyncDir) - ginServer.Handle("POST", "/api/sync/listCloudSyncDir", model.CheckAuth, listCloudSyncDir) - ginServer.Handle("POST", "/api/sync/performSync", model.CheckAuth, performSync) - ginServer.Handle("POST", "/api/sync/performBootSync", model.CheckAuth, performBootSync) + ginServer.Handle("POST", "/api/sync/listCloudSyncDir", model.CheckAuth, model.CheckReadonly, listCloudSyncDir) + ginServer.Handle("POST", "/api/sync/performSync", model.CheckAuth, model.CheckReadonly, performSync) + ginServer.Handle("POST", "/api/sync/performBootSync", model.CheckAuth, model.CheckReadonly, performBootSync) ginServer.Handle("POST", "/api/sync/getBootSync", model.CheckAuth, getBootSync) ginServer.Handle("POST", "/api/inbox/getShorthands", model.CheckAuth, getShorthands) ginServer.Handle("POST", "/api/inbox/getShorthand", model.CheckAuth, getShorthand) - ginServer.Handle("POST", "/api/inbox/removeShorthands", model.CheckAuth, removeShorthands) + ginServer.Handle("POST", "/api/inbox/removeShorthands", model.CheckAuth, model.CheckReadonly, removeShorthands) - ginServer.Handle("POST", "/api/extension/copy", model.CheckAuth, extensionCopy) + ginServer.Handle("POST", "/api/extension/copy", model.CheckAuth, model.CheckReadonly, extensionCopy) ginServer.Handle("POST", "/api/clipboard/readFilePaths", model.CheckAuth, readFilePaths) @@ -246,74 +245,74 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/import/importSY", model.CheckAuth, model.CheckReadonly, importSY) ginServer.Handle("POST", "/api/template/render", model.CheckAuth, renderTemplate) - ginServer.Handle("POST", "/api/template/docSaveAsTemplate", model.CheckAuth, docSaveAsTemplate) + ginServer.Handle("POST", "/api/template/docSaveAsTemplate", model.CheckAuth, model.CheckReadonly, docSaveAsTemplate) ginServer.Handle("POST", "/api/transactions", model.CheckAuth, model.CheckReadonly, performTransactions) - ginServer.Handle("POST", "/api/setting/setAccount", model.CheckAuth, setAccount) - ginServer.Handle("POST", "/api/setting/setEditor", model.CheckAuth, setEditor) - ginServer.Handle("POST", "/api/setting/setExport", model.CheckAuth, setExport) - ginServer.Handle("POST", "/api/setting/setFiletree", model.CheckAuth, setFiletree) - ginServer.Handle("POST", "/api/setting/setSearch", model.CheckAuth, setSearch) - ginServer.Handle("POST", "/api/setting/setKeymap", model.CheckAuth, setKeymap) - ginServer.Handle("POST", "/api/setting/setAppearance", model.CheckAuth, setAppearance) + ginServer.Handle("POST", "/api/setting/setAccount", model.CheckAuth, model.CheckReadonly, setAccount) + ginServer.Handle("POST", "/api/setting/setEditor", model.CheckAuth, model.CheckReadonly, setEditor) + ginServer.Handle("POST", "/api/setting/setExport", model.CheckAuth, model.CheckReadonly, setExport) + ginServer.Handle("POST", "/api/setting/setFiletree", model.CheckAuth, model.CheckReadonly, setFiletree) + ginServer.Handle("POST", "/api/setting/setSearch", model.CheckAuth, model.CheckReadonly, setSearch) + ginServer.Handle("POST", "/api/setting/setKeymap", model.CheckAuth, model.CheckReadonly, setKeymap) + ginServer.Handle("POST", "/api/setting/setAppearance", model.CheckAuth, model.CheckReadonly, setAppearance) ginServer.Handle("POST", "/api/setting/getCloudUser", model.CheckAuth, getCloudUser) - ginServer.Handle("POST", "/api/setting/logoutCloudUser", model.CheckAuth, logoutCloudUser) - ginServer.Handle("POST", "/api/setting/login2faCloudUser", model.CheckAuth, login2faCloudUser) + ginServer.Handle("POST", "/api/setting/logoutCloudUser", model.CheckAuth, model.CheckReadonly, logoutCloudUser) + ginServer.Handle("POST", "/api/setting/login2faCloudUser", model.CheckAuth, model.CheckReadonly, login2faCloudUser) ginServer.Handle("POST", "/api/setting/getCustomCSS", model.CheckAuth, getCustomCSS) - ginServer.Handle("POST", "/api/setting/setCustomCSS", model.CheckAuth, setCustomCSS) - ginServer.Handle("POST", "/api/setting/setEmoji", model.CheckAuth, setEmoji) + ginServer.Handle("POST", "/api/setting/setCustomCSS", model.CheckAuth, model.CheckReadonly, setCustomCSS) + ginServer.Handle("POST", "/api/setting/setEmoji", model.CheckAuth, model.CheckReadonly, setEmoji) - ginServer.Handle("POST", "/api/graph/resetGraph", model.CheckAuth, resetGraph) - ginServer.Handle("POST", "/api/graph/resetLocalGraph", model.CheckAuth, resetLocalGraph) + ginServer.Handle("POST", "/api/graph/resetGraph", model.CheckAuth, model.CheckReadonly, resetGraph) + ginServer.Handle("POST", "/api/graph/resetLocalGraph", model.CheckAuth, model.CheckReadonly, resetLocalGraph) ginServer.Handle("POST", "/api/graph/getGraph", model.CheckAuth, getGraph) ginServer.Handle("POST", "/api/graph/getLocalGraph", model.CheckAuth, getLocalGraph) ginServer.Handle("POST", "/api/bazaar/getBazaarWidget", model.CheckAuth, getBazaarWidget) ginServer.Handle("POST", "/api/bazaar/getInstalledWidget", model.CheckAuth, getInstalledWidget) - ginServer.Handle("POST", "/api/bazaar/installBazaarWidget", model.CheckAuth, installBazaarWidget) - ginServer.Handle("POST", "/api/bazaar/uninstallBazaarWidget", model.CheckAuth, uninstallBazaarWidget) + ginServer.Handle("POST", "/api/bazaar/installBazaarWidget", model.CheckAuth, model.CheckReadonly, installBazaarWidget) + ginServer.Handle("POST", "/api/bazaar/uninstallBazaarWidget", model.CheckAuth, model.CheckReadonly, uninstallBazaarWidget) ginServer.Handle("POST", "/api/bazaar/getBazaarIcon", model.CheckAuth, getBazaarIcon) ginServer.Handle("POST", "/api/bazaar/getInstalledIcon", model.CheckAuth, getInstalledIcon) - ginServer.Handle("POST", "/api/bazaar/installBazaarIcon", model.CheckAuth, installBazaarIcon) - ginServer.Handle("POST", "/api/bazaar/uninstallBazaarIcon", model.CheckAuth, uninstallBazaarIcon) + ginServer.Handle("POST", "/api/bazaar/installBazaarIcon", model.CheckAuth, model.CheckReadonly, installBazaarIcon) + ginServer.Handle("POST", "/api/bazaar/uninstallBazaarIcon", model.CheckAuth, model.CheckReadonly, uninstallBazaarIcon) ginServer.Handle("POST", "/api/bazaar/getBazaarTemplate", model.CheckAuth, getBazaarTemplate) ginServer.Handle("POST", "/api/bazaar/getInstalledTemplate", model.CheckAuth, getInstalledTemplate) - ginServer.Handle("POST", "/api/bazaar/installBazaarTemplate", model.CheckAuth, installBazaarTemplate) - ginServer.Handle("POST", "/api/bazaar/uninstallBazaarTemplate", model.CheckAuth, uninstallBazaarTemplate) + ginServer.Handle("POST", "/api/bazaar/installBazaarTemplate", model.CheckAuth, model.CheckReadonly, installBazaarTemplate) + ginServer.Handle("POST", "/api/bazaar/uninstallBazaarTemplate", model.CheckAuth, model.CheckReadonly, uninstallBazaarTemplate) ginServer.Handle("POST", "/api/bazaar/getBazaarTheme", model.CheckAuth, getBazaarTheme) ginServer.Handle("POST", "/api/bazaar/getInstalledTheme", model.CheckAuth, getInstalledTheme) - ginServer.Handle("POST", "/api/bazaar/installBazaarTheme", model.CheckAuth, installBazaarTheme) - ginServer.Handle("POST", "/api/bazaar/uninstallBazaarTheme", model.CheckAuth, uninstallBazaarTheme) + ginServer.Handle("POST", "/api/bazaar/installBazaarTheme", model.CheckAuth, model.CheckReadonly, installBazaarTheme) + ginServer.Handle("POST", "/api/bazaar/uninstallBazaarTheme", model.CheckAuth, model.CheckReadonly, uninstallBazaarTheme) ginServer.Handle("POST", "/api/bazaar/getBazaarPackageREAME", model.CheckAuth, getBazaarPackageREAME) - ginServer.Handle("POST", "/api/repo/initRepoKey", model.CheckAuth, initRepoKey) - ginServer.Handle("POST", "/api/repo/initRepoKeyFromPassphrase", model.CheckAuth, initRepoKeyFromPassphrase) - ginServer.Handle("POST", "/api/repo/resetRepo", model.CheckAuth, resetRepo) - ginServer.Handle("POST", "/api/repo/importRepoKey", model.CheckAuth, importRepoKey) - ginServer.Handle("POST", "/api/repo/createSnapshot", model.CheckAuth, createSnapshot) - ginServer.Handle("POST", "/api/repo/tagSnapshot", model.CheckAuth, tagSnapshot) - ginServer.Handle("POST", "/api/repo/checkoutRepo", model.CheckAuth, checkoutRepo) + ginServer.Handle("POST", "/api/repo/initRepoKey", model.CheckAuth, model.CheckReadonly, initRepoKey) + ginServer.Handle("POST", "/api/repo/initRepoKeyFromPassphrase", model.CheckAuth, model.CheckReadonly, initRepoKeyFromPassphrase) + ginServer.Handle("POST", "/api/repo/resetRepo", model.CheckAuth, model.CheckReadonly, resetRepo) + ginServer.Handle("POST", "/api/repo/importRepoKey", model.CheckAuth, model.CheckReadonly, importRepoKey) + ginServer.Handle("POST", "/api/repo/createSnapshot", model.CheckAuth, model.CheckReadonly, createSnapshot) + ginServer.Handle("POST", "/api/repo/tagSnapshot", model.CheckAuth, model.CheckReadonly, tagSnapshot) + ginServer.Handle("POST", "/api/repo/checkoutRepo", model.CheckAuth, model.CheckReadonly, checkoutRepo) ginServer.Handle("POST", "/api/repo/getRepoSnapshots", model.CheckAuth, getRepoSnapshots) ginServer.Handle("POST", "/api/repo/getRepoTagSnapshots", model.CheckAuth, getRepoTagSnapshots) - ginServer.Handle("POST", "/api/repo/removeRepoTagSnapshot", model.CheckAuth, removeRepoTagSnapshot) + ginServer.Handle("POST", "/api/repo/removeRepoTagSnapshot", model.CheckAuth, model.CheckReadonly, removeRepoTagSnapshot) ginServer.Handle("POST", "/api/repo/getCloudRepoTagSnapshots", model.CheckAuth, getCloudRepoTagSnapshots) - ginServer.Handle("POST", "/api/repo/removeCloudRepoTagSnapshot", model.CheckAuth, removeCloudRepoTagSnapshot) - ginServer.Handle("POST", "/api/repo/uploadCloudSnapshot", model.CheckAuth, uploadCloudSnapshot) - ginServer.Handle("POST", "/api/repo/downloadCloudSnapshot", model.CheckAuth, downloadCloudSnapshot) + ginServer.Handle("POST", "/api/repo/removeCloudRepoTagSnapshot", model.CheckAuth, model.CheckReadonly, removeCloudRepoTagSnapshot) + ginServer.Handle("POST", "/api/repo/uploadCloudSnapshot", model.CheckAuth, model.CheckReadonly, uploadCloudSnapshot) + ginServer.Handle("POST", "/api/repo/downloadCloudSnapshot", model.CheckAuth, model.CheckReadonly, downloadCloudSnapshot) ginServer.Handle("POST", "/api/repo/diffRepoSnapshots", model.CheckAuth, diffRepoSnapshots) ginServer.Handle("POST", "/api/repo/openRepoSnapshotDoc", model.CheckAuth, openRepoSnapshotDoc) - ginServer.Handle("POST", "/api/riff/createRiffDeck", model.CheckAuth, createRiffDeck) - ginServer.Handle("POST", "/api/riff/renameRiffDeck", model.CheckAuth, renameRiffDeck) - ginServer.Handle("POST", "/api/riff/removeRiffDeck", model.CheckAuth, removeRiffDeck) + ginServer.Handle("POST", "/api/riff/createRiffDeck", model.CheckAuth, model.CheckReadonly, createRiffDeck) + ginServer.Handle("POST", "/api/riff/renameRiffDeck", model.CheckAuth, model.CheckReadonly, renameRiffDeck) + ginServer.Handle("POST", "/api/riff/removeRiffDeck", model.CheckAuth, model.CheckReadonly, removeRiffDeck) ginServer.Handle("POST", "/api/riff/getRiffDecks", model.CheckAuth, getRiffDecks) - ginServer.Handle("POST", "/api/riff/addRiffCards", model.CheckAuth, addRiffCards) - ginServer.Handle("POST", "/api/riff/removeRiffCards", model.CheckAuth, removeRiffCards) + ginServer.Handle("POST", "/api/riff/addRiffCards", model.CheckAuth, model.CheckReadonly, addRiffCards) + ginServer.Handle("POST", "/api/riff/removeRiffCards", model.CheckAuth, model.CheckReadonly, removeRiffCards) ginServer.Handle("POST", "/api/riff/getRiffDueCards", model.CheckAuth, getRiffDueCards) ginServer.Handle("POST", "/api/riff/getTreeRiffDueCards", model.CheckAuth, getTreeRiffDueCards) ginServer.Handle("POST", "/api/riff/getNotebookRiffDueCards", model.CheckAuth, getNotebookRiffDueCards) - ginServer.Handle("POST", "/api/riff/reviewRiffCard", model.CheckAuth, reviewRiffCard) + ginServer.Handle("POST", "/api/riff/reviewRiffCard", model.CheckAuth, model.CheckReadonly, reviewRiffCard) ginServer.Handle("POST", "/api/riff/getRiffCards", model.CheckAuth, getRiffCards) ginServer.Handle("POST", "/api/riff/getTreeRiffCards", model.CheckAuth, getTreeRiffCards) ginServer.Handle("POST", "/api/riff/getNotebookRiffCards", model.CheckAuth, getNotebookRiffCards) @@ -323,11 +322,11 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/snippet/getSnippet", model.CheckAuth, getSnippet) ginServer.Handle("POST", "/api/snippet/setSnippet", model.CheckAuth, setSnippet) - ginServer.Handle("POST", "/api/snippet/removeSnippet", model.CheckAuth, removeSnippet) + ginServer.Handle("POST", "/api/snippet/removeSnippet", model.CheckAuth, model.CheckReadonly, removeSnippet) ginServer.Handle("GET", "/snippets/*filepath", serveSnippets) ginServer.Handle("POST", "/api/av/renderAttributeView", model.CheckAuth, renderAttributeView) - ginServer.Handle("POST", "/api/ai/chatGPT", model.CheckAuth, chatGPT) - ginServer.Handle("POST", "/api/ai/chatGPTWithAction", model.CheckAuth, chatGPTWithAction) + ginServer.Handle("POST", "/api/ai/chatGPT", model.CheckAuth, model.CheckReadonly, chatGPT) + ginServer.Handle("POST", "/api/ai/chatGPTWithAction", model.CheckAuth, model.CheckReadonly, chatGPTWithAction) } diff --git a/kernel/api/storage.go b/kernel/api/storage.go index 23b323835..eba738a41 100644 --- a/kernel/api/storage.go +++ b/kernel/api/storage.go @@ -25,37 +25,6 @@ import ( "github.com/siyuan-note/siyuan/kernel/util" ) -func setRecentDoc(c *gin.Context) { - ret := gulu.Ret.NewResult() - defer c.JSON(http.StatusOK, ret) - - arg, ok := util.JsonArg(c, ret) - if !ok { - return - } - - param, err := gulu.JSON.MarshalJSON(arg["recentDoc"]) - if nil != err { - ret.Code = -1 - ret.Msg = err.Error() - return - } - - recentDoc := &model.RecentDoc{} - if err = gulu.JSON.UnmarshalJSON(param, recentDoc); nil != err { - ret.Code = -1 - ret.Msg = err.Error() - return - } - - err = model.SetRecentDoc(recentDoc) - if nil != err { - ret.Code = -1 - ret.Msg = err.Error() - return - } -} - func getRecentDocs(c *gin.Context) { ret := gulu.Ret.NewResult() defer c.JSON(http.StatusOK, ret) From a021097b06a76172547af5df9a34a823cd4deab8 Mon Sep 17 00:00:00 2001 From: Liang Ding Date: Fri, 10 Mar 2023 09:47:34 +0800 Subject: [PATCH 2/4] =?UTF-8?q?:art:=20=E6=94=B9=E8=BF=9B=E5=86=85?= =?UTF-8?q?=E6=A0=B8=E5=8F=AA=E8=AF=BB=E6=A8=A1=E5=BC=8F=20https://github.?= =?UTF-8?q?com/siyuan-note/siyuan/issues/7615?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kernel/api/notebook.go | 18 ++++++++++++++++++ kernel/api/router.go | 4 ++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/kernel/api/notebook.go b/kernel/api/notebook.go index ddbea5059..1f6aa153b 100644 --- a/kernel/api/notebook.go +++ b/kernel/api/notebook.go @@ -102,6 +102,15 @@ func removeNotebook(c *gin.Context) { return } + if util.ReadOnly && !model.IsUserGuide(notebook) { + result := util.NewResult() + result.Code = -1 + result.Msg = model.Conf.Language(34) + result.Data = map[string]interface{}{"closeTimeout": 5000} + c.JSON(200, result) + return + } + err := model.RemoveBox(notebook) if nil != err { ret.Code = -1 @@ -167,6 +176,15 @@ func openNotebook(c *gin.Context) { return } + if util.ReadOnly && !model.IsUserGuide(notebook) { + result := util.NewResult() + result.Code = -1 + result.Msg = model.Conf.Language(34) + result.Data = map[string]interface{}{"closeTimeout": 5000} + c.JSON(200, result) + return + } + msgId := util.PushMsg(model.Conf.Language(45), 1000*60*15) defer util.PushClearMsg(msgId) existed, err := model.Mount(notebook) diff --git a/kernel/api/router.go b/kernel/api/router.go index 220d20ab2..902d24f7b 100644 --- a/kernel/api/router.go +++ b/kernel/api/router.go @@ -73,12 +73,12 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/account/startFreeTrial", model.CheckAuth, model.CheckReadonly, startFreeTrial) ginServer.Handle("POST", "/api/notebook/lsNotebooks", model.CheckAuth, lsNotebooks) - ginServer.Handle("POST", "/api/notebook/openNotebook", model.CheckAuth, model.CheckReadonly, openNotebook) + ginServer.Handle("POST", "/api/notebook/openNotebook", model.CheckAuth, openNotebook) ginServer.Handle("POST", "/api/notebook/closeNotebook", model.CheckAuth, model.CheckReadonly, closeNotebook) ginServer.Handle("POST", "/api/notebook/getNotebookConf", model.CheckAuth, getNotebookConf) ginServer.Handle("POST", "/api/notebook/setNotebookConf", model.CheckAuth, model.CheckReadonly, setNotebookConf) ginServer.Handle("POST", "/api/notebook/createNotebook", model.CheckAuth, model.CheckReadonly, createNotebook) - ginServer.Handle("POST", "/api/notebook/removeNotebook", model.CheckAuth, model.CheckReadonly, removeNotebook) + ginServer.Handle("POST", "/api/notebook/removeNotebook", model.CheckAuth, removeNotebook) ginServer.Handle("POST", "/api/notebook/renameNotebook", model.CheckAuth, model.CheckReadonly, renameNotebook) ginServer.Handle("POST", "/api/notebook/changeSortNotebook", model.CheckAuth, model.CheckReadonly, changeSortNotebook) ginServer.Handle("POST", "/api/notebook/setNotebookIcon", model.CheckAuth, model.CheckReadonly, setNotebookIcon) From 883898f053497104baa8ee51a262435c386e4aa9 Mon Sep 17 00:00:00 2001 From: Liang Ding Date: Fri, 10 Mar 2023 09:56:26 +0800 Subject: [PATCH 3/4] =?UTF-8?q?:art:=20=E6=94=B9=E8=BF=9B=E5=86=85?= =?UTF-8?q?=E6=A0=B8=E5=8F=AA=E8=AF=BB=E6=A8=A1=E5=BC=8F=20https://github.?= =?UTF-8?q?com/siyuan-note/siyuan/issues/7615?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kernel/api/router.go | 6 +++--- kernel/api/system.go | 4 ++++ kernel/model/storage.go | 4 ++++ 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/kernel/api/router.go b/kernel/api/router.go index 902d24f7b..6e02101aa 100644 --- a/kernel/api/router.go +++ b/kernel/api/router.go @@ -52,14 +52,14 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/system/setAppearanceMode", model.CheckAuth, setAppearanceMode) ginServer.Handle("POST", "/api/system/getSysFonts", model.CheckAuth, getSysFonts) ginServer.Handle("POST", "/api/system/exit", model.CheckAuth, exit) - ginServer.Handle("POST", "/api/system/setUILayout", model.CheckAuth, model.CheckReadonly, setUILayout) + ginServer.Handle("POST", "/api/system/setUILayout", model.CheckAuth, setUILayout) ginServer.Handle("POST", "/api/system/getConf", model.CheckAuth, getConf) ginServer.Handle("POST", "/api/system/checkUpdate", model.CheckAuth, checkUpdate) ginServer.Handle("POST", "/api/system/exportLog", model.CheckAuth, exportLog) - ginServer.Handle("POST", "/api/storage/setLocalStorage", model.CheckAuth, model.CheckReadonly, setLocalStorage) + ginServer.Handle("POST", "/api/storage/setLocalStorage", model.CheckAuth, setLocalStorage) ginServer.Handle("POST", "/api/storage/getLocalStorage", model.CheckAuth, getLocalStorage) - ginServer.Handle("POST", "/api/storage/setLocalStorageVal", model.CheckAuth, model.CheckReadonly, setLocalStorageVal) + ginServer.Handle("POST", "/api/storage/setLocalStorageVal", model.CheckAuth, setLocalStorageVal) ginServer.Handle("POST", "/api/storage/removeLocalStorageVal", model.CheckAuth, model.CheckReadonly, removeLocalStorageVal) ginServer.Handle("POST", "/api/storage/setCriterion", model.CheckAuth, model.CheckReadonly, setCriterion) ginServer.Handle("POST", "/api/storage/getCriteria", model.CheckAuth, getCriteria) diff --git a/kernel/api/system.go b/kernel/api/system.go index a77659434..41c8def7b 100644 --- a/kernel/api/system.go +++ b/kernel/api/system.go @@ -171,6 +171,10 @@ func setUILayout(c *gin.Context) { ret := gulu.Ret.NewResult() defer c.JSON(http.StatusOK, ret) + if util.ReadOnly { + return + } + arg, ok := util.JsonArg(c, ret) if !ok { return diff --git a/kernel/model/storage.go b/kernel/model/storage.go index 1e8806780..8b91f4c50 100644 --- a/kernel/model/storage.go +++ b/kernel/model/storage.go @@ -325,6 +325,10 @@ func GetLocalStorage() (ret map[string]interface{}, err error) { } func setLocalStorage(val interface{}) (err error) { + if util.ReadOnly { + return + } + dirPath := filepath.Join(util.DataDir, "storage") if err = os.MkdirAll(dirPath, 0755); nil != err { logging.LogErrorf("create storage [local] dir failed: %s", err) From f816d897c57ed4cb421964116103057b130b0a2b Mon Sep 17 00:00:00 2001 From: Liang Ding Date: Fri, 10 Mar 2023 09:58:18 +0800 Subject: [PATCH 4/4] =?UTF-8?q?:art:=20=E6=94=B9=E8=BF=9B=E5=86=85?= =?UTF-8?q?=E6=A0=B8=E5=8F=AA=E8=AF=BB=E6=A8=A1=E5=BC=8F=20https://github.?= =?UTF-8?q?com/siyuan-note/siyuan/issues/7615?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kernel/api/router.go | 4 ++-- kernel/model/blockial.go | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/kernel/api/router.go b/kernel/api/router.go index 6e02101aa..6e56ac488 100644 --- a/kernel/api/router.go +++ b/kernel/api/router.go @@ -183,8 +183,8 @@ func ServeAPI(ginServer *gin.Engine) { ginServer.Handle("POST", "/api/ref/getBackmentionDoc", model.CheckAuth, getBackmentionDoc) ginServer.Handle("POST", "/api/attr/getBookmarkLabels", model.CheckAuth, getBookmarkLabels) - ginServer.Handle("POST", "/api/attr/resetBlockAttrs", model.CheckAuth, model.CheckReadonly, model.CheckReadonly, resetBlockAttrs) - ginServer.Handle("POST", "/api/attr/setBlockAttrs", model.CheckAuth, model.CheckReadonly, model.CheckReadonly, setBlockAttrs) + ginServer.Handle("POST", "/api/attr/resetBlockAttrs", model.CheckAuth, model.CheckReadonly, resetBlockAttrs) + ginServer.Handle("POST", "/api/attr/setBlockAttrs", model.CheckAuth, setBlockAttrs) ginServer.Handle("POST", "/api/attr/getBlockAttrs", model.CheckAuth, getBlockAttrs) ginServer.Handle("POST", "/api/cloud/getCloudSpace", model.CheckAuth, getCloudSpace) diff --git a/kernel/model/blockial.go b/kernel/model/blockial.go index a5e322c3e..cf42e2ed6 100644 --- a/kernel/model/blockial.go +++ b/kernel/model/blockial.go @@ -93,6 +93,10 @@ func SetBlockReminder(id string, timed string) (err error) { } func SetBlockAttrs(id string, nameValues map[string]string) (err error) { + if util.ReadOnly { + return + } + WaitForWritingFiles() tree, err := loadTreeByBlockID(id)