433 lines
16 KiB
Go
433 lines
16 KiB
Go
package web
|
|
|
|
import (
|
|
"encoding/json"
|
|
"errors"
|
|
"net/http"
|
|
"path/filepath"
|
|
"strconv"
|
|
"time"
|
|
|
|
"ymhut-box/server/unified-management/internal/config"
|
|
"ymhut-box/server/unified-management/internal/db"
|
|
"ymhut-box/server/unified-management/internal/health"
|
|
feedbackmail "ymhut-box/server/unified-management/internal/mail"
|
|
)
|
|
|
|
func (r *router) handleAdminDatabase(w http.ResponseWriter, req *http.Request) {
|
|
path := cleanPath(req.URL.Path)
|
|
switch {
|
|
case req.Method == http.MethodGet && path == "/api/admin/database/config":
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "config": config.SafeDatabase(r.cfg.BaseDir, r.cfg.Database)})
|
|
case req.Method == http.MethodGet && path == "/api/admin/database/status":
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "database": r.store.Status(), "config": config.SafeDatabase(r.cfg.BaseDir, r.cfg.Database)})
|
|
case req.Method == http.MethodPost && path == "/api/admin/database/test":
|
|
body, err := decodeAdminDatabaseConfig(req, r.cfg.BaseDir, r.cfg.Database, true)
|
|
if err != nil {
|
|
writeError(w, http.StatusBadRequest, "INVALID_PAYLOAD", err)
|
|
return
|
|
}
|
|
if err := db.TestDatabase(body); err != nil {
|
|
writeError(w, http.StatusBadGateway, "DATABASE_TEST_FAILED", err)
|
|
return
|
|
}
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "config": config.SafeDatabase(r.cfg.BaseDir, body)})
|
|
case req.Method == http.MethodPost && path == "/api/admin/database/save":
|
|
body, err := decodeAdminDatabaseConfig(req, r.cfg.BaseDir, r.cfg.Database, true)
|
|
if err != nil {
|
|
writeError(w, http.StatusBadRequest, "INVALID_PAYLOAD", err)
|
|
return
|
|
}
|
|
if err := db.TestDatabase(body); err != nil {
|
|
writeError(w, http.StatusBadGateway, "DATABASE_TEST_FAILED", err)
|
|
return
|
|
}
|
|
next := *r.cfg
|
|
next.Database = body
|
|
if err := config.Save(&next); err != nil {
|
|
writeError(w, http.StatusInternalServerError, "DATABASE_SAVE_FAILED", err)
|
|
return
|
|
}
|
|
r.cfg.Database = next.Database
|
|
if err := r.store.ReconfigureDatabase(r.cfg); err != nil {
|
|
writeError(w, http.StatusInternalServerError, "DATABASE_SAVE_FAILED", err)
|
|
return
|
|
}
|
|
_ = r.store.InsertAudit(db.AuditLog{Actor: "admin", Type: "system.database.saved", Target: body.Provider, Message: "数据库配置已保存并热切换", IP: req.RemoteAddr, UserAgent: req.UserAgent()})
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "database": r.store.Status(), "config": config.SafeDatabase(r.cfg.BaseDir, r.cfg.Database)})
|
|
case req.Method == http.MethodPost && path == "/api/admin/database/import-sqlite":
|
|
result, err := r.store.ImportSQLiteToRemote()
|
|
if err != nil {
|
|
writeError(w, http.StatusBadGateway, "DATABASE_IMPORT_FAILED", err)
|
|
return
|
|
}
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "result": result})
|
|
case req.Method == http.MethodPost && path == "/api/admin/database/sync":
|
|
result, err := r.store.SyncNow()
|
|
if err != nil {
|
|
writeError(w, http.StatusBadGateway, "DATABASE_SYNC_FAILED", err)
|
|
return
|
|
}
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "result": result})
|
|
default:
|
|
http.NotFound(w, req)
|
|
}
|
|
}
|
|
|
|
type adminDatabaseRequest struct {
|
|
Provider string `json:"provider"`
|
|
SQLitePath string `json:"sqlite_path"`
|
|
SQLitePathAlt string `json:"sqlitePath"`
|
|
MySQLDSN string `json:"mysql_dsn"`
|
|
MySQLDSNAlt string `json:"mysqlDsn"`
|
|
MySQLHost string `json:"mysql_host"`
|
|
MySQLHostAlt string `json:"mysqlHost"`
|
|
MySQLPort int `json:"mysql_port"`
|
|
MySQLPortAlt int `json:"mysqlPort"`
|
|
MySQLDatabase string `json:"mysql_database"`
|
|
MySQLDBAlt string `json:"mysqlDatabase"`
|
|
MySQLUser string `json:"mysql_user"`
|
|
MySQLUserAlt string `json:"mysqlUser"`
|
|
MySQLPassword string `json:"mysql_password"`
|
|
MySQLPassAlt string `json:"mysqlPassword"`
|
|
MySQL config.MySQLInput `json:"mysql"`
|
|
}
|
|
|
|
func decodeAdminDatabaseConfig(req *http.Request, baseDir string, current config.DatabaseConfig, keepPassword bool) (config.DatabaseConfig, error) {
|
|
var body adminDatabaseRequest
|
|
if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
|
|
return config.DatabaseConfig{}, err
|
|
}
|
|
incoming := config.DatabaseConfig{
|
|
Provider: body.Provider,
|
|
SQLitePath: firstNonEmpty(body.SQLitePath, body.SQLitePathAlt),
|
|
MySQLDSN: firstNonEmpty(body.MySQLDSN, body.MySQLDSNAlt),
|
|
MySQLHost: firstNonEmpty(body.MySQLHost, body.MySQLHostAlt, body.MySQL.Host),
|
|
MySQLPort: firstPositive(body.MySQLPort, body.MySQLPortAlt, body.MySQL.Port),
|
|
MySQLDatabase: firstNonEmpty(body.MySQLDatabase, body.MySQLDBAlt, body.MySQL.Database),
|
|
MySQLUser: firstNonEmpty(body.MySQLUser, body.MySQLUserAlt, body.MySQL.Username),
|
|
MySQLPassword: firstNonEmpty(body.MySQLPassword, body.MySQLPassAlt, body.MySQL.Password),
|
|
}
|
|
return config.NormalizeDatabase(baseDir, current, incoming, keepPassword)
|
|
}
|
|
|
|
func firstPositive(values ...int) int {
|
|
for _, value := range values {
|
|
if value > 0 {
|
|
return value
|
|
}
|
|
}
|
|
return 0
|
|
}
|
|
|
|
func (r *router) handleAdminDashboard(w http.ResponseWriter, req *http.Request) {
|
|
path := cleanPath(req.URL.Path)
|
|
if req.Method != http.MethodGet || path != "/api/admin/dashboard/overview" {
|
|
http.NotFound(w, req)
|
|
return
|
|
}
|
|
overview, err := r.store.DashboardOverview(80)
|
|
if err != nil {
|
|
writeError(w, http.StatusInternalServerError, "DASHBOARD_FAILED", err)
|
|
return
|
|
}
|
|
overview["health"] = health.Snapshot(r.cfg, r.store)
|
|
writeJSON(w, http.StatusOK, overview)
|
|
}
|
|
|
|
func (r *router) handleAdminSync(w http.ResponseWriter, req *http.Request) {
|
|
if r.syncer == nil {
|
|
writeError(w, http.StatusNotFound, "SYNC_DISABLED", errors.New("legacy sync service is not configured"))
|
|
return
|
|
}
|
|
path := cleanPath(req.URL.Path)
|
|
switch {
|
|
case req.Method == http.MethodGet && path == "/api/admin/sync/legacy/preview":
|
|
writeJSON(w, http.StatusOK, r.syncer.Preview(req.Context()))
|
|
case req.Method == http.MethodPost && path == "/api/admin/sync/legacy/run":
|
|
writeJSON(w, http.StatusOK, r.syncer.Run(req.Context()))
|
|
default:
|
|
http.NotFound(w, req)
|
|
}
|
|
}
|
|
|
|
func (r *router) handleAdminEndpoints(w http.ResponseWriter, req *http.Request) {
|
|
if req.Method != http.MethodGet {
|
|
http.NotFound(w, req)
|
|
return
|
|
}
|
|
items, err := r.sources.Endpoints(true)
|
|
if err != nil {
|
|
writeError(w, http.StatusInternalServerError, "ENDPOINTS_FAILED", err)
|
|
return
|
|
}
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "items": items})
|
|
}
|
|
|
|
func (r *router) handleAdminEvents(w http.ResponseWriter, req *http.Request) {
|
|
if req.Method != http.MethodGet {
|
|
writeError(w, http.StatusMethodNotAllowed, "METHOD_NOT_ALLOWED", errors.New("GET required"))
|
|
return
|
|
}
|
|
flusher, ok := w.(http.Flusher)
|
|
if !ok {
|
|
writeError(w, http.StatusInternalServerError, "SSE_UNSUPPORTED", errors.New("streaming is not supported"))
|
|
return
|
|
}
|
|
w.Header().Set("Content-Type", "text/event-stream; charset=utf-8")
|
|
w.Header().Set("Cache-Control", "no-cache")
|
|
w.Header().Set("Connection", "keep-alive")
|
|
events, unsubscribe := r.sources.SubscribeEvents()
|
|
defer unsubscribe()
|
|
ticker := time.NewTicker(15 * time.Second)
|
|
defer ticker.Stop()
|
|
writeSSE(w, "ready", map[string]any{"ok": true, "time": time.Now().UTC().Format(time.RFC3339)})
|
|
flusher.Flush()
|
|
for {
|
|
select {
|
|
case event, ok := <-events:
|
|
if !ok {
|
|
return
|
|
}
|
|
writeSSE(w, event.Type, event.Data)
|
|
flusher.Flush()
|
|
case <-ticker.C:
|
|
writeSSE(w, "heartbeat", map[string]any{"time": time.Now().UTC().Format(time.RFC3339)})
|
|
flusher.Flush()
|
|
case <-req.Context().Done():
|
|
return
|
|
}
|
|
}
|
|
}
|
|
|
|
func (r *router) handleAdminSystem(w http.ResponseWriter, req *http.Request) {
|
|
path := cleanPath(req.URL.Path)
|
|
switch path {
|
|
case "/api/admin/system/health":
|
|
writeJSON(w, http.StatusOK, health.Snapshot(r.cfg, r.store))
|
|
case "/api/admin/system/audit":
|
|
page, err := r.store.ListAuditLogsPage(db.AuditFilters{
|
|
Page: queryInt(req, "page", 1),
|
|
PerPage: queryInt(req, "perPage", 35),
|
|
Type: req.URL.Query().Get("type"),
|
|
Target: req.URL.Query().Get("target"),
|
|
Query: req.URL.Query().Get("q"),
|
|
})
|
|
if err != nil {
|
|
writeError(w, http.StatusInternalServerError, "AUDIT_FAILED", err)
|
|
return
|
|
}
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "items": page.Items, "page": page})
|
|
case "/api/admin/system/mail/config":
|
|
r.handleMailConfig(w, req)
|
|
case "/api/admin/system/mail/test":
|
|
r.handleMailTest(w, req)
|
|
case "/api/admin/system/branding":
|
|
r.handleBranding(w, req)
|
|
case "/api/admin/system/migration":
|
|
r.handleMigrationStatus(w, req)
|
|
case "/api/admin/system/database/sync":
|
|
if req.Method != http.MethodPost {
|
|
writeError(w, http.StatusMethodNotAllowed, "METHOD_NOT_ALLOWED", errors.New("POST required"))
|
|
return
|
|
}
|
|
result, err := r.store.ImportSQLiteToRemote()
|
|
if err != nil {
|
|
writeError(w, http.StatusBadRequest, "SYNC_FAILED", err)
|
|
return
|
|
}
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "result": result, "finishedAt": result.FinishedAt})
|
|
default:
|
|
http.NotFound(w, req)
|
|
}
|
|
}
|
|
|
|
func queryInt(req *http.Request, key string, fallback int) int {
|
|
value, err := strconv.Atoi(req.URL.Query().Get(key))
|
|
if err != nil || value <= 0 {
|
|
return fallback
|
|
}
|
|
return value
|
|
}
|
|
|
|
func (r *router) handleMigrationStatus(w http.ResponseWriter, req *http.Request) {
|
|
if req.Method != http.MethodGet {
|
|
writeError(w, http.StatusMethodNotAllowed, "METHOD_NOT_ALLOWED", errors.New("GET required"))
|
|
return
|
|
}
|
|
status := r.store.Status()
|
|
writeJSON(w, http.StatusOK, map[string]any{
|
|
"ok": true,
|
|
"migration": map[string]any{
|
|
"strategy": "database_first_with_file_assets",
|
|
"databaseCovers": []string{
|
|
"系统设置与品牌",
|
|
"管理员与会话元数据",
|
|
"反馈工单、附件元数据与邮件记录",
|
|
"来源目录、客户端接口与健康记录",
|
|
"发布元数据、版本公告与兼容 JSON 修订",
|
|
"审计日志、旧项目同步记录与数据库同步状态",
|
|
},
|
|
"fileAssets": []map[string]string{
|
|
{"name": "downloads", "path": r.cfg.DownloadsDir, "description": "发布包和下载文件"},
|
|
{"name": "update public", "path": r.cfg.UpdatePublicDir, "description": "旧客户端兼容 JSON 生成物"},
|
|
{"name": "feedback packages", "path": filepath.Join(r.cfg.StorageDir, "feedback"), "description": "反馈加密包和解密后的本地包"},
|
|
},
|
|
"sqlitePath": r.store.Path(),
|
|
"mysql": config.SafeDatabase(r.cfg.BaseDir, r.cfg.Database),
|
|
"schemaVersion": status.SchemaVersion,
|
|
"lastSyncAt": status.LastSyncAt,
|
|
"lastSyncError": status.LastSyncError,
|
|
"lastError": status.LastError,
|
|
"failoverActive": status.FailoverActive,
|
|
"remoteReady": status.RemoteReady,
|
|
"activeProvider": status.ActiveProvider,
|
|
},
|
|
})
|
|
}
|
|
|
|
func (r *router) handleBranding(w http.ResponseWriter, req *http.Request) {
|
|
switch req.Method {
|
|
case http.MethodGet:
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "branding": config.SafeBranding(r.effectiveBranding())})
|
|
case http.MethodPost:
|
|
var body struct {
|
|
SiteIconURL string `json:"siteIconUrl"`
|
|
SiteIconURLSnake string `json:"site_icon_url"`
|
|
DeveloperAvatarURL string `json:"developerAvatarUrl"`
|
|
DeveloperAvatarAlt string `json:"developer_avatar_url"`
|
|
DeveloperName string `json:"developerName"`
|
|
DeveloperNameSnake string `json:"developer_name"`
|
|
FeedbackEmail string `json:"feedbackEmail"`
|
|
FeedbackEmailSnake string `json:"feedback_email"`
|
|
}
|
|
if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
|
|
writeError(w, http.StatusBadRequest, "INVALID_PAYLOAD", err)
|
|
return
|
|
}
|
|
next := config.BrandingConfig{
|
|
SiteIconURL: firstNonEmpty(body.SiteIconURL, body.SiteIconURLSnake),
|
|
DeveloperAvatarURL: firstNonEmpty(body.DeveloperAvatarURL, body.DeveloperAvatarAlt),
|
|
DeveloperName: firstNonEmpty(body.DeveloperName, body.DeveloperNameSnake),
|
|
FeedbackEmail: firstNonEmpty(body.FeedbackEmail, body.FeedbackEmailSnake),
|
|
}
|
|
if err := r.saveBranding(next); err != nil {
|
|
writeError(w, http.StatusInternalServerError, "BRANDING_SAVE_FAILED", err)
|
|
return
|
|
}
|
|
_ = r.store.InsertAudit(db.AuditLog{Actor: "admin", Type: "system.branding.saved", Target: r.cfg.Branding.DeveloperName, Message: "站点品牌信息已保存", IP: req.RemoteAddr, UserAgent: req.UserAgent()})
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "branding": config.SafeBranding(r.effectiveBranding())})
|
|
default:
|
|
writeError(w, http.StatusMethodNotAllowed, "METHOD_NOT_ALLOWED", errors.New("GET or POST required"))
|
|
}
|
|
}
|
|
|
|
func (r *router) handleMailConfig(w http.ResponseWriter, req *http.Request) {
|
|
switch req.Method {
|
|
case http.MethodGet:
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "config": feedbackmail.SafeConfig(r.cfg.Mail)})
|
|
case http.MethodPost:
|
|
nextMail, err := decodeMailConfig(req, r.cfg.Mail)
|
|
if err != nil {
|
|
writeError(w, http.StatusBadRequest, "INVALID_PAYLOAD", err)
|
|
return
|
|
}
|
|
next := *r.cfg
|
|
next.Mail = nextMail
|
|
if err := config.Save(&next); err != nil {
|
|
writeError(w, http.StatusInternalServerError, "MAIL_CONFIG_FAILED", err)
|
|
return
|
|
}
|
|
r.cfg.Mail = next.Mail
|
|
_ = r.store.InsertAudit(db.AuditLog{Actor: "admin", Type: "system.mail.saved", Target: nextMail.Host, Message: "邮件通知配置已保存", IP: req.RemoteAddr, UserAgent: req.UserAgent()})
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true, "config": feedbackmail.SafeConfig(r.cfg.Mail)})
|
|
default:
|
|
writeError(w, http.StatusMethodNotAllowed, "METHOD_NOT_ALLOWED", errors.New("GET or POST required"))
|
|
}
|
|
}
|
|
|
|
func (r *router) handleMailTest(w http.ResponseWriter, req *http.Request) {
|
|
if req.Method != http.MethodPost {
|
|
writeError(w, http.StatusMethodNotAllowed, "METHOD_NOT_ALLOWED", errors.New("POST required"))
|
|
return
|
|
}
|
|
message, err := feedbackmail.BuildTestMessage(r.cfg)
|
|
if err != nil {
|
|
writeError(w, http.StatusBadRequest, "MAIL_TEST_FAILED", err)
|
|
return
|
|
}
|
|
if err := feedbackmail.Send(r.cfg, message); err != nil {
|
|
writeError(w, http.StatusBadGateway, "MAIL_TEST_FAILED", err)
|
|
return
|
|
}
|
|
_ = r.store.InsertAudit(db.AuditLog{Actor: "admin", Type: "system.mail.test", Target: message.To, Message: "测试邮件已发送", IP: req.RemoteAddr, UserAgent: req.UserAgent()})
|
|
writeJSON(w, http.StatusOK, map[string]any{"ok": true})
|
|
}
|
|
|
|
type mailConfigRequest struct {
|
|
Host string `json:"host"`
|
|
Port int `json:"port"`
|
|
Secure string `json:"secure"`
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
FromAddress string `json:"from_address"`
|
|
FromAddressAlt string `json:"fromAddress"`
|
|
FromName string `json:"from_name"`
|
|
FromNameAlt string `json:"fromName"`
|
|
DeveloperAddress string `json:"developer_address"`
|
|
DeveloperAlt string `json:"developerAddress"`
|
|
TimeoutSeconds int `json:"timeout_seconds"`
|
|
TimeoutAlt int `json:"timeoutSeconds"`
|
|
}
|
|
|
|
func decodeMailConfig(req *http.Request, current config.MailConfig) (config.MailConfig, error) {
|
|
var body mailConfigRequest
|
|
if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
|
|
return config.MailConfig{}, err
|
|
}
|
|
next := current
|
|
if body.Host != "" {
|
|
next.Host = body.Host
|
|
}
|
|
if body.Port > 0 {
|
|
next.Port = body.Port
|
|
}
|
|
if body.Secure != "" {
|
|
next.Secure = body.Secure
|
|
}
|
|
if body.Username != "" {
|
|
next.Username = body.Username
|
|
}
|
|
if body.Password != "" {
|
|
next.Password = body.Password
|
|
}
|
|
if value := firstNonEmpty(body.FromAddress, body.FromAddressAlt); value != "" {
|
|
next.FromAddress = value
|
|
}
|
|
if value := firstNonEmpty(body.FromName, body.FromNameAlt); value != "" {
|
|
next.FromName = value
|
|
}
|
|
if value := firstNonEmpty(body.DeveloperAddress, body.DeveloperAlt); value != "" {
|
|
next.DeveloperAddress = value
|
|
}
|
|
if timeout := firstPositive(body.TimeoutSeconds, body.TimeoutAlt); timeout > 0 {
|
|
next.TimeoutSeconds = timeout
|
|
}
|
|
if next.Port <= 0 {
|
|
next.Port = 465
|
|
}
|
|
if next.Secure == "" {
|
|
next.Secure = "ssl"
|
|
}
|
|
if next.FromName == "" {
|
|
next.FromName = "YMhut Box Feedback"
|
|
}
|
|
if next.FromAddress == "" {
|
|
next.FromAddress = next.Username
|
|
}
|
|
if next.TimeoutSeconds <= 0 {
|
|
next.TimeoutSeconds = 20
|
|
}
|
|
return next, nil
|
|
}
|