import { Request, Response } from 'express'; import { ClientAclModel } from '../models/clientAcl'; import { toString } from '../utils/helpers'; export class ClientAclController { // 获取所有客户端授权规则 static async getAllClientAcl(req: Request, res: Response): Promise { try { const page = Number(req.query.page) || 1; const limit = Number(req.query.limit) || 20; const offset = (page - 1) * limit; const clientAcls = await ClientAclModel.getAll(limit, offset); const total = await ClientAclModel.getCount(); res.status(200).json({ success: true, data: clientAcls, pagination: { page, limit, total, pages: Math.ceil(total / limit) } }); } catch (error) { console.error('获取客户端授权规则列表失败:', error); res.status(500).json({ success: false, message: '获取客户端授权规则列表失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 根据ID获取客户端授权规则 static async getClientAclById(req: Request, res: Response): Promise { try { const { id } = req.params; if (!id || isNaN(Number(id))) { res.status(400).json({ success: false, message: '无效的ID' }); return; } const clientAcl = await ClientAclModel.getById(Number(id)); if (!clientAcl) { res.status(404).json({ success: false, message: '客户端授权规则不存在' }); return; } res.status(200).json({ success: true, data: clientAcl }); } catch (error) { console.error('获取客户端授权规则失败:', error); res.status(500).json({ success: false, message: '获取客户端授权规则失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 根据用户名获取授权规则 static async getClientAclByUsername(req: Request, res: Response): Promise { try { const { username } = req.params; const usernameStr = toString(username); if (!usernameStr) { res.status(400).json({ success: false, message: '用户名不能为空' }); return; } const clientAcls = await ClientAclModel.getByUsername(usernameStr); res.status(200).json({ success: true, data: clientAcls }); } catch (error) { console.error('根据用户名获取授权规则失败:', error); res.status(500).json({ success: false, message: '根据用户名获取授权规则失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 根据主题获取授权规则 static async getClientAclByTopic(req: Request, res: Response): Promise { try { const { topic } = req.params; const topicStr = toString(topic); if (!topicStr) { res.status(400).json({ success: false, message: '主题不能为空' }); return; } const clientAcls = await ClientAclModel.getByTopic(topicStr); res.status(200).json({ success: true, data: clientAcls }); } catch (error) { console.error('根据主题获取授权规则失败:', error); res.status(500).json({ success: false, message: '根据主题获取授权规则失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 创建客户端授权规则 static async createClientAcl(req: Request, res: Response): Promise { try { const { clientid, username, topic, action, permission, priority, description } = req.body; if (!username || !topic || !action || !permission) { res.status(400).json({ success: false, message: '用户名、主题、操作和权限不能为空' }); return; } // 验证action和permission的值 if (!['publish', 'subscribe', 'pubsub'].includes(action)) { res.status(400).json({ success: false, message: '操作必须是publish、subscribe或pubsub之一' }); return; } if (!['allow', 'deny'].includes(permission)) { res.status(400).json({ success: false, message: '权限必须是allow或deny之一' }); return; } // 创建客户端授权规则 const newClientAcl = await ClientAclModel.create({ clientid: clientid || null, username, topic, action, permission, priority: priority || 0, description: description || null }); res.status(201).json({ success: true, data: newClientAcl, message: '客户端授权规则创建成功' }); } catch (error) { console.error('创建客户端授权规则失败:', error); res.status(500).json({ success: false, message: '创建客户端授权规则失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 更新客户端授权规则 static async updateClientAcl(req: Request, res: Response): Promise { try { const { id } = req.params; const { username, topic, action, permission, priority, description } = req.body; if (!id || isNaN(Number(id))) { res.status(400).json({ success: false, message: '无效的ID' }); return; } // 检查客户端授权规则是否存在 const existingClientAcl = await ClientAclModel.getById(Number(id)); if (!existingClientAcl) { res.status(404).json({ success: false, message: '客户端授权规则不存在' }); return; } // 验证action和permission的值 if (action && !['publish', 'subscribe', 'pubsub'].includes(action)) { res.status(400).json({ success: false, message: '操作必须是publish、subscribe或pubsub之一' }); return; } if (permission && !['allow', 'deny'].includes(permission)) { res.status(400).json({ success: false, message: '权限必须是allow或deny之一' }); return; } // 更新客户端授权规则 const updatedClientAcl = await ClientAclModel.update(Number(id), { username, topic, action, permission, priority, description }); res.status(200).json({ success: true, data: updatedClientAcl, message: '客户端授权规则更新成功' }); } catch (error) { console.error('更新客户端授权规则失败:', error); res.status(500).json({ success: false, message: '更新客户端授权规则失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 删除客户端授权规则 static async deleteClientAcl(req: Request, res: Response): Promise { try { const { id } = req.params; if (!id || isNaN(Number(id))) { res.status(400).json({ success: false, message: '无效的ID' }); return; } // 检查客户端授权规则是否存在 const existingClientAcl = await ClientAclModel.getById(Number(id)); if (!existingClientAcl) { res.status(404).json({ success: false, message: '客户端授权规则不存在' }); return; } // 删除客户端授权规则 await ClientAclModel.delete(Number(id)); res.status(200).json({ success: true, message: '客户端授权规则删除成功' }); } catch (error) { console.error('删除客户端授权规则失败:', error); res.status(500).json({ success: false, message: '删除客户端授权规则失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 批量删除客户端授权规则 static async deleteMultipleClientAcl(req: Request, res: Response): Promise { try { const { ids } = req.body; if (!ids || !Array.isArray(ids) || ids.length === 0) { res.status(400).json({ success: false, message: '请提供有效的ID列表' }); return; } // 验证所有ID是否为数字 const validIds = ids.filter(id => !isNaN(Number(id))); if (validIds.length !== ids.length) { res.status(400).json({ success: false, message: 'ID列表包含无效的ID' }); return; } // 批量删除客户端授权规则 await ClientAclModel.deleteMultiple(validIds.map(id => Number(id))); res.status(200).json({ success: true, message: `成功删除${validIds.length}条客户端授权规则` }); } catch (error) { console.error('批量删除客户端授权规则失败:', error); res.status(500).json({ success: false, message: '批量删除客户端授权规则失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 根据用户名和操作类型获取授权规则 static async getClientAclByUsernameAndAction(req: Request, res: Response): Promise { try { const { username, action } = req.params; const usernameStr = toString(username); const actionStr = toString(action); if (!usernameStr || !actionStr) { res.status(400).json({ success: false, message: '用户名和操作类型不能为空' }); return; } if (!['publish', 'subscribe', 'pubsub'].includes(actionStr)) { res.status(400).json({ success: false, message: '操作必须是publish、subscribe或pubsub之一' }); return; } const clientAcls = await ClientAclModel.getByUsernameAndAction(usernameStr, actionStr); res.status(200).json({ success: true, data: clientAcls }); } catch (error) { console.error('根据用户名和操作类型获取授权规则失败:', error); res.status(500).json({ success: false, message: '根据用户名和操作类型获取授权规则失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 检查用户是否有权限访问特定主题 static async checkUserPermission(req: Request, res: Response): Promise { try { const { username, topic, action } = req.body; if (!username || !topic || !action) { res.status(400).json({ success: false, message: '用户名、主题和操作类型不能为空' }); return; } // 验证action的值 if (!['publish', 'subscribe'].includes(action)) { res.status(400).json({ success: false, message: '操作必须是publish或subscribe之一' }); return; } // 检查用户权限 const hasPermission = await ClientAclModel.checkPermission(username, topic, action); res.status(200).json({ success: true, data: { username, topic, action, hasPermission }, message: `用户${hasPermission ? '有' : '没有'}权限${action === 'publish' ? '发布到' : '订阅'}主题${topic}` }); } catch (error) { console.error('检查用户权限失败:', error); res.status(500).json({ success: false, message: '检查用户权限失败', error: error instanceof Error ? error.message : '未知错误' }); } } // 获取客户端授权统计信息 static async getClientAclStats(req: Request, res: Response): Promise { try { const stats = await ClientAclModel.getPermissionStats(); res.status(200).json({ success: true, data: stats, message: '获取客户端授权统计信息成功' }); } catch (error) { console.error('获取客户端授权统计信息失败:', error); res.status(500).json({ success: false, message: '获取客户端授权统计信息失败', error: error instanceof Error ? error.message : '未知错误' }); } } }