mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-06-28 00:24:19 +00:00
Sanaei
41645255f1
* refactor(service): split client.go into focused files
client.go had grown to 4455 lines mixing ~10 responsibilities. Split it
verbatim into cohesive same-package files (no behavior change):
client.go foundation: ClientService, ClientWithAttachments,
ClientCreatePayload, ErrClientNotInInbound, sqlInChunk
client_locks.go inbound mutation locks, delete tombstones, compactOrphans
client_lookup.go read-only lookups (GetByID, List, EffectiveFlow, ...)
client_link.go inbound association sync (SyncInbound, DetachInbound, ...)
client_crud.go single-client CRUD + validation + protocol defaults
client_inbound_apply.go low-level inbound-settings mutators + by-email setters
client_bulk.go bulk attach/detach/adjust/delete/create + DelDepleted
client_traffic.go traffic-reset paths
client_groups.go client group management
client_paging.go paged listing, filtering, sorting, summary
Every declaration moved unchanged (verified: identical func/type/const/var
signature set before vs after). Imports redistributed per file via goimports.
go build ./..., go vet, and go test ./web/service/... all pass.
* refactor(service): split inbound.go into focused files
inbound.go was 4100 lines. Split it verbatim into cohesive same-package
files (no behavior change):
inbound.go core inbound CRUD + InboundService (keeps pkg doc)
inbound_protocol.go protocol / stream capability helpers
inbound_node.go node/runtime/remote coordination + online tracking
inbound_traffic.go traffic accounting, reset, client stats
inbound_client_ips.go per-client IP tracking
inbound_clients.go client lookups within inbounds + copy-clients
inbound_disable.go auto-disable invalid inbounds/clients
inbound_migration.go DB migrations
inbound_sublink.go subscription link providers
inbound_util.go generic slice/string helpers
Identical func/type/const/var signature set before vs after; package doc
comment preserved on inbound.go. Imports redistributed via goimports.
Build, vet, and go test ./web/service/... all pass.
* refactor(service): split tgbot.go into focused files
tgbot.go was 3738 lines dominated by a 1246-line answerCallback. Split it
verbatim into cohesive same-package files (no behavior change):
tgbot.go lifecycle, bot setup, caches, small utils
tgbot_router.go incoming update / command / callback dispatch
tgbot_send.go outbound messaging primitives
tgbot_client.go client views, actions, subscription links
tgbot_inbound.go inbound listing / pickers
tgbot_report.go server usage, exhausted, online, backups, notifications
Identical func/type/const/var signature set before vs after. Imports
redistributed via goimports. Build, vet, and go test ./web/service/... pass.
* refactor(client): dedupe single-field by-email setters
ResetClientIpLimitByEmail, ResetClientExpiryTimeByEmail, and
ResetClientTrafficLimitByEmail shared an identical ~50-line body that
resolves the inbound by email, confirms the client exists, rewrites a
single-client settings payload, and delegates to UpdateInboundClient.
Extract that into applyClientFieldByEmail(inboundSvc, email, mutate) and
reduce each setter to a 3-line wrapper. Behavior is unchanged: same checks
and error strings, same single-client payload contract, same totalGB guard.
SetClientTelegramUserID (resolves by traffic id, different error text) and
ToggleClientEnableByEmail/SetClientEnableByEmail (different return shape and
a pre-read of the old state) intentionally keep their own bodies.
* refactor(service): extract panel/ subpackage
Move the panel-administration leaf services out of the flat service
package into web/service/panel/ (package panel):
user.go UserService (auth / 2FA / LDAP)
panel.go PanelService (restart / self-update) + version helpers
panel_other.go non-unix RestartPanel
panel_unix.go unix RestartPanel
api_token.go ApiTokenService
websocket.go WebSocketService
panel_test.go version/shellQuote unit tests
These are leaves: they depend on core (SettingService, Release) but no
core file references them, so the extraction creates no import cycle.
Core references are now qualified (service.SettingService, service.Release);
callers in main.go, web/web.go, and web/controller/* updated to panel.*.
Build, vet, and go test ./web/... pass.
* refactor(service): extract integration/ subpackage
Move the external-provider integration leaves into web/service/integration/
(package integration):
warp.go WarpService (Cloudflare WARP)
nord.go NordService (NordVPN)
custom_geo.go CustomGeoService (custom geo asset management)
*_test.go custom_geo / panel-proxy tests
These depend on core (SettingService, ServerService, XraySettingService) but
no core file references them. xray_setting.go stays in core because it calls
the unexported SettingService.saveSetting. The shared isBlockedIP SSRF helper
(used by core url_safety.go and by custom_geo) now has a small copy in each
package rather than being exported. Core references qualified; callers in
web/web.go, web/job/*, and web/controller/* updated to integration.*.
Build, vet, and go test ./web/... pass.
* refactor(service): extract tgbot/ subpackage
Move the Telegram bot (6 files + test) into web/service/tgbot/ (package
tgbot). It is a leaf: it embeds five core services (Inbound/Client/Setting/
Server/Xray) and the core never references it, so no import cycle.
To support the package boundary without changing behavior:
- core exposes XrayProcess() *xray.Process so tgbot keeps calling the
exact same running-process methods it used via the package-level `p`;
- three core methods tgbot calls are exported: ClientService.checkIs-
EnabledByEmail -> CheckIsEnabledByEmail, InboundService.getAllEmails ->
GetAllEmails (callers updated in-package);
- tgbot's embedded-field types and the few core type refs (Status,
ClientCreatePayload, SanitizePublicHTTPURL) are now service-qualified.
Callers in main.go, web/web.go, web/job/*, and web/controller/* updated to
tgbot.*. Build, vet, and go test ./web/... pass.
* refactor(service): extract outbound/ subpackage
OutboundService (outbound.go) imports only neutral packages (config,
database, model, xray) and its production code is referenced by no core or
sibling service file — only by web/controller/xray_setting.go and
web/job/xray_traffic_job.go. Move it to web/service/outbound/ (package
outbound); no core qualification needed inside. Callers updated to outbound.*.
The one coupling was a tiny pure test helper, outboundsContainTag, used by
both outbound.go and the core outbound_subscription_test.go; it now has a
small copy in that test file rather than being shared across the boundary.
Build, vet, and go test ./web/... pass.
* refactor(util): move wireguard into its own subpackage
util/wireguard.go was the lone file of the root `util` package (24 lines,
one exported func GenerateWireguardKeypair), while every other util concern
lives in a focused subpackage (util/common, util/crypto, util/netsafe, ...).
Move it to util/wireguard/ (package wireguard) for consistency; its only
importer, web/service/integration/warp.go, is updated. The root `util`
package no longer exists.
* refactor(sub): drop redundant sub prefix from filenames
Inside package sub the subXxx.go prefix just repeats the package name
(like client_*.go did inside service). Rename for consistency; content and
type names are unchanged:
subController.go -> controller.go
subService.go -> service.go
subClashService.go -> clash_service.go
subJsonService.go -> json_service.go
(+ matching _test.go files)
* refactor(controller): rename xui.go -> spa.go
XUIController serves the panel's single-page-app shell; spa.go names that
role plainly (the other controller files are domain-named). File rename only
— the type stays XUIController. api_docs_test.go keys route base paths by
filename, so its "xui.go" case is updated to "spa.go".
* refactor: move backend packages under internal/
Adopt the idiomatic Go application layout: the backend packages now live
under internal/ (a boundary the toolchain enforces), signalling private
implementation instead of a library-style flat root. No runtime behavior
changes — only import paths and a few build/config paths move.
Moved: config, database, logger, mtproto, sub, util, web, xray -> internal/.
main.go stays at the repo root and tools/openapigen stays under tools/ (both
still import internal/* because the internal rule keys off the module root).
The module path github.com/mhsanaei/3x-ui/v3 is unchanged; 149 .go files had
their import prefix rewritten to .../internal/<pkg>.
Couplings the Go compiler can't see, updated to the new layout:
- frontend i18n imports of web/translation (react.ts, setup.components.ts)
- vite outDir + eslint/tsconfig ignore globs -> internal/web/dist
- Dockerfile COPY paths for web/dist and web/translation
- locale.go os.DirFS("web") disk fallback -> "internal/web"
- .gitignore and ci.yml go:embed stub for internal/web/dist
- api_docs_test.go repo-root relative walk (one level deeper)
- tools/openapigen filesystem package paths; ApiTokenView repointed to the
web/service/panel subpackage and codegen regenerated (clears a stale
type the ci.yml codegen check was failing on)
Verified: go build/vet/test (all packages), and frontend typecheck, lint,
vitest (478 tests), and production build into internal/web/dist.
* fix(config): keep test runs from writing logs into the source tree
GetLogFolder() returns a CWD-relative "./log" on Windows. Under `go test`
the working directory is each package's own folder, so InitLogger (called by
tests in web/job, web/service, xray, web/websocket) created stray log/
directories scattered through the source tree (e.g. internal/web/job/log/).
Redirect to a shared temp folder when testing.Testing() reports a test run.
Production behavior is unchanged: Windows still uses ./log next to the binary
and Linux /var/log/x-ui. The log files were always gitignored (*.log) and
never committed; this just stops the noise at the source.
* docs: move subscription-template guide out of root into docs/
sub_templates/ was a top-level folder holding only a README and no actual
templates (3x-ui ships none by design), referenced nowhere and unlinked from
any doc — it read like an empty placeholder cluttering the repo root.
Move the guide to docs/custom-subscription-templates.md (a proper docs home),
reword its intro to read as documentation rather than a folder note, link it
from the Features list in README.md, and drop the empty sub_templates/ folder.
* fix: update stale web/ path references after the internal/ move
The internal/ migration rewrote Go import paths but left some references to
the old top-level layout in docs, comments, and a few runtime disk paths.
Functional (dev-mode only): the disk-serving fallbacks that read the Vite
build from disk when running from source still pointed at web/dist/, which
moved to internal/web/dist/ — so `os.DirFS`/`os.Stat`/`os.ReadFile` in
internal/web/web.go and internal/sub/{sub,controller}.go are corrected.
Production was unaffected (it serves the embedded FS; verified by the Docker
build), but `go run` with a live frontend build silently fell back to embed.
Docs/comments: frontend/README.md, CONTRIBUTING.md, the claude-issue-bot and
release workflows, the openapigen -root help text, and assorted Go comments
now reference internal/web, internal/database, internal/sub, internal/xray,
etc. Package-name mentions (the "web" package), root paths (main.go,
frontend/, install scripts, /etc/x-ui), routes (/panel/api/xray), and the
historical "web/assets no longer exists" note were intentionally left as-is.
* refactor(web): remove the legacy /xui -> /panel redirect middleware
RedirectMiddleware existed only for backward compatibility with the old
`/xui` URL scheme (301-redirecting /xui and /xui/API to /panel and
/panel/api). That cutover was long ago, so drop the middleware, its
registration in initRouter, and the now-inaccurate "URL redirection"
mention in the middleware package doc. Old /xui URLs now 404 like any other
unknown path. HTTPS auto-redirect and auth redirects are unrelated and stay.
* build: fix .dockerignore for internal/ layout and exclude runtime dir
- web/dist -> internal/web/dist: the embedded frontend moved under internal/,
so the stale exclude no longer matched and the locally-built dist could be
sent to the build context (the frontend stage rebuilds it fresh anyway).
- exclude x-ui/: the local runtime directory (SQLite db, geo .dat files, xray
binaries, certs — ~150MB) was being shipped into the build context for no
reason. Verified the pattern excludes only the directory and still keeps
x-ui.sh, which the Dockerfile copies to /usr/bin/x-ui.
447 lines
14 KiB
Go
447 lines
14 KiB
Go
package controller
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"github.com/mhsanaei/3x-ui/v3/internal/database/model"
|
|
"github.com/mhsanaei/3x-ui/v3/internal/web/middleware"
|
|
"github.com/mhsanaei/3x-ui/v3/internal/web/service"
|
|
"github.com/mhsanaei/3x-ui/v3/internal/web/session"
|
|
"github.com/mhsanaei/3x-ui/v3/internal/web/websocket"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// InboundController handles HTTP requests related to Xray inbounds management.
|
|
type InboundController struct {
|
|
inboundService service.InboundService
|
|
clientService service.ClientService
|
|
xrayService service.XrayService
|
|
fallbackService service.FallbackService
|
|
}
|
|
|
|
// NewInboundController creates a new InboundController and sets up its routes.
|
|
func NewInboundController(g *gin.RouterGroup) *InboundController {
|
|
a := &InboundController{}
|
|
a.initRouter(g)
|
|
return a
|
|
}
|
|
|
|
// broadcastInboundsUpdateClientLimit is the threshold past which we skip the
|
|
// full-list push over WebSocket and signal the frontend to re-fetch via REST.
|
|
// Mirrors the same heuristic used by the periodic traffic job.
|
|
const broadcastInboundsUpdateClientLimit = 5000
|
|
|
|
// broadcastInboundsUpdate fetches and broadcasts the inbound list for userId.
|
|
// At scale (10k+ clients) the marshaled JSON exceeds the WS payload ceiling,
|
|
// so we send an invalidate signal instead — frontend re-fetches via REST.
|
|
// Skipped entirely when no WebSocket clients are connected.
|
|
func (a *InboundController) broadcastInboundsUpdate(userId int) {
|
|
if !websocket.HasClients() {
|
|
return
|
|
}
|
|
inbounds, err := a.inboundService.GetInbounds(userId)
|
|
if err != nil {
|
|
return
|
|
}
|
|
totalClients := 0
|
|
for _, ib := range inbounds {
|
|
totalClients += len(ib.ClientStats)
|
|
}
|
|
if totalClients > broadcastInboundsUpdateClientLimit {
|
|
websocket.BroadcastInvalidate(websocket.MessageTypeInbounds)
|
|
return
|
|
}
|
|
websocket.BroadcastInbounds(inbounds)
|
|
}
|
|
|
|
// initRouter initializes the routes for inbound-related operations.
|
|
func (a *InboundController) initRouter(g *gin.RouterGroup) {
|
|
|
|
g.GET("/list", a.getInbounds)
|
|
g.GET("/list/slim", a.getInboundsSlim)
|
|
g.GET("/options", a.getInboundOptions)
|
|
g.GET("/get/:id", a.getInbound)
|
|
g.GET("/:id/fallbacks", a.getFallbacks)
|
|
|
|
g.POST("/add", a.addInbound)
|
|
g.POST("/del/:id", a.delInbound)
|
|
g.POST("/bulkDel", a.bulkDelInbounds)
|
|
g.POST("/update/:id", a.updateInbound)
|
|
g.POST("/setEnable/:id", a.setInboundEnable)
|
|
g.POST("/:id/resetTraffic", a.resetInboundTraffic)
|
|
g.POST("/:id/delAllClients", a.delAllInboundClients)
|
|
g.POST("/resetAllTraffics", a.resetAllTraffics)
|
|
g.POST("/import", a.importInbound)
|
|
g.POST("/:id/fallbacks", a.setFallbacks)
|
|
}
|
|
|
|
// getInbounds retrieves the list of inbounds for the logged-in user.
|
|
func (a *InboundController) getInbounds(c *gin.Context) {
|
|
user := session.GetLoginUser(c)
|
|
inbounds, err := a.inboundService.GetInbounds(user.Id)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.obtain"), err)
|
|
return
|
|
}
|
|
jsonObj(c, inbounds, nil)
|
|
}
|
|
|
|
// getInboundsSlim is the list-page variant that strips full client
|
|
// payloads from settings.clients[]. Detail-view flows still use /get/:id.
|
|
func (a *InboundController) getInboundsSlim(c *gin.Context) {
|
|
user := session.GetLoginUser(c)
|
|
inbounds, err := a.inboundService.GetInboundsSlim(user.Id)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.obtain"), err)
|
|
return
|
|
}
|
|
jsonObj(c, inbounds, nil)
|
|
}
|
|
|
|
// getInboundOptions returns a lightweight projection of the user's inbounds
|
|
// (id, remark, protocol, port, tlsFlowCapable) for pickers in the clients UI.
|
|
// Avoids shipping per-client settings and traffic stats just to fill a dropdown.
|
|
func (a *InboundController) getInboundOptions(c *gin.Context) {
|
|
user := session.GetLoginUser(c)
|
|
options, err := a.inboundService.GetInboundOptions(user.Id)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.obtain"), err)
|
|
return
|
|
}
|
|
jsonObj(c, options, nil)
|
|
}
|
|
|
|
// getInbound retrieves a specific inbound by its ID.
|
|
func (a *InboundController) getInbound(c *gin.Context) {
|
|
id, err := strconv.Atoi(c.Param("id"))
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "get"), err)
|
|
return
|
|
}
|
|
inbound, err := a.inboundService.GetInboundDetail(id)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.obtain"), err)
|
|
return
|
|
}
|
|
jsonObj(c, inbound, nil)
|
|
}
|
|
|
|
// addInbound creates a new inbound configuration.
|
|
func (a *InboundController) addInbound(c *gin.Context) {
|
|
inbound, ok := middleware.BindAndValidate[model.Inbound](c)
|
|
if !ok {
|
|
return
|
|
}
|
|
user := session.GetLoginUser(c)
|
|
inbound.UserId = user.Id
|
|
// Treat NodeID=0 as "no node" — gin's *int form binding can land on
|
|
// 0 when the field is absent or empty, and 0 is never a valid Node
|
|
// row id. Without this normalization the runtime layer would try to
|
|
// load Node id=0 and surface "record not found".
|
|
if inbound.NodeID != nil && *inbound.NodeID == 0 {
|
|
inbound.NodeID = nil
|
|
}
|
|
|
|
inbound, needRestart, err := a.inboundService.AddInbound(inbound)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
jsonMsgObj(c, I18nWeb(c, "pages.inbounds.toasts.inboundCreateSuccess"), inbound, nil)
|
|
if needRestart {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
a.broadcastInboundsUpdate(user.Id)
|
|
notifyClientsChanged()
|
|
}
|
|
|
|
// delInbound deletes an inbound configuration by its ID.
|
|
func (a *InboundController) delInbound(c *gin.Context) {
|
|
id, err := strconv.Atoi(c.Param("id"))
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.inboundDeleteSuccess"), err)
|
|
return
|
|
}
|
|
needRestart, err := a.inboundService.DelInbound(id)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
jsonMsgObj(c, I18nWeb(c, "pages.inbounds.toasts.inboundDeleteSuccess"), id, nil)
|
|
if needRestart {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
user := session.GetLoginUser(c)
|
|
a.broadcastInboundsUpdate(user.Id)
|
|
notifyClientsChanged()
|
|
}
|
|
|
|
type bulkDelInboundsRequest struct {
|
|
Ids []int `json:"ids"`
|
|
}
|
|
|
|
// bulkDelInbounds deletes several inbounds in one call. Failures are
|
|
// reported per id and the rest still proceed; xray restarts at most once.
|
|
func (a *InboundController) bulkDelInbounds(c *gin.Context) {
|
|
var req bulkDelInboundsRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
result, needRestart, err := a.inboundService.DelInbounds(req.Ids)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
jsonObj(c, result, nil)
|
|
if needRestart {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
user := session.GetLoginUser(c)
|
|
a.broadcastInboundsUpdate(user.Id)
|
|
notifyClientsChanged()
|
|
}
|
|
|
|
// updateInbound updates an existing inbound configuration.
|
|
func (a *InboundController) updateInbound(c *gin.Context) {
|
|
id, err := strconv.Atoi(c.Param("id"))
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.inboundUpdateSuccess"), err)
|
|
return
|
|
}
|
|
inbound := &model.Inbound{
|
|
Id: id,
|
|
}
|
|
if !middleware.BindAndValidateInto(c, inbound) {
|
|
return
|
|
}
|
|
// Same NodeID=0 → nil normalisation as addInbound. UpdateInbound
|
|
// loads the existing row's NodeID from DB anyway (Phase 1 doesn't
|
|
// support migrating an inbound between nodes), but normalising here
|
|
// keeps the wire shape consistent.
|
|
if inbound.NodeID != nil && *inbound.NodeID == 0 {
|
|
inbound.NodeID = nil
|
|
}
|
|
inbound, needRestart, err := a.inboundService.UpdateInbound(inbound)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
jsonMsgObj(c, I18nWeb(c, "pages.inbounds.toasts.inboundUpdateSuccess"), inbound, nil)
|
|
if needRestart {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
user := session.GetLoginUser(c)
|
|
a.broadcastInboundsUpdate(user.Id)
|
|
notifyClientsChanged()
|
|
}
|
|
|
|
// setInboundEnable flips only the enable flag of an inbound. This is a
|
|
// dedicated endpoint because the regular update path serialises the entire
|
|
// settings JSON (every client) — far too heavy for an interactive switch
|
|
// on inbounds with thousands of clients. Frontend optimistically updates
|
|
// the UI; we just persist + sync xray + nudge other open admin sessions.
|
|
func (a *InboundController) setInboundEnable(c *gin.Context) {
|
|
id, err := strconv.Atoi(c.Param("id"))
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.inboundUpdateSuccess"), err)
|
|
return
|
|
}
|
|
type form struct {
|
|
Enable bool `json:"enable" form:"enable"`
|
|
}
|
|
var f form
|
|
if err := c.ShouldBind(&f); err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
needRestart, err := a.inboundService.SetInboundEnable(id, f.Enable)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.inboundUpdateSuccess"), nil)
|
|
if needRestart {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
// Cross-admin sync: lightweight invalidate signal (a few hundred bytes)
|
|
// instead of fetching + serialising the whole inbound list. Other open
|
|
// sessions re-fetch via REST. The toggling admin's own UI already
|
|
// updated optimistically.
|
|
websocket.BroadcastInvalidate(websocket.MessageTypeInbounds)
|
|
}
|
|
|
|
// resetInboundTraffic resets traffic counters for a specific inbound.
|
|
func (a *InboundController) resetInboundTraffic(c *gin.Context) {
|
|
id, err := strconv.Atoi(c.Param("id"))
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.inboundUpdateSuccess"), err)
|
|
return
|
|
}
|
|
|
|
err = a.inboundService.ResetInboundTraffic(id)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
} else {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.resetInboundTrafficSuccess"), nil)
|
|
}
|
|
|
|
// delAllInboundClients removes every client attached to a specific inbound
|
|
// while keeping the inbound itself. Internally collects the current email
|
|
// list from settings.clients[] and feeds it into ClientService.BulkDelete,
|
|
// which handles per-inbound JSON rewriting, runtime user removal, traffic
|
|
// row cleanup, and the SyncInbound mapping pass in one optimized cycle.
|
|
func (a *InboundController) delAllInboundClients(c *gin.Context) {
|
|
id, err := strconv.Atoi(c.Param("id"))
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
emails, err := a.inboundService.EmailsByInbound(id)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
if len(emails) == 0 {
|
|
jsonObj(c, service.BulkDeleteResult{}, nil)
|
|
return
|
|
}
|
|
result, needRestart, err := a.clientService.BulkDelete(&a.inboundService, emails, false)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
jsonObj(c, result, nil)
|
|
if needRestart {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
user := session.GetLoginUser(c)
|
|
a.broadcastInboundsUpdate(user.Id)
|
|
notifyClientsChanged()
|
|
}
|
|
|
|
// resetAllTraffics resets all traffic counters across all inbounds.
|
|
func (a *InboundController) resetAllTraffics(c *gin.Context) {
|
|
err := a.inboundService.ResetAllTraffics()
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
} else {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.resetAllTrafficSuccess"), nil)
|
|
}
|
|
|
|
// importInbound imports an inbound configuration from provided data.
|
|
func (a *InboundController) importInbound(c *gin.Context) {
|
|
inbound := &model.Inbound{}
|
|
err := json.Unmarshal([]byte(c.PostForm("data")), inbound)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
user := session.GetLoginUser(c)
|
|
inbound.Id = 0
|
|
inbound.UserId = user.Id
|
|
// Node IDs are panel-local and not portable across panels. Drop a node
|
|
// reference that is zero or that points to a node which doesn't exist on
|
|
// this panel, so a cross-panel export imports as a local inbound instead of
|
|
// failing with "record not found" when nodePushPlan looks the node up.
|
|
if inbound.NodeID != nil {
|
|
if *inbound.NodeID == 0 {
|
|
inbound.NodeID = nil
|
|
} else if exists, err := (&service.NodeService{}).NodeExists(*inbound.NodeID); err == nil && !exists {
|
|
inbound.NodeID = nil
|
|
}
|
|
}
|
|
|
|
for index := range inbound.ClientStats {
|
|
inbound.ClientStats[index].Id = 0
|
|
inbound.ClientStats[index].Enable = true
|
|
}
|
|
|
|
inbound, needRestart, err := a.inboundService.AddInbound(inbound)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
jsonMsgObj(c, I18nWeb(c, "pages.inbounds.toasts.inboundCreateSuccess"), inbound, nil)
|
|
if needRestart {
|
|
a.xrayService.SetToNeedRestart()
|
|
}
|
|
a.broadcastInboundsUpdate(user.Id)
|
|
notifyClientsChanged()
|
|
}
|
|
|
|
// resolveHost mirrors what sub.SubService.ResolveRequest does for the host
|
|
// field: prefers X-Forwarded-Host (first entry of any list, port stripped),
|
|
// then X-Real-IP, then the host portion of c.Request.Host. Keeping it in the
|
|
// controller layer means the service interface stays HTTP-agnostic — service
|
|
// methods receive a plain host string instead of a *gin.Context.
|
|
func resolveHost(c *gin.Context) string {
|
|
if isTrustedForwardedRequest(c) {
|
|
if h := strings.TrimSpace(c.GetHeader("X-Forwarded-Host")); h != "" {
|
|
if i := strings.Index(h, ","); i >= 0 {
|
|
h = strings.TrimSpace(h[:i])
|
|
}
|
|
if hp, _, err := net.SplitHostPort(h); err == nil {
|
|
return hp
|
|
}
|
|
return h
|
|
}
|
|
if h := c.GetHeader("X-Real-IP"); h != "" {
|
|
return h
|
|
}
|
|
}
|
|
if h, _, err := net.SplitHostPort(c.Request.Host); err == nil {
|
|
return h
|
|
}
|
|
return c.Request.Host
|
|
}
|
|
|
|
// getFallbacks returns the fallback rules attached to the master inbound.
|
|
func (a *InboundController) getFallbacks(c *gin.Context) {
|
|
id, err := strconv.Atoi(c.Param("id"))
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "get"), err)
|
|
return
|
|
}
|
|
rows, err := a.fallbackService.GetByMaster(id)
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "get"), err)
|
|
return
|
|
}
|
|
jsonObj(c, rows, nil)
|
|
}
|
|
|
|
// setFallbacks atomically replaces the master inbound's fallback list
|
|
// and triggers an Xray restart so the new settings.fallbacks take effect.
|
|
func (a *InboundController) setFallbacks(c *gin.Context) {
|
|
id, err := strconv.Atoi(c.Param("id"))
|
|
if err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
type body struct {
|
|
Fallbacks []service.FallbackInput `json:"fallbacks"`
|
|
}
|
|
var b body
|
|
if err := c.ShouldBindJSON(&b); err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
if err := a.fallbackService.SetByMaster(id, b.Fallbacks); err != nil {
|
|
jsonMsg(c, I18nWeb(c, "somethingWentWrong"), err)
|
|
return
|
|
}
|
|
a.xrayService.SetToNeedRestart()
|
|
jsonMsg(c, I18nWeb(c, "pages.inbounds.toasts.inboundUpdateSuccess"), nil)
|
|
}
|