limit 'LINUX DO' trust level now available

Signed-off-by: wozulong <>
2025-11-08 15:13:42 +08:00 · 2024-03-20 16:54:38 +08:00
parent 17c409de23
commit f35e63e3f3
13 changed files with 102 additions and 7 deletions
--- a/model/cache.go
+++ b/model/cache.go
@@ -204,6 +204,30 @@ func CacheIsUserEnabled(userId int) (bool, error) {
 	return userEnabled, err
 }

+func CacheIsLinuxDoEnabled(userId int) (bool, error) {
+	if !common.RedisEnabled {
+		return IsLinuxDoEnabled(userId)
+	}
+	enabled, err := common.RedisGet(fmt.Sprintf("linuxdo_enabled:%d", userId))
+	if err == nil {
+		return enabled == "1", nil
+	}
+
+	linuxDoEnabled, err := IsLinuxDoEnabled(userId)
+	if err != nil {
+		return false, err
+	}
+	enabled = "0"
+	if linuxDoEnabled {
+		enabled = "1"
+	}
+	err = common.RedisSet(fmt.Sprintf("linuxdo_enabled:%d", userId), enabled, time.Duration(UserId2StatusCacheSeconds)*time.Second)
+	if err != nil {
+		common.SysError("Redis set linuxdo enabled error: " + err.Error())
+	}
+	return linuxDoEnabled, err
+}
+
 var group2model2channels map[string]map[string][]*Channel
 var channelsIDM map[int]*Channel
 var channelSyncLock sync.RWMutex
--- a/model/option.go
+++ b/model/option.go
@@ -69,6 +69,7 @@ func InitOptionMap() {
 	common.OptionMap["GitHubClientSecret"] = ""
 	common.OptionMap["LinuxDoClientId"] = ""
 	common.OptionMap["LinuxDoClientSecret"] = ""
+	common.OptionMap["LinuxDoMinLevel"] = strconv.Itoa(common.LinuxDoMinLevel)
 	common.OptionMap["TelegramBotToken"] = ""
 	common.OptionMap["TelegramBotName"] = ""
 	common.OptionMap["WeChatServerAddress"] = ""
@@ -230,6 +231,8 @@ func updateOptionMap(key string, value string) (err error) {
 		common.LinuxDoClientId = value
 	case "LinuxDoClientSecret":
 		common.LinuxDoClientSecret = value
+	case "LinuxDoMinLevel":
+		common.LinuxDoMinLevel, _ = strconv.Atoi(value)
 	case "Footer":
 		common.Footer = value
 	case "SystemName":
--- a/model/user.go
+++ b/model/user.go
@@ -22,6 +22,7 @@ type User struct {
 	Email            string         `json:"email" gorm:"index" validate:"max=50"`
 	GitHubId         string         `json:"github_id" gorm:"column:github_id;index"`
 	LinuxDoId        string         `json:"linuxdo_id" gorm:"column:linuxdo_id;index"`
+	LinuxDoLevel     int            `json:"linuxdo_level" gorm:"column:linuxdo_level;type:int;default:0"`
 	WeChatId         string         `json:"wechat_id" gorm:"column:wechat_id;index"`
 	TelegramId       string         `json:"telegram_id" gorm:"column:telegram_id;index"`
 	VerificationCode string         `json:"verification_code" gorm:"-:all"`                                    // this field is only for Email verification, don't save it to database!
@@ -369,6 +370,18 @@ func IsUserEnabled(userId int) (bool, error) {
 	return user.Status == common.UserStatusEnabled, nil
 }

+func IsLinuxDoEnabled(userId int) (bool, error) {
+	if userId == 0 {
+		return false, errors.New("user id is empty")
+	}
+	var user User
+	err := DB.Where("id = ?", userId).Select("linuxdo_id, linuxdo_level").Find(&user).Error
+	if err != nil {
+		return false, err
+	}
+	return user.LinuxDoId == "" || user.LinuxDoLevel >= common.LinuxDoMinLevel, nil
+}
+
 func ValidateAccessToken(token string) (user *User) {
 	if token == "" {
 		return nil