000e621eb6
- 新增 PUT /api/v1/admin/api-keys/:id 端点,允许管理员修改任意用户 API Key 的分组绑定 - 跳过用户级权限校验但保留分组有效性验证,修改后触发认证缓存失效 - Service 层支持三态语义:nil=不修改,0=解绑,>0=绑定,<0=拒绝 - 指针值拷贝保证安全隔离,负数 groupID 返回 400 INVALID_GROUP_ID - 前端 UserApiKeysModal 新增可点击的分组选择下拉框,支持多 Key 并发更新 - 下拉支持视口翻转和滚动关闭,按钮有 disabled 和加载状态 - 覆盖:后端 20 个单元测试 (Service 11 + Handler 9) + 前端 16 个 E2E 测试 - golangci-lint 0 issues, make test-unit 全部通过
53 lines
1.4 KiB
Go
53 lines
1.4 KiB
Go
package admin
|
|
|
|
import (
|
|
"strconv"
|
|
|
|
"github.com/Wei-Shaw/sub2api/internal/handler/dto"
|
|
"github.com/Wei-Shaw/sub2api/internal/pkg/response"
|
|
"github.com/Wei-Shaw/sub2api/internal/service"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// AdminAPIKeyHandler handles admin API key management
|
|
type AdminAPIKeyHandler struct {
|
|
adminService service.AdminService
|
|
}
|
|
|
|
// NewAdminAPIKeyHandler creates a new admin API key handler
|
|
func NewAdminAPIKeyHandler(adminService service.AdminService) *AdminAPIKeyHandler {
|
|
return &AdminAPIKeyHandler{
|
|
adminService: adminService,
|
|
}
|
|
}
|
|
|
|
// AdminUpdateAPIKeyGroupRequest represents the request to update an API key's group
|
|
type AdminUpdateAPIKeyGroupRequest struct {
|
|
GroupID *int64 `json:"group_id"` // nil=不修改, 0=解绑, >0=绑定到目标分组
|
|
}
|
|
|
|
// UpdateGroup handles updating an API key's group binding
|
|
// PUT /api/v1/admin/api-keys/:id
|
|
func (h *AdminAPIKeyHandler) UpdateGroup(c *gin.Context) {
|
|
keyID, err := strconv.ParseInt(c.Param("id"), 10, 64)
|
|
if err != nil {
|
|
response.BadRequest(c, "Invalid API key ID")
|
|
return
|
|
}
|
|
|
|
var req AdminUpdateAPIKeyGroupRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
response.BadRequest(c, "Invalid request: "+err.Error())
|
|
return
|
|
}
|
|
|
|
apiKey, err := h.adminService.AdminUpdateAPIKeyGroupID(c.Request.Context(), keyID, req.GroupID)
|
|
if err != nil {
|
|
response.ErrorFrom(c, err)
|
|
return
|
|
}
|
|
|
|
response.Success(c, dto.APIKeyFromService(apiKey))
|
|
}
|