snowykami/neo-blog
1
0
Fork 0
mirror of https://github.com/snowykami/neo-blog.git synced 2025-09-26 11:06:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: 更新删除评论逻辑,增加对目标内容所有者的权限检查;添加编辑者角色常量

Browse Source
This commit is contained in:
远野千束
2025-09-13 23:46:07 +08:00
parent 8be05cd9c2
commit 78cc596544
2 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/service/comment.go
View File

@ -95,7 +95,15 @@ func (cs *CommentService) DeleteComment(ctx context.Context, commentID string) e
return errs.New(errs.ErrNotFound.Code, "comment not found", err) return errs.New(errs.ErrNotFound.Code, "comment not found", err)
} }
if comment.UserID != currentUser.ID { isTargetOwner := false
if comment.TargetType == constant.TargetTypePost {
post, err := repo.Post.GetPostByID(strconv.Itoa(int(comment.TargetID)))
if err == nil && post.UserID == currentUser.ID {
isTargetOwner = true
}
}
if comment.UserID != currentUser.ID || isTargetOwner {
return errs.ErrForbidden return errs.ErrForbidden
} }

3
pkg/constant/constant.go
View File

@ -8,7 +8,8 @@ const (
ContextKeyUserID = "user_id" // 上下文键用户ID ContextKeyUserID = "user_id" // 上下文键用户ID
ModeDev = "dev" ModeDev = "dev"
ModeProd = "prod" ModeProd = "prod"
RoleUser = "user" RoleUser = "user" // 普通用户 仅有阅读和评论权限
RoleEditor = "editor" // 能够发布和管理自己内容的用户
RoleAdmin = "admin" RoleAdmin = "admin"
EnvKeyBaseUrl = "BASE_URL" // 环境变量基础URL EnvKeyBaseUrl = "BASE_URL" // 环境变量基础URL
EnvKeyCaptchaProvider = "CAPTCHA_PROVIDER" // captcha提供者 EnvKeyCaptchaProvider = "CAPTCHA_PROVIDER" // captcha提供者