fix question answer delete

2022-11-22 16:54:28 +08:00 · 2022-11-22 16:54:28 +08:00 · 2676822331
parent f216536e26
commit 2676822331
8 changed files with 189 additions and 146 deletions
--- a/i18n/en_US.yaml
+++ b/i18n/en_US.yaml
@ -20,92 +20,98 @@ backend:
  email_or_password_wrong_error: &email_or_password_wrong
    other: "Email and password do not match."

-error:
-  admin:
-    email_or_password_wrong: *email_or_password_wrong
-  answer:
-    not_found:
-      other: "Answer do not found."
-    cannot_deleted:
-      other: "No permission to delete."
-  comment:
-    edit_without_permission:
-      other: "Comment are not allowed to edit."
-    not_found:
-      other: "Comment not found."
-  email:
-    duplicate:
-      other: "Email already exists."
-    need_to_be_verified:
-      other: "Email should be verified."
-    verify_url_expired:
-      other: "Email verified URL has expired, please resend the email."
-  lang:
-    not_found:
-      other: "Language file not found."
-  object:
-    captcha_verification_failed:
-      other: "Captcha wrong."
-    disallow_follow:
-      other: "You are not allowed to follow."
-    disallow_vote:
-      other: "You are not allowed to vote."
-    disallow_vote_your_self:
-      other: "You can't vote for your own post."
-    not_found:
-      other: "Object not found."
-    verification_failed:
-      other: "Verification failed."
-    email_or_password_incorrect:
-      other: "Email and password do not match."
-    old_password_verification_failed:
-      other: "The old password verification failed"
-    new_password_same_as_previous_setting:
-      other: "The new password is the same as the previous one."
-  question:
-    not_found:
-      other: "Question not found."
-    cannot_deleted:
-      other: "No permission to delete."
-  rank:
-    fail_to_meet_the_condition:
-      other: "Rank fail to meet the condition."
-  report:
-    handle_failed:
-      other: "Report handle failed."
-    not_found:
-      other: "Report not found."
-  tag:
-    not_found:
-      other: "Tag not found."
-  theme:
-    not_found:
-      other: "Theme not found."
-  user:
-    email_or_password_wrong:
-      other: *email_or_password_wrong
-    not_found:
-      other: "User not found."
-    suspended:
-      other: "User has been suspended."
-    username_invalid:
-      other: "Username is invalid."
-    username_duplicate:
-      other: "Username is already in use."
-    set_avatar:
-      other: "Avatar set failed."
+  error:
+    admin:
+      email_or_password_wrong: *email_or_password_wrong
+    answer:
+      not_found:
+        other: "Answer do not found."
+      cannot_deleted:
+        other: "No permission to delete."
+      cannot_update:
+        other: "No permission to update."
+    comment:
+      edit_without_permission:
+        other: "Comment are not allowed to edit."
+      not_found:
+        other: "Comment not found."
+    email:
+      duplicate:
+        other: "Email already exists."
+      need_to_be_verified:
+        other: "Email should be verified."
+      verify_url_expired:
+        other: "Email verified URL has expired, please resend the email."
+    lang:
+      not_found:
+        other: "Language file not found."
+    object:
+      captcha_verification_failed:
+        other: "Captcha wrong."
+      disallow_follow:
+        other: "You are not allowed to follow."
+      disallow_vote:
+        other: "You are not allowed to vote."
+      disallow_vote_your_self:
+        other: "You can't vote for your own post."
+      not_found:
+        other: "Object not found."
+      verification_failed:
+        other: "Verification failed."
+      email_or_password_incorrect:
+        other: "Email and password do not match."
+      old_password_verification_failed:
+        other: "The old password verification failed"
+      new_password_same_as_previous_setting:
+        other: "The new password is the same as the previous one."
+    question:
+      not_found:
+        other: "Question not found."
+      cannot_deleted:
+        other: "No permission to delete."
+      cannot_close:
+        other: "No permission to close."
+      cannot_update:
+        other: "No permission to update."
+    rank:
+      fail_to_meet_the_condition:
+        other: "Rank fail to meet the condition."
+    report:
+      handle_failed:
+        other: "Report handle failed."
+      not_found:
+        other: "Report not found."
+    tag:
+      not_found:
+        other: "Tag not found."
+    theme:
+      not_found:
+        other: "Theme not found."
+    user:
+      email_or_password_wrong:
+        other: *email_or_password_wrong
+      not_found:
+        other: "User not found."
+      suspended:
+        other: "User has been suspended."
+      username_invalid:
+        other: "Username is invalid."
+      username_duplicate:
+        other: "Username is already in use."
+      set_avatar:
+        other: "Avatar set failed."

-    config:
-      read_config_failed:
-        other: "Read config failed"
-    database:
-      connection_failed:
-        other: "Database connection failed"
-      create_table_failed:
-        other: "Create table failed"
-    install:
-      create_config_failed:
-        other: "Can’t create the config.yaml file."
+      config:
+        read_config_failed:
+          other: "Read config failed"
+      database:
+        connection_failed:
+          other: "Database connection failed"
+        create_table_failed:
+          other: "Create table failed"
+      install:
+        create_config_failed:
+          other: "Can’t create the config.yaml file."
  report:
    spam:
      name:
--- a/internal/base/reason/reason.go
+++ b/internal/base/reason/reason.go
@ -14,40 +14,43 @@ const (
 )

 const (
-	EmailOrPasswordWrong         = "error.object.email_or_password_incorrect"
-	CommentNotFound              = "error.comment.not_found"
-	QuestionNotFound             = "error.question.not_found"
-	QuestionCannotDeleted        = "error.question.cannot_deleted"
-	AnswerNotFound               = "error.answer.not_found"
-	AnswerCannotDeleted          = "error.answer.cannot_deleted"
-	CommentEditWithoutPermission = "error.comment.edit_without_permission"
-	DisallowVote                 = "error.object.disallow_vote"
-	DisallowFollow               = "error.object.disallow_follow"
-	DisallowVoteYourSelf         = "error.object.disallow_vote_your_self"
-	CaptchaVerificationFailed    = "error.object.captcha_verification_failed"
+	EmailOrPasswordWrong             = "error.object.email_or_password_incorrect"
+	CommentNotFound                  = "error.comment.not_found"
+	QuestionNotFound                 = "error.question.not_found"
+	QuestionCannotDeleted            = "error.question.cannot_deleted"
+	QuestionCannotClose              = "error.question.cannot_close"
+	QuestionCannotUpdate             = "error.question.cannot_update"
+	AnswerNotFound                   = "error.answer.not_found"
+	AnswerCannotDeleted              = "error.answer.cannot_deleted"
+	AnswerCannotUpdate               = "error.answer.cannot_update"
+	CommentEditWithoutPermission     = "error.comment.edit_without_permission"
+	DisallowVote                     = "error.object.disallow_vote"
+	DisallowFollow                   = "error.object.disallow_follow"
+	DisallowVoteYourSelf             = "error.object.disallow_vote_your_self"
+	CaptchaVerificationFailed        = "error.object.captcha_verification_failed"
 	OldPasswordVerificationFailed    = "error.object.old_password_verification_failed"
 	NewPasswordSameAsPreviousSetting = "error.object.new_password_same_as_previous_setting"
-	UserNotFound                 = "error.user.not_found"
-	UsernameInvalid              = "error.user.username_invalid"
-	UsernameDuplicate            = "error.user.username_duplicate"
-	UserSetAvatar                = "error.user.set_avatar"
-	EmailDuplicate               = "error.email.duplicate"
-	EmailVerifyURLExpired        = "error.email.verify_url_expired"
-	EmailNeedToBeVerified        = "error.email.need_to_be_verified"
-	UserSuspended                = "error.user.suspended"
-	ObjectNotFound               = "error.object.not_found"
-	TagNotFound                  = "error.tag.not_found"
-	TagNotContainSynonym         = "error.tag.not_contain_synonym_tags"
-	RankFailToMeetTheCondition   = "error.rank.fail_to_meet_the_condition"
-	ThemeNotFound                = "error.theme.not_found"
-	LangNotFound                 = "error.lang.not_found"
-	ReportHandleFailed           = "error.report.handle_failed"
-	ReportNotFound               = "error.report.not_found"
-	ReadConfigFailed             = "error.config.read_config_failed"
-	DatabaseConnectionFailed     = "error.database.connection_failed"
-	InstallCreateTableFailed     = "error.database.create_table_failed"
-	InstallConfigFailed          = "error.install.create_config_failed"
-	SiteInfoNotFound             = "error.site_info.not_found"
-	UploadFileSourceUnsupported  = "error.upload.source_unsupported"
-	RecommendTagNotExist         = "error.tag.recommend_tag_not_found"
+	UserNotFound                     = "error.user.not_found"
+	UsernameInvalid                  = "error.user.username_invalid"
+	UsernameDuplicate                = "error.user.username_duplicate"
+	UserSetAvatar                    = "error.user.set_avatar"
+	EmailDuplicate                   = "error.email.duplicate"
+	EmailVerifyURLExpired            = "error.email.verify_url_expired"
+	EmailNeedToBeVerified            = "error.email.need_to_be_verified"
+	UserSuspended                    = "error.user.suspended"
+	ObjectNotFound                   = "error.object.not_found"
+	TagNotFound                      = "error.tag.not_found"
+	TagNotContainSynonym             = "error.tag.not_contain_synonym_tags"
+	RankFailToMeetTheCondition       = "error.rank.fail_to_meet_the_condition"
+	ThemeNotFound                    = "error.theme.not_found"
+	LangNotFound                     = "error.lang.not_found"
+	ReportHandleFailed               = "error.report.handle_failed"
+	ReportNotFound                   = "error.report.not_found"
+	ReadConfigFailed                 = "error.config.read_config_failed"
+	DatabaseConnectionFailed         = "error.database.connection_failed"
+	InstallCreateTableFailed         = "error.database.create_table_failed"
+	InstallConfigFailed              = "error.install.create_config_failed"
+	SiteInfoNotFound                 = "error.site_info.not_found"
+	UploadFileSourceUnsupported      = "error.upload.source_unsupported"
+	RecommendTagNotExist             = "error.tag.recommend_tag_not_found"
 )
--- a/internal/controller/answer_controller.go
+++ b/internal/controller/answer_controller.go
@ -55,7 +55,8 @@ func (ac *AnswerController) RemoveAnswer(ctx *gin.Context) {
 		handler.HandleResponse(ctx, err, errors.Forbidden(reason.RankFailToMeetTheCondition))
 		return
 	}
-
+	userinfo := middleware.GetUserInfoFromContext(ctx)
+	req.IsAdmin = userinfo.IsAdmin
 	err := ac.answerService.RemoveAnswer(ctx, req)
 	handler.HandleResponse(ctx, err, nil)
 }
@ -147,6 +148,8 @@ func (ac *AnswerController) Update(ctx *gin.Context) {
 		return
 	}
 	req.UserID = middleware.GetLoginUserIDFromContext(ctx)
+	userinfo := middleware.GetUserInfoFromContext(ctx)
+	req.IsAdmin = userinfo.IsAdmin

 	if can, err := ac.rankService.CheckRankPermission(ctx, req.UserID, rank.AnswerEditRank); err != nil || !can {
 		handler.HandleResponse(ctx, err, errors.Forbidden(reason.RankFailToMeetTheCondition))
--- a/internal/controller/question_controller.go
+++ b/internal/controller/question_controller.go
@ -69,6 +69,8 @@ func (qc *QuestionController) CloseQuestion(ctx *gin.Context) {
 		return
 	}
 	req.UserID = middleware.GetLoginUserIDFromContext(ctx)
+	userinfo := middleware.GetUserInfoFromContext(ctx)
+	req.IsAdmin = userinfo.IsAdmin
 	err := qc.questionService.CloseQuestion(ctx, req)
 	handler.HandleResponse(ctx, err, nil)
 }
@ -215,7 +217,8 @@ func (qc *QuestionController) UpdateQuestion(ctx *gin.Context) {
 		return
 	}
 	req.UserID = middleware.GetLoginUserIDFromContext(ctx)
-
+	userinfo := middleware.GetUserInfoFromContext(ctx)
+	req.IsAdmin = userinfo.IsAdmin
 	if can, err := qc.rankService.CheckRankPermission(ctx, req.UserID, rank.QuestionEditRank); err != nil || !can {
 		handler.HandleResponse(ctx, err, errors.Forbidden(reason.RankFailToMeetTheCondition))
 		return
--- a/internal/schema/answer_schema.go
+++ b/internal/schema/answer_schema.go
@ -5,7 +5,8 @@ type RemoveAnswerReq struct {
 	// answer id
 	ID string `validate:"required" json:"id"`
 	// user id
-	UserID string `json:"-"`
+	UserID  string `json:"-"`
+	IsAdmin bool   `json:"-"`
 }

 const (
@ -28,6 +29,7 @@ type AnswerUpdateReq struct {
 	Content     string `json:"content"`                           // content
 	HTML        string `json:"html" `                             // html
 	EditSummary string `validate:"omitempty" json:"edit_summary"` // edit_summary
+	IsAdmin     bool   `json:"-"`
 }

 type AnswerList struct {
--- a/internal/schema/question_schema.go
+++ b/internal/schema/question_schema.go
@ -13,6 +13,7 @@ type CloseQuestionReq struct {
 	UserID    string `json:"-" `          // user_id
 	CloseType int    `json:"close_type" ` // close_type
 	CloseMsg  string `json:"close_msg" `  // close_type
+	IsAdmin   bool   `json:"-"`
 }

 type CloseQuestionMeta struct {
@ -47,7 +48,8 @@ type QuestionUpdate struct {
 	// edit summary
 	EditSummary string `validate:"omitempty" json:"edit_summary"`
 	// user id
-	UserID string `json:"-"`
+	UserID  string `json:"-"`
+	IsAdmin bool   `json:"-"`
 }

 type QuestionBaseInfo struct {
--- a/internal/service/answer_service.go
+++ b/internal/service/answer_service.go
@ -73,27 +73,29 @@ func (as *AnswerService) RemoveAnswer(ctx context.Context, req *schema.RemoveAns
 	if !exist {
 		return nil
 	}
-	if answerInfo.UserID != req.UserID {
-		return errors.BadRequest(reason.AnswerCannotDeleted)
-	}
-	if answerInfo.VoteCount > 0 {
-		return errors.BadRequest(reason.AnswerCannotDeleted)
-	}
-	if answerInfo.Adopted == schema.AnswerAdoptedEnable {
-		return errors.BadRequest(reason.AnswerCannotDeleted)
-	}
-	questionInfo, exist, err := as.questionRepo.GetQuestion(ctx, answerInfo.QuestionID)
-	if err != nil {
-		return errors.BadRequest(reason.AnswerCannotDeleted)
-	}
-	if !exist {
-		return errors.BadRequest(reason.AnswerCannotDeleted)
-	}
-	if questionInfo.AnswerCount > 1 {
-		return errors.BadRequest(reason.AnswerCannotDeleted)
-	}
-	if questionInfo.AcceptedAnswerID != "" {
-		return errors.BadRequest(reason.AnswerCannotDeleted)
+	if !req.IsAdmin {
+		if answerInfo.UserID != req.UserID {
+			return errors.BadRequest(reason.AnswerCannotDeleted)
+		}
+		if answerInfo.VoteCount > 0 {
+			return errors.BadRequest(reason.AnswerCannotDeleted)
+		}
+		if answerInfo.Adopted == schema.AnswerAdoptedEnable {
+			return errors.BadRequest(reason.AnswerCannotDeleted)
+		}
+		questionInfo, exist, err := as.questionRepo.GetQuestion(ctx, answerInfo.QuestionID)
+		if err != nil {
+			return errors.BadRequest(reason.AnswerCannotDeleted)
+		}
+		if !exist {
+			return errors.BadRequest(reason.AnswerCannotDeleted)
+		}
+		if questionInfo.AnswerCount > 1 {
+			return errors.BadRequest(reason.AnswerCannotDeleted)
+		}
+		if questionInfo.AcceptedAnswerID != "" {
+			return errors.BadRequest(reason.AnswerCannotDeleted)
+		}
 	}

 	// user add question count
@ -180,6 +182,19 @@ func (as *AnswerService) Update(ctx context.Context, req *schema.AnswerUpdateReq
 	if !exist {
 		return "", errors.BadRequest(reason.QuestionNotFound)
 	}
+	if !req.IsAdmin {
+		answerInfo, exist, err := as.answerRepo.GetByID(ctx, req.ID)
+		if err != nil {
+			return "", err
+		}
+		if !exist {
+			return "", nil
+		}
+		if answerInfo.UserID != req.UserID {
+			return "", errors.BadRequest(reason.AnswerCannotUpdate)
+		}
+	}
+
 	now := time.Now()
 	insertData := new(entity.Answer)
 	insertData.ID = req.ID
--- a/internal/service/question_service.go
+++ b/internal/service/question_service.go
@ -71,6 +71,12 @@ func (qs *QuestionService) CloseQuestion(ctx context.Context, req *schema.CloseQ
 	if !has {
 		return nil
 	}
+
+	if !req.IsAdmin {
+		if questionInfo.UserID != req.UserID {
+			return errors.BadRequest(reason.QuestionCannotClose)
+		}
+	}
 	questionInfo.Status = entity.QuestionStatusclosed
 	err = qs.questionRepo.UpdateQuestionStatus(ctx, questionInfo)
 	if err != nil {
@ -239,8 +245,11 @@ func (qs *QuestionService) UpdateQuestion(ctx context.Context, req *schema.Quest
 	if !has {
 		return
 	}
-	if dbinfo.UserID != req.UserID {
-		return
+	if !req.IsAdmin {
+		if dbinfo.UserID != req.UserID {
+			return questionInfo, errors.BadRequest(reason.QuestionCannotUpdate)
+		}
+
 	}

 	//CheckChangeTag