Merge branch 'feat/conv-whook' of github.com:mo3et/open-im-server into feat/conv-whook

.github/workflows/go-build-test.yml

@@ -12,6 +12,10 @@ jobs:
   go-build:
     name: Test with go ${{ matrix.go_version }} on ${{ matrix.os }}
     runs-on: ${{ matrix.os }}
+
+    env:
+      SHARE_CONFIG_PATH: config/share.yml
+
     permissions:
       contents: write
       pull-requests: write
@@ -40,6 +44,10 @@ jobs:
         with:
           compose-file: "./docker-compose.yml"
 
+      - name: Modify Server Configuration
+        run: |
+          yq e '.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}
+
       # - name: Get Internal IP Address
       #   id: get-ip
       #   run: |
@@ -71,6 +79,11 @@ jobs:
           go mod download
           go install github.com/magefile/mage@latest
 
+      - name: Modify Chat Configuration
+        run: |
+          cd ${{ github.workspace }}/chat-repo
+          yq e '.openIM.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}
+
       - name: Build and test Chat Services
         run: |
           cd ${{ github.workspace }}/chat-repo
@@ -132,7 +145,7 @@ jobs:
 
           # Test get admin token
           get_admin_token_response=$(curl -X POST -H "Content-Type: application/json" -H "operationID: imAdmin" -d '{
-            "secret": "openIM123",
+            "secret": "123456",
             "platformID": 2,
             "userID": "imAdmin"
           }' http://127.0.0.1:10002/auth/get_admin_token)
@@ -169,7 +182,8 @@ jobs:
       contents: write
     env:
       SDK_DIR: openim-sdk-core
-      CONFIG_PATH: config/notification.yml
+      NOTIFICATION_CONFIG_PATH: config/notification.yml
+      SHARE_CONFIG_PATH: config/share.yml
 
     strategy:
       matrix:
@@ -184,7 +198,7 @@ jobs:
         uses: actions/checkout@v4
         with:
           repository: "openimsdk/openim-sdk-core"
-          ref: "release-v3.8"
+          ref: "main"
           path: ${{ env.SDK_DIR }}
 
       - name: Set up Go ${{ matrix.go_version }}
@@ -199,8 +213,9 @@ jobs:
 
       - name: Modify Server Configuration
         run: |
-          yq e '.groupCreated.isSendMsg = true' -i ${{ env.CONFIG_PATH }}
+          yq e '.groupCreated.isSendMsg = true' -i ${{ env.NOTIFICATION_CONFIG_PATH }}
-          yq e '.friendApplicationApproved.isSendMsg = true' -i ${{ env.CONFIG_PATH }}
+          yq e '.friendApplicationApproved.isSendMsg = true' -i ${{ env.NOTIFICATION_CONFIG_PATH }}
+          yq e '.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}
 
       - name: Start Server Services
         run: |

internal/rpc/user/user.go

@@ -49,6 +49,10 @@ import (
 	"google.golang.org/grpc"
 )
 
+const (
+	defaultSecret = "openIM123"
+)
+
 type userServer struct {
 	pbuser.UnimplementedUserServer
 	online                   cache.OnlineCache
@@ -88,7 +92,7 @@ func Start(ctx context.Context, config *Config, client discovery.Conn, server gr
 	users := make([]*tablerelation.User, 0)
 
 	for _, v := range config.Share.IMAdminUserID {
-		users = append(users, &tablerelation.User{UserID: v, Nickname: v, AppMangerLevel: constant.AppNotificationAdmin})
+		users = append(users, &tablerelation.User{UserID: v, Nickname: v, AppMangerLevel: constant.AppAdmin})
 	}
 	userDB, err := mgo.NewUserMongo(mgocli.GetDB())
 	if err != nil {
@@ -273,6 +277,10 @@ func (s *userServer) UserRegister(ctx context.Context, req *pbuser.UserRegisterR
 	if len(req.Users) == 0 {
 		return nil, errs.ErrArgs.WrapMsg("users is empty")
 	}
+	// check if secret is changed
+	if s.config.Share.Secret == defaultSecret {
+		return nil, servererrs.ErrSecretNotChanged.Wrap()
+	}
 
 	if err = authverify.CheckAdmin(ctx, s.config.Share.IMAdminUserID); err != nil {
 		return nil, err
@@ -605,7 +613,7 @@ func (s *userServer) GetNotificationAccount(ctx context.Context, req *pbuser.Get
 	if err != nil {
 		return nil, servererrs.ErrUserIDNotFound.Wrap()
 	}
-	if user.AppMangerLevel == constant.AppAdmin || user.AppMangerLevel >= constant.AppNotificationAdmin {
+	if user.AppMangerLevel >= constant.AppAdmin {
 		return &pbuser.GetNotificationAccountResp{Account: &pbuser.NotificationAccountInfo{
 			UserID:         user.UserID,
 			FaceURL:        user.FaceURL,

pkg/common/servererrs/code.go

@@ -37,7 +37,8 @@ const (
 
 // General error codes.
 const (
-	NoError       = 0     // No error
+	NoError = 0 // No error
+
 	DatabaseError = 90002 // Database error (redis/mysql, etc.)
 	NetworkError  = 90004 // Network error
 	DataError     = 90007 // Data error
@@ -45,11 +46,12 @@ const (
 	CallbackError = 80000
 
 	// General error codes.
-	ServerInternalError = 500  // Server internal error
+	ServerInternalError   = 500  // Server internal error
-	ArgsError           = 1001 // Input parameter error
+	ArgsError             = 1001 // Input parameter error
-	NoPermissionError   = 1002 // Insufficient permission
+	NoPermissionError     = 1002 // Insufficient permission
-	DuplicateKeyError   = 1003
+	DuplicateKeyError     = 1003
-	RecordNotFoundError = 1004 // Record does not exist
+	RecordNotFoundError   = 1004 // Record does not exist
+	SecretNotChangedError = 1050 // secret not changed
 
 	// Account error codes.
 	UserIDNotFoundError    = 1101 // UserID does not exist or is not registered

pkg/common/servererrs/predefine.go

@@ -17,6 +17,8 @@ package servererrs
 import "github.com/openimsdk/tools/errs"
 
 var (
+	ErrSecretNotChanged = errs.NewCodeError(SecretNotChangedError, "secret not changed, please change secret in config/share.yml for security reasons")
+
 	ErrDatabase         = errs.NewCodeError(DatabaseError, "DatabaseError")
 	ErrNetwork          = errs.NewCodeError(NetworkError, "NetworkError")
 	ErrCallback         = errs.NewCodeError(CallbackError, "CallbackError")

pkg/common/storage/controller/auth.go

@@ -80,31 +80,28 @@ func (a *authDatabase) BatchSetTokenMapByUidPid(ctx context.Context, tokens []st
 
 // Create Token.
 func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformID int) (string, error) {
-	isAdmin := authverify.IsManagerUserID(userID, a.adminUserIDs)
+	tokens, err := a.cache.GetAllTokensWithoutError(ctx, userID)
-	if !isAdmin {
+	if err != nil {
-		tokens, err := a.cache.GetAllTokensWithoutError(ctx, userID)
+		return "", err
-		if err != nil {
+	}
-			return "", err
-		}
 
-		deleteTokenKey, kickedTokenKey, err := a.checkToken(ctx, tokens, platformID)
+	deleteTokenKey, kickedTokenKey, err := a.checkToken(ctx, tokens, platformID)
+	if err != nil {
+		return "", err
+	}
+	if len(deleteTokenKey) != 0 {
+		err = a.cache.DeleteTokenByUidPid(ctx, userID, platformID, deleteTokenKey)
 		if err != nil {
 			return "", err
 		}
-		if len(deleteTokenKey) != 0 {
+	}
-			err = a.cache.DeleteTokenByUidPid(ctx, userID, platformID, deleteTokenKey)
+	if len(kickedTokenKey) != 0 {
+		for _, k := range kickedTokenKey {
+			err := a.cache.SetTokenFlagEx(ctx, userID, platformID, k, constant.KickedToken)
 			if err != nil {
 				return "", err
 			}
-		}
+			log.ZDebug(ctx, "kicked token in create token", "token", k)
-		if len(kickedTokenKey) != 0 {
-			for _, k := range kickedTokenKey {
-				err := a.cache.SetTokenFlagEx(ctx, userID, platformID, k, constant.KickedToken)
-				if err != nil {
-					return "", err
-				}
-				log.ZDebug(ctx, "kicked token in create token", "token", k)
-			}
 		}
 	}
 
@@ -115,10 +112,8 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
 		return "", errs.WrapMsg(err, "token.SignedString")
 	}
 
-	if !isAdmin {
+	if err = a.cache.SetTokenFlagEx(ctx, userID, platformID, tokenString, constant.NormalToken); err != nil {
-		if err = a.cache.SetTokenFlagEx(ctx, userID, platformID, tokenString, constant.NormalToken); err != nil {
+		return "", err
-			return "", err
-		}
 	}
 
 	return tokenString, nil
@@ -224,9 +219,6 @@ func (a *authDatabase) checkToken(ctx context.Context, tokens map[int]map[string
 	}
 
 	//var adminTokenMaxNum = a.multiLogin.MaxNumOneEnd
-	//if a.multiLogin.Policy == constant.Customize {
-	//	adminTokenMaxNum = a.multiLogin.CustomizeLoginNum[constant.AdminPlatformID]
-	//}
 	//l := len(adminToken)
 	//if platformID == constant.AdminPlatformID {
 	//	l++
@@ -234,5 +226,8 @@ func (a *authDatabase) checkToken(ctx context.Context, tokens map[int]map[string
 	//if l > adminTokenMaxNum {
 	//	kickToken = append(kickToken, adminToken[:l-adminTokenMaxNum]...)
 	//}
+	if platformID == constant.AdminPlatformID {
+		kickToken = append(kickToken, adminToken...)
+	}
 	return deleteToken, kickToken, nil
 }

pkg/common/storage/controller/user.go

@@ -21,12 +21,11 @@ import (
 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/database"
 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/model"
 	"github.com/openimsdk/protocol/constant"
+	"github.com/openimsdk/protocol/user"
 	"github.com/openimsdk/tools/db/pagination"
 	"github.com/openimsdk/tools/db/tx"
-	"github.com/openimsdk/tools/utils/datautil"
-
-	"github.com/openimsdk/protocol/user"
 	"github.com/openimsdk/tools/errs"
+	"github.com/openimsdk/tools/utils/datautil"
 
 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/cache"
 )