Merge branch 'openimsdk:main' into feat/conv-whook

2025-04-05 20:11:14 +08:00 · 2025-03-14 15:37:19 +08:00 · 2025-03-14 15:37:19 +08:00 · e32f681a78
commit e32f681a78
parent cae28764e9 0b9dbd301c
6 changed files with 62 additions and 41 deletions
--- a/.github/workflows/go-build-test.yml
+++ b/.github/workflows/go-build-test.yml
@ -12,6 +12,10 @@ jobs:
  go-build:
    name: Test with go ${{ matrix.go_version }} on ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
+
+    env:
+      SHARE_CONFIG_PATH: config/share.yml
+
    permissions:
      contents: write
      pull-requests: write
@ -40,6 +44,10 @@ jobs:
        with:
          compose-file: "./docker-compose.yml"

+      - name: Modify Server Configuration
+        run: |
+          yq e '.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}
+
      # - name: Get Internal IP Address
      #   id: get-ip
      #   run: |
@ -71,6 +79,11 @@ jobs:
          go mod download
          go install github.com/magefile/mage@latest

+      - name: Modify Chat Configuration
+        run: |
+          cd ${{ github.workspace }}/chat-repo
+          yq e '.openIM.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}
+
      - name: Build and test Chat Services
        run: |
          cd ${{ github.workspace }}/chat-repo
@ -132,7 +145,7 @@ jobs:

          # Test get admin token
          get_admin_token_response=$(curl -X POST -H "Content-Type: application/json" -H "operationID: imAdmin" -d '{
-            "secret": "openIM123",
+            "secret": "123456",
            "platformID": 2,
            "userID": "imAdmin"
          }' http://127.0.0.1:10002/auth/get_admin_token)
@ -169,7 +182,8 @@ jobs:
      contents: write
    env:
      SDK_DIR: openim-sdk-core
-      CONFIG_PATH: config/notification.yml
+      NOTIFICATION_CONFIG_PATH: config/notification.yml
+      SHARE_CONFIG_PATH: config/share.yml

    strategy:
      matrix:
@ -184,7 +198,7 @@ jobs:
        uses: actions/checkout@v4
        with:
          repository: "openimsdk/openim-sdk-core"
-          ref: "release-v3.8"
+          ref: "main"
          path: ${{ env.SDK_DIR }}

      - name: Set up Go ${{ matrix.go_version }}
@ -199,8 +213,9 @@ jobs:

      - name: Modify Server Configuration
        run: |
-          yq e '.groupCreated.isSendMsg = true' -i ${{ env.CONFIG_PATH }}
-          yq e '.friendApplicationApproved.isSendMsg = true' -i ${{ env.CONFIG_PATH }}
+          yq e '.groupCreated.isSendMsg = true' -i ${{ env.NOTIFICATION_CONFIG_PATH }}
+          yq e '.friendApplicationApproved.isSendMsg = true' -i ${{ env.NOTIFICATION_CONFIG_PATH }}
+          yq e '.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}

      - name: Start Server Services
        run: |
--- a/internal/rpc/user/user.go
+++ b/internal/rpc/user/user.go
@ -49,6 +49,10 @@ import (
 	"google.golang.org/grpc"
 )

+const (
+	defaultSecret = "openIM123"
+)
+
 type userServer struct {
 	pbuser.UnimplementedUserServer
 	online                   cache.OnlineCache
@ -88,7 +92,7 @@ func Start(ctx context.Context, config *Config, client discovery.Conn, server gr
 	users := make([]*tablerelation.User, 0)

 	for _, v := range config.Share.IMAdminUserID {
-		users = append(users, &tablerelation.User{UserID: v, Nickname: v, AppMangerLevel: constant.AppNotificationAdmin})
+		users = append(users, &tablerelation.User{UserID: v, Nickname: v, AppMangerLevel: constant.AppAdmin})
 	}
 	userDB, err := mgo.NewUserMongo(mgocli.GetDB())
 	if err != nil {
@ -273,6 +277,10 @@ func (s *userServer) UserRegister(ctx context.Context, req *pbuser.UserRegisterR
 	if len(req.Users) == 0 {
 		return nil, errs.ErrArgs.WrapMsg("users is empty")
 	}
+	// check if secret is changed
+	if s.config.Share.Secret == defaultSecret {
+		return nil, servererrs.ErrSecretNotChanged.Wrap()
+	}

 	if err = authverify.CheckAdmin(ctx, s.config.Share.IMAdminUserID); err != nil {
 		return nil, err
@ -605,7 +613,7 @@ func (s *userServer) GetNotificationAccount(ctx context.Context, req *pbuser.Get
 	if err != nil {
 		return nil, servererrs.ErrUserIDNotFound.Wrap()
 	}
-	if user.AppMangerLevel == constant.AppAdmin || user.AppMangerLevel >= constant.AppNotificationAdmin {
+	if user.AppMangerLevel >= constant.AppAdmin {
 		return &pbuser.GetNotificationAccountResp{Account: &pbuser.NotificationAccountInfo{
 			UserID:         user.UserID,
 			FaceURL:        user.FaceURL,
--- a/pkg/common/servererrs/code.go
+++ b/pkg/common/servererrs/code.go
@ -38,6 +38,7 @@ const (
 // General error codes.
 const (
 	NoError = 0 // No error
+
 	DatabaseError = 90002 // Database error (redis/mysql, etc.)
 	NetworkError  = 90004 // Network error
 	DataError     = 90007 // Data error
@ -50,6 +51,7 @@ const (
 	NoPermissionError     = 1002 // Insufficient permission
 	DuplicateKeyError     = 1003
 	RecordNotFoundError   = 1004 // Record does not exist
+	SecretNotChangedError = 1050 // secret not changed

 	// Account error codes.
 	UserIDNotFoundError    = 1101 // UserID does not exist or is not registered
--- a/pkg/common/servererrs/predefine.go
+++ b/pkg/common/servererrs/predefine.go
@ -17,6 +17,8 @@ package servererrs
 import "github.com/openimsdk/tools/errs"

 var (
+	ErrSecretNotChanged = errs.NewCodeError(SecretNotChangedError, "secret not changed, please change secret in config/share.yml for security reasons")
+
 	ErrDatabase         = errs.NewCodeError(DatabaseError, "DatabaseError")
 	ErrNetwork          = errs.NewCodeError(NetworkError, "NetworkError")
 	ErrCallback         = errs.NewCodeError(CallbackError, "CallbackError")
--- a/pkg/common/storage/controller/auth.go
+++ b/pkg/common/storage/controller/auth.go
@ -80,8 +80,6 @@ func (a *authDatabase) BatchSetTokenMapByUidPid(ctx context.Context, tokens []st

 // Create Token.
 func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformID int) (string, error) {
-	isAdmin := authverify.IsManagerUserID(userID, a.adminUserIDs)
-	if !isAdmin {
 	tokens, err := a.cache.GetAllTokensWithoutError(ctx, userID)
 	if err != nil {
 		return "", err
@ -106,7 +104,6 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
 			log.ZDebug(ctx, "kicked token in create token", "token", k)
 		}
 	}
-	}

 	claims := tokenverify.BuildClaims(userID, platformID, a.accessExpire)
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
@ -115,11 +112,9 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
 		return "", errs.WrapMsg(err, "token.SignedString")
 	}

-	if !isAdmin {
 	if err = a.cache.SetTokenFlagEx(ctx, userID, platformID, tokenString, constant.NormalToken); err != nil {
 		return "", err
 	}
-	}

 	return tokenString, nil
 }
@ -224,9 +219,6 @@ func (a *authDatabase) checkToken(ctx context.Context, tokens map[int]map[string
 	}

 	//var adminTokenMaxNum = a.multiLogin.MaxNumOneEnd
-	//if a.multiLogin.Policy == constant.Customize {
-	//	adminTokenMaxNum = a.multiLogin.CustomizeLoginNum[constant.AdminPlatformID]
-	//}
 	//l := len(adminToken)
 	//if platformID == constant.AdminPlatformID {
 	//	l++
@ -234,5 +226,8 @@ func (a *authDatabase) checkToken(ctx context.Context, tokens map[int]map[string
 	//if l > adminTokenMaxNum {
 	//	kickToken = append(kickToken, adminToken[:l-adminTokenMaxNum]...)
 	//}
+	if platformID == constant.AdminPlatformID {
+		kickToken = append(kickToken, adminToken...)
+	}
 	return deleteToken, kickToken, nil
 }
--- a/pkg/common/storage/controller/user.go
+++ b/pkg/common/storage/controller/user.go
@ -21,12 +21,11 @@ import (
 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/database"
 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/model"
 	"github.com/openimsdk/protocol/constant"
+	"github.com/openimsdk/protocol/user"
 	"github.com/openimsdk/tools/db/pagination"
 	"github.com/openimsdk/tools/db/tx"
-	"github.com/openimsdk/tools/utils/datautil"
-
-	"github.com/openimsdk/protocol/user"
 	"github.com/openimsdk/tools/errs"
+	"github.com/openimsdk/tools/utils/datautil"

 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/cache"
 )