## Changed

- AccessVerify 改成 NoAccessVerify (禁用权限限制, 默认为否, 如需禁用手动赋值true)

Author: glennliao

.github/workflows/todo.yml

@@ -1,45 +1,45 @@
-name: Todo tests
-
-on:
-  push:
-    branches: [ "main" ,"dev"]
-  pull_request:
-    branches: [ "main", "dev" ]
-
-jobs:
-
-  build:
-    runs-on: ubuntu-latest
-    services:
-      mysql:
-        image: mysql:5.7.37
-        env:
-          MYSQL_ROOT_PASSWORD: 'yourpassword'
-          MYSQL_DATABASE: 'my_apijson'
-        ports:
-          - 3306:3306
-        options: >-
-          --health-cmd="mysqladmin ping"
-          --health-interval=10s
-          --health-timeout=5s
-          --health-retries=3
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Set up Go
-        uses: actions/setup-go@v3
-        with:
-          go-version: 1.18
-
-
-
-      - name: Test
-        run: |
-          
-          mysql -uroot -h 127.0.0.1 --port 3306 -pyourpassword my_apijson < @demo/todo/doc/todo.sql
-          
-          cd ./@demo/todo
-          mv config.yaml.example config.yaml
-          
-          cd tests
-          go test -v
+#name: Todo tests
+#
+#on:
+#  push:
+#    branches: [ "main" ,"dev"]
+#  pull_request:
+#    branches: [ "main", "dev" ]
+#
+#jobs:
+#
+#  build:
+#    runs-on: ubuntu-latest
+#    services:
+#      mysql:
+#        image: mysql:5.7.37
+#        env:
+#          MYSQL_ROOT_PASSWORD: 'yourpassword'
+#          MYSQL_DATABASE: 'my_apijson'
+#        ports:
+#          - 3306:3306
+#        options: >-
+#          --health-cmd="mysqladmin ping"
+#          --health-interval=10s
+#          --health-timeout=5s
+#          --health-retries=3
+#    steps:
+#      - uses: actions/checkout@v3
+#
+#      - name: Set up Go
+#        uses: actions/setup-go@v3
+#        with:
+#          go-version: 1.18
+#
+#
+#
+#      - name: Test
+#        run: |
+#
+#          mysql -uroot -h 127.0.0.1 --port 3306 -pyourpassword my_apijson < @demo/todo/doc/todo.sql
+#
+#          cd ./@demo/todo
+#          mv config.yaml.example config.yaml
+#
+#          cd tests
+#          go test -v

action/action.go

@@ -25,7 +25,10 @@ type Action struct {
 	children map[string]*Node
 	keyNode  map[string]*Node
 
-	AccessVerify bool
+	// 关闭 access 权限验证, 默认否
+	NoAccessVerify bool
+	// 关闭 request 验证开关, 默认否
+	NoRequestVerify bool
 }
 
 func New(ctx context.Context, method string, req model.Map) *Action {

action/node.go

@@ -97,7 +97,7 @@ func (n *Node) parse(ctx context.Context, method string) error {
 		return err
 	}
 
-	if n.action.AccessVerify {
+	if n.action.NoAccessVerify == false {
 		// 1. 检查权限, 无权限就不用做参数检查了
 		var accessRoles []string
 

config/access.go

@@ -28,8 +28,8 @@ type AccessCondition func(ctx context.Context, req AccessConditionReq) (g.Map, e
 type DefaultRole func(ctx context.Context, req RoleReq) (string, error)
 
 var (
-	// AccessVerify 是否权限验证
-	AccessVerify = true
+	// AccessVerify 是否禁用权限验证
+	NoAccessVerify = true
 	// AccessConditionFunc 自定义权限限制条件
 	AccessConditionFunc AccessCondition
 	// DefaultRoleFunc 自定义获取节点的默认角色

config/executor/query.go

@@ -15,19 +15,19 @@ type QueryExecutor interface {
 	EmptyResult()
 }
 
-type queryExecutorBuilder func(ctx context.Context, accessVerify bool, role string, access *db.Access) (QueryExecutor, error)
+type queryExecutorBuilder func(ctx context.Context, noAccessVerify bool, role string, access *db.Access) (QueryExecutor, error)
 
 var queryExecutorBuilderMap = map[string]queryExecutorBuilder{}
 
 func RegQueryExecutor(name string, e queryExecutorBuilder) {
 	queryExecutorBuilderMap[name] = e
 }
 
-func NewQueryExecutor(name string, ctx context.Context, accessVerify bool, role string, access *db.Access) (QueryExecutor, error) {
+func NewQueryExecutor(name string, ctx context.Context, noAccessVerify bool, role string, access *db.Access) (QueryExecutor, error) {
 	if v, exists := queryExecutorBuilderMap[name]; exists {
-		return v(ctx, accessVerify, role, access)
+		return v(ctx, noAccessVerify, role, access)
 	}
-	return queryExecutorBuilderMap["default"](ctx, accessVerify, role, access)
+	return queryExecutorBuilderMap["default"](ctx, noAccessVerify, role, access)
 }
 
 func QueryExecutorList() []string {

framework/gf_orm/query.go

@@ -32,12 +32,12 @@ type SqlExecutor struct {
 	// 是否最终为空结果, 用于node中中断数据获取
 	WithEmptyResult bool
 
-	accessVerify bool
+	noAccessVerify bool
 
 	access *db.Access
 }
 
-func New(ctx context.Context, accessVerify bool, role string, access *db.Access) (executor.QueryExecutor, error) {
+func New(ctx context.Context, noAccessVerify bool, role string, access *db.Access) (executor.QueryExecutor, error) {
 
 	return &SqlExecutor{
 		ctx:             ctx,
@@ -47,7 +47,7 @@ func New(ctx context.Context, accessVerify bool, role string, access *db.Access)
 		Order:           "",
 		Group:           "",
 		WithEmptyResult: false,
-		accessVerify:    accessVerify,
+		noAccessVerify:  noAccessVerify,
 		access:          access,
 	}, nil
 }
@@ -67,7 +67,7 @@ func (e *SqlExecutor) ParseCondition(conditions model.MapStrAny, accessVerify bo
 		case strings.HasSuffix(key, consts.OpRegexp):
 			e.Where = append(e.Where, []any{key[0 : len(key)-1], consts.SqlRegexp, gconv.String(condition)})
 
-		case key == "@raw" && !accessVerify:
+		case key == consts.Raw && !accessVerify:
 			e.accessCondition = condition.(model.Map)
 
 		default:
@@ -79,7 +79,7 @@ func (e *SqlExecutor) ParseCondition(conditions model.MapStrAny, accessVerify bo
 		return nil
 	}
 
-	if !e.accessVerify { // 可任意字段搜索
+	if e.noAccessVerify { // 可任意字段搜索
 		return nil
 	}
 
@@ -302,7 +302,7 @@ func (e *SqlExecutor) column() []string {
 		}
 
 		// 过滤可访问字段
-		if !e.accessVerify || lo.Contains(outFields, dbStyle(e.ctx, tableName, fieldName)) ||
+		if e.noAccessVerify || lo.Contains(outFields, dbStyle(e.ctx, tableName, fieldName)) ||
 			len(outFields) == 0 /* 数据库中未设置, 则看成全部可访问 */ {
 			fields = append(fields, column)
 		}

framework/handler/handler.go

@@ -19,7 +19,7 @@ import (
 
 func Get(ctx context.Context, req model.Map) (res model.Map, err error) {
 	q := query.New(ctx, req)
-	q.AccessVerify = config.AccessVerify
+	q.NoAccessVerify = config.NoAccessVerify
 	q.AccessCondition = config.AccessConditionFunc
 	return q.Result()
 }
@@ -30,19 +30,19 @@ func Head(ctx context.Context, req model.Map) (res model.Map, err error) {
 
 func Post(ctx context.Context, req model.Map) (res model.Map, err error) {
 	act := action.New(ctx, http.MethodPost, req)
-	act.AccessVerify = config.AccessVerify
+	act.NoAccessVerify = config.NoAccessVerify
 	return act.Result()
 }
 
 func Put(ctx context.Context, req model.Map) (res model.Map, err error) {
 	act := action.New(ctx, http.MethodPut, req)
-	act.AccessVerify = config.AccessVerify
+	act.NoAccessVerify = config.NoAccessVerify
 	return act.Result()
 }
 
 func Delete(ctx context.Context, req model.Map) (res model.Map, err error) {
 	act := action.New(ctx, http.MethodDelete, req)
-	act.AccessVerify = config.AccessVerify
+	act.NoAccessVerify = config.NoAccessVerify
 	return act.Result()
 }
 

go.mod

@@ -1,17 +1,13 @@
 module github.com/glennliao/apijson-go
 
-go 1.18
-
 require (
-	github.com/glennliao/table-sync v0.0.0-00010101000000-000000000000
-	github.com/gogf/gf/contrib/drivers/mysql/v2 v2.3.1
-	github.com/gogf/gf/v2 v2.3.1
+	github.com/glennliao/table-sync v0.2.0
+	github.com/gogf/gf/contrib/drivers/mysql/v2 v2.3.2
+	github.com/gogf/gf/v2 v2.3.2
 	github.com/iancoleman/orderedmap v0.2.0
 	github.com/samber/lo v1.33.0
 )
 
-replace github.com/glennliao/table-sync => ../table-sync
-
 require (
 	github.com/BurntSushi/toml v1.1.0 // indirect
 	github.com/clbanning/mxj/v2 v2.5.5 // indirect
@@ -36,3 +32,5 @@ require (
 	golang.org/x/text v0.3.8-0.20211105212822-18b340fc7af2 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
+
+go 1.18

go.sum

@@ -15,6 +15,8 @@ github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4
 github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
 github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI=
 github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU=
+github.com/glennliao/table-sync v0.2.0 h1:uxkrgNcDHCA/G27qk00+FqF2a832VVXmFX+/5zRHSkQ=
+github.com/glennliao/table-sync v0.2.0/go.mod h1:YgVRcaEqwZMQqjN0fuWqOCAo2vMkfbUE9OSXM6jgiYw=
 github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=
 github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
@@ -24,11 +26,11 @@ github.com/go-redis/redis/v8 v8.11.4/go.mod h1:2Z2wHZXdQpCDXEGzqMockDpNyYvi2l4Px
 github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
-github.com/gogf/gf/contrib/drivers/mysql/v2 v2.3.1 h1:uSZtDmlTFS51A98KPgZElPigSGDi7PPDN6mxeIXtsLo=
-github.com/gogf/gf/contrib/drivers/mysql/v2 v2.3.1/go.mod h1:z+/0qiOwMroAnj5ESuobTv0l5P83rf+XR3r6Fj8WJyk=
+github.com/gogf/gf/contrib/drivers/mysql/v2 v2.3.2 h1:BZww6QOFgiN/YvovUtN64sgnq59TIg8vtkG8AL6eSl0=
+github.com/gogf/gf/contrib/drivers/mysql/v2 v2.3.2/go.mod h1:z+/0qiOwMroAnj5ESuobTv0l5P83rf+XR3r6Fj8WJyk=
 github.com/gogf/gf/v2 v2.0.0/go.mod h1:apktt6TleWtCIwpz63vBqUnw8MX8gWKoZyxgDpXFtgM=
-github.com/gogf/gf/v2 v2.3.1 h1:uptCJK47N6KSRwTBnFAqBWYnYa/OXBkZ0OlhO9CK7bQ=
-github.com/gogf/gf/v2 v2.3.1/go.mod h1:tsbmtwcAl2chcYoq/fP9W2FZf06aw4i89X34nbSHo9Y=
+github.com/gogf/gf/v2 v2.3.2 h1:nlJ0zuDWqFb93/faZmr7V+GADx/lzz5Unz/9x6OJ2u8=
+github.com/gogf/gf/v2 v2.3.2/go.mod h1:tsbmtwcAl2chcYoq/fP9W2FZf06aw4i89X34nbSHo9Y=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=

query/node.go

@@ -109,7 +109,7 @@ func newNode(query *Query, key string, path string, nodeReq any) *Node {
 		} else {
 			node.Type = NodeTypeStruct // 结构节点下应该必须存在查询节点
 
-			if !query.AccessVerify {
+			if query.NoAccessVerify == false {
 				if lo.Contains(db.GetTableNameList(), k) {
 					node.Type = NodeTypeQuery
 				}
@@ -210,7 +210,7 @@ func (n *Node) parse() {
 	case NodeTypeQuery:
 		tableKey := parseTableKey(n.Key, n.Path)
 
-		access, err := db.GetAccess(tableKey, n.queryContext.AccessVerify)
+		access, err := db.GetAccess(tableKey, n.queryContext.NoAccessVerify)
 		if err != nil {
 			n.err = err
 			return
@@ -225,7 +225,7 @@ func (n *Node) parse() {
 			return
 		}
 
-		if n.queryContext.AccessVerify {
+		if n.queryContext.NoAccessVerify != false {
 			has, condition, err := hasAccess(n, tableKey)
 			if err != nil {
 				n.err = err
@@ -240,7 +240,7 @@ func (n *Node) parse() {
 			accessWhereCondition = condition
 		}
 
-		queryExecutor, err := executor.NewQueryExecutor(access.Executor, n.ctx, n.queryContext.AccessVerify, n.role, access)
+		queryExecutor, err := executor.NewQueryExecutor(access.Executor, n.ctx, n.queryContext.NoAccessVerify, n.role, access)
 		if err != nil {
 			n.err = err
 			return