team/tyapi-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

f

Browse Source
This commit is contained in:
liangzai
2026-04-25 21:00:22 +08:00
parent d564f4eb1b
commit fcbd534b57
2 changed files with 60 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
internal/application/api/api_application_service.go
View File

@@ -291,6 +291,44 @@ func (s *ApiApplicationServiceImpl) validateApiCall(ctx context.Context, cmd *co
s.logger.Error("解析解密参数失败", zap.Error(err)) s.logger.Error("解析解密参数失败", zap.Error(err))
return nil, ErrDecryptFail return nil, ErrDecryptFail
} }
// 7.1 子账号主账号 AccessId 校验(仅在请求参数中携带时生效)
if parentAccessID, ok := extractParentAccessID(paramsMap); ok {
if s.subordinateRepo == nil {
s.logger.Error("子账号主账号AccessId校验失败subordinateRepo未初始化")
return nil, ErrSystem
}
link, err := s.subordinateRepo.FindLinkByChildUserID(ctx, apiUser.UserId)
if err != nil {
s.logger.Error("查询子账号主从关系失败",
zap.String("user_id", apiUser.UserId),
zap.Error(err))
return nil, ErrSystem
}
if link == nil {
s.logger.Warn("子账号主账号AccessId校验失败未找到主从关系",
zap.String("user_id", apiUser.UserId),
zap.String("parent_access_id", parentAccessID))
return nil, ErrQueryFailed
}
parentApiUser, err := s.apiUserService.LoadApiUserByUserId(ctx, link.ParentUserID)
if err != nil {
s.logger.Error("加载主账号API用户失败",
zap.String("child_user_id", apiUser.UserId),
zap.String("parent_user_id", link.ParentUserID),
zap.Error(err))
return nil, ErrSystem
}
if parentApiUser == nil || parentApiUser.AccessId != parentAccessID {
s.logger.Warn("子账号主账号AccessId校验失败主账号不匹配",
zap.String("child_user_id", apiUser.UserId),
zap.String("parent_user_id", link.ParentUserID),
zap.String("parent_access_id", parentAccessID))
return nil, ErrQueryFailed
}
}
result.SetRequestParams(paramsMap) result.SetRequestParams(paramsMap)
// 8. 获取合同信息 // 8. 获取合同信息
@@ -307,6 +345,26 @@ func (s *ApiApplicationServiceImpl) validateApiCall(ctx context.Context, cmd *co
return result, nil return result, nil
} }
// extractParentAccessID 从解密参数中提取主账号 AccessId
// 仅支持键名master_accessid
func extractParentAccessID(params map[string]interface{}) (string, bool) {
if len(params) == 0 {
return "", false
}
value, ok := params["master_accessid"]
if !ok {
return "", false
}
if str, ok := value.(string); ok {
str = strings.TrimSpace(str)
if str != "" {
return str, true
}
}
return "", false
}
// callExternalApi 同步调用外部API // callExternalApi 同步调用外部API
func (s *ApiApplicationServiceImpl) callExternalApi(ctx context.Context, cmd *commands.ApiCallCommand, validation *dto.ApiCallValidationResult) (string, error) { func (s *ApiApplicationServiceImpl) callExternalApi(ctx context.Context, cmd *commands.ApiCallCommand, validation *dto.ApiCallValidationResult) (string, error) {
// 创建CallContext // 创建CallContext

2
internal/application/api/errors.go
View File

@@ -5,6 +5,7 @@ import "errors"
// API调用相关错误类型 // API调用相关错误类型
var ( var (
ErrQueryEmpty = errors.New("查询为空") ErrQueryEmpty = errors.New("查询为空")
ErrQueryFailed = errors.New("查询失败")
ErrSystem = errors.New("接口异常") ErrSystem = errors.New("接口异常")
ErrDecryptFail = errors.New("解密失败") ErrDecryptFail = errors.New("解密失败")
ErrRequestParam = errors.New("请求参数结构不正确") ErrRequestParam = errors.New("请求参数结构不正确")
@@ -27,6 +28,7 @@ var (
// 错误码映射 - 严格按照用户要求 // 错误码映射 - 严格按照用户要求
var ErrorCodeMap = map[error]int{ var ErrorCodeMap = map[error]int{
ErrQueryEmpty: 1000, ErrQueryEmpty: 1000,
ErrQueryFailed: 1000,
ErrSystem: 1001, ErrSystem: 1001,
ErrDecryptFail: 1002, ErrDecryptFail: 1002,
ErrRequestParam: 1003, ErrRequestParam: 1003,