移除旧版用户兼容
This commit is contained in:
@@ -34,31 +34,17 @@ export async function GET(request: NextRequest) {
|
||||
if (username === process.env.USERNAME) {
|
||||
result.Role = 'owner';
|
||||
} else {
|
||||
// 优先从新版本获取用户信息
|
||||
// 从新版数据库获取用户信息
|
||||
const { db } = await import('@/lib/db');
|
||||
const userInfoV2 = await db.getUserInfoV2(username);
|
||||
|
||||
if (userInfoV2) {
|
||||
// 使用新版本用户信息
|
||||
if (userInfoV2.role === 'admin' && !userInfoV2.banned) {
|
||||
result.Role = 'admin';
|
||||
} else {
|
||||
return NextResponse.json(
|
||||
{ error: '你是管理员吗你就访问?' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
if (userInfoV2 && userInfoV2.role === 'admin' && !userInfoV2.banned) {
|
||||
result.Role = 'admin';
|
||||
} else {
|
||||
// 回退到配置中查找
|
||||
const user = config.UserConfig.Users.find((u) => u.username === username);
|
||||
if (user && user.role === 'admin' && !user.banned) {
|
||||
result.Role = 'admin';
|
||||
} else {
|
||||
return NextResponse.json(
|
||||
{ error: '你是管理员吗你就访问?' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
return NextResponse.json(
|
||||
{ error: '你是管理员吗你就访问?' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -454,21 +454,9 @@ export async function POST(request: NextRequest) {
|
||||
// 权限检查:站长可批量配置所有人的用户组,管理员只能批量配置普通用户
|
||||
if (operatorRole !== 'owner') {
|
||||
for (const targetUsername of usernames) {
|
||||
// 先从配置中查找
|
||||
let targetUser = adminConfig.UserConfig.Users.find(u => u.username === targetUsername);
|
||||
// 如果配置中没有,从V2存储中查找
|
||||
if (!targetUser) {
|
||||
const userV2 = await db.getUserInfoV2(targetUsername);
|
||||
if (userV2) {
|
||||
targetUser = {
|
||||
username: targetUsername,
|
||||
role: userV2.role,
|
||||
banned: userV2.banned,
|
||||
tags: userV2.tags,
|
||||
};
|
||||
}
|
||||
}
|
||||
if (targetUser && targetUser.role === 'admin' && targetUsername !== username) {
|
||||
// 从V2存储中查找用户
|
||||
const userV2 = await db.getUserInfoV2(targetUsername);
|
||||
if (userV2 && userV2.role === 'admin' && targetUsername !== username) {
|
||||
return NextResponse.json({ error: `管理员无法操作其他管理员 ${targetUsername}` }, { status: 400 });
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user