Skip to content

fix(resp): add write_content_bypass to FsListResp#454

Open
xrgzs wants to merge 1 commit intoOpenListTeam:mainfrom
xrgzs:fix/write
Open

fix(resp): add write_content_bypass to FsListResp#454
xrgzs wants to merge 1 commit intoOpenListTeam:mainfrom
xrgzs:fix/write

Conversation

@xrgzs
Copy link
Copy Markdown
Member

@xrgzs xrgzs commented Mar 30, 2026
edited
Loading

Description / 描述

OpenListTeam/OpenList#2145 改了 API,然后没加 write_content_bypass 存储类型 ,导致 Guest 用户无法显示上传等按钮。

Motivation and Context / 背景

Relates to #386

Relates to OpenListTeam/OpenList#2145

How Has This Been Tested? / 测试

Checklist / 检查清单

  • I have read the CONTRIBUTING document.
    我已阅读 CONTRIBUTING 文档。
  • I have formatted my code with go fmt or prettier.
    我已使用 go fmtprettier 格式化提交的代码。
  • I have added appropriate labels to this PR (or mentioned needed labels in the description if lacking permissions).
    我已为此 PR 添加了适当的标签(如无权限或需要的标签不存在,请在描述中说明,管理员将后续处理)。
  • I have requested review from relevant code authors using the "Request review" feature when applicable.
    我已在适当情况下使用"Request review"功能请求相关代码作者进行审查。
  • I have updated the repository accordingly (If it’s needed).
    我已相应更新了相关仓库(若适用)。

@xrgzs
fix(resp): add write_content_bypass to FsListResp
b4db190 
Signed-off-by: MadDogOwner <xiaoran@xrgzs.top>
@xrgzs xrgzs added the bug Something isn't working label Mar 30, 2026
@xrgzs
Copy link
Copy Markdown
Member Author

xrgzs commented Mar 30, 2026

BTW,个人认为这个 write_content_bypass 没有必要加到 api/fs/list,其实前端直接判断 write === true 即可,相关计算后端进行,不如简化一下。现在 API 文档还没改: https://fox.oplist.org.cn/364155732e0

@Lanfei 你认为怎么样?

@Lanfei
Copy link
Copy Markdown
Contributor

Lanfei commented Mar 30, 2026

@xrgzs 我在重构的时候也考虑过,但有一个问题: write 表达的是当前路径的 管理写入权限(上传、写入、重命名、移动、删除等),而 write_content_bypass 表达的当前路径能否忽略用户的 内容写入权限(创建目录或上传),如果合并的话,重命名、移动、删除 等操作的权限判断,就会受 write_content_bypass 影响,比如:

  • 上传权限的判断条件应该是:write == true && (user.CanWriteContent() || write_content_bypass)
  • 移动权限的判断条件应该是:write == true && user.CanMove() (如果合并的话,会受 write_content_bypass 影响,但不应该)

想过另一个方案,把所有操作权限判断都统一在服务端计算后下发给客户端:

  • CanWriteContent(write == true && (user.CanWriteContent() || write_content_bypass)
  • CanMove (write == true && user.CanMove()
  • CanRename (write == true && user.CanRename()
  • ……

这样更统一,且不需要客户端关心权限判断规则细节,但字段数量就会多不少,改动也不小,所以最终采取了当前的方案。

@xrgzs
Copy link
Copy Markdown
Member Author

xrgzs commented Mar 30, 2026

@xrgzs 我在重构的时候也考虑过,但有一个问题: write 表达的是当前路径的 管理写入权限(上传、写入、重命名、移动、删除等),而 write_content_bypass 表达的当前路径能否忽略用户的 内容写入权限(创建目录或上传),如果合并的话,重命名、移动、删除 等操作的权限判断,就会受 write_content_bypass 影响,比如:

  • 上传权限的判断条件应该是:write == true && (user.CanWriteContent() || write_content_bypass)
  • 移动权限的判断条件应该是:write == true && user.CanMove() (如果合并的话,会受 write_content_bypass 影响,但不应该)

想过另一个方案,把所有操作权限判断都统一在服务端计算后下发给客户端:

  • CanWriteContent(write == true && (user.CanWriteContent() || write_content_bypass)
  • CanMove (write == true && user.CanMove()
  • CanRename (write == true && user.CanRename()
  • ……

这样更统一,且不需要客户端关心权限判断规则细节,但字段数量就会多不少,改动也不小,所以最终采取了当前的方案。

那还是等 FileMask 再进行调整吧。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@xrgzs @Lanfei