From 388071465493e8574b678861b3edd1c8fa9c99db Mon Sep 17 00:00:00 2001
From: lewis <747342561@qq.com>
Date: Mon, 29 Nov 2021 17:05:32 +0800
Subject: [PATCH 1/2] fix 902

---
 models/user.go             |  1 +
 modules/context/auth.go    |  3 +--
 modules/context/context.go |  1 +
 routers/api/v1/api.go      | 20 ++++++++++++--------
 routers/routes/routes.go   |  2 +-
 5 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/models/user.go b/models/user.go
index 1ee20d74c..8968f7c02 100755
--- a/models/user.go
+++ b/models/user.go
@@ -145,6 +145,7 @@ type User struct {
 	AllowImportLocal        bool // Allow migrate repository by local path
 	AllowCreateOrganization bool `xorm:"DEFAULT true"`
 	ProhibitLogin           bool `xorm:"NOT NULL DEFAULT false"`
+	IsOperator              bool `xorm:"NOT NULL DEFAULT false"`		//运营人员
 
 	// Avatar
 	Avatar          string `xorm:"VARCHAR(2048) NOT NULL"`
diff --git a/modules/context/auth.go b/modules/context/auth.go
index 3f53e6fce..9877657eb 100755
--- a/modules/context/auth.go
+++ b/modules/context/auth.go
@@ -145,8 +145,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
 		}
 
 		if options.OperationRequired {
-			//todo: add isOperator judgement
-			if !ctx.User.IsAdmin {
+			if !ctx.User.IsOperator {
 				ctx.Error(403)
 				return
 			}
diff --git a/modules/context/context.go b/modules/context/context.go
index 6877780e3..5f09e190d 100755
--- a/modules/context/context.go
+++ b/modules/context/context.go
@@ -310,6 +310,7 @@ func Contexter() macaron.Handler {
 			ctx.Data["SignedUserID"] = ctx.User.ID
 			ctx.Data["SignedUserName"] = ctx.User.Name
 			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
+			ctx.Data["IsOperator"] = ctx.User.IsOperator
 			c.Data["SignedUserName"] = ctx.User.Name
 		} else {
 			ctx.Data["SignedUserID"] = int64(0)
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
index b7ef8d48f..518c63e4f 100755
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@@ -75,6 +75,7 @@ import (
 	"code.gitea.io/gitea/routers/api/v1/repo"
 	_ "code.gitea.io/gitea/routers/api/v1/swagger" // for swagger generation
 	"code.gitea.io/gitea/routers/api/v1/user"
+	repo_ext "code.gitea.io/gitea/routers/repo"
 
 	"gitea.com/macaron/binding"
 	"gitea.com/macaron/macaron"
@@ -523,23 +524,26 @@ func RegisterRoutes(m *macaron.Macaron) {
 				Get(notify.GetThread).
 				Patch(notify.ReadThread)
 		}, reqToken())
-		adminReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, AdminRequired: true})
+		
+		operationReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, OperationRequired: true})
 		//Project board
 		m.Group("/projectboard", func() {
 
-			m.Get("/restoreFork", adminReq, repo.RestoreForkNumber)
-			m.Get("/downloadAll", adminReq, repo.ServeAllProjectsPeriodStatisticsFile)
-			m.Get("/downloadAllOpenI", adminReq, repo.ServeAllProjectsOpenIStatisticsFile)
+			m.Get("/restoreFork", repo.RestoreForkNumber)
+			m.Get("/downloadAll", repo.ServeAllProjectsPeriodStatisticsFile)
+			m.Get("/downloadAllOpenI", repo.ServeAllProjectsOpenIStatisticsFile)
 			m.Group("/project", func() {
-				m.Get("", adminReq, repo.GetAllProjectsPeriodStatistics)
+				m.Get("", repo.GetAllProjectsPeriodStatistics)
 
 				m.Group("/:id", func() {
-					m.Get("", adminReq, repo.GetProjectLatestStatistics)
-					m.Get("/period", adminReq, repo.GetProjectPeriodStatistics)
+					m.Get("", repo.GetProjectLatestStatistics)
+					m.Get("/period", repo.GetProjectPeriodStatistics)
 
 				})
 			})
-		})
+		}, operationReq)
+
+		m.Get("/query_user_static_page", operationReq, repo_ext.QueryUserStaticDataPage)
 
 		// Users
 		m.Group("/users", func() {
diff --git a/routers/routes/routes.go b/routers/routes/routes.go
index 3bacb7549..67794bf88 100755
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@@ -792,7 +792,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 	}, reqSignIn, context.RepoAssignment(), context.UnitTypes(), reqRepoAdmin, context.RepoRef())
 
 	m.Post("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action)
-	m.Get("/tool/query_user_static_page", adminReq, repo.QueryUserStaticDataPage)
+
 	// Grouping for those endpoints not requiring authentication
 	m.Group("/:username/:reponame", func() {
 		m.Get("/contributors", repo.Contributors)

From ef4f5e0d84408e520476d92b200d5eda2151458b Mon Sep 17 00:00:00 2001
From: Gitea <gitea@fake.local>
Date: Wed, 1 Dec 2021 09:07:06 +0800
Subject: [PATCH 2/2] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=95=B0=E5=AD=97?=
 =?UTF-8?q?=E7=9C=8B=E6=9D=BF=E8=AE=BF=E9=97=AE=E6=9D=83=E9=99=90=EF=BC=8C?=
 =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=94=A8=E6=88=B7=E5=88=86=E6=9E=90=E8=B0=83?=
 =?UTF-8?q?=E7=94=A8=E5=90=8E=E7=AB=AF=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 templates/base/head_navbar.tmpl        | 4 ++--
 templates/base/head_navbar_fluid.tmpl  | 4 ++--
 templates/base/head_navbar_home.tmpl   | 4 ++--
 web_src/js/components/UserAnalysis.vue | 6 +++---
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl
index 49b3181e7..c0c1aff35 100755
--- a/templates/base/head_navbar.tmpl
+++ b/templates/base/head_navbar.tmpl
@@ -37,7 +37,7 @@
 				<a class="item" href="{{AppSubUrl}}/explore/users">{{.i18n.Tr "explore.users"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/organizations">{{.i18n.Tr "explore.organizations"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/images">{{.i18n.Tr "explore.images"}}</a>
-				{{if .IsAdmin}}
+				{{if .IsOperator}}
 					<a class="item" href="{{AppSubUrl}}/explore/data_analysis">{{.i18n.Tr "explore.data_analysis"}}</a>
 				{{end}}				
 			</div>
@@ -55,7 +55,7 @@
 				<a class="item" href="{{AppSubUrl}}/explore/users">{{.i18n.Tr "explore.users"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/organizations">{{.i18n.Tr "explore.organizations"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/images">{{.i18n.Tr "explore.images"}}</a>
-				{{if .IsAdmin}}
+				{{if .IsOperator}}
 					<a class="item" href="{{AppSubUrl}}/explore/data_analysis">{{.i18n.Tr "explore.data_analysis"}}</a>
 				{{end}}
 			</div>
diff --git a/templates/base/head_navbar_fluid.tmpl b/templates/base/head_navbar_fluid.tmpl
index 11f5e70da..3b44babaa 100644
--- a/templates/base/head_navbar_fluid.tmpl
+++ b/templates/base/head_navbar_fluid.tmpl
@@ -37,7 +37,7 @@
 				<a class="item" href="{{AppSubUrl}}/explore/users">{{.i18n.Tr "explore.users"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/organizations">{{.i18n.Tr "explore.organizations"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/images">{{.i18n.Tr "explore.images"}}</a>
-				{{if .IsAdmin}}
+				{{if .IsOperator}}
 					<a class="item" href="{{AppSubUrl}}/explore/data_analysis">{{.i18n.Tr "explore.data_analysis"}}</a>
 				{{end}}				
 			</div>
@@ -55,7 +55,7 @@
 				<a class="item" href="{{AppSubUrl}}/explore/users">{{.i18n.Tr "explore.users"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/organizations">{{.i18n.Tr "explore.organizations"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/images">{{.i18n.Tr "explore.images"}}</a>
-				{{if .IsAdmin}}
+				{{if .IsOperator}}
 					<a class="item" href="{{AppSubUrl}}/explore/data_analysis">{{.i18n.Tr "explore.data_analysis"}}</a>
 				{{end}}
 			</div>
diff --git a/templates/base/head_navbar_home.tmpl b/templates/base/head_navbar_home.tmpl
index c94ff269f..8bbeebec8 100644
--- a/templates/base/head_navbar_home.tmpl
+++ b/templates/base/head_navbar_home.tmpl
@@ -29,7 +29,7 @@
 				<a class="item" href="{{AppSubUrl}}/explore/users">{{.i18n.Tr "explore.users"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/organizations">{{.i18n.Tr "explore.organizations"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/images">{{.i18n.Tr "explore.images"}}</a>
-				{{if .IsAdmin}}
+				{{if .IsOperator}}
 					<a class="item" href="{{AppSubUrl}}/explore/data_analysis">{{.i18n.Tr "explore.data_analysis"}}</a>
 				{{end}}			
 			</div>
@@ -47,7 +47,7 @@
 				<a class="item" href="{{AppSubUrl}}/explore/users">{{.i18n.Tr "explore.users"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/organizations">{{.i18n.Tr "explore.organizations"}}</a>
 				<a class="item" href="{{AppSubUrl}}/explore/images">{{.i18n.Tr "explore.images"}}</a>
-				{{if .IsAdmin}}
+				{{if .IsOperator}}
 					<a class="item" href="{{AppSubUrl}}/explore/data_analysis">{{.i18n.Tr "explore.data_analysis"}}</a>
 				{{end}}
 			</div>
diff --git a/web_src/js/components/UserAnalysis.vue b/web_src/js/components/UserAnalysis.vue
index f5a0bb4db..beb4de8e9 100755
--- a/web_src/js/components/UserAnalysis.vue
+++ b/web_src/js/components/UserAnalysis.vue
@@ -27,10 +27,10 @@
             </span>
             <span style="float:right; margin-right: 20px;" >
                 <a style="display:inline-block;margin-left: 20px; " id = 'download'>
-                    <a class="el-icon-download" v-if="tableData!=''" :href= "'../tool/query_user_static_page/?startDate='+this.params.startDate+'&endDate='+this.params.endDate+'&IsReturnFile=true'+'&userName='+this.params.userName" ></a>
+                    <a class="el-icon-download" v-if="tableData!=''" :href= "'../api/v1/query_user_static_page/?startDate='+this.params.startDate+'&endDate='+this.params.endDate+'&IsReturnFile=true'+'&userName='+this.params.userName" ></a>
                     <i class="el-icon-download" v-else="tableData=''" href="#" style="color:rgba(187, 187, 187, 100);" @click='popMark()'></i>
                     <span >
-                        <a  v-if="tableData!=''" :href= "'../tool/query_user_static_page/?startDate='+this.params.startDate+'&endDate='+this.params.endDate+'&IsReturnFile=true'+'&userName='+this.params.userName" >下载报告</a>
+                        <a  v-if="tableData!=''" :href= "'../api/v1/query_user_static_page/?startDate='+this.params.startDate+'&endDate='+this.params.endDate+'&IsReturnFile=true'+'&userName='+this.params.userName" >下载报告</a>
                         <a  v-else="tableData=''" href= "#" style="color:rgba(187, 187, 187, 100);" @click='popMark()'>下载报告</a>
                     </span>
                 </a>  
@@ -335,7 +335,7 @@
                     }
                 };
 
-                this.$axios.get('../tool/query_user_static_page',{
+                this.$axios.get('../api/v1/query_user_static_page',{
                     params:this.params
                 }).then((res)=>{
                     this.tableData = res.data.data