diff --git a/docs/license-replacement-test-record.md b/docs/license-replacement-test-record.md index c25d5c32..77c4e4db 100644 --- a/docs/license-replacement-test-record.md +++ b/docs/license-replacement-test-record.md @@ -162,3 +162,32 @@ | 3.3 | `/adminapi/home/header` | GET | admin | token | 待预发填写 | 待预发填写 | 首页统计 | 待测 | 当前本地无 admin token。 | | 3.3 | `/adminapi/jnotice` | GET | admin | token | 待预发填写 | 待预发填写 | 通知数据 | 待测 | 当前本地无 admin token。 | | 3.3 | 表单校验失败 | POST/PUT | admin | 非法参数 | 待预发填写 | 待预发填写 | 校验错误 | 待测 | 当前本地无 admin token。 | + +## 阶段 4:版权/授权接口合规清理 + +### 自动化检查 + +| 命令 | 结果 | 备注 | +|------|------|------| +| `php -l app/services/system/LocalCopyrightService.php` | 通过 | PHP 提示 `swoole_loader` 已加载,不影响语法检查结果。 | +| `php -l app/controller/admin/Common.php` | 通过 | PHP 提示 `swoole_loader` 已加载,不影响语法检查结果。 | +| `php -l app/controller/api/v1/Common.php` | 通过 | PHP 提示 `swoole_loader` 已加载,不影响语法检查结果。 | +| `php -l app/controller/supplier/Common.php` | 通过 | PHP 提示 `swoole_loader` 已加载,不影响语法检查结果。 | + +### 手工回归记录 + +| 阶段 | 接口/命令 | 方法 | 身份 | 关键参数 | HTTP 状态 | 业务 `status` | 关键字段 | 结果 | 备注 | +|------|-----------|------|------|----------|-----------|---------------|----------|------|------| +| 4 | `/adminapi/auth` | GET | admin | token | 待预发填写 | 待预发填写 | `edition`、`license_source`、`crm_pro_authorized` | 待测 | 不返回伪造原厂授权成功状态。 | +| 4 | `/adminapi/check_auth` | GET | admin | token | 待预发填写 | 待预发填写 | `edition`、`license_source` | 待测 | 不返回伪造原厂授权成功状态。 | +| 4 | `/adminapi/crmeb_*` | GET/POST | admin | token | 待预发填写 | 400 | 禁用提示 | 待测 | 授权购买/支付/订单入口应明确禁用。 | +| 4 | `/adminapi/copyright` | GET/POST | admin | token、本地版权字段 | 待预发填写 | 待预发填写 | `copyrightContext`、`copyrightImage` | 待测 | 只保存/读取自有版权配置。 | +| 4 | `/api/get_copyright` | GET | anonymous | 无 | 待预发填写 | 待预发填写 | 版权、备案、站点字段 | 待测 | 不调用加密版权 helper。 | +| 4 | `/supplierapi/copyright` | GET | anonymous | 无 | 待预发填写 | 待预发填写 | `copyrightContext`、`copyrightImage` | 待测 | 不调用加密版权 helper。 | + +### 阶段结论 + +- admin/api/supplier 的版权读取已改为 `LocalCopyrightService`。 +- 后台授权申请、授权登录、授权订单、授权支付、授权产品接口返回明确禁用提示。 +- 不再返回 `AUTHORIZED`、授权天数、原厂授权成功等伪造字段。 +- 客服版权接口未修改,保留到最后阶段处理。 diff --git a/pro_v3.5.1/app/controller/admin/Common.php b/pro_v3.5.1/app/controller/admin/Common.php index 90677983..a5423a26 100644 --- a/pro_v3.5.1/app/controller/admin/Common.php +++ b/pro_v3.5.1/app/controller/admin/Common.php @@ -7,9 +7,9 @@ namespace app\controller\admin; use app\services\agent\DivisionApplyServices; use app\services\agent\PromoterApplyServices; +use app\services\system\LocalCopyrightService; use app\services\order\StoreOrderRefundServices; use app\services\other\CityAreaServices; -use app\services\system\SystemAuthServices; use app\services\order\StoreOrderServices; use app\services\product\product\StoreProductServices; use app\services\product\product\StoreProductReplyServices; @@ -48,7 +48,11 @@ class Common extends AuthController */ public function check_auth() { - return $this->success('ok'); + return $this->success('ok', [ + 'edition' => 'custom', + 'license_source' => 'self-owned', + 'crm_pro_authorized' => false, + ]); } /** @@ -56,14 +60,7 @@ class Common extends AuthController */ public function auth() { - return $this->success([ - 'status' => 1, - 'authCode' => 'AUTHORIZED', - 'auth_code' => 'AUTHORIZED', - 'day' => 999, - 'auth' => true, - 'copyright' => true, - ]); + return $this->success(app()->make(LocalCopyrightService::class)->getSystemLicenseInfo()); } /** @@ -72,7 +69,7 @@ class Common extends AuthController */ public function crmeb_copyright(): Response { - return $this->success('查询成功'); + return $this->success(app()->make(LocalCopyrightService::class)->getCopyright()); } /** @@ -84,10 +81,7 @@ class Common extends AuthController $copyright = $this->request->post('copyright'); $copyrightImg = $this->request->post('copyright_img'); - try { - $this->__qsG71NREI01vix2OkjH($copyright, $copyrightImg); - } catch (\Throwable $e) { - } + app()->make(LocalCopyrightService::class)->saveCopyright((string)$copyright, (string)$copyrightImg); return $this->success('保存成功'); } @@ -98,23 +92,46 @@ class Common extends AuthController */ public function getCopyright(): Response { - try { - $copyright = $this->__z6uxyJQ4xYa5ee1mx5(); - } catch (\Throwable $e) { - $copyright = ['copyrightContext' => '', 'copyrightImage' => '']; - } - $copyright['version'] = get_crmeb_version(); - return $this->success($copyright); + return $this->success(app()->make(LocalCopyrightService::class)->getCopyright()); } /** * 申请授权 - * @param SystemAuthServices $services * @return Response */ - public function auth_apply(SystemAuthServices $services): Response + public function auth_apply(): Response { - return $this->success("申请授权成功!"); + return $this->fail('CRMEB 原厂授权申请入口已禁用,请使用本项目自有版权配置'); + } + + public function crmeb_verify(): Response + { + return $this->fail('CRMEB 原厂授权验证码入口已禁用'); + } + + public function crmeb_login(): Response + { + return $this->fail('CRMEB 原厂授权登录入口已禁用'); + } + + public function crmeb_order(): Response + { + return $this->fail('CRMEB 原厂授权订单入口已禁用'); + } + + public function crmeb_order_info($orderId = null): Response + { + return $this->fail('CRMEB 原厂授权订单入口已禁用'); + } + + public function crmeb_pay(): Response + { + return $this->fail('CRMEB 原厂授权支付入口已禁用'); + } + + public function crmeb_product(): Response + { + return $this->fail('CRMEB 原厂授权产品入口已禁用'); } /** diff --git a/pro_v3.5.1/app/controller/api/v1/Common.php b/pro_v3.5.1/app/controller/api/v1/Common.php index 794d2fea..3f0fb8f3 100644 --- a/pro_v3.5.1/app/controller/api/v1/Common.php +++ b/pro_v3.5.1/app/controller/api/v1/Common.php @@ -5,7 +5,8 @@ namespace app\controller\api\v1; -use crmeb\basic\BaseController; +use app\common\controller\AppBaseController; +use app\services\system\LocalCopyrightService; /** * Class Common @@ -14,7 +15,7 @@ use crmeb\basic\BaseController; * @date 2022/11/8 * @package app\controller\api\v1 */ -class Common extends BaseController +class Common extends AppBaseController { /** * 获取版权 @@ -22,16 +23,8 @@ class Common extends BaseController */ public function getCopyright() { - try { - $copyright = $this->__z6uxyJQ4xYa5ee1mx5(); - } catch (\Throwable $e) { - $copyright = [ - 'copyrightContext' => '', - 'copyrightImage' => '', - ]; - } + $copyright = app()->make(LocalCopyrightService::class)->getCopyright(); $copyright['record_No'] = sys_config('record_No'); - $copyright['version'] = get_crmeb_version(); $copyright['routine_contact_type'] = sys_config('routine_contact_type'); $copyright['site_name'] = sys_config('site_name', ''); $copyright['site_logo'] = sys_config('wap_login_logo', ''); @@ -50,16 +43,8 @@ class Common extends BaseController */ public function getLogo() { - try { - $copyright = $this->__z6uxyJQ4xYa5ee1mx5(); - } catch (\Throwable $e) { - $copyright = [ - 'copyrightContext' => '', - 'copyrightImage' => '', - ]; - } + $copyright = app()->make(LocalCopyrightService::class)->getCopyright(); $copyright['record_No'] = sys_config('record_No'); - $copyright['version'] = get_crmeb_version(); $logo = sys_config('wap_login_logo'); if (strstr($logo, 'http') === false && $logo) $logo = sys_config('site_url') . $logo; $copyright['site_name'] = sys_config('site_name'); diff --git a/pro_v3.5.1/app/controller/supplier/Common.php b/pro_v3.5.1/app/controller/supplier/Common.php index f762142f..dde2481a 100644 --- a/pro_v3.5.1/app/controller/supplier/Common.php +++ b/pro_v3.5.1/app/controller/supplier/Common.php @@ -9,6 +9,7 @@ use app\services\order\StoreOrderRefundServices; use app\services\order\StoreOrderServices; use app\services\other\CityAreaServices; use app\services\order\supplier\SupplierOrderServices; +use app\services\system\LocalCopyrightService; use app\services\supplier\SystemSupplierServices; use app\services\system\SystemMenusServices; use think\db\exception\DataNotFoundException; @@ -253,12 +254,6 @@ class Common extends AuthController */ public function getCopyright() { - try { - $copyright = $this->__z6uxyJQ4xYa5ee1mx5(); - } catch (\Throwable $e) { - $copyright = ['copyrightContext' => '', 'copyrightImage' => '']; - } - $copyright['version'] = get_crmeb_version(); - return $this->success($copyright); + return $this->success(app()->make(LocalCopyrightService::class)->getCopyright()); } } diff --git a/pro_v3.5.1/app/services/system/LocalCopyrightService.php b/pro_v3.5.1/app/services/system/LocalCopyrightService.php new file mode 100644 index 00000000..3127db06 --- /dev/null +++ b/pro_v3.5.1/app/services/system/LocalCopyrightService.php @@ -0,0 +1,49 @@ + $config['copyright'] ?? '', + 'copyrightImage' => $config['copyright_img'] ?? '', + 'version' => function_exists('get_crmeb_version') ? get_crmeb_version() : '', + ]; + } + + public function saveCopyright(string $copyright = '', string $copyrightImg = ''): void + { + /** @var SystemConfigServices $services */ + $services = app()->make(SystemConfigServices::class); + $services->update('copyright', ['value' => json_encode($copyright, JSON_UNESCAPED_UNICODE)], 'menu_name'); + $services->update('copyright_img', ['value' => json_encode($copyrightImg, JSON_UNESCAPED_UNICODE)], 'menu_name'); + + SystemConfigService::clear(); + } + + public function getSystemLicenseInfo(): array + { + return [ + 'edition' => 'custom', + 'license_source' => 'self-owned', + 'crm_pro_authorized' => false, + 'copyright' => $this->getCopyright(), + ]; + } +}