 hailin
|
55cfc96464
|
feat(capability): 实现用户能力权限控制系统(Capability-based Permission)
借鉴 Stripe Capability 模型,实现 13 项细粒度用户功能权限控制:
LOGIN, TRADING, C2C, TRANSFER_IN/OUT, P2P_SEND/RECEIVE,
MINING_CLAIM, KYC, PROFILE_EDIT, VIEW_ASSET/TEAM/RECORDS
## 架构设计
- auth-service 为能力数据唯一写入点(DB + Redis DB14 缓存)
- 下游服务通过独立 ioredis 客户端直连 Redis DB14 检查能力(~1ms)
- 默认全部开启(fail-open):无缓存/Redis 故障 = 允许通行
- Guard 执行顺序:JwtAuthGuard → CapabilityGuard
## Phase 1: auth-service 核心
- Prisma Schema: UserCapability + CapabilityLog 两张表
- Domain: Capability 枚举, CapabilityMap 类型, Repository 接口
- Infrastructure: PrismaCapabilityRepository(含 $transaction 原子操作)
- Application: CapabilityService(Redis 缓存优先 → DB fallback → 写回 Redis TTL 1h)
- Scheduler: 每 60 秒扫描到期限制自动恢复(Redis 分布式锁防重复)
- API: GET /auth/user/capabilities (JWT), Internal CRUD API (服务间)
- 登录/refreshToken 均增加 LOGIN 能力检查
## Phase 2: 下游 CapabilityGuard
- trading-service: 14 个端点标注(TRADING/C2C/TRANSFER/P2P_SEND/VIEW_ASSET)
- contribution-service: 3 个端点标注(VIEW_RECORDS/VIEW_TEAM)
- mining-service: Guard 注册 + JwtAuthGuard accountSequence 兼容修复
- auth-service: KYC 端点标注(controller 级别 UseGuards)
## Phase 3: mining-admin-service
- CapabilityAdminService: 代理 auth-service internal API + 本地 AuditLog
- CapabilityController: Admin CRUD + 批量设置 + 变更日志查询
## Phase 4: mining-admin-web
- capability-management.tsx: 分组 Switch 开关 + 禁用 Dialog(原因+到期时间)+ 变更日志分页
- React Query hooks: useCapabilities/useSetCapability/useCapabilityLogs
- 用户详情页新增"权限管理"Tab
## Phase 5: mining-app (Flutter)
- CapabilityMap 数据模型 + ForbiddenException 异常类
- api_client.dart: 403 响应适配 ExceptionFilter 包装格式
- capabilitiesProvider: 登录后获取能力列表,fail-open 降级
## 审计修复
- CRITICAL: users.api.ts capability 方法移入 usersApi 对象内部
- P0: Flutter 403 解析路径适配 {error:{code,message}} 实际格式
- P0: 批量接口 operatorId 提升到 body 顶层匹配 auth-service 契约
- P1: mining-service JwtAuthGuard accountSequence fallback payload.sub
- P1: refreshCache 加 try/catch 防止 Redis 故障导致 500
- P1: processExpiredRestrictions 改用 upsertWithLog 事务方法
- P1: C2C upload-proof 补加 @RequireCapability('C2C')
- HIGH: internal.controller.ts 新增 capability 枚举校验
- HIGH: admin capability.controller.ts adminId fallback + query params 类型修复
- MEDIUM: setCapability 改用 $transaction 保证 upsert+log 原子性
## 部署注意
- 需运行: cd auth-service && npx prisma migrate dev --name add_user_capabilities
- 需配置: mining-admin-service .env AUTH_SERVICE_URL=http://auth-service:3010
## 待后续处理(P2)
- P2P_RECEIVE 需在业务逻辑层检查(收款方无主动请求)
- MINING_CLAIM/PROFILE_EDIT 待对应端点实现后标注
- getCapabilities 返回 Map 转 Array 丢失 reason/expiresAt 详细字段
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
2026-02-27 22:19:56 -08:00 |
|
hailin
|
4f5b18be48
|
feat(pool-account): 实现池账户区块链充值检测和提现功能
为100亿销毁池和200万挖矿池实现完整的区块链充值/提现流程:
- 充值:独立扫描器检测 fUSDT 转入 → Kafka 事件 → wallet-service 入账
- 提现:前端 → admin-service 代理 → blockchain-service MPC签名转账 → wallet-service 记账
mining-blockchain-service:
- 新增 PoolAccountDeposit/PoolAccountBlockCheckpoint Prisma 模型
- 新增 PoolAccountDepositDetectionService(每5秒扫描 fUSDT 充值,每30秒更新确认数)
- 扩展 MPC 签名客户端支持 burnPool/miningPool 2-of-3 门限钱包
- 扩展 ERC20TransferService 支持池账户 fUSDT 转账
- 新增 API: POST /transfer/pool-account, GET /pool-accounts/:poolType/wallet-info
- 新增 Kafka topic 映射: pool_account.deposit.confirmed → pool_account.deposits
mining-wallet-service:
- TransactionType 枚举新增 BLOCKCHAIN_DEPOSIT/BLOCKCHAIN_WITHDRAW
- Seed: SHARE_POOL_A/B 初始余额改为0(完全靠链上充值)
- PoolAccountService 新增 blockchainDeposit()/blockchainWithdraw() 方法
- 新增 PoolAccountDepositConsumer 监听 Kafka 充值确认事件(Redis+DB 双重幂等)
- 新增 POST /pool-accounts/blockchain-withdraw 内部 API
mining-admin-service:
- 新增 PoolAccountController 代理到 wallet-service + blockchain-service
- GET /admin/pool-accounts/:walletName/balance(并行查询链下余额+链上钱包信息)
- POST /admin/pool-accounts/:walletName/blockchain-withdraw(先链上转账再记账)
- 新增配置: MINING_WALLET_SERVICE_URL, MINING_BLOCKCHAIN_SERVICE_URL, 池钱包用户名
frontend (mining-admin-web):
- 池账户 API 从 tradingClient (→trading-service) 改为 apiClient (→admin-service)
- 移除未使用的 tradingClient 和 axios 依赖
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-02-03 01:34:06 -08:00 |