feat: add aliyun oss storage config

2026-03-29 16:05:25 +08:00
parent de23a6e921
commit 3307f79162
9 changed files with 1717 additions and 28 deletions
--- a/scripts/verify-storage-config.mjs
+++ b/scripts/verify-storage-config.mjs
@@ -0,0 +1,92 @@
+#!/usr/bin/env node
+const baseUrl = process.env.BOSS_TEST_BASE_URL || "http://127.0.0.1:3000";
+
+const loginResponse = await fetch(`${baseUrl}/api/auth/login`, {
+  method: "POST",
+  headers: {
+    "content-type": "application/json",
+  },
+  body: JSON.stringify({}),
+});
+
+if (!loginResponse.ok) {
+  throw new Error(`LOGIN_FAILED:${loginResponse.status}`);
+}
+
+const cookie = (loginResponse.headers.get("set-cookie") || "").split(";")[0];
+if (!cookie) {
+  throw new Error("COOKIE_MISSING");
+}
+
+const getResponse = await fetch(`${baseUrl}/api/v1/storage/config`, {
+  headers: {
+    cookie,
+  },
+});
+
+if (!getResponse.ok) {
+  throw new Error(`GET_CONFIG_FAILED:${getResponse.status}`);
+}
+
+const getJson = await getResponse.json();
+if (!getJson.ok || getJson.config?.mode !== "server_file") {
+  throw new Error("DEFAULT_STORAGE_MODE_INVALID");
+}
+
+const patchPayload = {
+  mode: "server_file",
+  ossProvider: "aliyun_oss",
+  aliyunOss: {
+    enabled: false,
+    accessKeyId: "ak-test",
+    accessKeySecret: "oss-secret-test",
+    bucket: "boss-private-bucket",
+    endpoint: "oss-cn-shanghai.aliyuncs.com",
+    region: "oss-cn-shanghai",
+    prefix: "boss/custom/",
+  },
+};
+
+const patchResponse = await fetch(`${baseUrl}/api/v1/storage/config`, {
+  method: "PATCH",
+  headers: {
+    cookie,
+    "content-type": "application/json",
+  },
+  body: JSON.stringify(patchPayload),
+});
+
+if (!patchResponse.ok) {
+  throw new Error(`PATCH_CONFIG_FAILED:${patchResponse.status}`);
+}
+
+const patchJson = await patchResponse.json();
+if (!patchJson.ok) {
+  throw new Error("PATCH_CONFIG_NOT_OK");
+}
+if (patchJson.config?.aliyunOss?.accessKeySecretConfigured !== true) {
+  throw new Error("SECRET_SANITIZE_FLAG_MISSING");
+}
+if ("accessKeySecretEncrypted" in (patchJson.config?.aliyunOss ?? {})) {
+  throw new Error("ENCRYPTED_SECRET_LEAKED");
+}
+
+const rereadResponse = await fetch(`${baseUrl}/api/v1/storage/config`, {
+  headers: {
+    cookie,
+  },
+});
+
+if (!rereadResponse.ok) {
+  throw new Error(`GET_CONFIG_REREAD_FAILED:${rereadResponse.status}`);
+}
+
+const rereadJson = await rereadResponse.json();
+if (rereadJson.config?.aliyunOss?.accessKeyId !== "ak-test") {
+  throw new Error("PATCHED_CONFIG_NOT_PERSISTED");
+}
+if (rereadJson.config?.aliyunOss?.accessKeySecretConfigured !== true) {
+  throw new Error("SECRET_FLAG_NOT_PERSISTED");
+}
+
+console.log("OK");