Refactor and enhance OAuth2.0 implementation; update models and routes

- Refactored AdminSummaryData and AdminSummaryResponse classes for better clarity. - Added OAUTH type to SettingsType enum. - Cleaned up imports in webdav.py. - Updated admin router to improve summary data retrieval and response handling. - Enhanced file management routes with better condition handling and user storage updates. - Improved group management routes by optimizing data retrieval. - Refined task management routes for better condition handling. - Updated user management routes to streamline access token retrieval. - Implemented a new captcha verification structure with abstract base class. - Removed deprecated env.md file and replaced with a new structured version. - Introduced a unified OAuth2.0 client base class for GitHub and QQ integrations. - Enhanced password management with improved hashing strategies. - Added detailed comments and documentation throughout the codebase for clarity.
2026-01-12 18:07:44 +08:00
parent 61ddc96f17
commit d2c914cff8
29 changed files with 814 additions and 4609 deletions
--- a/routers/api/v1/admin/file/init.py
+++ b/routers/api/v1/admin/file/init.py
@@ -5,7 +5,6 @@ from uuid import UUID
 from fastapi import APIRouter, Depends, HTTPException
 from fastapi.responses import FileResponse
 from loguru import logger as l
-from sqlalchemy import and_

 from middleware.auth import admin_required
 from middleware.dependencies import SessionDep, TableViewRequestDep
@@ -51,7 +50,12 @@ async def router_admin_get_file_list(
    if keyword:
        conditions.append(Object.name.ilike(f"%{keyword}%"))

-    condition = and_(*conditions) if len(conditions) > 1 else conditions[0]
+    if len(conditions) > 1:
+        condition = conditions[0]
+        for c in conditions[1:]:
+            condition = condition & c
+    else:
+        condition = conditions[0]
    result = await Object.get_with_count(session, condition, table_view=table_view, load=Object.owner)

    # 构建响应
@@ -197,13 +201,15 @@ async def router_admin_delete_file(
                except Exception as e:
                    l.warning(f"删除物理文件失败: {e}")

-    # 更新用户存储量
-    owner = await User.get(session, User.id == owner_id)
-    if owner:
-        owner.storage = max(0, owner.storage - file_size)
-        await owner.save(session)
+    # 更新用户存储量（使用 SQL UPDATE 直接更新，无需加载实例）
+    from sqlmodel import update as sql_update
+    stmt = sql_update(User).where(User.id == owner_id).values(
+        storage=max(0, User.storage - file_size)
+    )
+    await session.exec(stmt)

-    await Object.delete(session, file_obj)
+    # 使用条件删除
+    await Object.delete(session, condition=Object.id == file_obj.id)

    l.info(f"管理员删除了文件: {file_name}")
    return ResponseBase(data={"deleted": True})