From 312c078216dfa06087899b92ab61e1904fed6c32 Mon Sep 17 00:00:00 2001
From: Leufolium <Caeruscaemon@outlook.com>
Date: Mon, 22 Apr 2024 19:21:14 +0800
Subject: [PATCH 1/2] by Robin at 20240422

---
 api/errcode/errcode.go                        |  4 ++--
 .../service/apiservice_business_validation.go |  5 ++--
 app/mix/service/business_validator/auth.go    | 24 +++++++++++++++++--
 dbstruct/zone_third_partner.go                |  7 ++++++
 4 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/api/errcode/errcode.go b/api/errcode/errcode.go
index c23b5fc0..c134231f 100644
--- a/api/errcode/errcode.go
+++ b/api/errcode/errcode.go
@@ -197,7 +197,7 @@ var ErrCodeMsgMap = map[ErrCode]string{
 	ErrCodeZoneCollaboratorSrvFail:                  "空间协作者表服务错误",
 	ErrCodeZoneCollaboratorNotExist:                 "空间协作者表不存在",
 	ErrCodeZoneCollaboratorCreateIsZTPOnlyOperation: "空间协作者表创建操作只有空间代运营可操作",
-	ErrCodeZoneCollaboratorWrongCollaborator:        "空间协作者不能设置成自己或者主播",
+	ErrCodeZoneCollaboratorWrongCollaborator:        "空间协作者不能设置成自己或者空间所有人",
 	ErrCodeZoneCollaboratorDuplicateKey:             "用户已是该空间协作者！",
 
 	ErrCodeZoneMomentCreateTimesSrvFail:                "空间动态创建频次表服务错误",
@@ -477,7 +477,7 @@ const (
 	ErrCodeZoneCollaboratorSrvFail                  ErrCode = -38001 // 空间协作者表服务错误
 	ErrCodeZoneCollaboratorNotExist                 ErrCode = -38002 // 空间协作者表不存在
 	ErrCodeZoneCollaboratorCreateIsZTPOnlyOperation ErrCode = -38003 // 空间协作者表创建操作只有空间代运营可操作
-	ErrCodeZoneCollaboratorWrongCollaborator        ErrCode = -38004 // 空间协作者不能设置成自己或者主播
+	ErrCodeZoneCollaboratorWrongCollaborator        ErrCode = -38004 // 空间协作者不能设置成自己或者空间所有者
 	ErrCodeZoneCollaboratorDuplicateKey             ErrCode = -38005 // 空间协作者重复创建
 
 	// MomentCreateTimes: 39xxx
diff --git a/app/mix/service/apiservice_business_validation.go b/app/mix/service/apiservice_business_validation.go
index 487ddf7b..7970380f 100644
--- a/app/mix/service/apiservice_business_validation.go
+++ b/app/mix/service/apiservice_business_validation.go
@@ -626,12 +626,11 @@ func (s *Service) ApiCreateZoneCollaboratorBusinessValidate(ctx *gin.Context, re
 		EnsureZoneThirdPartnerExist().
 		EnsureZoneCollaboratorCreaterIsZoneThirdPartner(req.GetBaseRequest().Mid).
 		EnsureIsNotOperatingHisOwn(util.DerefInt64(req.CollaboratorMid)).
-		QueryAccountForUid(_DefaultAccount.OpListByMid, util.DerefInt64(req.CollaboratorMid)).
-		EnsureIsNotThisRole(consts.Streamer).
+		EnsureZoneCollaboratorIsNotZoneOwner(_DefaultZone.GetByMid, util.DerefInt64(req.CollaboratorMid)).
 		Validate().
 		Collect()
 	ec = result[0].(errcode.ErrCode)
-	if ec == errcode.ErrCodeOperationToSelfIsNotPermitted || ec == errcode.ErrCodeRolePrivilegesNotEnough {
+	if ec == errcode.ErrCodeOperationToSelfIsNotPermitted {
 		ec = errcode.ErrCodeZoneCollaboratorWrongCollaborator
 	}
 	if ec != errcode.ErrCodeOk {
diff --git a/app/mix/service/business_validator/auth.go b/app/mix/service/business_validator/auth.go
index 304b2fa7..ef588b71 100644
--- a/app/mix/service/business_validator/auth.go
+++ b/app/mix/service/business_validator/auth.go
@@ -55,8 +55,8 @@ func (a *AuthBusinessValidator) EnsureIsOperatingHisOwn(reqMid int64) *AuthBusin
 // 确认不对本人操作
 func (a *AuthBusinessValidator) EnsureIsNotOperatingHisOwn(Uid int64) *AuthBusinessValidator {
 	a.oplist = append(a.oplist, func() {
-		if a.OperMid != Uid {
-			logger.Error("Insufficient privileges: this operation is self-execute-only")
+		if a.OperMid == Uid {
+			logger.Error("Insufficient privileges: this operation is not permitted to operate on requestor himself")
 			a.ec = errcode.ErrCodeOperationToSelfIsNotPermitted
 			return
 		}
@@ -537,6 +537,26 @@ func (l *AuthBusinessValidator) EnsureZoneCollaboratorCreaterIsZoneThirdPartner(
 	return l
 }
 
+func (l *AuthBusinessValidator) EnsureZoneCollaboratorIsNotZoneOwner(fun func(ctx *gin.Context, mid int64) (*dbstruct.Zone, error), collaboratorMid int64) *AuthBusinessValidator {
+	l.oplist = append(l.oplist, func() {
+
+		zone, err := fun(l.ctx, collaboratorMid)
+		if err != nil {
+			l.ec = errcode.ErrCodeZoneSrvFail
+			return
+		}
+		if zone == nil {
+			return
+		}
+		if zone.GetId() == l.zoneThirdPartner.GetZid() {
+			l.ec = errcode.ErrCodeZoneCollaboratorWrongCollaborator
+			return
+		}
+
+	})
+	return l
+}
+
 // 执行校验
 func (a *AuthBusinessValidator) Validate() *AuthBusinessValidator {
 	a.BusinessValidateStream.Validate()
diff --git a/dbstruct/zone_third_partner.go b/dbstruct/zone_third_partner.go
index b3e289bb..dfb6509b 100644
--- a/dbstruct/zone_third_partner.go
+++ b/dbstruct/zone_third_partner.go
@@ -24,3 +24,10 @@ func (p *ZoneThirdPartner) GetSharingRatio() float64 {
 	}
 	return 0
 }
+
+func (p *ZoneThirdPartner) GetZid() int64 {
+	if p != nil && p.Zid != nil {
+		return *p.Zid
+	}
+	return 0
+}

From 475132987dfddd3e4217ccde54816ff29c909ee6 Mon Sep 17 00:00:00 2001
From: Leufolium <Caeruscaemon@outlook.com>
Date: Mon, 22 Apr 2024 19:36:30 +0800
Subject: [PATCH 2/2] by Robin at 20240422

---
 app/mix/service/apiservice_business_validation.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/mix/service/apiservice_business_validation.go b/app/mix/service/apiservice_business_validation.go
index 7970380f..62ffdd48 100644
--- a/app/mix/service/apiservice_business_validation.go
+++ b/app/mix/service/apiservice_business_validation.go
@@ -550,11 +550,13 @@ func (s *Service) ApiCreateZoneMomentBusinessValidate(ctx *gin.Context, req *zon
 	ec = errcode.ErrCodeMomentSrvOk
 
 	pType := int64(0)
+	mediaVisibleRange := int64(0)
 	switch req.ZoneMoment.GetCType() {
 	case consts.ZoneMomentCType_Free:
 		pType = consts.AccountPunishment_BlockFromCreatingFreeZoneMoment
 	case consts.ZoneMomentCType_Paid:
 		pType = consts.AccountPunishment_BlockFromCreatingPaidZoneMoment
+		mediaVisibleRange = req.ZoneMoment.GetMediaVisibleRange()
 	}
 
 	resultList := businessvalidator.NewAuthBusinessValidator(ctx, req).
@@ -565,7 +567,7 @@ func (s *Service) ApiCreateZoneMomentBusinessValidate(ctx *gin.Context, req *zon
 		EnsureSuchAccountPunishmentNotExist(req.GetBaseRequest().Mid, pType, _DefaultAccountPunishment.OpListByMidAndType).
 		EnsureZoneMomentCreateTimesNotReachedDailyUpperbound(_DefaultZoneMomentCreateTimes.OpGetAndUpdate, req.GetBaseRequest().Mid).
 		EnsureAmongZoneMomentsPaidItemsLessThanFreeItems(_DefaultZoneMoment.OpCountByMidAndCType, req.GetBaseRequest().Mid, req.ZoneMoment.GetCType()).
-		EnsureZoneMomentImagesEnoughForEncryption(req.ZoneMoment.GetMType(), req.ZoneMoment.MediaComp, req.ZoneMoment.GetMediaVisibleRange()).
+		EnsureZoneMomentImagesEnoughForEncryption(req.ZoneMoment.GetMType(), req.ZoneMoment.MediaComp, mediaVisibleRange).
 		Validate().
 		Collect()
 	ec, _ = resultList[0].(errcode.ErrCode)
@@ -634,7 +636,7 @@ func (s *Service) ApiCreateZoneCollaboratorBusinessValidate(ctx *gin.Context, re
 		ec = errcode.ErrCodeZoneCollaboratorWrongCollaborator
 	}
 	if ec != errcode.ErrCodeOk {
-		logger.Error("ApiGetAccountRelationCount business validation failed")
+		logger.Error("ApiCreateZoneCollaborator business validation failed")
 		return
 	}