fix: P0/P1 security and quality fixes

P0-01: Add ESCAPE clause to LIKE queries in operation_log.go and device.go
P0-02: Add atomic Increment to L1Cache and L2Cache interfaces
P0-07: Add TOTP verification step after password login
P1-01: Sanitize error messages in error.go middleware
P1-03: Remove err.Error() from export error messages
P1-04: Add error return to CountByResultSince in login_log.go
P1-05: Add transactional DeleteCascade to RoleRepository
P1-06: Add PasswordChangedAt tracking for JWT token invalidation
P1-07: Wrap theme SetDefault in database transaction
P1-08: Use config values for database pool parameters
P1-09: Add rows.Err() checks in social_account_repo.go
P1-10: Validate sortOrder with map in user.go ORDER BY
P1-11: Add GORM tags to Announcement struct
P1-15: Add pageSize upper limit (100) to device and log handlers
This commit is contained in:
2026-04-18 15:33:12 +08:00
parent 9d7abb8a46
commit 8095307d82
23 changed files with 186 additions and 86 deletions

View File

@@ -89,11 +89,13 @@ func (r *ThemeConfigRepository) ListAll(ctx context.Context) ([]*domain.ThemeCon
// SetDefault 设置默认主题
func (r *ThemeConfigRepository) SetDefault(ctx context.Context, id int64) error {
// 先清除所有默认标记
if err := r.db.WithContext(ctx).Model(&domain.ThemeConfig{}).Where("is_default = ?", true).Update("is_default", false).Error; err != nil {
return err
}
// 设置新的默认主题
return r.db.WithContext(ctx).Model(&domain.ThemeConfig{}).Where("id = ?", id).Update("is_default", true).Error
// 使用事务确保原子性:先清除所有默认标记,再设置新默认
return r.db.WithContext(ctx).Transaction(func(tx *gorm.DB) error {
// 先清除所有默认标记
if err := tx.Model(&domain.ThemeConfig{}).Where("is_default = ?", true).Update("is_default", false).Error; err != nil {
return err
}
// 设置新的默认主题
return tx.Model(&domain.ThemeConfig{}).Where("id = ?", id).Update("is_default", true).Error
})
}