From 2ff7a186e77e73fd61452b0386b7f8209ae9a8b5 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 7 Nov 2025 16:38:20 +0000 Subject: [PATCH] Changes before error encountered Co-authored-by: whyour <22700758+whyour@users.noreply.github.com> --- MULTI_USER_GUIDE.md | 112 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 MULTI_USER_GUIDE.md diff --git a/MULTI_USER_GUIDE.md b/MULTI_USER_GUIDE.md new file mode 100644 index 00000000..9cbd4945 --- /dev/null +++ b/MULTI_USER_GUIDE.md @@ -0,0 +1,112 @@ +# 多用户管理功能说明 (Multi-User Management Guide) + +## 功能概述 (Overview) + +青龙面板现已支持多用户管理和数据隔离功能。管理员可以创建多个用户账号,每个用户只能看到和操作自己的数据。 + +Qinglong now supports multi-user management with data isolation. Administrators can create multiple user accounts, and each user can only see and operate their own data. + +## 用户角色 (User Roles) + +### 管理员 (Admin) +- 可以访问所有用户的数据 +- 可以创建、编辑、删除用户 +- 可以管理系统设置 +- Can access all users' data +- Can create, edit, and delete users +- Can manage system settings + +### 普通用户 (Regular User) +- 只能访问自己创建的数据 +- 可以管理自己的定时任务、环境变量、订阅和依赖 +- 无法访问其他用户的数据 +- Can only access their own data +- Can manage their own cron jobs, environment variables, subscriptions, and dependencies +- Cannot access other users' data + +## API 使用 (API Usage) + +### 用户管理接口 (User Management Endpoints) + +所有用户管理接口需要管理员权限。 +All user management endpoints require admin privileges. + +#### 获取用户列表 (Get User List) +``` +GET /api/user-management?searchValue=keyword +``` + +#### 创建用户 (Create User) +``` +POST /api/user-management +{ + "username": "user1", + "password": "password123", + "role": 1, // 0: admin, 1: user + "status": 0 // 0: active, 1: disabled +} +``` + +#### 更新用户 (Update User) +``` +PUT /api/user-management +{ + "id": 1, + "username": "user1", + "password": "newpassword", + "role": 1, + "status": 0 +} +``` + +#### 删除用户 (Delete Users) +``` +DELETE /api/user-management +[1, 2, 3] // User IDs to delete +``` + +## 数据隔离 (Data Isolation) + +### 定时任务 (Cron Jobs) +- 每个用户创建的定时任务会自动关联到该用户 +- 用户只能查看、编辑、运行、删除自己的定时任务 +- 管理员可以查看所有用户的定时任务 + +### 环境变量 (Environment Variables) +- 每个用户的环境变量相互隔离 +- 用户只能查看和修改自己的环境变量 +- 管理员可以查看所有环境变量 + +### 订阅和依赖 (Subscriptions and Dependencies) +- 用户数据完全隔离 +- Only accessible by the owning user and admins + +## 密码安全 (Password Security) + +- 所有密码使用 bcrypt 加密存储 +- 密码长度最少为 6 位 +- 建议使用强密码 +- All passwords are hashed with bcrypt +- Minimum password length is 6 characters +- Strong passwords are recommended + +## 向后兼容 (Backward Compatibility) + +- 原有的单用户系统管理员账号继续有效 +- 已存在的数据可以被所有用户访问(遗留数据) +- 新创建的数据会自动关联到创建者 +- The original system admin account remains valid +- Existing data is accessible by all users (legacy data) +- Newly created data is automatically associated with the creator + +## 注意事项 (Notes) + +1. **首次使用**:首次使用多用户功能时,建议先创建一个管理员账号作为备份 +2. **密码管理**:请妥善保管用户密码,忘记密码需要管理员重置 +3. **数据迁移**:如需将现有数据分配给特定用户,请联系管理员手动更新数据库 +4. **权限控制**:删除用户不会删除该用户的数据,数据会变为遗留数据 + +1. **First Use**: When first using multi-user functionality, it's recommended to create an admin account as a backup +2. **Password Management**: Please keep user passwords safe; forgotten passwords need admin reset +3. **Data Migration**: To assign existing data to specific users, contact admin for manual database update +4. **Permission Control**: Deleting a user doesn't delete their data; the data becomes legacy data