package main import ( "log" "github.com/pocketbase/pocketbase" "github.com/pocketbase/pocketbase/apis" "github.com/pocketbase/pocketbase/core" ) // isGroupMember checks if a user is a member of a group func isGroupMember(app *pocketbase.PocketBase, groupId string, userId string) (bool, error) { group, err := app.Dao().FindRecordById("groups", groupId) if err != nil { return false, err } members := group.GetStringSlice("members") for _, member := range members { if member == userId { return true, nil } } return false, nil } // isGroupOwner checks if a user is the owner of a group func isGroupOwner(app *pocketbase.PocketBase, groupId string, userId string) (bool, error) { group, err := app.Dao().FindRecordById("groups", groupId) if err != nil { return false, err } return group.GetString("owner") == userId, nil } func main() { app := pocketbase.New() // Groups API Rules app.OnRecordBeforeCreateRequest("groups").Add(func(e *core.RecordCreateEvent) error { authRecord, _ := e.HttpContext.AuthRecord() if authRecord == nil { return apis.NewForbiddenError("需要登录", nil) } // Set the owner to the current user e.Record.Set("owner", authRecord.Id) // Initialize members array with the owner e.Record.Set("members", []string{authRecord.Id}) return nil }) app.OnRecordBeforeUpdateRequest("groups").Add(func(e *core.RecordUpdateEvent) error { authRecord, _ := e.HttpContext.AuthRecord() if authRecord == nil { return apis.NewForbiddenError("需要登录", nil) } // Only owner can update the group isOwner, err := isGroupOwner(app, e.Record.Id, authRecord.Id) if err != nil || !isOwner { return apis.NewForbiddenError("只有群组所有者可以更新群组", nil) } return nil }) app.OnRecordBeforeDeleteRequest("groups").Add(func(e *core.RecordDeleteEvent) error { authRecord, _ := e.HttpContext.AuthRecord() if authRecord == nil { return apis.NewForbiddenError("需要登录", nil) } // Only owner can delete the group isOwner, err := isGroupOwner(app, e.Record.Id, authRecord.Id) if err != nil || !isOwner { return apis.NewForbiddenError("只有群组所有者可以删除群组", nil) } return nil }) // Team Sessions API Rules app.OnRecordBeforeCreateRequest("team_sessions").Add(func(e *core.RecordCreateEvent) error { authRecord, _ := e.HttpContext.AuthRecord() if authRecord == nil { return apis.NewForbiddenError("需要登录", nil) } groupId := e.Record.GetString("group") // Check if user is a member of the group isMember, err := isGroupMember(app, groupId, authRecord.Id) if err != nil || !isMember { return apis.NewForbiddenError("只有群组成员可以创建团队会话", nil) } return nil }) // Invitations API Rules app.OnRecordBeforeCreateRequest("invitations").Add(func(e *core.RecordCreateEvent) error { authRecord, _ := e.HttpContext.AuthRecord() if authRecord == nil { return apis.NewForbiddenError("需要登录", nil) } groupId := e.Record.GetString("group") // Only group owner can create invitations isOwner, err := isGroupOwner(app, groupId, authRecord.Id) if err != nil || !isOwner { return apis.NewForbiddenError("只有群组所有者可以创建邀请", nil) } // Set status to pending e.Record.Set("status", "pending") return nil }) app.OnRecordAfterCreateRequest("invitations").Add(func(e *core.RecordCreateEvent) error { // Send real-time notification to the invited user message := map[string]interface{}{ "action": "invitation", "data": map[string]interface{}{ "id": e.Record.Id, "group": e.Record.GetString("group"), "invited_by": e.Record.GetString("invited_by"), "status": e.Record.GetString("status"), "created": e.Record.Created.Time(), }, } // Broadcast to the invited user's channel if err := app.Subscriptions().Broadcast("invitations", message); err != nil { log.Printf("Error broadcasting invitation: %v", err) } return nil }) // Real-time subscription rules app.OnRecordAfterAuthWithTokenRequest().Add(func(e *core.RecordAuthEvent) error { // Subscribe to invitations channel and user's groups channel app.Subscriptions().Subscribe(e.HttpContext.Response(), []string{ "invitations", "groups:" + e.Record.Id, "team_sessions", }) return nil }) if err := app.Start(); err != nil { log.Fatal(err) } }