raids-lab · Jinghao-coding · Jun 17, 2026
diff --git a/backend/docs/docs.go b/backend/docs/docs.go
diff --git a/backend/docs/swagger.json b/backend/docs/swagger.json
diff --git a/backend/docs/swagger.yaml b/backend/docs/swagger.yaml
diff --git a/backend/internal/handler/image/image.go b/backend/internal/handler/image/image.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/raids-lab/crater/dao/model"
 	"github.com/raids-lab/crater/dao/query"
+	"github.com/raids-lab/crater/internal/bizerr"
 	"github.com/raids-lab/crater/internal/resputil"
 	"github.com/raids-lab/crater/internal/util"
 )
@@ -280,7 +281,13 @@ func (mgr *ImagePackMgr) DeleteImageByID(c *gin.Context) {
 	}
 	imageID := deleteImageRequest.ID
 	imageQuery := query.Image
-	if _, err = imageQuery.WithContext(c).Where(imageQuery.ID.Eq(imageID)).Delete(); err != nil {
+	if !mgr.requireImageOwner(c, imageID) {
+		return
+	}
+	if _, err = imageQuery.WithContext(c).
+		Where(imageQuery.ID.Eq(imageID)).
+		Where(imageQuery.UserID.Eq(util.GetToken(c).UserID)).
+		Delete(); err != nil {
 		klog.Errorf("delete image entity failed! err:%v", err)
 		resputil.Error(c, "failed to delete image", resputil.NotSpecified)
 	}
@@ -577,7 +584,7 @@ func (mgr *ImagePackMgr) UserChangeImageTags(c *gin.Context) {
 		resputil.BadRequestError(c, "validate failed")
 		return
 	}
-	mgr.changeImageTags(c, req.ID, req.Tags)
+	mgr.changeImageTags(c, false, req.ID, req.Tags)
 }
 
 // AdminChangeImageTagsType godoc
@@ -596,13 +603,16 @@ func (mgr *ImagePackMgr) AdminChangeImageTags(c *gin.Context) {
 		resputil.BadRequestError(c, "validate failed")
 		return
 	}
-	mgr.changeImageTags(c, req.ID, req.Tags)
+	mgr.changeImageTags(c, true, req.ID, req.Tags)
 }
 
-func (mgr *ImagePackMgr) changeImageTags(c *gin.Context, imageID uint, newTags []string) {
+func (mgr *ImagePackMgr) changeImageTags(c *gin.Context, isAdminMode bool, imageID uint, newTags []string) {
 	imageQuery := query.Image
-	if _, err := imageQuery.WithContext(c).
-		Where(imageQuery.ID.Eq(imageID)).
+	specifiedQuery := imageQuery.WithContext(c)
+	if !isAdminMode {
+		specifiedQuery = specifiedQuery.Where(imageQuery.UserID.Eq(util.GetToken(c).UserID))
+	}
+	if _, err := specifiedQuery.Where(imageQuery.ID.Eq(imageID)).
 		Update(imageQuery.Tags, datatypes.NewJSONType(newTags)); err != nil {
 		klog.Errorf("update image tags failed, err %v", err)
 		resputil.BadRequestError(c, "update tags failed")
@@ -626,6 +636,9 @@ func (mgr *ImagePackMgr) UserShareImage(c *gin.Context) {
 		resputil.BadRequestError(c, "validate failed")
 		return
 	}
+	if !mgr.requireImageOwner(c, req.ImageID) {
+		return
+	}
 	for _, id := range req.IDList {
 		if req.Type == "user" {
 			if err := mgr.createImageUserEntity(c, req.ImageID, id); err != nil {
@@ -713,6 +726,9 @@ func (mgr *ImagePackMgr) UserCancelShareImage(c *gin.Context) {
 		resputil.BadRequestError(c, "validate failed")
 		return
 	}
+	if !mgr.requireImageOwner(c, req.ImageID) {
+		return
+	}
 	if req.Type == "user" {
 		if err := mgr.cancelShareImageWithUser(c, req.ImageID, req.ID); err != nil {
 			resputil.Error(c, fmt.Sprintf("%v", err), resputil.NotSpecified)
@@ -789,6 +805,9 @@ func (mgr *ImagePackMgr) GetImageGrantedUserOrAccount(c *gin.Context) {
 		resputil.BadRequestError(c, "validate failed")
 		return
 	}
+	if !mgr.requireImageOwner(c, req.ImageID) {
+		return
+	}
 
 	grangtedAccounts := []ImageGrantedAccounts{}
 	imageAccountQuery := query.ImageAccount
@@ -845,6 +864,9 @@ func (mgr *ImagePackMgr) UserGetImageUngrantedAccounts(c *gin.Context) {
 		resputil.BadRequestError(c, "validate failed")
 		return
 	}
+	if !mgr.requireImageOwner(c, req.ImageID) {
+		return
+	}
 	// 1. 查询已分享的AccountID
 	sharedAccountIDs := []uint{}
 	imageAccountQuery := query.ImageAccount
@@ -905,6 +927,9 @@ func (mgr *ImagePackMgr) UserSearchUngrantedUsers(c *gin.Context) {
 		resputil.BadRequestError(c, "validate failed")
 		return
 	}
+	if !mgr.requireImageOwner(c, req.ImageID) {
+		return
+	}
 
 	// 1. 查询已分享的用户ID
 	sharedUserIDs := []uint{}
@@ -1129,3 +1154,16 @@ func (mgr *ImagePackMgr) updateImageArch(c *gin.Context, isAdminMode bool, image
 	klog.Infof("image archs updated successfully, id: %d, new archs: %v", imageID, newArchs)
 	resputil.Success(c, "image archs updated successfully")
 }
+
+func (mgr *ImagePackMgr) requireImageOwner(c *gin.Context, imageID uint) bool {
+	imageQuery := query.Image
+	if _, err := imageQuery.WithContext(c).
+		Where(imageQuery.ID.Eq(imageID)).
+		Where(imageQuery.UserID.Eq(util.GetToken(c).UserID)).
+		First(); err != nil {
+		klog.Warningf("permission denied or image not found, imageID: %d, err: %v", imageID, err)
+		resputil.HandleError(c, bizerr.Forbidden.PermissionDenied.New("permission denied to manage this image"))
+		return false
+	}
+	return true
+}