添加@RequiresRoles注解
This commit is contained in:
parent
bba185a6ae
commit
088bf06f0d
|
@ -3,10 +3,13 @@ package io.metersphere.controller;
|
||||||
import com.github.pagehelper.Page;
|
import com.github.pagehelper.Page;
|
||||||
import com.github.pagehelper.PageHelper;
|
import com.github.pagehelper.PageHelper;
|
||||||
import io.metersphere.base.domain.Organization;
|
import io.metersphere.base.domain.Organization;
|
||||||
|
import io.metersphere.commons.constants.RoleConstants;
|
||||||
import io.metersphere.commons.utils.PageUtils;
|
import io.metersphere.commons.utils.PageUtils;
|
||||||
import io.metersphere.commons.utils.Pager;
|
import io.metersphere.commons.utils.Pager;
|
||||||
import io.metersphere.dto.OrganizationMemberDTO;
|
import io.metersphere.dto.OrganizationMemberDTO;
|
||||||
import io.metersphere.service.OrganizationService;
|
import io.metersphere.service.OrganizationService;
|
||||||
|
import org.apache.shiro.authz.annotation.Logical;
|
||||||
|
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import javax.annotation.Resource;
|
import javax.annotation.Resource;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -19,12 +22,15 @@ public class OrganizationController {
|
||||||
private OrganizationService organizationService;
|
private OrganizationService organizationService;
|
||||||
|
|
||||||
@PostMapping("/add")
|
@PostMapping("/add")
|
||||||
|
@RequiresRoles(RoleConstants.ADMIN)
|
||||||
public Organization addOrganization(@RequestBody Organization organization) { return organizationService.addOrganization(organization); }
|
public Organization addOrganization(@RequestBody Organization organization) { return organizationService.addOrganization(organization); }
|
||||||
|
|
||||||
@GetMapping("/list")
|
@GetMapping("/list")
|
||||||
|
@RequiresRoles(value = {RoleConstants.ADMIN,RoleConstants.ORG_ADMIN,RoleConstants.TEST_MANAGER}, logical = Logical.OR)
|
||||||
public List<Organization> getOrganizationList() { return organizationService.getOrganizationList(); }
|
public List<Organization> getOrganizationList() { return organizationService.getOrganizationList(); }
|
||||||
|
|
||||||
@PostMapping("/list/{goPage}/{pageSize}")
|
@PostMapping("/list/{goPage}/{pageSize}")
|
||||||
|
@RequiresRoles(value = {RoleConstants.ADMIN,RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||||
public Pager<List<Organization>> getOrganizationList(@PathVariable int goPage, @PathVariable int pageSize) {
|
public Pager<List<Organization>> getOrganizationList(@PathVariable int goPage, @PathVariable int pageSize) {
|
||||||
Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
|
Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
|
||||||
return PageUtils.setPageInfo(page, organizationService.getOrganizationList());
|
return PageUtils.setPageInfo(page, organizationService.getOrganizationList());
|
||||||
|
@ -34,6 +40,7 @@ public class OrganizationController {
|
||||||
public void deleteOrganization(@PathVariable(value = "organizationId") String organizationId) { organizationService.deleteOrganization(organizationId); }
|
public void deleteOrganization(@PathVariable(value = "organizationId") String organizationId) { organizationService.deleteOrganization(organizationId); }
|
||||||
|
|
||||||
@PostMapping("/update")
|
@PostMapping("/update")
|
||||||
|
@RequiresRoles(value = {RoleConstants.ADMIN,RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||||
public void updateOrganization(@RequestBody Organization organization) { organizationService.updateOrganization(organization); }
|
public void updateOrganization(@RequestBody Organization organization) { organizationService.updateOrganization(organization); }
|
||||||
|
|
||||||
@GetMapping("/list/userorg/{userId}")
|
@GetMapping("/list/userorg/{userId}")
|
||||||
|
@ -42,6 +49,7 @@ public class OrganizationController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/member/update")
|
@PostMapping("/member/update")
|
||||||
|
@RequiresRoles(value = {RoleConstants.ADMIN,RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||||
public void updateOrgMember(@RequestBody OrganizationMemberDTO memberDTO) {
|
public void updateOrgMember(@RequestBody OrganizationMemberDTO memberDTO) {
|
||||||
organizationService.updateOrgMember(memberDTO);
|
organizationService.updateOrgMember(memberDTO);
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,6 +17,7 @@ import io.metersphere.dto.UserRoleDTO;
|
||||||
import io.metersphere.service.UserService;
|
import io.metersphere.service.UserService;
|
||||||
import io.metersphere.user.SessionUser;
|
import io.metersphere.user.SessionUser;
|
||||||
import io.metersphere.user.SessionUtils;
|
import io.metersphere.user.SessionUtils;
|
||||||
|
import org.apache.shiro.authz.annotation.Logical;
|
||||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||||
import org.springframework.beans.BeanUtils;
|
import org.springframework.beans.BeanUtils;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
@ -31,6 +32,7 @@ public class UserController {
|
||||||
private UserService userService;
|
private UserService userService;
|
||||||
|
|
||||||
@PostMapping("/add")
|
@PostMapping("/add")
|
||||||
|
@RequiresRoles(RoleConstants.ADMIN)
|
||||||
public UserDTO insertUser(@RequestBody User user) {
|
public UserDTO insertUser(@RequestBody User user) {
|
||||||
return userService.insert(user);
|
return userService.insert(user);
|
||||||
}
|
}
|
||||||
|
@ -41,17 +43,20 @@ public class UserController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/list/{goPage}/{pageSize}")
|
@PostMapping("/list/{goPage}/{pageSize}")
|
||||||
|
@RequiresRoles(RoleConstants.ADMIN)
|
||||||
public Pager<List<User>> getUserList(@PathVariable int goPage, @PathVariable int pageSize) {
|
public Pager<List<User>> getUserList(@PathVariable int goPage, @PathVariable int pageSize) {
|
||||||
Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
|
Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
|
||||||
return PageUtils.setPageInfo(page, userService.getUserList());
|
return PageUtils.setPageInfo(page, userService.getUserList());
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/delete/{userId}")
|
@GetMapping("/delete/{userId}")
|
||||||
|
@RequiresRoles(RoleConstants.ADMIN)
|
||||||
public void deleteUser(@PathVariable(value = "userId") String userId) {
|
public void deleteUser(@PathVariable(value = "userId") String userId) {
|
||||||
userService.deleteUser(userId);
|
userService.deleteUser(userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/update")
|
@PostMapping("/update")
|
||||||
|
@RequiresRoles(RoleConstants.ADMIN)
|
||||||
public void updateUser(@RequestBody User user) {
|
public void updateUser(@RequestBody User user) {
|
||||||
userService.updateUser(user);
|
userService.updateUser(user);
|
||||||
}
|
}
|
||||||
|
@ -103,7 +108,6 @@ public class UserController {
|
||||||
* 获取工作空间成员用户 不分页
|
* 获取工作空间成员用户 不分页
|
||||||
*/
|
*/
|
||||||
@PostMapping("/member/list/all")
|
@PostMapping("/member/list/all")
|
||||||
@RequiresRoles(RoleConstants.ADMIN)
|
|
||||||
public List<User> getMemberList(@RequestBody QueryMemberRequest request) {
|
public List<User> getMemberList(@RequestBody QueryMemberRequest request) {
|
||||||
return userService.getMemberList(request);
|
return userService.getMemberList(request);
|
||||||
}
|
}
|
||||||
|
@ -112,7 +116,7 @@ public class UserController {
|
||||||
* 添加成员
|
* 添加成员
|
||||||
*/
|
*/
|
||||||
@PostMapping("/member/add")
|
@PostMapping("/member/add")
|
||||||
//@RequiresRoles(RoleConstants.TEST_MANAGER)
|
@RequiresRoles(value = {RoleConstants.TEST_MANAGER,RoleConstants.ORG_ADMIN,RoleConstants.ADMIN}, logical = Logical.OR)
|
||||||
public void addMember(@RequestBody AddMemberRequest request) {
|
public void addMember(@RequestBody AddMemberRequest request) {
|
||||||
userService.addMember(request);
|
userService.addMember(request);
|
||||||
}
|
}
|
||||||
|
@ -121,7 +125,7 @@ public class UserController {
|
||||||
* 删除成员
|
* 删除成员
|
||||||
*/
|
*/
|
||||||
@GetMapping("/member/delete/{workspaceId}/{userId}")
|
@GetMapping("/member/delete/{workspaceId}/{userId}")
|
||||||
//@RequiresRoles(RoleConstants.TEST_MANAGER)
|
@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.ADMIN, RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||||
public void deleteMember(@PathVariable String workspaceId, @PathVariable String userId) {
|
public void deleteMember(@PathVariable String workspaceId, @PathVariable String userId) {
|
||||||
userService.deleteMember(workspaceId, userId);
|
userService.deleteMember(workspaceId, userId);
|
||||||
}
|
}
|
||||||
|
@ -130,6 +134,7 @@ public class UserController {
|
||||||
* 添加组织成员
|
* 添加组织成员
|
||||||
*/
|
*/
|
||||||
@PostMapping("/orgmember/add")
|
@PostMapping("/orgmember/add")
|
||||||
|
@RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||||
public void addOrganizationMember(@RequestBody AddOrgMemberRequest request) {
|
public void addOrganizationMember(@RequestBody AddOrgMemberRequest request) {
|
||||||
userService.addOrganizationMember(request);
|
userService.addOrganizationMember(request);
|
||||||
}
|
}
|
||||||
|
@ -138,6 +143,7 @@ public class UserController {
|
||||||
* 删除组织成员
|
* 删除组织成员
|
||||||
*/
|
*/
|
||||||
@GetMapping("/orgmember/delete/{organizationId}/{userId}")
|
@GetMapping("/orgmember/delete/{organizationId}/{userId}")
|
||||||
|
@RequiresRoles(value = {RoleConstants.ADMIN,RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||||
public void delOrganizationMember(@PathVariable String organizationId, @PathVariable String userId) {
|
public void delOrganizationMember(@PathVariable String organizationId, @PathVariable String userId) {
|
||||||
userService.delOrganizationMember(organizationId, userId);
|
userService.delOrganizationMember(organizationId, userId);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,10 @@
|
||||||
package io.metersphere.controller;
|
package io.metersphere.controller;
|
||||||
|
|
||||||
import io.metersphere.base.domain.Role;
|
import io.metersphere.base.domain.Role;
|
||||||
|
import io.metersphere.commons.constants.RoleConstants;
|
||||||
import io.metersphere.service.UserRoleService;
|
import io.metersphere.service.UserRoleService;
|
||||||
|
import org.apache.shiro.authz.annotation.Logical;
|
||||||
|
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
import org.springframework.web.bind.annotation.PathVariable;
|
import org.springframework.web.bind.annotation.PathVariable;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
|
@ -17,12 +20,13 @@ public class UserRoleController {
|
||||||
private UserRoleService userRoleService;
|
private UserRoleService userRoleService;
|
||||||
|
|
||||||
@GetMapping("/list/org/{orgId}/{userId}")
|
@GetMapping("/list/org/{orgId}/{userId}")
|
||||||
|
@RequiresRoles(value = {RoleConstants.ADMIN,RoleConstants.ORG_ADMIN}, logical = Logical.OR)
|
||||||
public List<Role> getOrganizationMemberRoles(@PathVariable String orgId, @PathVariable String userId) {
|
public List<Role> getOrganizationMemberRoles(@PathVariable String orgId, @PathVariable String userId) {
|
||||||
return userRoleService.getOrganizationMemberRoles(orgId, userId);
|
return userRoleService.getOrganizationMemberRoles(orgId, userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/list/ws/{workspaceId}/{userId}")
|
@GetMapping("/list/ws/{workspaceId}/{userId}")
|
||||||
public List<Role> workspaceId(@PathVariable String workspaceId, @PathVariable String userId) {
|
public List<Role> getWorkspaceMemberRole(@PathVariable String workspaceId, @PathVariable String userId) {
|
||||||
return userRoleService.getWorkspaceMemberRoles(workspaceId, userId);
|
return userRoleService.getWorkspaceMemberRoles(workspaceId, userId);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,6 +12,7 @@ import io.metersphere.dto.WorkspaceDTO;
|
||||||
import io.metersphere.dto.WorkspaceMemberDTO;
|
import io.metersphere.dto.WorkspaceMemberDTO;
|
||||||
import io.metersphere.service.WorkspaceService;
|
import io.metersphere.service.WorkspaceService;
|
||||||
import io.metersphere.user.SessionUtils;
|
import io.metersphere.user.SessionUtils;
|
||||||
|
import org.apache.shiro.authz.annotation.Logical;
|
||||||
import org.apache.shiro.authz.annotation.RequiresRoles;
|
import org.apache.shiro.authz.annotation.RequiresRoles;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
||||||
|
@ -83,6 +84,7 @@ public class WorkspaceController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/member/update")
|
@PostMapping("/member/update")
|
||||||
|
@RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER}, logical = Logical.OR)
|
||||||
public void updateOrgMember(@RequestBody WorkspaceMemberDTO memberDTO) {
|
public void updateOrgMember(@RequestBody WorkspaceMemberDTO memberDTO) {
|
||||||
workspaceService.updateWorkspaceMember(memberDTO);
|
workspaceService.updateWorkspaceMember(memberDTO);
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
class="header-user-menu align-right"
|
class="header-user-menu align-right"
|
||||||
background-color="#2c2a48"
|
background-color="#2c2a48"
|
||||||
text-color="#fff">
|
text-color="#fff">
|
||||||
<el-submenu index="1" popper-class="submenu" v-permission="['org_admin']">
|
<el-submenu index="1" popper-class="submenu">
|
||||||
<template slot="title">【组织】{{currentOrganizationName}}</template>
|
<template slot="title">【组织】{{currentOrganizationName}}</template>
|
||||||
<label v-for="(item,index) in organizationList" :key="index">
|
<label v-for="(item,index) in organizationList" :key="index">
|
||||||
<el-menu-item @click="changeOrg(item)">{{item.name}}
|
<el-menu-item @click="changeOrg(item)">{{item.name}}
|
||||||
|
@ -41,7 +41,7 @@
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
import {ROLE_ORG_ADMIN, ROLE_TEST_MANAGER, ROLE_TEST_USER, ROLE_TEST_VIEWER, TokenKey} from '../../common/constants';
|
import { ROLE_TEST_MANAGER, ROLE_TEST_USER, ROLE_TEST_VIEWER, TokenKey} from '../../common/constants';
|
||||||
|
|
||||||
export default {
|
export default {
|
||||||
name: "MsUser",
|
name: "MsUser",
|
||||||
|
@ -89,7 +89,7 @@
|
||||||
},
|
},
|
||||||
initMenuData() {
|
initMenuData() {
|
||||||
let roles = this.currentUser.roles.map(r => r.id);
|
let roles = this.currentUser.roles.map(r => r.id);
|
||||||
if (roles.indexOf(ROLE_ORG_ADMIN) > -1) {
|
// if (roles.indexOf(ROLE_ORG_ADMIN) > -1) {
|
||||||
this.$get("/organization/list/userorg/" + this.currentUserId, response => {
|
this.$get("/organization/list/userorg/" + this.currentUserId, response => {
|
||||||
let data = response.data;
|
let data = response.data;
|
||||||
this.organizationList = data;
|
this.organizationList = data;
|
||||||
|
@ -98,9 +98,9 @@
|
||||||
this.currentOrganizationName = org[0].name;
|
this.currentOrganizationName = org[0].name;
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
// }
|
||||||
if (roles.indexOf(ROLE_TEST_MANAGER) > -1 || roles.indexOf(ROLE_TEST_USER) > -1 || roles.indexOf(ROLE_TEST_VIEWER) > -1) {
|
if (roles.indexOf(ROLE_TEST_MANAGER) > -1 || roles.indexOf(ROLE_TEST_USER) > -1 || roles.indexOf(ROLE_TEST_VIEWER) > -1) {
|
||||||
if (this.currentUser.lastOrganizationId === null) {
|
if (!this.currentUser.lastOrganizationId) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
this.$get("/workspace/list/orgworkspace/", response => {
|
this.$get("/workspace/list/orgworkspace/", response => {
|
||||||
|
|
|
@ -236,6 +236,14 @@
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
create() {
|
create() {
|
||||||
|
let orgId = this.currentUser().lastOrganizationId;
|
||||||
|
if (!orgId) {
|
||||||
|
this.$message({
|
||||||
|
type: 'warning',
|
||||||
|
message: this.$t('organization.select_organization')
|
||||||
|
})
|
||||||
|
return false;
|
||||||
|
}
|
||||||
this.form = {};
|
this.form = {};
|
||||||
this.result = this.$get('/user/besideorg/list/' + this.currentUser().lastOrganizationId, response => {
|
this.result = this.$get('/user/besideorg/list/' + this.currentUser().lastOrganizationId, response => {
|
||||||
this.createVisible = true;
|
this.createVisible = true;
|
||||||
|
@ -246,13 +254,13 @@
|
||||||
})
|
})
|
||||||
},
|
},
|
||||||
submitForm(formName) {
|
submitForm(formName) {
|
||||||
this.loading = true;
|
|
||||||
this.$refs[formName].validate((valid) => {
|
this.$refs[formName].validate((valid) => {
|
||||||
|
let orgId = this.currentUser().lastOrganizationId;
|
||||||
if (valid) {
|
if (valid) {
|
||||||
let param = {
|
let param = {
|
||||||
userIds: this.form.userIds,
|
userIds: this.form.userIds,
|
||||||
roleIds: this.form.roleIds,
|
roleIds: this.form.roleIds,
|
||||||
organizationId: this.currentUser().lastOrganizationId
|
organizationId: orgId
|
||||||
};
|
};
|
||||||
this.result = this.$post("user/orgmember/add", param,() => {
|
this.result = this.$post("user/orgmember/add", param,() => {
|
||||||
this.initTableData();
|
this.initTableData();
|
||||||
|
|
|
@ -65,7 +65,7 @@
|
||||||
<el-dialog :visible.sync="memberVisible" width="70%" :destroy-on-close="true" @close="closeMemberFunc">
|
<el-dialog :visible.sync="memberVisible" width="70%" :destroy-on-close="true" @close="closeMemberFunc">
|
||||||
<el-row type="flex" justify="space-between" align="middle">
|
<el-row type="flex" justify="space-between" align="middle">
|
||||||
<span class="member-title">{{$t('commons.member')}}
|
<span class="member-title">{{$t('commons.member')}}
|
||||||
<ms-create-box :tips="addTips" :exec="addMember"/>
|
<ms-create-box :tips="addTips" :exec="addMember" v-permission="['admin','org_admin']"/>
|
||||||
</span>
|
</span>
|
||||||
<span class="search">
|
<span class="search">
|
||||||
<el-input type="text" size="small"
|
<el-input type="text" size="small"
|
||||||
|
|
|
@ -129,11 +129,11 @@
|
||||||
rule: {
|
rule: {
|
||||||
id: [
|
id: [
|
||||||
{ required: true, message: this.$t('user.input_id'), trigger: 'blur'},
|
{ required: true, message: this.$t('user.input_id'), trigger: 'blur'},
|
||||||
{ min: 2, max: 10, message: this.$t('commons.input_limit', [2, 10]), trigger: 'blur' }
|
{ min: 2, max: 20, message: this.$t('commons.input_limit', [2, 20]), trigger: 'blur' }
|
||||||
],
|
],
|
||||||
name: [
|
name: [
|
||||||
{required: true, message: this.$t('user.input_name'), trigger: 'blur'},
|
{required: true, message: this.$t('user.input_name'), trigger: 'blur'},
|
||||||
{ min: 2, max: 10, message: this.$t('commons.input_limit', [2, 50]), trigger: 'blur' },
|
{ min: 2, max: 20, message: this.$t('commons.input_limit', [2, 20]), trigger: 'blur' },
|
||||||
{
|
{
|
||||||
required: true,
|
required: true,
|
||||||
pattern: /^[\u4e00-\u9fa5_a-zA-Z0-9.·-]+$/,
|
pattern: /^[\u4e00-\u9fa5_a-zA-Z0-9.·-]+$/,
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
<div v-loading="result.loading">
|
<div v-loading="result.loading">
|
||||||
<el-card>
|
<el-card>
|
||||||
<div slot="header">
|
<div slot="header">
|
||||||
<el-row type="flex" justify="space-between" align="middle">
|
<el-row type="flex" justify="space-between" align="middle" v-permission="['test_manager']">
|
||||||
<span class="title">成员
|
<span class="title">成员
|
||||||
<ms-create-box :tips="btnTips" :exec="create"/>
|
<ms-create-box :tips="btnTips" :exec="create"/>
|
||||||
</span>
|
</span>
|
||||||
|
@ -25,8 +25,8 @@
|
||||||
</el-table-column>
|
</el-table-column>
|
||||||
<el-table-column>
|
<el-table-column>
|
||||||
<template slot-scope="scope">
|
<template slot-scope="scope">
|
||||||
<el-button @click="edit(scope.row)" type="primary" icon="el-icon-edit" size="mini" circle/>
|
<el-button @click="edit(scope.row)" type="primary" icon="el-icon-edit" size="mini" circle v-permission="['test_manager']"/>
|
||||||
<el-button @click="del(scope.row)" type="danger" icon="el-icon-delete" size="mini" circle/>
|
<el-button @click="del(scope.row)" type="danger" icon="el-icon-delete" size="mini" circle v-permission="['test_manager']"/>
|
||||||
</template>
|
</template>
|
||||||
</el-table-column>
|
</el-table-column>
|
||||||
</el-table>
|
</el-table>
|
||||||
|
|
Loading…
Reference in New Issue