fix(项目管理): 项目管理后台接口补足权限校验

--task=1012120 --user=宋天阳 检查所有API权限控制是否有加 RequiresPermissions
https://www.tapd.cn/55049933/s/1377485
This commit is contained in:
song-tianyang 2023-05-31 14:55:52 +08:00 committed by 建国
parent c275ee1567
commit 14326dcbf5
13 changed files with 121 additions and 33 deletions

View File

@ -71,7 +71,6 @@ public class FilterChainUtils {
filterChainDefinitionMap.put("/system/theme", "anon"); filterChainDefinitionMap.put("/system/theme", "anon");
filterChainDefinitionMap.put("/system/save/baseurl/**", "anon"); filterChainDefinitionMap.put("/system/save/baseurl/**", "anon");
filterChainDefinitionMap.put("/system/timeout", "anon"); filterChainDefinitionMap.put("/system/timeout", "anon");
filterChainDefinitionMap.put("/file/metadata/info/**", "anon");
filterChainDefinitionMap.put("/v1/catalog/**", "anon"); filterChainDefinitionMap.put("/v1/catalog/**", "anon");
filterChainDefinitionMap.put("/v1/agent/**", "anon"); filterChainDefinitionMap.put("/v1/agent/**", "anon");

View File

@ -17,12 +17,13 @@ import io.metersphere.environment.utils.TcpTreeTableDataParser;
import io.metersphere.i18n.Translator; import io.metersphere.i18n.Translator;
import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.request.EnvironmentRequest; import io.metersphere.request.EnvironmentRequest;
import jakarta.annotation.Resource;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.json.JSONArray; import org.json.JSONArray;
import org.json.JSONObject; import org.json.JSONObject;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile; import org.springframework.web.multipart.MultipartFile;
import jakarta.annotation.Resource;
import java.sql.DriverManager; import java.sql.DriverManager;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@ -38,6 +39,7 @@ public class TestEnvironmentController {
private BaseEnvGroupProjectService baseEnvGroupProjectService; private BaseEnvGroupProjectService baseEnvGroupProjectService;
@GetMapping("/list/{projectId}") @GetMapping("/list/{projectId}")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
public List<ApiTestEnvironmentWithBLOBs> list(@PathVariable String projectId) { public List<ApiTestEnvironmentWithBLOBs> list(@PathVariable String projectId) {
return baseEnvironmentService.list(projectId); return baseEnvironmentService.list(projectId);
} }
@ -51,23 +53,27 @@ public class TestEnvironmentController {
* @return * @return
*/ */
@PostMapping("/list/{goPage}/{pageSize}") @PostMapping("/list/{goPage}/{pageSize}")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
public Pager<List<ApiTestEnvironmentWithBLOBs>> listByCondition(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody EnvironmentRequest environmentRequest) { public Pager<List<ApiTestEnvironmentWithBLOBs>> listByCondition(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody EnvironmentRequest environmentRequest) {
Page<Object> page = PageHelper.startPage(goPage, pageSize, true); Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
return PageUtils.setPageInfo(page, baseEnvironmentService.listByConditions(environmentRequest)); return PageUtils.setPageInfo(page, baseEnvironmentService.listByConditions(environmentRequest));
} }
@GetMapping("/get/{id}") @GetMapping("/get/{id}")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
public ApiTestEnvironmentWithBLOBs get(@PathVariable String id) { public ApiTestEnvironmentWithBLOBs get(@PathVariable String id) {
return baseEnvironmentService.get(id); return baseEnvironmentService.get(id);
} }
@PostMapping(value = "/get/entry") @PostMapping(value = "/get/entry")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
public List<KeyStoreEntry> getEntry(@RequestPart("request") String password, @RequestPart(value = "file") MultipartFile sslFiles) { public List<KeyStoreEntry> getEntry(@RequestPart("request") String password, @RequestPart(value = "file") MultipartFile sslFiles) {
return commandService.get(password, sslFiles); return commandService.get(password, sslFiles);
} }
@PostMapping("/add") @PostMapping("/add")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ+CREATE")
@MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.CREATE, title = "#apiTestEnvironmentWithBLOBs.name", project = "#apiTestEnvironmentWithBLOBs.projectId", msClass = BaseEnvironmentService.class) @MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.CREATE, title = "#apiTestEnvironmentWithBLOBs.name", project = "#apiTestEnvironmentWithBLOBs.projectId", msClass = BaseEnvironmentService.class)
public String create(@RequestPart("request") TestEnvironmentDTO apiTestEnvironmentWithBLOBs, @RequestPart(value = "files", required = false) List<MultipartFile> sslFiles, @RequestPart(value = "variablesFiles", required = false) List<MultipartFile> variableFile) { public String create(@RequestPart("request") TestEnvironmentDTO apiTestEnvironmentWithBLOBs, @RequestPart(value = "files", required = false) List<MultipartFile> sslFiles, @RequestPart(value = "variablesFiles", required = false) List<MultipartFile> variableFile) {
checkParams(apiTestEnvironmentWithBLOBs); checkParams(apiTestEnvironmentWithBLOBs);
@ -75,12 +81,14 @@ public class TestEnvironmentController {
} }
@PostMapping("/import") @PostMapping("/import")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ+IMPORT")
public String create(@RequestBody List<TestEnvironmentDTO> environments) { public String create(@RequestBody List<TestEnvironmentDTO> environments) {
environments.forEach(this::checkParams); environments.forEach(this::checkParams);
return baseEnvironmentService.importEnvironment(environments); return baseEnvironmentService.importEnvironment(environments);
} }
@PostMapping(value = "/update") @PostMapping(value = "/update")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ+EDIT")
@MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#apiTestEnvironment.id)", content = "#msClass.getLogDetails(#apiTestEnvironment.id)", msClass = BaseEnvironmentService.class) @MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#apiTestEnvironment.id)", content = "#msClass.getLogDetails(#apiTestEnvironment.id)", msClass = BaseEnvironmentService.class)
public void update(@RequestPart("request") TestEnvironmentDTO apiTestEnvironment, @RequestPart(value = "files", required = false) List<MultipartFile> sslFiles, @RequestPart(value = "variablesFiles", required = false) List<MultipartFile> variableFile) { public void update(@RequestPart("request") TestEnvironmentDTO apiTestEnvironment, @RequestPart(value = "files", required = false) List<MultipartFile> sslFiles, @RequestPart(value = "variablesFiles", required = false) List<MultipartFile> variableFile) {
checkParams(apiTestEnvironment); checkParams(apiTestEnvironment);
@ -115,6 +123,7 @@ public class TestEnvironmentController {
} }
@GetMapping("/delete/{id}") @GetMapping("/delete/{id}")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ+DELETE")
@MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = BaseEnvironmentService.class) @MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = BaseEnvironmentService.class)
public void delete(@PathVariable String id) { public void delete(@PathVariable String id) {
baseEnvironmentService.delete(id); baseEnvironmentService.delete(id);
@ -122,11 +131,13 @@ public class TestEnvironmentController {
@GetMapping("/group/map/{groupId}") @GetMapping("/group/map/{groupId}")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
public Map<String, String> getEnvMap(@PathVariable String groupId) { public Map<String, String> getEnvMap(@PathVariable String groupId) {
return baseEnvGroupProjectService.getEnvMap(groupId); return baseEnvGroupProjectService.getEnvMap(groupId);
} }
@GetMapping("/module/list/{projectId}/{protocol}") @GetMapping("/module/list/{projectId}/{protocol}")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
public List<ApiModuleDTO> getNodeByProjectId(@PathVariable String projectId, @PathVariable String protocol) { public List<ApiModuleDTO> getNodeByProjectId(@PathVariable String projectId, @PathVariable String protocol) {
return baseEnvironmentService.getNodeTreeByProjectId(projectId, protocol); return baseEnvironmentService.getNodeTreeByProjectId(projectId, protocol);
} }
@ -137,6 +148,7 @@ public class TestEnvironmentController {
} }
@PostMapping("/database/validate") @PostMapping("/database/validate")
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
public void validate(@RequestBody DatabaseConfig databaseConfig) { public void validate(@RequestBody DatabaseConfig databaseConfig) {
try { try {
DriverManager.getConnection(databaseConfig.getDbUrl(), databaseConfig.getUsername(), databaseConfig.getPassword()); DriverManager.getConnection(databaseConfig.getDbUrl(), databaseConfig.getUsername(), databaseConfig.getPassword());

View File

@ -11,12 +11,10 @@ import io.metersphere.commons.utils.Pager;
import io.metersphere.dto.FileMetadataDTO; import io.metersphere.dto.FileMetadataDTO;
import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.metadata.service.FileMetadataService; import io.metersphere.metadata.service.FileMetadataService;
import io.metersphere.metadata.vo.DownloadRequest; import io.metersphere.metadata.vo.*;
import io.metersphere.metadata.vo.DumpFileRequest;
import io.metersphere.metadata.vo.FileMetadataCreateRequest;
import io.metersphere.metadata.vo.MoveFIleMetadataRequest;
import io.metersphere.request.QueryProjectFileRequest; import io.metersphere.request.QueryProjectFileRequest;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
@ -32,36 +30,42 @@ public class FileMetadataController {
private FileMetadataService fileMetadataService; private FileMetadataService fileMetadataService;
@GetMapping(value = "/info/{fileId}") @GetMapping(value = "/info/{fileId}")
public ResponseEntity<byte[]> image(@PathVariable("fileId") String fileId) { @RequiresPermissions("PROJECT_FILE:READ")
return fileMetadataService.getFile(fileId); public FileResponse image(@PathVariable("fileId") String fileId) {
FileResponse fileResponse = new FileResponse();
fileResponse.setBytes(fileMetadataService.getFile(fileId).getBody());
return fileResponse;
} }
@PostMapping("/project/{projectId}/{goPage}/{pageSize}") @PostMapping("/project/{projectId}/{goPage}/{pageSize}")
public Pager<List<FileMetadataDTO>> getProjectFiles(@PathVariable String projectId, @RequiresPermissions("PROJECT_FILE:READ")
@PathVariable int goPage, @PathVariable int pageSize, public Pager<List<FileMetadataDTO>> getProjectFiles(@PathVariable String projectId, @PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryProjectFileRequest request) {
@RequestBody QueryProjectFileRequest request) {
fileMetadataService.checkProjectFileHasModuleId(projectId); fileMetadataService.checkProjectFileHasModuleId(projectId);
Page<Object> page = PageHelper.startPage(goPage, pageSize, true); Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
return PageUtils.setPageInfo(page, fileMetadataService.getFileMetadataByProject(projectId, request)); return PageUtils.setPageInfo(page, fileMetadataService.getFileMetadataByProject(projectId, request));
} }
@PostMapping(value = "/create") @PostMapping(value = "/create")
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.CREATE, title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class) @MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.CREATE, title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class)
public List<FileMetadata> create(@RequestPart("request") FileMetadataCreateRequest request, @RequestPart(value = "file", required = false) List<MultipartFile> files) { public List<FileMetadata> create(@RequestPart("request") FileMetadataCreateRequest request, @RequestPart(value = "file", required = false) List<MultipartFile> files) {
return fileMetadataService.create(request, files); return fileMetadataService.create(request, files);
} }
@PostMapping(value = "/upload") @PostMapping(value = "/upload")
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
public FileMetadata upload(@RequestPart("request") FileMetadataWithBLOBs request, @RequestPart(value = "file", required = false) List<MultipartFile> files) { public FileMetadata upload(@RequestPart("request") FileMetadataWithBLOBs request, @RequestPart(value = "file", required = false) List<MultipartFile> files) {
return fileMetadataService.reLoad(request, files); return fileMetadataService.reLoad(request, files);
} }
@GetMapping(value = "/download/{id}") @GetMapping(value = "/download/{id}")
@RequiresPermissions("PROJECT_FILE:READ+DOWNLOAD+JAR")
public ResponseEntity<byte[]> download(@PathVariable("id") String id) { public ResponseEntity<byte[]> download(@PathVariable("id") String id) {
return fileMetadataService.getFile(id); return fileMetadataService.getFile(id);
} }
@PostMapping(value = "/download/zip") @PostMapping(value = "/download/zip")
@RequiresPermissions("PROJECT_FILE:READ+DOWNLOAD+JAR")
public ResponseEntity<byte[]> downloadBodyFiles(@RequestBody DownloadRequest request) { public ResponseEntity<byte[]> downloadBodyFiles(@RequestBody DownloadRequest request) {
try { try {
byte[] bytes = fileMetadataService.exportZip(request); byte[] bytes = fileMetadataService.exportZip(request);
@ -75,49 +79,58 @@ public class FileMetadataController {
} }
@GetMapping(value = "/delete/{fileId}") @GetMapping(value = "/delete/{fileId}")
@RequiresPermissions("PROJECT_FILE:READ+DELETE+JAR")
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#fileId)", msClass = FileMetadataService.class) @MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#fileId)", msClass = FileMetadataService.class)
public void deleteFile(@PathVariable String fileId) { public void deleteFile(@PathVariable String fileId) {
fileMetadataService.deleteFile(fileId); fileMetadataService.deleteFile(fileId);
} }
@PostMapping(value = "/delete/batch") @PostMapping(value = "/delete/batch")
@RequiresPermissions("PROJECT_FILE:READ+BATCH+DELETE")
public void deleteBatch(@RequestBody List<String> ids) { public void deleteBatch(@RequestBody List<String> ids) {
fileMetadataService.deleteBatch(ids); fileMetadataService.deleteBatch(ids);
} }
@GetMapping(value = "/get/type/all") @GetMapping(value = "/get/type/all")
@RequiresPermissions("PROJECT_FILE:READ")
public List<String> getTypes() { public List<String> getTypes() {
return fileMetadataService.getTypes(); return fileMetadataService.getTypes();
} }
@PostMapping(value = "/move") @PostMapping(value = "/move")
@RequiresPermissions("PROJECT_FILE:READ+BATCH+MOVE")
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class) @MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class)
public void move(@RequestBody MoveFIleMetadataRequest request) { public void move(@RequestBody MoveFIleMetadataRequest request) {
fileMetadataService.move(request); fileMetadataService.move(request);
} }
@PostMapping(value = "/update") @PostMapping(value = "/update")
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class) @MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class)
public void update(@RequestBody FileMetadataWithBLOBs request) { public void update(@RequestBody FileMetadataWithBLOBs request) {
fileMetadataService.update(request); fileMetadataService.update(request);
} }
@PostMapping(value = "/dump/file", consumes = {"multipart/form-data"}) @PostMapping(value = "/dump/file", consumes = {"multipart/form-data"})
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
public void dumpFile(@RequestPart("request") DumpFileRequest request, @RequestPart(value = "files", required = false) List<MultipartFile> files) { public void dumpFile(@RequestPart("request") DumpFileRequest request, @RequestPart(value = "files", required = false) List<MultipartFile> files) {
fileMetadataService.dumpFile(request, files); fileMetadataService.dumpFile(request, files);
} }
@GetMapping(value = "/count/{projectId}/{createUser}") @GetMapping(value = "/count/{projectId}/{createUser}")
@RequiresPermissions("PROJECT_FILE:READ")
public long myFiles(@PathVariable String projectId, @PathVariable String createUser) { public long myFiles(@PathVariable String projectId, @PathVariable String createUser) {
return fileMetadataService.myFiles(createUser, projectId); return fileMetadataService.myFiles(createUser, projectId);
} }
@GetMapping(value = "/exist/{fileId}") @GetMapping(value = "/exist/{fileId}")
@RequiresPermissions("PROJECT_FILE:READ")
public boolean exist(@PathVariable("fileId") String fileId) { public boolean exist(@PathVariable("fileId") String fileId) {
return fileMetadataService.exist(fileId); return fileMetadataService.exist(fileId);
} }
@PostMapping(value = "/exists") @PostMapping(value = "/exists")
@RequiresPermissions("PROJECT_FILE:READ")
public List<String> exist(@RequestBody List<String> fileIds) { public List<String> exist(@RequestBody List<String> fileIds) {
return fileMetadataService.exists(fileIds); return fileMetadataService.exists(fileIds);
} }

View File

@ -8,9 +8,11 @@ import io.metersphere.metadata.service.FileModuleService;
import io.metersphere.metadata.vo.DragFileModuleRequest; import io.metersphere.metadata.vo.DragFileModuleRequest;
import io.metersphere.metadata.vo.FileModuleVo; import io.metersphere.metadata.vo.FileModuleVo;
import io.metersphere.service.BaseCheckPermissionService; import io.metersphere.service.BaseCheckPermissionService;
import jakarta.annotation.Resource;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import jakarta.annotation.Resource;
import java.util.List; import java.util.List;
@RequestMapping("/file/module") @RequestMapping("/file/module")
@ -29,30 +31,35 @@ public class FileModuleController {
} }
@PostMapping("/add") @PostMapping("/add")
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.CREATE, title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class) @MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.CREATE, title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class)
public String addNode(@RequestBody FileModule node) { public String addNode(@RequestBody FileModule node) {
return fileModuleService.addNode(node); return fileModuleService.addNode(node);
} }
@PostMapping("/edit") @PostMapping("/edit")
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class) @MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class)
public int editNode(@RequestBody DragFileModuleRequest node) { public int editNode(@RequestBody DragFileModuleRequest node) {
return fileModuleService.editNode(node); return fileModuleService.editNode(node);
} }
@PostMapping("/delete") @PostMapping("/delete")
@RequiresPermissions(value = {"PROJECT_FILE:READ+BATCH+DELETE", "PROJECT_FILE:READ+DELETE+JAR"}, logical = Logical.OR)
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#nodeIds)", msClass = FileModuleService.class) @MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#nodeIds)", msClass = FileModuleService.class)
public int deleteNode(@RequestBody List<String> nodeIds) { public int deleteNode(@RequestBody List<String> nodeIds) {
return fileModuleService.deleteNode(nodeIds); return fileModuleService.deleteNode(nodeIds);
} }
@PostMapping("/drag") @PostMapping("/drag")
@RequiresPermissions(value = {"PROJECT_FILE:READ+UPLOAD+JAR", "PROJECT_FILE:READ+BATCH+MOVE"}, logical = Logical.OR)
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class) @MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class)
public void dragNode(@RequestBody DragFileModuleRequest node) { public void dragNode(@RequestBody DragFileModuleRequest node) {
fileModuleService.dragNode(node); fileModuleService.dragNode(node);
} }
@PostMapping("/pos") @PostMapping("/pos")
@RequiresPermissions(value = {"PROJECT_FILE:READ+UPLOAD+JAR", "PROJECT_FILE:READ+BATCH+MOVE"}, logical = Logical.OR)
public void treeSort(@RequestBody List<String> ids) { public void treeSort(@RequestBody List<String> ids) {
fileModuleService.sort(ids); fileModuleService.sort(ids);
} }

View File

@ -6,9 +6,10 @@ import io.metersphere.commons.utils.SessionUtils;
import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.notice.domain.MessageDetail; import io.metersphere.notice.domain.MessageDetail;
import io.metersphere.notice.service.NoticeService; import io.metersphere.notice.service.NoticeService;
import jakarta.annotation.Resource;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import jakarta.annotation.Resource;
import java.util.List; import java.util.List;
@RestController @RestController
@ -24,6 +25,7 @@ public class NoticeController {
} }
@PostMapping("update/message/task") @PostMapping("update/message/task")
@RequiresPermissions("PROJECT_MESSAGE:READ+EDIT")
@MsAuditLog(module = OperLogModule.WORKSPACE_MESSAGE_SETTINGS, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#messageDetail.id)", content = "#msClass.getLogDetails(#messageDetail.id)", msClass = NoticeService.class) @MsAuditLog(module = OperLogModule.WORKSPACE_MESSAGE_SETTINGS, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#messageDetail.id)", content = "#msClass.getLogDetails(#messageDetail.id)", msClass = NoticeService.class)
public void updateMessage(@RequestBody MessageDetail messageDetail) { public void updateMessage(@RequestBody MessageDetail messageDetail) {
noticeService.saveMessageTask(messageDetail); noticeService.saveMessageTask(messageDetail);
@ -41,6 +43,7 @@ public class NoticeController {
} }
@GetMapping("/delete/message/{identification}") @GetMapping("/delete/message/{identification}")
@RequiresPermissions("PROJECT_MESSAGE:READ+DELETE")
@MsAuditLog(module = OperLogModule.WORKSPACE_MESSAGE_SETTINGS, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getDelLogDetails(#identification)", msClass = NoticeService.class) @MsAuditLog(module = OperLogModule.WORKSPACE_MESSAGE_SETTINGS, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getDelLogDetails(#identification)", msClass = NoticeService.class)
public int deleteMessage(@PathVariable String identification) { public int deleteMessage(@PathVariable String identification) {
return noticeService.delMessage(identification); return noticeService.delMessage(identification);

View File

@ -9,6 +9,8 @@ import io.metersphere.commons.utils.PageUtils;
import io.metersphere.commons.utils.Pager; import io.metersphere.commons.utils.Pager;
import io.metersphere.request.CustomFunctionRequest; import io.metersphere.request.CustomFunctionRequest;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import java.util.List; import java.util.List;
@ -25,16 +27,19 @@ public class CustomFunctionController {
private CustomFunctionService customFunctionService; private CustomFunctionService customFunctionService;
@PostMapping("/save") @PostMapping("/save")
@RequiresPermissions("PROJECT_CUSTOM_CODE:READ+CREATE")
public CustomFunctionWithBLOBs save(@RequestBody CustomFunctionRequest request) { public CustomFunctionWithBLOBs save(@RequestBody CustomFunctionRequest request) {
return customFunctionService.save(request); return customFunctionService.save(request);
} }
@GetMapping("/delete/{id}") @GetMapping("/delete/{id}")
@RequiresPermissions("PROJECT_CUSTOM_CODE:READ+DELETE")
public void delete(@PathVariable String id) { public void delete(@PathVariable String id) {
customFunctionService.delete(id); customFunctionService.delete(id);
} }
@PostMapping("/update") @PostMapping("/update")
@RequiresPermissions("PROJECT_CUSTOM_CODE:READ+EDIT")
public void update(@RequestBody CustomFunctionRequest request) { public void update(@RequestBody CustomFunctionRequest request) {
customFunctionService.update(request); customFunctionService.update(request);
} }
@ -46,6 +51,7 @@ public class CustomFunctionController {
} }
@GetMapping("/copy/{id}") @GetMapping("/copy/{id}")
@RequiresPermissions("PROJECT_CUSTOM_CODE:READ+COPY")
public CustomFunctionWithBLOBs copy(@PathVariable String id) { public CustomFunctionWithBLOBs copy(@PathVariable String id) {
return customFunctionService.copy(id); return customFunctionService.copy(id);
} }
@ -56,6 +62,7 @@ public class CustomFunctionController {
} }
@PostMapping("/run") @PostMapping("/run")
@RequiresPermissions(value = {"PROJECT_CUSTOM_CODE:READ+CREATE", "PROJECT_CUSTOM_CODE:READ+COPY"}, logical = Logical.OR)
public void run(@RequestBody Object request) { public void run(@RequestBody Object request) {
customFunctionService.run(request); customFunctionService.run(request);
} }

View File

@ -12,9 +12,11 @@ import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.request.BaseQueryRequest; import io.metersphere.request.BaseQueryRequest;
import io.metersphere.request.UpdateApiTemplateRequest; import io.metersphere.request.UpdateApiTemplateRequest;
import io.metersphere.service.ApiTemplateService; import io.metersphere.service.ApiTemplateService;
import jakarta.annotation.Resource;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import jakarta.annotation.Resource;
import java.util.List; import java.util.List;
@RequestMapping("field/template/api") @RequestMapping("field/template/api")
@ -25,35 +27,41 @@ public class ApiTemplateController {
private ApiTemplateService apiTemplateService; private ApiTemplateService apiTemplateService;
@PostMapping("/add") @PostMapping("/add")
@RequiresPermissions("PROJECT_TEMPLATE:READ+API_TEMPLATE")
@MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = ApiTemplateService.class) @MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = ApiTemplateService.class)
public void add(@RequestBody UpdateApiTemplateRequest request) { public void add(@RequestBody UpdateApiTemplateRequest request) {
apiTemplateService.add(request); apiTemplateService.add(request);
} }
@PostMapping("/list/{goPage}/{pageSize}") @PostMapping("/list/{goPage}/{pageSize}")
@RequiresPermissions(value = {"PROJECT_TEMPLATE:READ+API_TEMPLATE", "PROJECT_TEMPLATE:READ"}, logical = Logical.OR)
public Pager<List<ApiTemplate>> list(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody BaseQueryRequest request) { public Pager<List<ApiTemplate>> list(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody BaseQueryRequest request) {
Page<List<ApiTemplate>> page = PageHelper.startPage(goPage, pageSize, true); Page<List<ApiTemplate>> page = PageHelper.startPage(goPage, pageSize, true);
return PageUtils.setPageInfo(page, apiTemplateService.list(request)); return PageUtils.setPageInfo(page, apiTemplateService.list(request));
} }
@GetMapping("/delete/{id}") @GetMapping("/delete/{id}")
@RequiresPermissions("PROJECT_TEMPLATE:READ+API_TEMPLATE")
@MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = ApiTemplateService.class) @MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = ApiTemplateService.class)
public void delete(@PathVariable(value = "id") String id) { public void delete(@PathVariable(value = "id") String id) {
apiTemplateService.delete(id); apiTemplateService.delete(id);
} }
@PostMapping("/update") @PostMapping("/update")
@RequiresPermissions("PROJECT_TEMPLATE:READ+API_TEMPLATE")
@MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", content = "#msClass.getLogDetails(#request.id)", msClass = ApiTemplateService.class) @MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", content = "#msClass.getLogDetails(#request.id)", msClass = ApiTemplateService.class)
public void update(@RequestBody UpdateApiTemplateRequest request) { public void update(@RequestBody UpdateApiTemplateRequest request) {
apiTemplateService.update(request); apiTemplateService.update(request);
} }
@GetMapping({"/option/{projectId}", "/option"}) @GetMapping({"/option/{projectId}", "/option"})
@RequiresPermissions(value = {"PROJECT_TEMPLATE:READ+API_TEMPLATE", "PROJECT_TEMPLATE:READ"}, logical = Logical.OR)
public List<ApiTemplate> list(@PathVariable(required = false) String projectId) { public List<ApiTemplate> list(@PathVariable(required = false) String projectId) {
return apiTemplateService.getOption(projectId); return apiTemplateService.getOption(projectId);
} }
@GetMapping("/get-template/relate/{projectId}") @GetMapping("/get-template/relate/{projectId}")
@RequiresPermissions(value = {"PROJECT_TEMPLATE:READ+API_TEMPLATE", "PROJECT_TEMPLATE:READ"}, logical = Logical.OR)
public ApiTemplateDTO getTemplate(@PathVariable String projectId) { public ApiTemplateDTO getTemplate(@PathVariable String projectId) {
return apiTemplateService.getTemplate(projectId); return apiTemplateService.getTemplate(projectId);
} }

View File

@ -19,12 +19,12 @@ import io.metersphere.request.GroupRequest;
import io.metersphere.request.group.EditGroupRequest; import io.metersphere.request.group.EditGroupRequest;
import io.metersphere.request.group.EditGroupUserRequest; import io.metersphere.request.group.EditGroupUserRequest;
import io.metersphere.service.GroupService; import io.metersphere.service.GroupService;
import jakarta.annotation.Resource;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions; import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import jakarta.annotation.Resource;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.UUID; import java.util.UUID;
@ -46,6 +46,7 @@ public class GroupController {
} }
@GetMapping("/get/all") @GetMapping("/get/all")
@RequiresPermissions(value = {PermissionConstants.SYSTEM_GROUP_READ, PermissionConstants.SYSTEM_USER_READ, PermissionConstants.WORKSPACE_USER_READ}, logical = Logical.OR)
public List<GroupDTO> getAllGroup() { public List<GroupDTO> getAllGroup() {
return groupService.getAllGroup(); return groupService.getAllGroup();
} }
@ -149,6 +150,7 @@ public class GroupController {
@PostMapping("/edit/member") @PostMapping("/edit/member")
@MsRequestLog(module = OperLogModule.GROUP_PERMISSION) @MsRequestLog(module = OperLogModule.GROUP_PERMISSION)
@RequiresPermissions(value = {PermissionConstants.SYSTEM_GROUP_READ_EDIT, PermissionConstants.PROJECT_GROUP_READ_EDIT}, logical = Logical.OR)
public void editGroupUser(@RequestBody EditGroupUserRequest request) { public void editGroupUser(@RequestBody EditGroupUserRequest request) {
groupService.editGroupUser(request); groupService.editGroupUser(request);
} }

View File

@ -3,13 +3,15 @@ package io.metersphere.controller;
import io.metersphere.base.domain.ProjectApplication; import io.metersphere.base.domain.ProjectApplication;
import io.metersphere.commons.constants.OperLogConstants; import io.metersphere.commons.constants.OperLogConstants;
import io.metersphere.commons.constants.OperLogModule; import io.metersphere.commons.constants.OperLogModule;
import io.metersphere.dto.ProjectConfig;
import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.request.ProjectApplicationRequest; import io.metersphere.request.ProjectApplicationRequest;
import io.metersphere.service.ProjectApplicationService; import io.metersphere.service.ProjectApplicationService;
import org.springframework.web.bind.annotation.*;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController @RestController
@RequestMapping(value = "/project_application") @RequestMapping(value = "/project_application")
@ -18,12 +20,14 @@ public class ProjectApplicationController {
private ProjectApplicationService projectApplicationService; private ProjectApplicationService projectApplicationService;
@PostMapping("/update") @PostMapping("/update")
@RequiresPermissions("PROJECT_APP_MANAGER:READ+EDIT")
@MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MANAGER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#projectApplication)", content = "#msClass.getLogDetails(#projectApplication)", msClass = ProjectApplicationService.class) @MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MANAGER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#projectApplication)", content = "#msClass.getLogDetails(#projectApplication)", msClass = ProjectApplicationService.class)
public void updateProject(@RequestBody ProjectApplication projectApplication) { public void updateProject(@RequestBody ProjectApplication projectApplication) {
projectApplicationService.updateProjectApplication(projectApplication); projectApplicationService.updateProjectApplication(projectApplication);
} }
@PostMapping("/update/batch") @PostMapping("/update/batch")
@RequiresPermissions("PROJECT_APP_MANAGER:READ+EDIT")
@MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MANAGER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#projectApplication)", content = "#msClass.getLogDetails(#projectApplication)", msClass = ProjectApplicationService.class) @MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MANAGER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#projectApplication)", content = "#msClass.getLogDetails(#projectApplication)", msClass = ProjectApplicationService.class)
public void updateProjectConfigBatch(@RequestBody ProjectApplicationRequest request) { public void updateProjectConfigBatch(@RequestBody ProjectApplicationRequest request) {
projectApplicationService.updateProjectConfigBatch(request); projectApplicationService.updateProjectConfigBatch(request);

View File

@ -16,7 +16,6 @@ import io.metersphere.dto.ProjectDTO;
import io.metersphere.dto.WorkspaceMemberDTO; import io.metersphere.dto.WorkspaceMemberDTO;
import io.metersphere.i18n.Translator; import io.metersphere.i18n.Translator;
import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.log.annotation.MsRequestLog;
import io.metersphere.request.AddProjectRequest; import io.metersphere.request.AddProjectRequest;
import io.metersphere.request.ProjectRequest; import io.metersphere.request.ProjectRequest;
import io.metersphere.request.member.AddMemberRequest; import io.metersphere.request.member.AddMemberRequest;
@ -40,8 +39,6 @@ public class ProjectController {
@Resource @Resource
private ProjectService projectService; private ProjectService projectService;
@Resource @Resource
private BaseProjectService baseProjectService;
@Resource
private BaseUserService baseUserService; private BaseUserService baseUserService;
@Resource @Resource
private BaseCheckPermissionService baseCheckPermissionService; private BaseCheckPermissionService baseCheckPermissionService;
@ -92,6 +89,7 @@ public class ProjectController {
} }
@PostMapping("/member/update") @PostMapping("/member/update")
@RequiresPermissions("PROJECT_USER:READ+EDIT")
@MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MEMBER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#memberDTO)", content = "#msClass.getLogDetails(#memberDTO)", msClass = BaseProjectService.class) @MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MEMBER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#memberDTO)", content = "#msClass.getLogDetails(#memberDTO)", msClass = BaseProjectService.class)
public void updateMember(@RequestBody WorkspaceMemberDTO memberDTO) { public void updateMember(@RequestBody WorkspaceMemberDTO memberDTO) {
projectService.updateMember(memberDTO); projectService.updateMember(memberDTO);
@ -125,7 +123,7 @@ public class ProjectController {
} }
@GetMapping("/member/delete/{projectId}/{userId}") @GetMapping("/member/delete/{projectId}/{userId}")
@MsRequestLog(module = OperLogModule.PROJECT_PROJECT_MEMBER) @RequiresPermissions(PermissionConstants.PROJECT_USER_READ_DELETE)
public void deleteProjectMember(@PathVariable String projectId, @PathVariable String userId) { public void deleteProjectMember(@PathVariable String projectId, @PathVariable String userId) {
String currentUserId = SessionUtils.getUser().getId(); String currentUserId = SessionUtils.getUser().getId();
if (StringUtils.equals(userId, currentUserId)) { if (StringUtils.equals(userId, currentUserId)) {
@ -140,6 +138,7 @@ public class ProjectController {
} }
@PostMapping("/member/add") @PostMapping("/member/add")
@RequiresPermissions("PROJECT_USER:READ+CREATE")
public void addProjectMember(@RequestBody AddMemberRequest request) { public void addProjectMember(@RequestBody AddMemberRequest request) {
projectService.addProjectMember(request); projectService.addProjectMember(request);
} }

View File

@ -8,6 +8,10 @@ export function modifyFileMeta(param) {
return post('/file/metadata/update', param); return post('/file/metadata/update', param);
} }
export function getFileBytes(id) {
return get('/file/metadata/info/' + id);
}
export function pullGitFile(data) { export function pullGitFile(data) {
let formData = new FormData(); let formData = new FormData();
formData.append("request", new Blob([JSON.stringify(data)], {type: "application/json"})); formData.append("request", new Blob([JSON.stringify(data)], {type: "application/json"}));

View File

@ -52,12 +52,14 @@
<el-col :span="18" style="padding-top: 80px"> <el-col :span="18" style="padding-top: 80px">
<el-card <el-card
:body-style="{ padding: '0px' }" :body-style="{ padding: '0px' }"
v-if="isImage(data.type) && !isRepositoryFile()" v-if="isImage(data) && !isRepositoryFile()"
> >
<img <div v-loading="fileBase64Str==='' || fileBase64Str === 'loading'">
:src="'/project/file/metadata/info/' + data.id" <img
class="ms-edit-image" :src="fileBase64Str"
/> class="ms-edit-image"
/>
</div>
</el-card> </el-card>
<el-card :body-style="{ padding: '0px' }" v-else> <el-card :body-style="{ padding: '0px' }" v-else>
<div class="ms-edit-image"> <div class="ms-edit-image">
@ -231,7 +233,7 @@
<script> <script>
import {operationConfirm} from "metersphere-frontend/src/utils"; import {operationConfirm} from "metersphere-frontend/src/utils";
import {getCurrentProjectID} from "metersphere-frontend/src/utils/token"; import {getCurrentProjectID} from "metersphere-frontend/src/utils/token";
import {getFileMetaPages, modifyFileMeta, pullGitFile, uploadFileMeta,} from "../../../../api/file"; import {getFileBytes, getFileMetaPages, modifyFileMeta, pullGitFile, uploadFileMeta,} from "../../../../api/file";
import FileVersionList from "@/business/menu/file/list/FileVersionList"; import FileVersionList from "@/business/menu/file/list/FileVersionList";
import FileCaseRelevanceList from "@/business/menu/file/list/FileCaseRelevanceList"; import FileCaseRelevanceList from "@/business/menu/file/list/FileCaseRelevanceList";
import {hasPermission} from "metersphere-frontend/src/utils/permission"; import {hasPermission} from "metersphere-frontend/src/utils/permission";
@ -249,6 +251,7 @@ export default {
return { return {
data: {}, data: {},
visible: false, visible: false,
fileBase64Str: '',
isFirst: false, isFirst: false,
isLast: false, isLast: false,
isPullBtnLoading: false, isPullBtnLoading: false,
@ -389,6 +392,7 @@ export default {
this.showPanel = "baseInfo"; this.showPanel = "baseInfo";
this.pageSize = size; this.pageSize = size;
this.currentPage = page; this.currentPage = page;
this.fileBase64Str = '';
this.total = t; this.total = t;
this.data = data; this.data = data;
this.results = this.metadataArray; this.results = this.metadataArray;
@ -436,8 +440,17 @@ export default {
return type || ""; return type || "";
} }
}, },
isImage(type) { isImage(data) {
return type && this.images.indexOf(type.toLowerCase()) !== -1; let type = data.type;
let isImage = type && this.images.indexOf(type.toLowerCase()) !== -1;
if (isImage && this.fileBase64Str === '') {
this.fileBase64Str = 'loading';
getFileBytes(data.id).then(res => {
let fileRsp = res.data;
this.fileBase64Str = "data:image/png;base64," + fileRsp.bytes;
})
}
return isImage;
}, },
download() { download() {
this.$emit("download", this.data); this.$emit("download", this.data);

View File

@ -4,7 +4,9 @@
<el-row :gutter="20"> <el-row :gutter="20">
<el-col :span="4" v-for="item in data" :key="item.id"> <el-col :span="4" v-for="item in data" :key="item.id">
<el-card :body-style="{ padding: '0px' }" class="ms-card-item" @click.native="handleView(item)"> <el-card :body-style="{ padding: '0px' }" class="ms-card-item" @click.native="handleView(item)">
<img :src="'/project/file/metadata/info/'+item.id" class="ms-image" v-if="isImage(item.type)"/> <div v-loading="fileBase64Str==='' || fileBase64Str === 'loading'" v-if="isImage(item)">
<img :src="fileBase64Str" class="ms-edit-image"/>
</div>
<div class="ms-image" v-else> <div class="ms-image" v-else>
<div class="ms-file"> <div class="ms-file">
<div class="icon-title">{{ getType(item.type) }}</div> <div class="icon-title">{{ getType(item.type) }}</div>
@ -35,6 +37,7 @@
<script> <script>
import MsTablePagination from "metersphere-frontend/src/components/pagination/TablePagination"; import MsTablePagination from "metersphere-frontend/src/components/pagination/TablePagination";
import MsEditFileMetadata from "../edit/EditFileMetadata"; import MsEditFileMetadata from "../edit/EditFileMetadata";
import {getFileBytes} from "@/api/file";
export default { export default {
name: "MsFileThumbnail", name: "MsFileThumbnail",
@ -44,6 +47,7 @@ export default {
currentPage: 1, currentPage: 1,
pageSize: 10, pageSize: 10,
total: 0, total: 0,
fileBase64Str: '',
images: ["bmp", "jpg", "png", "tif", "gif", "pcx", "tga", "exif", "fpx", "svg", "psd", "cdr", "pcd", "dxf", "ufo", "eps", "ai", "raw", "WMF", "webp", "avif", "apng", "jpeg"] images: ["bmp", "jpg", "png", "tif", "gif", "pcx", "tga", "exif", "fpx", "svg", "psd", "cdr", "pcd", "dxf", "ufo", "eps", "ai", "raw", "WMF", "webp", "avif", "apng", "jpeg"]
}; };
}, },
@ -56,6 +60,7 @@ export default {
nodeTree: [] nodeTree: []
}, },
created() { created() {
this.fileBase64Str = '';
this.currentPage = this.page; this.currentPage = this.page;
this.pageSize = this.size; this.pageSize = this.size;
this.total = this.pageTotal; this.total = this.pageTotal;
@ -86,10 +91,22 @@ export default {
return type || ""; return type || "";
}, },
change() { change() {
this.fileBase64Str = '';
this.$emit("change", this.pageSize, this.currentPage); this.$emit("change", this.pageSize, this.currentPage);
}, },
isImage(type) { isImage(item) {
return (type && this.images.indexOf(type.toLowerCase()) !== -1); let type = item.type;
let isImage = (type && this.images.indexOf(type.toLowerCase()) !== -1);
if (isImage) {
if (isImage && this.fileBase64Str === '') {
this.fileBase64Str = 'loading';
getFileBytes(item.id).then(res => {
let fileRsp = res.data;
this.fileBase64Str = "data:image/png;base64," + fileRsp.bytes;
})
}
}
return isImage;
} }
}, },
} }