fix(项目管理): 项目管理后台接口补足权限校验
--task=1012120 --user=宋天阳 检查所有API权限控制是否有加 RequiresPermissions https://www.tapd.cn/55049933/s/1377485
This commit is contained in:
parent
c275ee1567
commit
14326dcbf5
|
@ -71,7 +71,6 @@ public class FilterChainUtils {
|
|||
filterChainDefinitionMap.put("/system/theme", "anon");
|
||||
filterChainDefinitionMap.put("/system/save/baseurl/**", "anon");
|
||||
filterChainDefinitionMap.put("/system/timeout", "anon");
|
||||
filterChainDefinitionMap.put("/file/metadata/info/**", "anon");
|
||||
|
||||
filterChainDefinitionMap.put("/v1/catalog/**", "anon");
|
||||
filterChainDefinitionMap.put("/v1/agent/**", "anon");
|
||||
|
|
|
@ -17,12 +17,13 @@ import io.metersphere.environment.utils.TcpTreeTableDataParser;
|
|||
import io.metersphere.i18n.Translator;
|
||||
import io.metersphere.log.annotation.MsAuditLog;
|
||||
import io.metersphere.request.EnvironmentRequest;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.json.JSONArray;
|
||||
import org.json.JSONObject;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import java.sql.DriverManager;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
@ -38,6 +39,7 @@ public class TestEnvironmentController {
|
|||
private BaseEnvGroupProjectService baseEnvGroupProjectService;
|
||||
|
||||
@GetMapping("/list/{projectId}")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
|
||||
public List<ApiTestEnvironmentWithBLOBs> list(@PathVariable String projectId) {
|
||||
return baseEnvironmentService.list(projectId);
|
||||
}
|
||||
|
@ -51,23 +53,27 @@ public class TestEnvironmentController {
|
|||
* @return
|
||||
*/
|
||||
@PostMapping("/list/{goPage}/{pageSize}")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
|
||||
public Pager<List<ApiTestEnvironmentWithBLOBs>> listByCondition(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody EnvironmentRequest environmentRequest) {
|
||||
Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
|
||||
return PageUtils.setPageInfo(page, baseEnvironmentService.listByConditions(environmentRequest));
|
||||
}
|
||||
|
||||
@GetMapping("/get/{id}")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
|
||||
public ApiTestEnvironmentWithBLOBs get(@PathVariable String id) {
|
||||
return baseEnvironmentService.get(id);
|
||||
}
|
||||
|
||||
|
||||
@PostMapping(value = "/get/entry")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
|
||||
public List<KeyStoreEntry> getEntry(@RequestPart("request") String password, @RequestPart(value = "file") MultipartFile sslFiles) {
|
||||
return commandService.get(password, sslFiles);
|
||||
}
|
||||
|
||||
@PostMapping("/add")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ+CREATE")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.CREATE, title = "#apiTestEnvironmentWithBLOBs.name", project = "#apiTestEnvironmentWithBLOBs.projectId", msClass = BaseEnvironmentService.class)
|
||||
public String create(@RequestPart("request") TestEnvironmentDTO apiTestEnvironmentWithBLOBs, @RequestPart(value = "files", required = false) List<MultipartFile> sslFiles, @RequestPart(value = "variablesFiles", required = false) List<MultipartFile> variableFile) {
|
||||
checkParams(apiTestEnvironmentWithBLOBs);
|
||||
|
@ -75,12 +81,14 @@ public class TestEnvironmentController {
|
|||
}
|
||||
|
||||
@PostMapping("/import")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ+IMPORT")
|
||||
public String create(@RequestBody List<TestEnvironmentDTO> environments) {
|
||||
environments.forEach(this::checkParams);
|
||||
return baseEnvironmentService.importEnvironment(environments);
|
||||
}
|
||||
|
||||
@PostMapping(value = "/update")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ+EDIT")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#apiTestEnvironment.id)", content = "#msClass.getLogDetails(#apiTestEnvironment.id)", msClass = BaseEnvironmentService.class)
|
||||
public void update(@RequestPart("request") TestEnvironmentDTO apiTestEnvironment, @RequestPart(value = "files", required = false) List<MultipartFile> sslFiles, @RequestPart(value = "variablesFiles", required = false) List<MultipartFile> variableFile) {
|
||||
checkParams(apiTestEnvironment);
|
||||
|
@ -115,6 +123,7 @@ public class TestEnvironmentController {
|
|||
}
|
||||
|
||||
@GetMapping("/delete/{id}")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ+DELETE")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = BaseEnvironmentService.class)
|
||||
public void delete(@PathVariable String id) {
|
||||
baseEnvironmentService.delete(id);
|
||||
|
@ -122,11 +131,13 @@ public class TestEnvironmentController {
|
|||
|
||||
|
||||
@GetMapping("/group/map/{groupId}")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
|
||||
public Map<String, String> getEnvMap(@PathVariable String groupId) {
|
||||
return baseEnvGroupProjectService.getEnvMap(groupId);
|
||||
}
|
||||
|
||||
@GetMapping("/module/list/{projectId}/{protocol}")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
|
||||
public List<ApiModuleDTO> getNodeByProjectId(@PathVariable String projectId, @PathVariable String protocol) {
|
||||
return baseEnvironmentService.getNodeTreeByProjectId(projectId, protocol);
|
||||
}
|
||||
|
@ -137,6 +148,7 @@ public class TestEnvironmentController {
|
|||
}
|
||||
|
||||
@PostMapping("/database/validate")
|
||||
@RequiresPermissions("PROJECT_ENVIRONMENT:READ")
|
||||
public void validate(@RequestBody DatabaseConfig databaseConfig) {
|
||||
try {
|
||||
DriverManager.getConnection(databaseConfig.getDbUrl(), databaseConfig.getUsername(), databaseConfig.getPassword());
|
||||
|
|
|
@ -11,12 +11,10 @@ import io.metersphere.commons.utils.Pager;
|
|||
import io.metersphere.dto.FileMetadataDTO;
|
||||
import io.metersphere.log.annotation.MsAuditLog;
|
||||
import io.metersphere.metadata.service.FileMetadataService;
|
||||
import io.metersphere.metadata.vo.DownloadRequest;
|
||||
import io.metersphere.metadata.vo.DumpFileRequest;
|
||||
import io.metersphere.metadata.vo.FileMetadataCreateRequest;
|
||||
import io.metersphere.metadata.vo.MoveFIleMetadataRequest;
|
||||
import io.metersphere.metadata.vo.*;
|
||||
import io.metersphere.request.QueryProjectFileRequest;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
|
@ -32,36 +30,42 @@ public class FileMetadataController {
|
|||
private FileMetadataService fileMetadataService;
|
||||
|
||||
@GetMapping(value = "/info/{fileId}")
|
||||
public ResponseEntity<byte[]> image(@PathVariable("fileId") String fileId) {
|
||||
return fileMetadataService.getFile(fileId);
|
||||
@RequiresPermissions("PROJECT_FILE:READ")
|
||||
public FileResponse image(@PathVariable("fileId") String fileId) {
|
||||
FileResponse fileResponse = new FileResponse();
|
||||
fileResponse.setBytes(fileMetadataService.getFile(fileId).getBody());
|
||||
return fileResponse;
|
||||
}
|
||||
|
||||
@PostMapping("/project/{projectId}/{goPage}/{pageSize}")
|
||||
public Pager<List<FileMetadataDTO>> getProjectFiles(@PathVariable String projectId,
|
||||
@PathVariable int goPage, @PathVariable int pageSize,
|
||||
@RequestBody QueryProjectFileRequest request) {
|
||||
@RequiresPermissions("PROJECT_FILE:READ")
|
||||
public Pager<List<FileMetadataDTO>> getProjectFiles(@PathVariable String projectId, @PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryProjectFileRequest request) {
|
||||
fileMetadataService.checkProjectFileHasModuleId(projectId);
|
||||
Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
|
||||
return PageUtils.setPageInfo(page, fileMetadataService.getFileMetadataByProject(projectId, request));
|
||||
}
|
||||
|
||||
@PostMapping(value = "/create")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.CREATE, title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class)
|
||||
public List<FileMetadata> create(@RequestPart("request") FileMetadataCreateRequest request, @RequestPart(value = "file", required = false) List<MultipartFile> files) {
|
||||
return fileMetadataService.create(request, files);
|
||||
}
|
||||
|
||||
@PostMapping(value = "/upload")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
|
||||
public FileMetadata upload(@RequestPart("request") FileMetadataWithBLOBs request, @RequestPart(value = "file", required = false) List<MultipartFile> files) {
|
||||
return fileMetadataService.reLoad(request, files);
|
||||
}
|
||||
|
||||
@GetMapping(value = "/download/{id}")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+DOWNLOAD+JAR")
|
||||
public ResponseEntity<byte[]> download(@PathVariable("id") String id) {
|
||||
return fileMetadataService.getFile(id);
|
||||
}
|
||||
|
||||
@PostMapping(value = "/download/zip")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+DOWNLOAD+JAR")
|
||||
public ResponseEntity<byte[]> downloadBodyFiles(@RequestBody DownloadRequest request) {
|
||||
try {
|
||||
byte[] bytes = fileMetadataService.exportZip(request);
|
||||
|
@ -75,49 +79,58 @@ public class FileMetadataController {
|
|||
}
|
||||
|
||||
@GetMapping(value = "/delete/{fileId}")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+DELETE+JAR")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#fileId)", msClass = FileMetadataService.class)
|
||||
public void deleteFile(@PathVariable String fileId) {
|
||||
fileMetadataService.deleteFile(fileId);
|
||||
}
|
||||
|
||||
@PostMapping(value = "/delete/batch")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+BATCH+DELETE")
|
||||
public void deleteBatch(@RequestBody List<String> ids) {
|
||||
fileMetadataService.deleteBatch(ids);
|
||||
}
|
||||
|
||||
@GetMapping(value = "/get/type/all")
|
||||
@RequiresPermissions("PROJECT_FILE:READ")
|
||||
public List<String> getTypes() {
|
||||
return fileMetadataService.getTypes();
|
||||
}
|
||||
|
||||
@PostMapping(value = "/move")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+BATCH+MOVE")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class)
|
||||
public void move(@RequestBody MoveFIleMetadataRequest request) {
|
||||
fileMetadataService.move(request);
|
||||
}
|
||||
|
||||
@PostMapping(value = "/update")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = FileMetadataService.class)
|
||||
public void update(@RequestBody FileMetadataWithBLOBs request) {
|
||||
fileMetadataService.update(request);
|
||||
}
|
||||
|
||||
@PostMapping(value = "/dump/file", consumes = {"multipart/form-data"})
|
||||
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
|
||||
public void dumpFile(@RequestPart("request") DumpFileRequest request, @RequestPart(value = "files", required = false) List<MultipartFile> files) {
|
||||
fileMetadataService.dumpFile(request, files);
|
||||
}
|
||||
|
||||
@GetMapping(value = "/count/{projectId}/{createUser}")
|
||||
@RequiresPermissions("PROJECT_FILE:READ")
|
||||
public long myFiles(@PathVariable String projectId, @PathVariable String createUser) {
|
||||
return fileMetadataService.myFiles(createUser, projectId);
|
||||
}
|
||||
|
||||
@GetMapping(value = "/exist/{fileId}")
|
||||
@RequiresPermissions("PROJECT_FILE:READ")
|
||||
public boolean exist(@PathVariable("fileId") String fileId) {
|
||||
return fileMetadataService.exist(fileId);
|
||||
}
|
||||
|
||||
@PostMapping(value = "/exists")
|
||||
@RequiresPermissions("PROJECT_FILE:READ")
|
||||
public List<String> exist(@RequestBody List<String> fileIds) {
|
||||
return fileMetadataService.exists(fileIds);
|
||||
}
|
||||
|
|
|
@ -8,9 +8,11 @@ import io.metersphere.metadata.service.FileModuleService;
|
|||
import io.metersphere.metadata.vo.DragFileModuleRequest;
|
||||
import io.metersphere.metadata.vo.FileModuleVo;
|
||||
import io.metersphere.service.BaseCheckPermissionService;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import java.util.List;
|
||||
|
||||
@RequestMapping("/file/module")
|
||||
|
@ -29,30 +31,35 @@ public class FileModuleController {
|
|||
}
|
||||
|
||||
@PostMapping("/add")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.CREATE, title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class)
|
||||
public String addNode(@RequestBody FileModule node) {
|
||||
return fileModuleService.addNode(node);
|
||||
}
|
||||
|
||||
@PostMapping("/edit")
|
||||
@RequiresPermissions("PROJECT_FILE:READ+UPLOAD+JAR")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class)
|
||||
public int editNode(@RequestBody DragFileModuleRequest node) {
|
||||
return fileModuleService.editNode(node);
|
||||
}
|
||||
|
||||
@PostMapping("/delete")
|
||||
@RequiresPermissions(value = {"PROJECT_FILE:READ+BATCH+DELETE", "PROJECT_FILE:READ+DELETE+JAR"}, logical = Logical.OR)
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#nodeIds)", msClass = FileModuleService.class)
|
||||
public int deleteNode(@RequestBody List<String> nodeIds) {
|
||||
return fileModuleService.deleteNode(nodeIds);
|
||||
}
|
||||
|
||||
@PostMapping("/drag")
|
||||
@RequiresPermissions(value = {"PROJECT_FILE:READ+UPLOAD+JAR", "PROJECT_FILE:READ+BATCH+MOVE"}, logical = Logical.OR)
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_FILE_MANAGEMENT, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = FileModuleService.class)
|
||||
public void dragNode(@RequestBody DragFileModuleRequest node) {
|
||||
fileModuleService.dragNode(node);
|
||||
}
|
||||
|
||||
@PostMapping("/pos")
|
||||
@RequiresPermissions(value = {"PROJECT_FILE:READ+UPLOAD+JAR", "PROJECT_FILE:READ+BATCH+MOVE"}, logical = Logical.OR)
|
||||
public void treeSort(@RequestBody List<String> ids) {
|
||||
fileModuleService.sort(ids);
|
||||
}
|
||||
|
|
|
@ -6,9 +6,10 @@ import io.metersphere.commons.utils.SessionUtils;
|
|||
import io.metersphere.log.annotation.MsAuditLog;
|
||||
import io.metersphere.notice.domain.MessageDetail;
|
||||
import io.metersphere.notice.service.NoticeService;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import java.util.List;
|
||||
|
||||
@RestController
|
||||
|
@ -24,6 +25,7 @@ public class NoticeController {
|
|||
}
|
||||
|
||||
@PostMapping("update/message/task")
|
||||
@RequiresPermissions("PROJECT_MESSAGE:READ+EDIT")
|
||||
@MsAuditLog(module = OperLogModule.WORKSPACE_MESSAGE_SETTINGS, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#messageDetail.id)", content = "#msClass.getLogDetails(#messageDetail.id)", msClass = NoticeService.class)
|
||||
public void updateMessage(@RequestBody MessageDetail messageDetail) {
|
||||
noticeService.saveMessageTask(messageDetail);
|
||||
|
@ -41,6 +43,7 @@ public class NoticeController {
|
|||
}
|
||||
|
||||
@GetMapping("/delete/message/{identification}")
|
||||
@RequiresPermissions("PROJECT_MESSAGE:READ+DELETE")
|
||||
@MsAuditLog(module = OperLogModule.WORKSPACE_MESSAGE_SETTINGS, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getDelLogDetails(#identification)", msClass = NoticeService.class)
|
||||
public int deleteMessage(@PathVariable String identification) {
|
||||
return noticeService.delMessage(identification);
|
||||
|
|
|
@ -9,6 +9,8 @@ import io.metersphere.commons.utils.PageUtils;
|
|||
import io.metersphere.commons.utils.Pager;
|
||||
import io.metersphere.request.CustomFunctionRequest;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import java.util.List;
|
||||
|
@ -25,16 +27,19 @@ public class CustomFunctionController {
|
|||
private CustomFunctionService customFunctionService;
|
||||
|
||||
@PostMapping("/save")
|
||||
@RequiresPermissions("PROJECT_CUSTOM_CODE:READ+CREATE")
|
||||
public CustomFunctionWithBLOBs save(@RequestBody CustomFunctionRequest request) {
|
||||
return customFunctionService.save(request);
|
||||
}
|
||||
|
||||
@GetMapping("/delete/{id}")
|
||||
@RequiresPermissions("PROJECT_CUSTOM_CODE:READ+DELETE")
|
||||
public void delete(@PathVariable String id) {
|
||||
customFunctionService.delete(id);
|
||||
}
|
||||
|
||||
@PostMapping("/update")
|
||||
@RequiresPermissions("PROJECT_CUSTOM_CODE:READ+EDIT")
|
||||
public void update(@RequestBody CustomFunctionRequest request) {
|
||||
customFunctionService.update(request);
|
||||
}
|
||||
|
@ -46,6 +51,7 @@ public class CustomFunctionController {
|
|||
}
|
||||
|
||||
@GetMapping("/copy/{id}")
|
||||
@RequiresPermissions("PROJECT_CUSTOM_CODE:READ+COPY")
|
||||
public CustomFunctionWithBLOBs copy(@PathVariable String id) {
|
||||
return customFunctionService.copy(id);
|
||||
}
|
||||
|
@ -56,6 +62,7 @@ public class CustomFunctionController {
|
|||
}
|
||||
|
||||
@PostMapping("/run")
|
||||
@RequiresPermissions(value = {"PROJECT_CUSTOM_CODE:READ+CREATE", "PROJECT_CUSTOM_CODE:READ+COPY"}, logical = Logical.OR)
|
||||
public void run(@RequestBody Object request) {
|
||||
customFunctionService.run(request);
|
||||
}
|
||||
|
|
|
@ -12,9 +12,11 @@ import io.metersphere.log.annotation.MsAuditLog;
|
|||
import io.metersphere.request.BaseQueryRequest;
|
||||
import io.metersphere.request.UpdateApiTemplateRequest;
|
||||
import io.metersphere.service.ApiTemplateService;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import java.util.List;
|
||||
|
||||
@RequestMapping("field/template/api")
|
||||
|
@ -25,35 +27,41 @@ public class ApiTemplateController {
|
|||
private ApiTemplateService apiTemplateService;
|
||||
|
||||
@PostMapping("/add")
|
||||
@RequiresPermissions("PROJECT_TEMPLATE:READ+API_TEMPLATE")
|
||||
@MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = ApiTemplateService.class)
|
||||
public void add(@RequestBody UpdateApiTemplateRequest request) {
|
||||
apiTemplateService.add(request);
|
||||
}
|
||||
|
||||
@PostMapping("/list/{goPage}/{pageSize}")
|
||||
@RequiresPermissions(value = {"PROJECT_TEMPLATE:READ+API_TEMPLATE", "PROJECT_TEMPLATE:READ"}, logical = Logical.OR)
|
||||
public Pager<List<ApiTemplate>> list(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody BaseQueryRequest request) {
|
||||
Page<List<ApiTemplate>> page = PageHelper.startPage(goPage, pageSize, true);
|
||||
return PageUtils.setPageInfo(page, apiTemplateService.list(request));
|
||||
}
|
||||
|
||||
@GetMapping("/delete/{id}")
|
||||
@RequiresPermissions("PROJECT_TEMPLATE:READ+API_TEMPLATE")
|
||||
@MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = ApiTemplateService.class)
|
||||
public void delete(@PathVariable(value = "id") String id) {
|
||||
apiTemplateService.delete(id);
|
||||
}
|
||||
|
||||
@PostMapping("/update")
|
||||
@RequiresPermissions("PROJECT_TEMPLATE:READ+API_TEMPLATE")
|
||||
@MsAuditLog(module = OperLogModule.WORKSPACE_TEMPLATE_SETTINGS_API, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", content = "#msClass.getLogDetails(#request.id)", msClass = ApiTemplateService.class)
|
||||
public void update(@RequestBody UpdateApiTemplateRequest request) {
|
||||
apiTemplateService.update(request);
|
||||
}
|
||||
|
||||
@GetMapping({"/option/{projectId}", "/option"})
|
||||
@RequiresPermissions(value = {"PROJECT_TEMPLATE:READ+API_TEMPLATE", "PROJECT_TEMPLATE:READ"}, logical = Logical.OR)
|
||||
public List<ApiTemplate> list(@PathVariable(required = false) String projectId) {
|
||||
return apiTemplateService.getOption(projectId);
|
||||
}
|
||||
|
||||
@GetMapping("/get-template/relate/{projectId}")
|
||||
@RequiresPermissions(value = {"PROJECT_TEMPLATE:READ+API_TEMPLATE", "PROJECT_TEMPLATE:READ"}, logical = Logical.OR)
|
||||
public ApiTemplateDTO getTemplate(@PathVariable String projectId) {
|
||||
return apiTemplateService.getTemplate(projectId);
|
||||
}
|
||||
|
|
|
@ -19,12 +19,12 @@ import io.metersphere.request.GroupRequest;
|
|||
import io.metersphere.request.group.EditGroupRequest;
|
||||
import io.metersphere.request.group.EditGroupUserRequest;
|
||||
import io.metersphere.service.GroupService;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
@ -46,6 +46,7 @@ public class GroupController {
|
|||
}
|
||||
|
||||
@GetMapping("/get/all")
|
||||
@RequiresPermissions(value = {PermissionConstants.SYSTEM_GROUP_READ, PermissionConstants.SYSTEM_USER_READ, PermissionConstants.WORKSPACE_USER_READ}, logical = Logical.OR)
|
||||
public List<GroupDTO> getAllGroup() {
|
||||
return groupService.getAllGroup();
|
||||
}
|
||||
|
@ -149,6 +150,7 @@ public class GroupController {
|
|||
|
||||
@PostMapping("/edit/member")
|
||||
@MsRequestLog(module = OperLogModule.GROUP_PERMISSION)
|
||||
@RequiresPermissions(value = {PermissionConstants.SYSTEM_GROUP_READ_EDIT, PermissionConstants.PROJECT_GROUP_READ_EDIT}, logical = Logical.OR)
|
||||
public void editGroupUser(@RequestBody EditGroupUserRequest request) {
|
||||
groupService.editGroupUser(request);
|
||||
}
|
||||
|
|
|
@ -3,13 +3,15 @@ package io.metersphere.controller;
|
|||
import io.metersphere.base.domain.ProjectApplication;
|
||||
import io.metersphere.commons.constants.OperLogConstants;
|
||||
import io.metersphere.commons.constants.OperLogModule;
|
||||
import io.metersphere.dto.ProjectConfig;
|
||||
import io.metersphere.log.annotation.MsAuditLog;
|
||||
import io.metersphere.request.ProjectApplicationRequest;
|
||||
import io.metersphere.service.ProjectApplicationService;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@RestController
|
||||
@RequestMapping(value = "/project_application")
|
||||
|
@ -18,12 +20,14 @@ public class ProjectApplicationController {
|
|||
private ProjectApplicationService projectApplicationService;
|
||||
|
||||
@PostMapping("/update")
|
||||
@RequiresPermissions("PROJECT_APP_MANAGER:READ+EDIT")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MANAGER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#projectApplication)", content = "#msClass.getLogDetails(#projectApplication)", msClass = ProjectApplicationService.class)
|
||||
public void updateProject(@RequestBody ProjectApplication projectApplication) {
|
||||
projectApplicationService.updateProjectApplication(projectApplication);
|
||||
}
|
||||
|
||||
@PostMapping("/update/batch")
|
||||
@RequiresPermissions("PROJECT_APP_MANAGER:READ+EDIT")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MANAGER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#projectApplication)", content = "#msClass.getLogDetails(#projectApplication)", msClass = ProjectApplicationService.class)
|
||||
public void updateProjectConfigBatch(@RequestBody ProjectApplicationRequest request) {
|
||||
projectApplicationService.updateProjectConfigBatch(request);
|
||||
|
|
|
@ -16,7 +16,6 @@ import io.metersphere.dto.ProjectDTO;
|
|||
import io.metersphere.dto.WorkspaceMemberDTO;
|
||||
import io.metersphere.i18n.Translator;
|
||||
import io.metersphere.log.annotation.MsAuditLog;
|
||||
import io.metersphere.log.annotation.MsRequestLog;
|
||||
import io.metersphere.request.AddProjectRequest;
|
||||
import io.metersphere.request.ProjectRequest;
|
||||
import io.metersphere.request.member.AddMemberRequest;
|
||||
|
@ -40,8 +39,6 @@ public class ProjectController {
|
|||
@Resource
|
||||
private ProjectService projectService;
|
||||
@Resource
|
||||
private BaseProjectService baseProjectService;
|
||||
@Resource
|
||||
private BaseUserService baseUserService;
|
||||
@Resource
|
||||
private BaseCheckPermissionService baseCheckPermissionService;
|
||||
|
@ -92,6 +89,7 @@ public class ProjectController {
|
|||
}
|
||||
|
||||
@PostMapping("/member/update")
|
||||
@RequiresPermissions("PROJECT_USER:READ+EDIT")
|
||||
@MsAuditLog(module = OperLogModule.PROJECT_PROJECT_MEMBER, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#memberDTO)", content = "#msClass.getLogDetails(#memberDTO)", msClass = BaseProjectService.class)
|
||||
public void updateMember(@RequestBody WorkspaceMemberDTO memberDTO) {
|
||||
projectService.updateMember(memberDTO);
|
||||
|
@ -125,7 +123,7 @@ public class ProjectController {
|
|||
}
|
||||
|
||||
@GetMapping("/member/delete/{projectId}/{userId}")
|
||||
@MsRequestLog(module = OperLogModule.PROJECT_PROJECT_MEMBER)
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_USER_READ_DELETE)
|
||||
public void deleteProjectMember(@PathVariable String projectId, @PathVariable String userId) {
|
||||
String currentUserId = SessionUtils.getUser().getId();
|
||||
if (StringUtils.equals(userId, currentUserId)) {
|
||||
|
@ -140,6 +138,7 @@ public class ProjectController {
|
|||
}
|
||||
|
||||
@PostMapping("/member/add")
|
||||
@RequiresPermissions("PROJECT_USER:READ+CREATE")
|
||||
public void addProjectMember(@RequestBody AddMemberRequest request) {
|
||||
projectService.addProjectMember(request);
|
||||
}
|
||||
|
|
|
@ -8,6 +8,10 @@ export function modifyFileMeta(param) {
|
|||
return post('/file/metadata/update', param);
|
||||
}
|
||||
|
||||
export function getFileBytes(id) {
|
||||
return get('/file/metadata/info/' + id);
|
||||
}
|
||||
|
||||
export function pullGitFile(data) {
|
||||
let formData = new FormData();
|
||||
formData.append("request", new Blob([JSON.stringify(data)], {type: "application/json"}));
|
||||
|
|
|
@ -52,12 +52,14 @@
|
|||
<el-col :span="18" style="padding-top: 80px">
|
||||
<el-card
|
||||
:body-style="{ padding: '0px' }"
|
||||
v-if="isImage(data.type) && !isRepositoryFile()"
|
||||
v-if="isImage(data) && !isRepositoryFile()"
|
||||
>
|
||||
<div v-loading="fileBase64Str==='' || fileBase64Str === 'loading'">
|
||||
<img
|
||||
:src="'/project/file/metadata/info/' + data.id"
|
||||
:src="fileBase64Str"
|
||||
class="ms-edit-image"
|
||||
/>
|
||||
</div>
|
||||
</el-card>
|
||||
<el-card :body-style="{ padding: '0px' }" v-else>
|
||||
<div class="ms-edit-image">
|
||||
|
@ -231,7 +233,7 @@
|
|||
<script>
|
||||
import {operationConfirm} from "metersphere-frontend/src/utils";
|
||||
import {getCurrentProjectID} from "metersphere-frontend/src/utils/token";
|
||||
import {getFileMetaPages, modifyFileMeta, pullGitFile, uploadFileMeta,} from "../../../../api/file";
|
||||
import {getFileBytes, getFileMetaPages, modifyFileMeta, pullGitFile, uploadFileMeta,} from "../../../../api/file";
|
||||
import FileVersionList from "@/business/menu/file/list/FileVersionList";
|
||||
import FileCaseRelevanceList from "@/business/menu/file/list/FileCaseRelevanceList";
|
||||
import {hasPermission} from "metersphere-frontend/src/utils/permission";
|
||||
|
@ -249,6 +251,7 @@ export default {
|
|||
return {
|
||||
data: {},
|
||||
visible: false,
|
||||
fileBase64Str: '',
|
||||
isFirst: false,
|
||||
isLast: false,
|
||||
isPullBtnLoading: false,
|
||||
|
@ -389,6 +392,7 @@ export default {
|
|||
this.showPanel = "baseInfo";
|
||||
this.pageSize = size;
|
||||
this.currentPage = page;
|
||||
this.fileBase64Str = '';
|
||||
this.total = t;
|
||||
this.data = data;
|
||||
this.results = this.metadataArray;
|
||||
|
@ -436,8 +440,17 @@ export default {
|
|||
return type || "";
|
||||
}
|
||||
},
|
||||
isImage(type) {
|
||||
return type && this.images.indexOf(type.toLowerCase()) !== -1;
|
||||
isImage(data) {
|
||||
let type = data.type;
|
||||
let isImage = type && this.images.indexOf(type.toLowerCase()) !== -1;
|
||||
if (isImage && this.fileBase64Str === '') {
|
||||
this.fileBase64Str = 'loading';
|
||||
getFileBytes(data.id).then(res => {
|
||||
let fileRsp = res.data;
|
||||
this.fileBase64Str = "data:image/png;base64," + fileRsp.bytes;
|
||||
})
|
||||
}
|
||||
return isImage;
|
||||
},
|
||||
download() {
|
||||
this.$emit("download", this.data);
|
||||
|
|
|
@ -4,7 +4,9 @@
|
|||
<el-row :gutter="20">
|
||||
<el-col :span="4" v-for="item in data" :key="item.id">
|
||||
<el-card :body-style="{ padding: '0px' }" class="ms-card-item" @click.native="handleView(item)">
|
||||
<img :src="'/project/file/metadata/info/'+item.id" class="ms-image" v-if="isImage(item.type)"/>
|
||||
<div v-loading="fileBase64Str==='' || fileBase64Str === 'loading'" v-if="isImage(item)">
|
||||
<img :src="fileBase64Str" class="ms-edit-image"/>
|
||||
</div>
|
||||
<div class="ms-image" v-else>
|
||||
<div class="ms-file">
|
||||
<div class="icon-title">{{ getType(item.type) }}</div>
|
||||
|
@ -35,6 +37,7 @@
|
|||
<script>
|
||||
import MsTablePagination from "metersphere-frontend/src/components/pagination/TablePagination";
|
||||
import MsEditFileMetadata from "../edit/EditFileMetadata";
|
||||
import {getFileBytes} from "@/api/file";
|
||||
|
||||
export default {
|
||||
name: "MsFileThumbnail",
|
||||
|
@ -44,6 +47,7 @@ export default {
|
|||
currentPage: 1,
|
||||
pageSize: 10,
|
||||
total: 0,
|
||||
fileBase64Str: '',
|
||||
images: ["bmp", "jpg", "png", "tif", "gif", "pcx", "tga", "exif", "fpx", "svg", "psd", "cdr", "pcd", "dxf", "ufo", "eps", "ai", "raw", "WMF", "webp", "avif", "apng", "jpeg"]
|
||||
};
|
||||
},
|
||||
|
@ -56,6 +60,7 @@ export default {
|
|||
nodeTree: []
|
||||
},
|
||||
created() {
|
||||
this.fileBase64Str = '';
|
||||
this.currentPage = this.page;
|
||||
this.pageSize = this.size;
|
||||
this.total = this.pageTotal;
|
||||
|
@ -86,10 +91,22 @@ export default {
|
|||
return type || "";
|
||||
},
|
||||
change() {
|
||||
this.fileBase64Str = '';
|
||||
this.$emit("change", this.pageSize, this.currentPage);
|
||||
},
|
||||
isImage(type) {
|
||||
return (type && this.images.indexOf(type.toLowerCase()) !== -1);
|
||||
isImage(item) {
|
||||
let type = item.type;
|
||||
let isImage = (type && this.images.indexOf(type.toLowerCase()) !== -1);
|
||||
if (isImage) {
|
||||
if (isImage && this.fileBase64Str === '') {
|
||||
this.fileBase64Str = 'loading';
|
||||
getFileBytes(item.id).then(res => {
|
||||
let fileRsp = res.data;
|
||||
this.fileBase64Str = "data:image/png;base64," + fileRsp.bytes;
|
||||
})
|
||||
}
|
||||
}
|
||||
return isImage;
|
||||
}
|
||||
},
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue