refactor: 检查资源和组织关系

This commit is contained in:
CaptainB 2023-12-14 16:39:35 +08:00 committed by 刘瑞斌
parent d9b5bcb02e
commit 14cc01dcf1
6 changed files with 38 additions and 4 deletions

View File

@ -233,7 +233,7 @@ test_track.length_less_than=The title is too long, the length must be less than
# check owner # check owner
check_owner_project=The current user does not have permission to operate this project check_owner_project=The current user does not have permission to operate this project
check_owner_test=The current user does not have permission to operate this test check_owner_test=The current user does not have permission to operate this test
check_owner_case=The current user does not have permission to operate this use case check_owner_case=The current user does not have permission to operate this resource
check_owner_plan=The current user does not have permission to operate this plan check_owner_plan=The current user does not have permission to operate this plan
check_owner_review=The current user does not have permission to operate this review check_owner_review=The current user does not have permission to operate this review
check_owner_comment=The current user does not have permission to manipulate this comment check_owner_comment=The current user does not have permission to manipulate this comment

View File

@ -233,7 +233,7 @@ test_track.length_less_than=标题过长,字数必须小于
# check owner # check owner
check_owner_project=当前用户没有操作此项目的权限 check_owner_project=当前用户没有操作此项目的权限
check_owner_test=当前用户没有操作此测试的权限 check_owner_test=当前用户没有操作此测试的权限
check_owner_case=当前用户没有操作此用例的权限 check_owner_case=当前用户没有操作此资源的权限
check_owner_plan=当前用户没有操作此计划的权限 check_owner_plan=当前用户没有操作此计划的权限
check_owner_review=当前用户没有操作此评审的权限 check_owner_review=当前用户没有操作此评审的权限
check_owner_comment=当前用户没有操作此评论的权限 check_owner_comment=当前用户没有操作此评论的权限

View File

@ -232,7 +232,7 @@ test_track.length_less_than=標題過長,字數必須小於
# check owner # check owner
check_owner_project=當前用戶沒有操作此項目的權限 check_owner_project=當前用戶沒有操作此項目的權限
check_owner_test=當前用戶沒有操作此測試的權限 check_owner_test=當前用戶沒有操作此測試的權限
check_owner_case=當前用戶沒有操作此用例的權限 check_owner_case=當前用戶沒有操作此資源的權限
check_owner_plan=當前用戶沒有操作此計劃的權限 check_owner_plan=當前用戶沒有操作此計劃的權限
check_owner_review=當前用戶沒有操作此評審的權限 check_owner_review=當前用戶沒有操作此評審的權限
check_owner_comment=當前用戶沒有操作此評論的權限 check_owner_comment=當前用戶沒有操作此評論的權限

View File

@ -6,4 +6,6 @@ import java.util.List;
public interface ExtCheckOwnerMapper { public interface ExtCheckOwnerMapper {
boolean checkoutOwner(@Param("table") String resourceType, @Param("projectId") String projectId, @Param("ids") List<String> ids); boolean checkoutOwner(@Param("table") String resourceType, @Param("projectId") String projectId, @Param("ids") List<String> ids);
boolean checkoutOrganizationOwner(@Param("table") String resourceType, @Param("organizationId") String organizationId, @Param("ids") List<String> ids);
} }

View File

@ -10,4 +10,14 @@
#{id} #{id}
</foreach> </foreach>
</select> </select>
<select id="checkoutOrganizationOwner" resultType="boolean">
SELECT count(id) = ${ids.size()}
FROM ${table}
WHERE organization_id = #{organizationId}
and id in
<foreach collection="ids" item="id" separator="," open="(" close=")">
#{id}
</foreach>
</select>
</mapper> </mapper>

View File

@ -31,7 +31,8 @@ public class CheckOwnerAspect {
private ExpressionParser parser = new SpelExpressionParser(); private ExpressionParser parser = new SpelExpressionParser();
private StandardReflectionParameterNameDiscoverer discoverer = new StandardReflectionParameterNameDiscoverer(); private StandardReflectionParameterNameDiscoverer discoverer = new StandardReflectionParameterNameDiscoverer();
// 组织归属的资源
private static final List<String> orgResources = List.of("organization_parameter", "plugin_organization", "project", "service_integration");
@Resource @Resource
private ExtCheckOwnerMapper extCheckOwnerMapper; private ExtCheckOwnerMapper extCheckOwnerMapper;
@ -68,6 +69,14 @@ public class CheckOwnerAspect {
String resourceType = checkOwner.resourceType(); String resourceType = checkOwner.resourceType();
Expression titleExp = parser.parseExpression(resourceId); Expression titleExp = parser.parseExpression(resourceId);
Object v = titleExp.getValue(context, Object.class); Object v = titleExp.getValue(context, Object.class);
if (orgResources.contains(resourceType)) {
handleOrganizationResource(v, resourceType);
} else {
handleProjectResource(v, resourceType);
}
}
private void handleProjectResource(Object v, String resourceType) {
if (v instanceof String id) { if (v instanceof String id) {
if (!extCheckOwnerMapper.checkoutOwner(resourceType, SessionUtils.getCurrentProjectId(), List.of(id))) { if (!extCheckOwnerMapper.checkoutOwner(resourceType, SessionUtils.getCurrentProjectId(), List.of(id))) {
throw new MSException(Translator.get("check_owner_case")); throw new MSException(Translator.get("check_owner_case"));
@ -80,4 +89,17 @@ public class CheckOwnerAspect {
} }
} }
private void handleOrganizationResource(Object v, String resourceType) {
if (v instanceof String id) {
if (!extCheckOwnerMapper.checkoutOrganizationOwner(resourceType, SessionUtils.getCurrentOrganizationId(), List.of(id))) {
throw new MSException(Translator.get("check_owner_case"));
}
}
if (v instanceof List ids) {
if (!extCheckOwnerMapper.checkoutOrganizationOwner(resourceType, SessionUtils.getCurrentOrganizationId(), ids)) {
throw new MSException(Translator.get("check_owner_case"));
}
}
}
} }