refactor: 检查资源和组织关系
This commit is contained in:
parent
d9b5bcb02e
commit
14cc01dcf1
|
@ -233,7 +233,7 @@ test_track.length_less_than=The title is too long, the length must be less than
|
||||||
# check owner
|
# check owner
|
||||||
check_owner_project=The current user does not have permission to operate this project
|
check_owner_project=The current user does not have permission to operate this project
|
||||||
check_owner_test=The current user does not have permission to operate this test
|
check_owner_test=The current user does not have permission to operate this test
|
||||||
check_owner_case=The current user does not have permission to operate this use case
|
check_owner_case=The current user does not have permission to operate this resource
|
||||||
check_owner_plan=The current user does not have permission to operate this plan
|
check_owner_plan=The current user does not have permission to operate this plan
|
||||||
check_owner_review=The current user does not have permission to operate this review
|
check_owner_review=The current user does not have permission to operate this review
|
||||||
check_owner_comment=The current user does not have permission to manipulate this comment
|
check_owner_comment=The current user does not have permission to manipulate this comment
|
||||||
|
|
|
@ -233,7 +233,7 @@ test_track.length_less_than=标题过长,字数必须小于
|
||||||
# check owner
|
# check owner
|
||||||
check_owner_project=当前用户没有操作此项目的权限
|
check_owner_project=当前用户没有操作此项目的权限
|
||||||
check_owner_test=当前用户没有操作此测试的权限
|
check_owner_test=当前用户没有操作此测试的权限
|
||||||
check_owner_case=当前用户没有操作此用例的权限
|
check_owner_case=当前用户没有操作此资源的权限
|
||||||
check_owner_plan=当前用户没有操作此计划的权限
|
check_owner_plan=当前用户没有操作此计划的权限
|
||||||
check_owner_review=当前用户没有操作此评审的权限
|
check_owner_review=当前用户没有操作此评审的权限
|
||||||
check_owner_comment=当前用户没有操作此评论的权限
|
check_owner_comment=当前用户没有操作此评论的权限
|
||||||
|
|
|
@ -232,7 +232,7 @@ test_track.length_less_than=標題過長,字數必須小於
|
||||||
# check owner
|
# check owner
|
||||||
check_owner_project=當前用戶沒有操作此項目的權限
|
check_owner_project=當前用戶沒有操作此項目的權限
|
||||||
check_owner_test=當前用戶沒有操作此測試的權限
|
check_owner_test=當前用戶沒有操作此測試的權限
|
||||||
check_owner_case=當前用戶沒有操作此用例的權限
|
check_owner_case=當前用戶沒有操作此資源的權限
|
||||||
check_owner_plan=當前用戶沒有操作此計劃的權限
|
check_owner_plan=當前用戶沒有操作此計劃的權限
|
||||||
check_owner_review=當前用戶沒有操作此評審的權限
|
check_owner_review=當前用戶沒有操作此評審的權限
|
||||||
check_owner_comment=當前用戶沒有操作此評論的權限
|
check_owner_comment=當前用戶沒有操作此評論的權限
|
||||||
|
|
|
@ -6,4 +6,6 @@ import java.util.List;
|
||||||
|
|
||||||
public interface ExtCheckOwnerMapper {
|
public interface ExtCheckOwnerMapper {
|
||||||
boolean checkoutOwner(@Param("table") String resourceType, @Param("projectId") String projectId, @Param("ids") List<String> ids);
|
boolean checkoutOwner(@Param("table") String resourceType, @Param("projectId") String projectId, @Param("ids") List<String> ids);
|
||||||
|
|
||||||
|
boolean checkoutOrganizationOwner(@Param("table") String resourceType, @Param("organizationId") String organizationId, @Param("ids") List<String> ids);
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,4 +10,14 @@
|
||||||
#{id}
|
#{id}
|
||||||
</foreach>
|
</foreach>
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
|
<select id="checkoutOrganizationOwner" resultType="boolean">
|
||||||
|
SELECT count(id) = ${ids.size()}
|
||||||
|
FROM ${table}
|
||||||
|
WHERE organization_id = #{organizationId}
|
||||||
|
and id in
|
||||||
|
<foreach collection="ids" item="id" separator="," open="(" close=")">
|
||||||
|
#{id}
|
||||||
|
</foreach>
|
||||||
|
</select>
|
||||||
</mapper>
|
</mapper>
|
|
@ -31,7 +31,8 @@ public class CheckOwnerAspect {
|
||||||
|
|
||||||
private ExpressionParser parser = new SpelExpressionParser();
|
private ExpressionParser parser = new SpelExpressionParser();
|
||||||
private StandardReflectionParameterNameDiscoverer discoverer = new StandardReflectionParameterNameDiscoverer();
|
private StandardReflectionParameterNameDiscoverer discoverer = new StandardReflectionParameterNameDiscoverer();
|
||||||
|
// 组织归属的资源
|
||||||
|
private static final List<String> orgResources = List.of("organization_parameter", "plugin_organization", "project", "service_integration");
|
||||||
@Resource
|
@Resource
|
||||||
private ExtCheckOwnerMapper extCheckOwnerMapper;
|
private ExtCheckOwnerMapper extCheckOwnerMapper;
|
||||||
|
|
||||||
|
@ -68,6 +69,14 @@ public class CheckOwnerAspect {
|
||||||
String resourceType = checkOwner.resourceType();
|
String resourceType = checkOwner.resourceType();
|
||||||
Expression titleExp = parser.parseExpression(resourceId);
|
Expression titleExp = parser.parseExpression(resourceId);
|
||||||
Object v = titleExp.getValue(context, Object.class);
|
Object v = titleExp.getValue(context, Object.class);
|
||||||
|
if (orgResources.contains(resourceType)) {
|
||||||
|
handleOrganizationResource(v, resourceType);
|
||||||
|
} else {
|
||||||
|
handleProjectResource(v, resourceType);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void handleProjectResource(Object v, String resourceType) {
|
||||||
if (v instanceof String id) {
|
if (v instanceof String id) {
|
||||||
if (!extCheckOwnerMapper.checkoutOwner(resourceType, SessionUtils.getCurrentProjectId(), List.of(id))) {
|
if (!extCheckOwnerMapper.checkoutOwner(resourceType, SessionUtils.getCurrentProjectId(), List.of(id))) {
|
||||||
throw new MSException(Translator.get("check_owner_case"));
|
throw new MSException(Translator.get("check_owner_case"));
|
||||||
|
@ -80,4 +89,17 @@ public class CheckOwnerAspect {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void handleOrganizationResource(Object v, String resourceType) {
|
||||||
|
if (v instanceof String id) {
|
||||||
|
if (!extCheckOwnerMapper.checkoutOrganizationOwner(resourceType, SessionUtils.getCurrentOrganizationId(), List.of(id))) {
|
||||||
|
throw new MSException(Translator.get("check_owner_case"));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (v instanceof List ids) {
|
||||||
|
if (!extCheckOwnerMapper.checkoutOrganizationOwner(resourceType, SessionUtils.getCurrentOrganizationId(), ids)) {
|
||||||
|
throw new MSException(Translator.get("check_owner_case"));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue