From 27fd5caca9c6e9b4b8bd455fcba81d8438cfb733 Mon Sep 17 00:00:00 2001 From: CaptainB Date: Fri, 2 Jun 2023 11:58:32 +0800 Subject: [PATCH] =?UTF-8?q?build:=20=E9=83=A8=E5=88=86=E6=9D=83=E9=99=90?= =?UTF-8?q?=E5=88=9D=E5=A7=8B=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../migration/3.0.0/dml/V3.0.0_11_1__data.sql | 105 +++++ .../sdk/constants/PermissionConstants.java | 215 ++++++++++ .../sdk/constants/UserRoleConstants.java | 2 +- .../metersphere/sdk/mapper/BaseUserMapper.xml | 2 +- .../io/metersphere/sdk/util/SessionUtils.java | 22 +- .../system/controller/UserController.java | 14 +- .../system/service/UserService.java | 4 - .../src/main/resources/permission.json | 382 ++++++++++++++++++ 8 files changed, 724 insertions(+), 22 deletions(-) create mode 100644 backend/framework/sdk/src/main/java/io/metersphere/sdk/constants/PermissionConstants.java create mode 100644 backend/services/system-setting/src/main/resources/permission.json diff --git a/backend/app/src/main/resources/migration/3.0.0/dml/V3.0.0_11_1__data.sql b/backend/app/src/main/resources/migration/3.0.0/dml/V3.0.0_11_1__data.sql index 39701093de..ae17202763 100644 --- a/backend/app/src/main/resources/migration/3.0.0/dml/V3.0.0_11_1__data.sql +++ b/backend/app/src/main/resources/migration/3.0.0/dml/V3.0.0_11_1__data.sql @@ -1,8 +1,113 @@ -- set innodb lock wait timeout SET SESSION innodb_lock_wait_timeout = 7200; +-- 初始化工作空间 +INSERT INTO workspace (id, name, description, create_user, create_time, update_time) VALUES (uuid(), '默认工作空间', '系统默认创建的工作空间', 'admin', unix_timestamp() * 1000, unix_timestamp() * 1000); +-- 初始化项目 +INSERT INTO project (id, workspace_id, name, description, create_user, create_time, update_time) VALUES (uuid(), (SELECT id FROM workspace WHERE name LIKE '默认工作空间'), '默认项目', '系统默认创建的项目', 'admin', unix_timestamp() * 1000, unix_timestamp() * 1000); + +-- 初始化用户 insert into user(id, name, email, password, status, create_time, update_time, language, last_workspace_id, phone, source, last_project_id, create_user) VALUES ('admin', 'Administrator', 'admin@metersphere.io', MD5('metersphere'), '1', UNIX_TIMESTAMP() * 1000, UNIX_TIMESTAMP() * 1000, NULL, NUll, '', 'LOCAL', NULL, 'admin'); +-- 初始化用户组 +INSERT INTO user_role (id, name, description, `system`, type, create_time, update_time, create_user, scope_id) VALUES ('admin', '系统管理员(系统)', '默认用户组', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'global'); +INSERT INTO user_role (id, name, description, `system`, type, create_time, update_time, create_user, scope_id) VALUES ('project_admin', '项目管理员(系统)', '项目管理员', 1, 'PROJECT', 1620674220004, 1620674220000, 'admin', 'global'); +INSERT INTO user_role (id, name, description, `system`, type, create_time, update_time, create_user, scope_id) VALUES ('project_member', '项目成员(系统)', '项目成员', 1, 'PROJECT', 1620674220005, 1620674220000, 'admin', 'global'); +INSERT INTO user_role (id, name, description, `system`, type, create_time, update_time, create_user, scope_id) VALUES ('read_only', '只读用户(系统)', '只读用户', 1, 'PROJECT', 1620674220006, 1620674220000, 'admin', 'global'); +INSERT INTO user_role (id, name, description, `system`, type, create_time, update_time, create_user, scope_id) VALUES ('super', '超级管理员(系统)', '拥有系统全部工作空间以及项目的操作权限', 1, 'SYSTEM', 1671008474000, 1671008474000, 'admin', 'system'); +INSERT INTO user_role (id, name, description, `system`, type, create_time, update_time, create_user, scope_id) VALUES ('ws_admin', '工作空间管理员(系统)', '工作空间管理员', 1, 'WORKSPACE', 1620674220007, 1620674220000, 'admin', 'global'); +INSERT INTO user_role (id, name, description, `system`, type, create_time, update_time, create_user, scope_id) VALUES ('ws_member', '工作空间成员(系统)', '工作空间成员', 1, 'WORKSPACE', 1620674220008, 1620674220000, 'admin', 'global'); + +-- 初始化用户和组的关系 +INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, update_time) VALUES ('c3bb9b4f-46d8-4952-9681-8889974487d1', 'admin', 'super', 'system', 1684747668375, 1684747668375); + + +-- 初始化用户组权限 +-- 系统管理员权限 +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('fff37fb4-f922-4fd3-be47-16333b46bb26', 'admin', 'SYSTEM_QUOTA:READ', 'SYSTEM_QUOTA'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('fdeea7c6-c3ff-4ca9-ac09-3a1532f6a8d5', 'admin', 'SYSTEM_USER:READ+UPDATE', 'SYSTEM_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('fba82fd0-8d4c-467a-a3f9-81adb0f36f57', 'admin', 'SYSTEM_QUOTA:READ+UPDATE', 'SYSTEM_QUOTA'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('fab9f7e1-63f3-4788-bcf7-045b072b80da', 'admin', 'SYSTEM_WORKSPACE:READ', 'SYSTEM_WORKSPACE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('f883333d-51d3-4634-9d7c-e25eb57fdcab', 'admin', 'SYSTEM_WORKSPACE:READ+ADD', 'SYSTEM_WORKSPACE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('e7dffcf6-383a-4284-ba67-5e77813b916e', 'admin', 'SYSTEM_SETTING:READ+UPDATE', 'SYSTEM_SETTING'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('e02ca9bf-7518-4e2a-8d6e-c1086a6ce390', 'admin', 'SYSTEM_ROLE:READ+UPDATE', 'SYSTEM_ROLE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('dadfbec0-984d-4189-b4c3-89561cd04721', 'admin', 'SYSTEM_TEST_POOL:READ', 'SYSTEM_TEST_POOL'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('d27f93b2-296f-4552-91c3-f691f122beb3', 'admin', 'SYSTEM_USER:READ', 'SYSTEM_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('be7a5483-8b60-4518-b443-68281465b9dd', 'admin', 'SYSTEM_USER:READ+UPDATE_PASSWORD', 'SYSTEM_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('b5f06276-15c4-409c-b964-b5d29434b277', 'admin', 'PERSONAL_INFORMATION:READ+THIRD_ACCOUNT', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('b5d7fe45-ab1f-4026-b7dc-c8c8e3f666c4', 'admin', 'SYSTEM_OPERATING_LOG:READ', 'SYSTEM_OPERATING_LOG'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('af6aedae-7ffa-4ff6-978c-3f4bc0b278c2', 'admin', 'SYSTEM_AUTH:READ+UPDATE', 'SYSTEM_AUTH'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('a7775e04-7b9f-4afc-a164-43b63bfe900b', 'admin', 'SYSTEM_SETTING:READ', 'SYSTEM_SETTING'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('a4d438c5-8f08-4708-ab34-3e78e536c3fe', 'admin', 'PERSONAL_INFORMATION:READ+UPDATE_PASSWORD', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('a0f476bd-5b09-4469-8fdb-1009e8111d8a', 'admin', 'SYSTEM_USER:READ+ADD', 'SYSTEM_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('9809c98a-dbf9-4835-9e06-c9ed43bc4809', 'admin', 'SYSTEM_WORKSPACE:READ+UPDATE', 'SYSTEM_WORKSPACE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('9630020e-e366-43d9-a29a-b257dbbcfe1b', 'admin', 'SYSTEM_AUTH:READ', 'SYSTEM_AUTH'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('8b59dede-3c21-4100-84a1-aa3a188408c4', 'admin', 'SYSTEM_USER:READ+DELETE', 'SYSTEM_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('87832d17-1a4e-4cd6-910c-bf04dc0aa8ca', 'admin', 'PERSONAL_INFORMATION:READ+UPDATE', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('77c91998-654b-476f-b5fd-7b6b6a761899', 'admin', 'SYSTEM_PLUGIN:DEL', 'SYSTEM_PLUGIN'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('72c35c0c-6d9d-4d2e-aeb8-cb6dccf5d963', 'admin', 'SYSTEM_TEST_POOL:READ+ADD', 'SYSTEM_TEST_POOL'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('6d30341a-d891-45c8-bd58-99926829314b', 'admin', 'SYSTEM_TEST_POOL:READ+DELETE', 'SYSTEM_TEST_POOL'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('5f3fd8d2-7ebc-427b-8faf-800e77452319', 'admin', 'SYSTEM_TEST_POOL:READ+UPDATE', 'SYSTEM_TEST_POOL'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('58035f15-0a2a-4b75-b7b1-186751309f0b', 'admin', 'SYSTEM_WORKSPACE:READ+DELETE', 'SYSTEM_WORKSPACE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('37b01825-632d-4859-bd74-53edb006c05c', 'admin', 'PERSONAL_INFORMATION:READ+API_KEYS', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('307be610-31b1-420b-b2bd-b236fdfd48a5', 'admin', 'SYSTEM_PLUGIN:UPLOAD', 'SYSTEM_PLUGIN'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b6a6eea-cb3a-4b16-a6a5-29fbb1ef6cf7', 'admin', 'SYSTEM_PLUGIN:READ', 'SYSTEM_PLUGIN'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2a96546f-b9a5-4f9a-bcbb-b8ac507a761b', 'admin', 'SYSTEM_USER:READ+IMPORT', 'SYSTEM_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('1caa1b07-9d55-40c4-9aa8-9ab96bcba3e7', 'admin', 'SYSTEM_ROLE:READ+SETTING_PERMISSION', 'SYSTEM_ROLE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('1c877074-0c51-47b2-be9d-320ee956a658', 'admin', 'SYSTEM_ROLE:READ', 'SYSTEM_ROLE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('15bfd321-d812-46e5-a98f-3220e9515ad6', 'admin', 'PERSONAL_INFORMATION:READ+UI_SETTING', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('152ead91-a672-4753-904c-815a8d4602a3', 'admin', 'SYSTEM_ROLE:READ+DELETE', 'SYSTEM_ROLE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('03a829ec-0306-4d92-9a4f-b451dc01617d', 'admin', 'SYSTEM_ROLE:READ+ADD', 'SYSTEM_ROLE'); +-- 工作空间管理员权限 +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2ef69c80-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_MANAGER:READ+DELETE_USER', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2ef68cda-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_MANAGER:READ+ADD_USER', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2ef67aba-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_MANAGER:READ+UPDATE_USER', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2eb8cdb1-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_QUOTA:READ+UPDATE', 'WORKSPACE_QUOTA'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2eb8bc41-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_QUOTA:READ', 'WORKSPACE_QUOTA'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2dde1a80-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'PERSONAL_INFORMATION:READ+UPDATE_PASSWORD', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2dde1a2e-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'PERSONAL_INFORMATION:READ+API_KEYS', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2dde19c9-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'PERSONAL_INFORMATION:READ+THIRD_ACCOUNT', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2dde18f5-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'PERSONAL_INFORMATION:READ+UPDATE', 'PERSONAL_INFORMATION'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2d140aab-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+DELETE_GROUP', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2d13f889-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+COPY_GROUP', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2d13e8c8-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+UPDATE_GROUP', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2d13d1c8-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+CREATE_GROUP', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2cea1857-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_MANAGER:READ+UPLOAD_JAR', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caf4318-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_MESSAGE:READ+UPDATE', 'WORKSPACE_MESSAGE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caf15cd-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_MESSAGE:READ', 'WORKSPACE_MESSAGE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caf0246-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_SERVICE:READ+UPDATE', 'WORKSPACE_SERVICE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caed957-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_SERVICE:READ', 'WORKSPACE_SERVICE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b817d1d-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_OPERATING_LOG:READ', 'WORKSPACE_OPERATING_LOG'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b816897-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+DELETE', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81585a-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+UPDATE', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b8146ea-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+EXPORT', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b812d70-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+IMPORT', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b811ba3-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+ADD', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b810b30-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ+COPY', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80fb44-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_ENVIRONMENT:READ', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80e844-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_MANAGER:READ+UPDATE', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80d69a-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_MANAGER:READ+DELETE', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80c5fe-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_MANAGER:READ+ADD', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80b588-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_PROJECT_MANAGER:READ', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80a580-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_TEMPLATE:READ+CASE_TEMPLATE', 'WORKSPACE_TEMPLATE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b8091ab-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_TEMPLATE:READ+ISSUE_TEMPLATE', 'WORKSPACE_TEMPLATE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b8081e3-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_TEMPLATE:READ', 'WORKSPACE_TEMPLATE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b806fbf-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_USER:READ+UPDATE', 'WORKSPACE_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80601c-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_USER:READ+DELETE', 'WORKSPACE_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b805052-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_USER:READ', 'WORKSPACE_USER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b802f2a-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_TEMPLATE:READ+CUSTOM', 'WORKSPACE_TEMPLATE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b801d1f-3bc6-11ed-9680-0242ac130008', 'ws_admin', 'WORKSPACE_USER:READ+ADD', 'WORKSPACE_USER'); +-- 工作空间成员权限 +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2cea2a4c-3bc6-11ed-9680-0242ac130008', 'ws_member', 'WORKSPACE_PROJECT_MANAGER:READ+UPLOAD_JAR', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caf28b0-3bc6-11ed-9680-0242ac130008', 'ws_member', 'WORKSPACE_MESSAGE:READ', 'WORKSPACE_MESSAGE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caeef78-3bc6-11ed-9680-0242ac130008', 'ws_member', 'WORKSPACE_SERVICE:READ', 'WORKSPACE_SERVICE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81d869-3bc6-11ed-9680-0242ac130008', 'ws_member', 'WORKSPACE_OPERATING_LOG:READ', 'WORKSPACE_OPERATING_LOG'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81c48b-3bc6-11ed-9680-0242ac130008', 'ws_member', 'WORKSPACE_PROJECT_MANAGER:READ', 'WORKSPACE_PROJECT_MANAGER'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81b3ae-3bc6-11ed-9680-0242ac130008', 'ws_member', 'WORKSPACE_PROJECT_ENVIRONMENT:READ', 'WORKSPACE_PROJECT_ENVIRONMENT'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81a16c-3bc6-11ed-9680-0242ac130008', 'ws_member', 'WORKSPACE_TEMPLATE:READ', 'WORKSPACE_TEMPLATE'); +INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b818ee7-3bc6-11ed-9680-0242ac130008', 'ws_member', 'WORKSPACE_USER:READ', 'WORKSPACE_USER'); + + -- set innodb lock wait timeout to default SET SESSION innodb_lock_wait_timeout = DEFAULT; \ No newline at end of file diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/constants/PermissionConstants.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/constants/PermissionConstants.java new file mode 100644 index 0000000000..ca65dddf6c --- /dev/null +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/constants/PermissionConstants.java @@ -0,0 +1,215 @@ +package io.metersphere.sdk.constants; + +public class PermissionConstants { + + public static final String SYSTEM_USER_READ = "SYSTEM_USER:READ"; + public static final String SYSTEM_USER_READ_ADD = "SYSTEM_USER:READ+ADD"; + public static final String SYSTEM_USER_READ_IMPORT = "SYSTEM_USER:READ+IMPORT"; + public static final String SYSTEM_USER_READ_UPDATE = "SYSTEM_USER:READ+UPDATE"; + public static final String SYSTEM_USER_READ_DELETE = "SYSTEM_USER:READ+DELETE"; + public static final String SYSTEM_USER_READ_UPDATE_PASSWORD = "SYSTEM_USER:READ+UPDATE_PASSWORD"; + + public static final String SYSTEM_ORGANIZATION_READ = "SYSTEM_ORGANIZATION:READ"; + public static final String SYSTEM_ORGANIZATION_READ_ADD = "SYSTEM_ORGANIZATION:READ+ADD"; + public static final String SYSTEM_ORGANIZATION_READ_UPDATE = "SYSTEM_ORGANIZATION:READ+UPDATE"; + public static final String SYSTEM_ORGANIZATION_READ_DELETE = "SYSTEM_ORGANIZATION:READ+DELETE"; + + public static final String SYSTEM_WORKSPACE_READ = "SYSTEM_WORKSPACE:READ"; + public static final String SYSTEM_WORKSPACE_READ_ADD = "SYSTEM_WORKSPACE:READ+ADD"; + public static final String SYSTEM_WORKSPACE_READ_UPDATE = "SYSTEM_WORKSPACE:READ+UPDATE"; + public static final String SYSTEM_WORKSPACE_READ_DELETE = "SYSTEM_WORKSPACE:READ+DELETE"; + + public static final String SYSTEM_TEST_POOL_READ = "SYSTEM_TEST_POOL:READ"; + public static final String SYSTEM_TEST_POOL_READ_ADD = "SYSTEM_TEST_POOL:READ+ADD"; + public static final String SYSTEM_TEST_POOL_READ_UPDATE = "SYSTEM_TEST_POOL:READ+UPDATE"; + public static final String SYSTEM_TEST_POOL_READ_DELETE = "SYSTEM_TEST_POOL:READ+DELETE"; + + public static final String SYSTEM_GROUP_READ = "SYSTEM_GROUP:READ"; + public static final String SYSTEM_GROUP_READ_ADD = "SYSTEM_GROUP:READ+ADD"; + public static final String SYSTEM_GROUP_READ_UPDATE = "SYSTEM_GROUP:READ+UPDATE"; + public static final String SYSTEM_GROUP_READ_SETTING_PERMISSION = "SYSTEM_GROUP:READ+SETTING_PERMISSION"; + public static final String SYSTEM_GROUP_READ_DELETE = "SYSTEM_GROUP:READ+DELETE"; + + public static final String SYSTEM_SETTING_READ = "SYSTEM_SETTING:READ"; + public static final String SYSTEM_SETTING_READ_UPDATE = "SYSTEM_SETTING:READ+UPDATE"; + public static final String SYSTEM_SETTING_READ_AUTH_MANAGE = "SYSTEM_SETTING:READ+AUTH_MANAGE"; + public static final String SYSTEM_QUOTA_READ = "SYSTEM_QUOTA:READ"; + public static final String SYSTEM_QUOTA_READ_UPDATE = "SYSTEM_QUOTA:READ+UPDATE"; + public static final String SYSTEM_AUTH_READ = "SYSTEM_AUTH:READ"; + public static final String SYSTEM_AUTH_READ_UPDATE = "SYSTEM_AUTH:READ+UPDATE"; + + public static final String SYSTEM_OPERATING_LOG_READ = "SYSTEM_OPERATING_LOG:READ"; + + public static final String WORKSPACE_SERVICE_READ = "WORKSPACE_SERVICE:READ"; + public static final String WORKSPACE_SERVICE_READ_UPDATE = "WORKSPACE_SERVICE:READ+UPDATE"; + + public static final String WORKSPACE_USER_READ = "WORKSPACE_USER:READ"; + public static final String WORKSPACE_USER_READ_ADD = "WORKSPACE_USER:READ+ADD"; + public static final String WORKSPACE_USER_READ_UPDATE = "WORKSPACE_USER:READ+UPDATE"; + public static final String WORKSPACE_USER_READ_DELETE = "WORKSPACE_USER:READ+DELETE"; + + public static final String WORKSPACE_PROJECT_MANAGER_READ = "WORKSPACE_PROJECT_MANAGER:READ"; + public static final String WORKSPACE_PROJECT_MANAGER_READ_ADD = "WORKSPACE_PROJECT_MANAGER:READ+ADD"; + public static final String WORKSPACE_PROJECT_MANAGER_READ_UPDATE = "WORKSPACE_PROJECT_MANAGER:READ+UPDATE"; + public static final String WORKSPACE_PROJECT_MANAGER_READ_DELETE = "WORKSPACE_PROJECT_MANAGER:READ+DELETE"; + public static final String WORKSPACE_PROJECT_MANAGER_READ_ADD_USER = "WORKSPACE_PROJECT_MANAGER:READ+ADD_USER"; + + public static final String WORKSPACE_PROJECT_ENVIRONMENT_READ = "WORKSPACE_PROJECT_ENVIRONMENT:READ"; + public static final String WORKSPACE_PROJECT_ENVIRONMENT_READ_ADD = "WORKSPACE_PROJECT_ENVIRONMENT:READ+ADD"; + public static final String WORKSPACE_PROJECT_ENVIRONMENT_READ_UPDATE = "WORKSPACE_PROJECT_ENVIRONMENT:READ+UPDATE"; + public static final String WORKSPACE_PROJECT_ENVIRONMENT_READ_DELETE = "WORKSPACE_PROJECT_ENVIRONMENT:READ+DELETE"; + public static final String WORKSPACE_PROJECT_ENVIRONMENT_READ_COPY = "WORKSPACE_PROJECT_ENVIRONMENT:READ+COPY"; + public static final String WORKSPACE_PROJECT_ENVIRONMENT_READ_IMPORT = "WORKSPACE_PROJECT_ENVIRONMENT:READ+IMPORT"; + public static final String WORKSPACE_PROJECT_ENVIRONMENT_READ_EXPORT = "WORKSPACE_PROJECT_ENVIRONMENT:READ+EXPORT"; + + public static final String WORKSPACE_OPERATING_LOG_READ = "WORKSPACE_OPERATING_LOG:READ"; + + public static final String PROJECT_USER_READ = "PROJECT_USER:READ"; + public static final String PROJECT_USER_READ_ADD = "PROJECT_USER:READ+ADD"; + public static final String PROJECT_USER_READ_UPDATE = "PROJECT_USER:READ+UPDATE"; + public static final String PROJECT_USER_READ_DELETE = "PROJECT_USER:READ+DELETE"; + + public static final String PROJECT_MANAGER_READ = "PROJECT_MANAGER:READ"; + public static final String PROJECT_MANAGER_READ_ADD = "PROJECT_MANAGER:READ+ADD"; + public static final String PROJECT_MANAGER_READ_UPDATE = "PROJECT_MANAGER:READ+UPDATE"; + public static final String PROJECT_MANAGER_READ_DELETE = "PROJECT_MANAGER:READ+DELETE"; + + public static final String PROJECT_GROUP_READ = "PROJECT_GROUP:READ"; + public static final String PROJECT_GROUP_READ_ADD = "PROJECT_GROUP:READ+ADD"; + public static final String PROJECT_GROUP_READ_UPDATE = "PROJECT_GROUP:READ+UPDATE"; + public static final String PROJECT_GROUP_READ_DELETE = "PROJECT_GROUP:READ+DELETE"; + public static final String PROJECT_GROUP_READ_SETTING_PERMISSION = "PROJECT_GROUP:READ+SETTING_PERMISSION"; + + public static final String PROJECT_ENVIRONMENT_READ = "PROJECT_ENVIRONMENT:READ"; + public static final String PROJECT_ENVIRONMENT_READ_ADD = "PROJECT_ENVIRONMENT:READ+ADD"; + public static final String PROJECT_ENVIRONMENT_READ_UPDATE = "PROJECT_ENVIRONMENT:READ+UPDATE"; + public static final String PROJECT_ENVIRONMENT_READ_DELETE = "PROJECT_ENVIRONMENT:READ+DELETE"; + public static final String PROJECT_ENVIRONMENT_READ_COPY = "PROJECT_ENVIRONMENT:READ+COPY"; + public static final String PROJECT_ENVIRONMENT_READ_IMPORT = "PROJECT_ENVIRONMENT:READ+IMPORT"; + public static final String PROJECT_ENVIRONMENT_READ_EXPORT = "PROJECT_ENVIRONMENT:READ+EXPORT"; + + public static final String PROJECT_OPERATING_LOG_READ = "PROJECT_OPERATING_LOG:READ"; + + public static final String PROJECT_TRACK_CASE_READ = "PROJECT_TRACK_CASE:READ"; + public static final String PROJECT_TRACK_CASE_READ_ADD = "PROJECT_TRACK_CASE:READ+ADD"; + public static final String PROJECT_TRACK_CASE_READ_UPDATE = "PROJECT_TRACK_CASE:READ+UPDATE"; + public static final String PROJECT_TRACK_CASE_READ_DELETE = "PROJECT_TRACK_CASE:READ+DELETE"; + public static final String PROJECT_TRACK_CASE_MINDER_OPERATE = "PROJECT_TRACK_CASE_MINDER:OPERATE"; + public static final String PROJECT_TRACK_CASE_READ_COPY = "PROJECT_TRACK_CASE:READ+COPY"; + public static final String PROJECT_TRACK_CASE_READ_IMPORT = "PROJECT_TRACK_CASE:READ+IMPORT"; + public static final String PROJECT_TRACK_CASE_READ_EXPORT = "PROJECT_TRACK_CASE:READ+EXPORT"; + + public static final String PROJECT_TRACK_REVIEW_READ = "PROJECT_TRACK_REVIEW:READ"; + public static final String PROJECT_TRACK_REVIEW_READ_ADD = "PROJECT_TRACK_REVIEW:READ+ADD"; + public static final String PROJECT_TRACK_REVIEW_READ_UPDATE = "PROJECT_TRACK_REVIEW:READ+UPDATE"; + public static final String PROJECT_TRACK_REVIEW_READ_DELETE = "PROJECT_TRACK_REVIEW:READ+DELETE"; + public static final String PROJECT_TRACK_REVIEW_READ_COMMENT = "PROJECT_TRACK_REVIEW:READ+COMMENT"; + public static final String PROJECT_TRACK_REVIEW_READ_RELEVANCE_OR_CANCEL = "PROJECT_TRACK_REVIEW:READ+RELEVANCE_OR_CANCEL"; + + public static final String PROJECT_TRACK_PLAN_READ = "PROJECT_TRACK_PLAN:READ"; + public static final String PROJECT_TRACK_PLAN_READ_ADD = "PROJECT_TRACK_PLAN:READ+ADD"; + public static final String PROJECT_TRACK_PLAN_READ_UPDATE = "PROJECT_TRACK_PLAN:READ+UPDATE"; + public static final String PROJECT_TRACK_PLAN_READ_DELETE = "PROJECT_TRACK_PLAN:READ+DELETE"; + public static final String PROJECT_TRACK_PLAN_READ_BATCH_DELETE = "PROJECT_TRACK_PLAN:READ+BATCH_DELETE"; + public static final String PROJECT_TRACK_PLAN_READ_SCHEDULE = "PROJECT_TRACK_PLAN:READ+SCHEDULE"; + public static final String PROJECT_TRACK_PLAN_READ_RELEVANCE_OR_CANCEL = "PROJECT_TRACK_PLAN:READ+RELEVANCE_OR_CANCEL"; + public static final String PROJECT_TRACK_PLAN_READ_RUN = "PROJECT_TRACK_PLAN:READ+RUN"; + + public static final String PROJECT_TRACK_ISSUE_READ = "PROJECT_TRACK_ISSUE:READ"; + public static final String PROJECT_TRACK_ISSUE_READ_ADD = "PROJECT_TRACK_ISSUE:READ+ADD"; + public static final String PROJECT_TRACK_ISSUE_READ_UPDATE = "PROJECT_TRACK_ISSUE:READ+UPDATE"; + public static final String PROJECT_TRACK_ISSUE_READ_DELETE = "PROJECT_TRACK_ISSUE:READ+DELETE"; + + public static final String PROJECT_TRACK_REPORT_READ = "PROJECT_TRACK_REPORT:READ"; + public static final String PROJECT_TRACK_REPORT_READ_DELETE = "PROJECT_TRACK_REPORT:READ+DELETE"; + public static final String PROJECT_TRACK_REPORT_READ_UPDATE = "PROJECT_TRACK_REPORT:READ+UPDATE"; + public static final String PROJECT_TRACK_REPORT_READ_EXPORT = "PROJECT_TRACK_REPORT:READ+EXPORT"; + + public static final String PROJECT_API_DEFINITION_READ = "PROJECT_API_DEFINITION:READ"; + public static final String PROJECT_API_DEFINITION_READ_ADD_API = "PROJECT_API_DEFINITION:READ+ADD_API"; + public static final String PROJECT_API_DEFINITION_READ_UPDATE_API = "PROJECT_API_DEFINITION:READ+UPDATE_API"; + public static final String PROJECT_API_DEFINITION_READ_DELETE_API = "PROJECT_API_DEFINITION:READ+DELETE_API"; + public static final String PROJECT_API_DEFINITION_READ_COPY_API = "PROJECT_API_DEFINITION:READ+COPY_API"; + public static final String PROJECT_API_DEFINITION_READ_ADD_CASE = "PROJECT_API_DEFINITION:READ+ADD_CASE"; + public static final String PROJECT_API_DEFINITION_READ_UPDATE_CASE = "PROJECT_API_DEFINITION:READ+UPDATE_CASE"; + public static final String PROJECT_API_DEFINITION_READ_DELETE_CASE = "PROJECT_API_DEFINITION:READ+DELETE_CASE"; + public static final String PROJECT_API_DEFINITION_READ_COPY_CASE = "PROJECT_API_DEFINITION:READ+COPY_CASE"; + public static final String PROJECT_API_DEFINITION_READ_IMPORT_API = "PROJECT_API_DEFINITION:READ+IMPORT_API"; + public static final String PROJECT_API_DEFINITION_READ_EXPORT_API = "PROJECT_API_DEFINITION:READ+EXPORT_API"; + public static final String PROJECT_API_DEFINITION_READ_ADD_PERFORMANCE = "PROJECT_API_DEFINITION:READ+ADD_PERFORMANCE"; + public static final String PROJECT_API_DEFINITION_READ_RUN = "PROJECT_API_DEFINITION:READ+RUN"; + public static final String PROJECT_API_DEFINITION_READ_DEBUG = "PROJECT_API_DEFINITION:READ+DEBUG"; + public static final String PROJECT_API_DEFINITION_READ_MOCK = "PROJECT_API_DEFINITION:READ+MOCK"; + + public static final String PROJECT_API_SCENARIO_READ = "PROJECT_API_SCENARIO:READ"; + public static final String PROJECT_API_SCENARIO_READ_ADD = "PROJECT_API_SCENARIO:READ+ADD"; + public static final String PROJECT_API_SCENARIO_READ_UPDATE = "PROJECT_API_SCENARIO:READ+UPDATE"; + public static final String PROJECT_API_SCENARIO_READ_DELETE = "PROJECT_API_SCENARIO:READ+DELETE"; + public static final String PROJECT_API_SCENARIO_READ_COPY = "PROJECT_API_SCENARIO:READ+COPY"; + public static final String PROJECT_API_SCENARIO_READ_RUN = "PROJECT_API_SCENARIO:READ+RUN"; + public static final String PROJECT_API_SCENARIO_READ_DEBUG = "PROJECT_API_SCENARIO:READ+DEBUG"; + public static final String PROJECT_API_SCENARIO_READ_SCHEDULE = "PROJECT_API_SCENARIO:READ+SCHEDULE"; + public static final String PROJECT_API_SCENARIO_READ_IMPORT_SCENARIO = "PROJECT_API_SCENARIO:READ+IMPORT_SCENARIO"; + public static final String PROJECT_API_SCENARIO_READ_EXPORT_SCENARIO = "PROJECT_API_SCENARIO:READ+EXPORT_SCENARIO"; + public static final String PROJECT_API_SCENARIO_READ_MOVE_BATCH = "PROJECT_API_SCENARIO:READ+MOVE_BATCH"; + public static final String PROJECT_API_SCENARIO_READ_ADD_PERFORMANCE = "PROJECT_API_SCENARIO:READ+ADD_PERFORMANCE"; + + public static final String PROJECT_UI_SCENARIO_READ = "PROJECT_UI_SCENARIO:READ"; + public static final String PROJECT_UI_SCENARIO_READ_ADD = "PROJECT_UI_SCENARIO:READ+ADD"; + public static final String PROJECT_UI_SCENARIO_READ_UPDATE = "PROJECT_UI_SCENARIO:READ+UPDATE"; + public static final String PROJECT_UI_SCENARIO_READ_DELETE = "PROJECT_UI_SCENARIO:READ+DELETE"; + public static final String PROJECT_UI_REPORT_READ_DELETE = "PROJECT_UI_REPORT:READ+DELETE"; + + public static final String PROJECT_UI_SCENARIO_READ_COPY = "PROJECT_UI_SCENARIO:READ+COPY"; + public static final String PROJECT_UI_SCENARIO_READ_RUN = "PROJECT_UI_SCENARIO:READ+RUN"; + public static final String PROJECT_UI_SCENARIO_READ_DEBUG = "PROJECT_UI_SCENARIO:READ+DEBUG"; + public static final String PROJECT_UI_SCENARIO_READ_SCHEDULE = "PROJECT_UI_SCENARIO:READ+SCHEDULE"; + public static final String PROJECT_UI_SCENARIO_READ_IMPORT_SCENARIO = "PROJECT_UI_SCENARIO:READ+IMPORT_SCENARIO"; + public static final String PROJECT_UI_SCENARIO_READ_EXPORT_SCENARIO = "PROJECT_UI_SCENARIO:READ+EXPORT_SCENARIO"; + public static final String PROJECT_UI_SCENARIO_READ_MOVE_BATCH = "PROJECT_UI_SCENARIO:READ+MOVE_BATCH"; + public static final String PROJECT_UI_SCENARIO_READ_ADD_PERFORMANCE = "PROJECT_UI_SCENARIO:READ+ADD_PERFORMANCE"; + + public static final String PROJECT_UI_ELEMENT_READ = "PROJECT_UI_SCENARIO:READ"; + public static final String PROJECT_UI_ELEMENT_READ_ADD = "PROJECT_UI_SCENARIO:READ+ADD"; + public static final String PROJECT_UI_ELEMENT_READ_UPDATE = "PROJECT_UI_SCENARIO:READ+UPDATE"; + public static final String PROJECT_UI_ELEMENT_READ_DELETE = "PROJECT_UI_SCENARIO:READ+DELETE"; + + public static final String PROJECT_API_REPORT_READ = "PROJECT_API_REPORT:READ"; + public static final String PROJECT_API_REPORT_READ_DELETE = "PROJECT_API_REPORT:READ+DELETE"; + public static final String PROJECT_API_REPORT_READ_EXPORT = "PROJECT_API_REPORT:READ+EXPORT"; + + public static final String PROJECT_PERFORMANCE_TEST_READ = "PROJECT_PERFORMANCE_TEST:READ"; + public static final String PROJECT_PERFORMANCE_TEST_READ_ADD = "PROJECT_PERFORMANCE_TEST:READ+ADD"; + public static final String PROJECT_PERFORMANCE_TEST_READ_UPDATE = "PROJECT_PERFORMANCE_TEST:READ+UPDATE"; + public static final String PROJECT_PERFORMANCE_TEST_READ_DELETE = "PROJECT_PERFORMANCE_TEST:READ+DELETE"; + public static final String PROJECT_PERFORMANCE_TEST_READ_COPY = "PROJECT_PERFORMANCE_TEST:READ+COPY"; + public static final String PROJECT_PERFORMANCE_TEST_READ_RUN = "PROJECT_PERFORMANCE_TEST:READ+RUN"; + public static final String PROJECT_PERFORMANCE_TEST_READ_SCHEDULE = "PROJECT_PERFORMANCE_TEST:READ+SCHEDULE"; + + public static final String PROJECT_PERFORMANCE_REPORT_READ = "PROJECT_PERFORMANCE_REPORT:READ"; + public static final String PROJECT_PERFORMANCE_REPORT_READ_DELETE = "PROJECT_PERFORMANCE_REPORT:READ+DELETE"; + public static final String PROJECT_PERFORMANCE_REPORT_READ_EXPORT = "PROJECT_PERFORMANCE_REPORT:READ+EXPORT"; + + public static final String PROJECT_ENTERPRISE_REPORT_EXPORT = "PROJECT_ENTERPRISE_REPORT:READ+EXPORT"; + public static final String PROJECT_ENTERPRISE_REPORT_ADD = "PROJECT_ENTERPRISE_REPORT:READ+ADD"; + public static final String PROJECT_ENTERPRISE_REPORT_UPDATE = "PROJECT_ENTERPRISE_REPORT:READ+UPDATE"; + public static final String PROJECT_ENTERPRISE_REPORT_DELETE = "PROJECT_ENTERPRISE_REPORT:READ+DELETE"; + public static final String PROJECT_ENTERPRISE_REPORT_COPY = "PROJECT_ENTERPRISE_REPORT:READ+COPY"; + public static final String PROJECT_ENTERPRISE_REPORT_SCHEDULE = "PROJECT_ENTERPRISE_REPORT:READ+SCHEDULE"; + + public static final String PROJECT_ERROR_REPORT_LIBRARY_EXPORT = "PROJECT_ERROR_REPORT_LIBRARY:READ+EXPORT"; + public static final String PROJECT_ERROR_REPORT_LIBRARY_ADD = "PROJECT_ERROR_REPORT_LIBRARY:READ+ADD"; + public static final String PROJECT_ERROR_REPORT_LIBRARY_UPDATE = "PROJECT_ERROR_REPORT_LIBRARY:READ+UPDATE"; + public static final String PROJECT_ERROR_REPORT_LIBRARY_DELETE = "PROJECT_ERROR_REPORT_LIBRARY:READ+DELETE"; + public static final String PROJECT_ERROR_REPORT_LIBRARY_COPY = "PROJECT_ERROR_REPORT_LIBRARY:READ+COPY"; + public static final String PROJECT_ERROR_REPORT_LIBRARY_SCHEDULE = "PROJECT_ERROR_REPORT_LIBRARY:READ+SCHEDULE"; + + public static final String PROJECT_MESSAGE_READ = "PROJECT_MESSAGE:READ"; + public static final String PROJECT_MESSAGE_READ_UPDATE = "PROJECT_MESSAGE:READ+UPDATE"; + public static final String PROJECT_TEMPLATE_READ = "PROJECT_TEMPLATE:READ"; + public static final String PROJECT_TEMPLATE_READ_CASE_TEMPLATE = "PROJECT_TEMPLATE:READ+CASE_TEMPLATE"; + public static final String PROJECT_TEMPLATE_READ_ISSUE_TEMPLATE = "PROJECT_TEMPLATE:READ+ISSUE_TEMPLATE"; + public static final String PROJECT_TEMPLATE_READ_API_TEMPLATE = "PROJECT_TEMPLATE:READ+API_TEMPLATE"; + public static final String PROJECT_TEMPLATE_READ_CUSTOM = "PROJECT_TEMPLATE:READ+CUSTOM"; + public static final String PROJECT_TEMPLATE_READ_REPORT_TEMPLATE = "PROJECT_TEMPLATE:READ+REPORT_TEMPLATE"; +} diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/constants/UserRoleConstants.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/constants/UserRoleConstants.java index 768d4ea7dc..c49d9693a9 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/constants/UserRoleConstants.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/constants/UserRoleConstants.java @@ -4,7 +4,7 @@ package io.metersphere.sdk.constants; * 系统内置用户组常量 */ public class UserRoleConstants { - public static final String SUPER_ROLE = "super_role"; + public static final String SUPER_ROLE = "super"; public static final String ADMIN = "admin"; public static final String ORG_ADMIN = "org_admin"; public static final String ORG_MEMBER = "org_member"; diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserMapper.xml b/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserMapper.xml index 69b2fe812a..ee322b088f 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserMapper.xml +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/mapper/BaseUserMapper.xml @@ -37,6 +37,6 @@ SELECT COUNT(*) FROM user_role_relation WHERE user_id = #{userId} - AND role_id = 'super_group' + AND role_id = 'super' \ No newline at end of file diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/SessionUtils.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/SessionUtils.java index e5a65a8dd9..1dfe9e832d 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/SessionUtils.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/SessionUtils.java @@ -132,12 +132,12 @@ public class SessionUtils { public static boolean hasPermission(String workspaceId, String projectId, String permission) { Map> userRolePermissions = new HashMap<>(); - Map group = new HashMap<>(); + Map role = new HashMap<>(); SessionUser user = Objects.requireNonNull(SessionUtils.getUser()); user.getUserRoleRelations().forEach(ug -> user.getUserRolePermissions().forEach(gp -> { if (StringUtils.equals(gp.getUserRole().getId(), ug.getRoleId())) { userRolePermissions.put(ug.getId(), gp.getUserRolePermissions()); - group.put(ug.getId(), gp.getUserRole()); + role.put(ug.getId(), gp.getUserRole()); } })); @@ -151,41 +151,41 @@ public class SessionUtils { } - Set currentProjectPermissions = getCurrentProjectPermissions(userRolePermissions, projectId, group, user); + Set currentProjectPermissions = getCurrentProjectPermissions(userRolePermissions, projectId, role, user); if (currentProjectPermissions.contains(permission)) { return true; } - Set currentWorkspacePermissions = getCurrentWorkspacePermissions(userRolePermissions, workspaceId, group, user); + Set currentWorkspacePermissions = getCurrentWorkspacePermissions(userRolePermissions, workspaceId, role, user); if (currentWorkspacePermissions.contains(permission)) { return true; } - Set systemPermissions = getSystemPermissions(userRolePermissions, group, user); + Set systemPermissions = getSystemPermissions(userRolePermissions, role, user); return systemPermissions.contains(permission); } - private static Set getSystemPermissions(Map> userRolePermissions, Map group, SessionUser user) { + private static Set getSystemPermissions(Map> userRolePermissions, Map role, SessionUser user) { return user.getUserRoleRelations().stream() - .filter(ug -> group.get(ug.getId()) != null && StringUtils.equals(group.get(ug.getId()).getType(), "SYSTEM")) + .filter(ug -> role.get(ug.getId()) != null && StringUtils.equals(role.get(ug.getId()).getType(), "SYSTEM")) .filter(ug -> StringUtils.equals(ug.getSourceId(), "system") || StringUtils.equals(ug.getSourceId(), "'adminSourceId'")) .flatMap(ug -> userRolePermissions.get(ug.getId()).stream()) .map(UserRolePermission::getPermissionId) .collect(Collectors.toSet()); } - private static Set getCurrentWorkspacePermissions(Map> userRolePermissions, String workspaceId, Map group, SessionUser user) { + private static Set getCurrentWorkspacePermissions(Map> userRolePermissions, String workspaceId, Map role, SessionUser user) { return user.getUserRoleRelations().stream() - .filter(ug -> group.get(ug.getId()) != null && StringUtils.equals(group.get(ug.getId()).getType(), "WORKSPACE")) + .filter(ug -> role.get(ug.getId()) != null && StringUtils.equals(role.get(ug.getId()).getType(), "WORKSPACE")) .filter(ug -> StringUtils.equals(ug.getSourceId(), workspaceId)) .flatMap(ug -> userRolePermissions.get(ug.getId()).stream()) .map(UserRolePermission::getPermissionId) .collect(Collectors.toSet()); } - private static Set getCurrentProjectPermissions(Map> userRolePermissions, String projectId, Map group, SessionUser user) { + private static Set getCurrentProjectPermissions(Map> userRolePermissions, String projectId, Map role, SessionUser user) { return user.getUserRoleRelations().stream() - .filter(ug -> group.get(ug.getId()) != null && StringUtils.equals(group.get(ug.getId()).getType(), "PROJECT")) + .filter(ug -> role.get(ug.getId()) != null && StringUtils.equals(role.get(ug.getId()).getType(), "PROJECT")) .filter(ug -> StringUtils.equals(ug.getSourceId(), projectId)) .flatMap(ug -> userRolePermissions.get(ug.getId()).stream()) .map(UserRolePermission::getPermissionId) diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java index 8821e0f27b..c7e13e4989 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java @@ -1,12 +1,14 @@ package io.metersphere.system.controller; +import io.metersphere.sdk.constants.PermissionConstants; import io.metersphere.sdk.dto.UserDTO; import io.metersphere.system.domain.User; import io.metersphere.system.service.UserService; import io.metersphere.validation.groups.Created; import io.metersphere.validation.groups.Updated; import jakarta.annotation.Resource; +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -18,42 +20,44 @@ public class UserController { @Resource private UserService userService; - @GetMapping("/list-all") - public List listAll() { - return userService.list(); - } - @GetMapping("/get/{userId}") + @RequiresPermissions(PermissionConstants.SYSTEM_USER_READ) public User getUser(@PathVariable String userId) { return userService.getById(userId); } @PostMapping("/add") + @RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_ADD) public UserDTO addUser(@Validated({Created.class}) @RequestBody UserDTO user) { return userService.add(user); } @PostMapping("/update") + @RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_UPDATE) public UserDTO updateUser(@Validated({Updated.class}) @RequestBody UserDTO user) { return userService.update(user); } @GetMapping("/delete/{userId}") + @RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_DELETE) public UserDTO deleteUser(@PathVariable String userId) { return userService.delete(userId); } @PostMapping("/batch-add2") + @RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_ADD) public boolean batchSaveUser2(@Validated({Created.class}) @RequestBody List user) { return userService.batchSave2(user); } @PostMapping("/batch-add3") + @RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_ADD) public boolean batchSaveUser3(@Validated({Created.class}) @RequestBody List user) { return userService.batchSave3(user); } @GetMapping("/count") + @RequiresPermissions(PermissionConstants.SYSTEM_USER_READ) public long batchSaveUser() { return userService.count(); } diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java b/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java index be1692a425..6b04bbda91 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java @@ -60,10 +60,6 @@ public class UserService { return baseUserMapper.selectById(id); } - public List list() { - return baseUserMapper.findAll(); - } - public boolean batchSave2(List users) { long start = System.currentTimeMillis(); diff --git a/backend/services/system-setting/src/main/resources/permission.json b/backend/services/system-setting/src/main/resources/permission.json new file mode 100644 index 0000000000..390b4c87d2 --- /dev/null +++ b/backend/services/system-setting/src/main/resources/permission.json @@ -0,0 +1,382 @@ +{ + "permissions": [ + { + "id": "SYSTEM_USER:READ", + "name": "permission.system_user.read", + "resourceId": "SYSTEM_USER" + }, + { + "id": "SYSTEM_USER:READ+CREATE", + "name": "permission.system_user.create", + "resourceId": "SYSTEM_USER" + }, + { + "id": "SYSTEM_USER:READ+IMPORT", + "name": "permission.system_user.import", + "resourceId": "SYSTEM_USER" + }, + { + "id": "SYSTEM_USER:READ+EDIT", + "name": "permission.system_user.edit", + "resourceId": "SYSTEM_USER" + }, + { + "id": "SYSTEM_USER:READ+DELETE", + "name": "permission.system_user.delete", + "resourceId": "SYSTEM_USER" + }, + { + "id": "SYSTEM_USER:READ+EDIT_PASSWORD", + "name": "permission.system_user.edit_password", + "resourceId": "SYSTEM_USER" + }, + { + "id": "SYSTEM_WORKSPACE:READ", + "name": "permission.system_workspace.read", + "resourceId": "SYSTEM_WORKSPACE" + }, + { + "id": "SYSTEM_WORKSPACE:READ+CREATE", + "name": "permission.system_workspace.create", + "resourceId": "SYSTEM_WORKSPACE" + }, + { + "id": "SYSTEM_WORKSPACE:READ+EDIT", + "name": "permission.system_workspace.edit", + "resourceId": "SYSTEM_WORKSPACE" + }, + { + "id": "SYSTEM_WORKSPACE:READ+DELETE", + "name": "permission.system_workspace.delete", + "resourceId": "SYSTEM_WORKSPACE" + }, + { + "id": "SYSTEM_ROLE:READ", + "name": "permission.system_role.read", + "resourceId": "SYSTEM_ROLE" + }, + { + "id": "SYSTEM_ROLE:READ+CREATE", + "name": "permission.system_role.create", + "resourceId": "SYSTEM_ROLE" + }, + { + "id": "SYSTEM_ROLE:READ+EDIT", + "name": "permission.system_role.edit", + "resourceId": "SYSTEM_ROLE" + }, + { + "id": "SYSTEM_ROLE:READ+SETTING_PERMISSION", + "name": "permission.system_role.setting_permission", + "resourceId": "SYSTEM_ROLE" + }, + { + "id": "SYSTEM_ROLE:READ+DELETE", + "name": "permission.system_role.delete", + "resourceId": "SYSTEM_ROLE" + }, + { + "id": "SYSTEM_TEST_POOL:READ", + "name": "permission.system_test_pool.read", + "resourceId": "SYSTEM_TEST_POOL" + }, + { + "id": "SYSTEM_TEST_POOL:READ+CREATE", + "name": "permission.system_test_pool.create", + "resourceId": "SYSTEM_TEST_POOL" + }, + { + "id": "SYSTEM_TEST_POOL:READ+EDIT", + "name": "permission.system_test_pool.edit", + "resourceId": "SYSTEM_TEST_POOL" + }, + { + "id": "SYSTEM_TEST_POOL:READ+DELETE", + "name": "permission.system_test_pool.delete", + "resourceId": "SYSTEM_TEST_POOL" + }, + { + "id": "SYSTEM_SETTING:READ", + "name": "permission.system_setting.read", + "resourceId": "SYSTEM_SETTING" + }, + { + "id": "SYSTEM_SETTING:READ+EDIT", + "name": "permission.system_setting.edit", + "resourceId": "SYSTEM_SETTING" + }, + { + "id": "SYSTEM_QUOTA:READ", + "name": "permission.system_quota.read", + "resourceId": "SYSTEM_QUOTA" + }, + { + "id": "SYSTEM_QUOTA:READ+EDIT", + "name": "permission.system_quota.edit", + "resourceId": "SYSTEM_QUOTA" + }, + { + "id": "SYSTEM_AUTH:READ", + "name": "permission.system_auth.read", + "resourceId": "SYSTEM_AUTH" + }, + { + "id": "SYSTEM_AUTH:READ+EDIT", + "name": "permission.system_auth.edit", + "resourceId": "SYSTEM_AUTH" + }, + { + "id": "SYSTEM_OPERATING_LOG:READ", + "name": "permission.system_operation_log.read", + "resourceId": "SYSTEM_OPERATING_LOG" + }, + { + "id": "WORKSPACE_SERVICE:READ", + "name": "permission.workspace_service.read", + "resourceId": "WORKSPACE_SERVICE" + }, + { + "id": "WORKSPACE_SERVICE:READ+EDIT", + "name": "permission.workspace_service.edit", + "resourceId": "WORKSPACE_SERVICE" + }, + { + "id": "WORKSPACE_USER:READ", + "name": "permission.workspace_user.read", + "resourceId": "WORKSPACE_USER" + }, + { + "id": "WORKSPACE_USER:READ+CREATE", + "name": "permission.workspace_user.create", + "resourceId": "WORKSPACE_USER" + }, + { + "id": "WORKSPACE_USER:READ+EDIT", + "name": "permission.workspace_user.edit", + "resourceId": "WORKSPACE_USER" + }, + { + "id": "WORKSPACE_USER:READ+DELETE", + "name": "permission.workspace_user.delete", + "resourceId": "WORKSPACE_USER" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER:READ", + "name": "permission.workspace_project_manager.read", + "resourceId": "WORKSPACE_PROJECT_MANAGER" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER:READ+CREATE", + "name": "permission.workspace_project_manager.create", + "resourceId": "WORKSPACE_PROJECT_MANAGER" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER:READ+EDIT", + "name": "permission.workspace_project_manager.edit", + "resourceId": "WORKSPACE_PROJECT_MANAGER" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER:READ+DELETE", + "name": "permission.workspace_project_manager.delete", + "resourceId": "WORKSPACE_PROJECT_MANAGER" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER:READ+ENVIRONMENT_CONFIG", + "name": "permission.workspace_project_manager.environment_config", + "resourceId": "WORKSPACE_PROJECT_MANAGER" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER:READ+ADD_USER", + "name": "permission.workspace_user.create", + "resourceId": "WORKSPACE_PROJECT_MANAGER" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER:READ+EDIT_USER", + "name": "permission.workspace_user.edit", + "resourceId": "WORKSPACE_PROJECT_MANAGER" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER:READ+DELETE_USER", + "name": "permission.workspace_user.delete", + "resourceId": "WORKSPACE_PROJECT_MANAGER" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ", + "name": "permission.workspace_project_environment.read", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+CREATE", + "name": "permission.workspace_project_environment.create", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+EDIT", + "name": "permission.workspace_project_environment.edit", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+DELETE", + "name": "permission.workspace_project_environment.delete", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+COPY", + "name": "permission.workspace_project_environment.copy", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+IMPORT", + "name": "permission.workspace_project_environment.import", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+EXPORT", + "name": "permission.workspace_project_environment.export", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+CREATE_GROUP", + "name": "permission.workspace_project_environment.create_group", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+EDIT_GROUP", + "name": "permission.workspace_project_environment.edit_group", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+COPY_GROUP", + "name": "permission.workspace_project_environment.copy_group", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT:READ+DELETE_GROUP", + "name": "permission.workspace_project_environment.delete_group", + "resourceId": "WORKSPACE_PROJECT_ENVIRONMENT" + }, + { + "id": "WORKSPACE_QUOTA:READ", + "name": "permission.workspace_quota.read", + "resourceId": "WORKSPACE_QUOTA" + }, + { + "id": "WORKSPACE_QUOTA:READ+EDIT", + "name": "permission.workspace_quota.edit", + "resourceId": "WORKSPACE_QUOTA" + }, + { + "id": "WORKSPACE_OPERATING_LOG:READ", + "name": "permission.workspace_operation_log.read", + "resourceId": "WORKSPACE_OPERATING_LOG" + }, + { + "id": "SYSTEM_PLUGIN:UPLOAD", + "name": "permission.system_plugin.upload", + "resourceId": "SYSTEM_PLUGIN" + }, + { + "id": "SYSTEM_PLUGIN:DEL", + "name": "permission.system_plugin.delete", + "resourceId": "SYSTEM_PLUGIN" + }, + { + "id": "SYSTEM_PLUGIN:READ", + "name": "permission.system_plugin.read", + "resourceId": "SYSTEM_PLUGIN" + }, + { + "id": "PERSONAL_INFORMATION:READ+EDIT", + "name": "permission.personal_information.personal_setting", + "resourceId": "PERSONAL_INFORMATION" + }, + { + "id": "PERSONAL_INFORMATION:READ+API_KEYS", + "name": "permission.personal_information.api_keys", + "resourceId": "PERSONAL_INFORMATION" + }, + { + "id": "PERSONAL_INFORMATION:READ+EDIT_PASSWORD", + "name": "permission.personal_information.edit_password", + "resourceId": "PERSONAL_INFORMATION" + }, + { + "id": "PERSONAL_INFORMATION:READ+THIRD_ACCOUNT", + "name": "permission.personal_information.third_account", + "resourceId": "PERSONAL_INFORMATION" + }, + { + "id": "PERSONAL_INFORMATION:READ+UI_SETTING", + "name": "permission.personal_information.ui_setting", + "resourceId": "PERSONAL_INFORMATION", + "license": true + } + ], + "resource": [ + { + "id": "SYSTEM_USER", + "name": "permission.system_user.name" + }, + { + "id": "SYSTEM_WORKSPACE", + "name": "permission.system_workspace.name" + }, + { + "id": "SYSTEM_ROLE", + "name": "permission.system_role.name" + }, + { + "id": "SYSTEM_TEST_POOL", + "name": "permission.system_test_pool.name" + }, + { + "id": "SYSTEM_SETTING", + "name": "permission.system_setting.name" + }, + { + "id": "SYSTEM_QUOTA", + "name": "permission.system_quota.name" + }, + { + "id": "SYSTEM_AUTH", + "name": "permission.system_auth.name" + }, + { + "id": "SYSTEM_OPERATING_LOG", + "name": "permission.system_operation_log.name" + }, + { + "id": "SYSTEM_PLUGIN", + "name": "permission.system_plugin.name" + }, + { + "id": "WORKSPACE_USER", + "name": "permission.workspace_user.name" + }, + { + "id": "WORKSPACE_SERVICE", + "name": "permission.workspace_service.name" + }, + { + "id": "WORKSPACE_PROJECT_MANAGER", + "name": "permission.workspace_project_manager.name" + }, + { + "id": "WORKSPACE_PROJECT_ENVIRONMENT", + "name": "permission.workspace_project_environment.name" + }, + { + "id": "WORKSPACE_QUOTA", + "name": "permission.workspace_quota.name" + }, + { + "id": "WORKSPACE_OPERATING_LOG", + "name": "permission.workspace_operation_log.name" + }, + { + "id": "PERSONAL_INFORMATION", + "name": "permission.personal_information.name", + "global": true + } + ] +} \ No newline at end of file