From 2e689901e2cbe1bcff3bf4b2a5fea537a517c727 Mon Sep 17 00:00:00 2001 From: song-tianyang Date: Tue, 22 Aug 2023 10:47:41 +0800 Subject: [PATCH] =?UTF-8?q?refactor(=E7=B3=BB=E7=BB=9F=E8=AE=BE=E7=BD=AE):?= =?UTF-8?q?=20=E4=BC=98=E5=8C=96=E7=94=A8=E6=88=B7=E7=AE=A1=E7=90=86?= =?UTF-8?q?=E7=9A=84=E6=9D=83=E9=99=90=E5=8D=95=E5=85=83=E6=B5=8B=E8=AF=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../system/controller/UserController.java | 10 +- .../request/user/UserBaseBatchRequest.java | 2 +- .../system/service/UserService.java | 4 +- .../UserControllerNonePermissionTests.java | 136 ------------------ .../user/UserControllerPermissionTests.java | 117 +++++++++++++++ .../controller/user/UserControllerTests.java | 37 +---- .../system/utils/user/UserRequestUtils.java | 29 ++-- ...t_user_controller_none_permission_test.sql | 7 - .../file/user_import_permission.xlsx | Bin 0 -> 9506 bytes 9 files changed, 143 insertions(+), 199 deletions(-) delete mode 100644 backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerNonePermissionTests.java create mode 100644 backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerPermissionTests.java delete mode 100644 backend/services/system-setting/src/test/resources/dml/init_user_controller_none_permission_test.sql create mode 100644 backend/services/system-setting/src/test/resources/file/user_import_permission.xlsx diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java index 8540f53f20..7e986410f9 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserController.java @@ -155,9 +155,8 @@ public class UserController { @PostMapping("/add-project-member") - //todo 这里权限有更改 权限待定 - @Operation(summary = "添加用户到项目") - // @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ_UPDATE) + @Operation(summary = "批量添加用户到项目") + @RequiresPermissions(value = {PermissionConstants.SYSTEM_USER_READ_UPDATE, PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_MEMBER_ADD}, logical = Logical.AND) public void addProjectMember(@Validated @RequestBody UserRoleBatchRelationRequest userRoleBatchRelationRequest) { ProjectAddMemberBatchRequest request = new ProjectAddMemberBatchRequest(); request.setProjectIds(userRoleBatchRelationRequest.getRoleIds()); @@ -166,9 +165,8 @@ public class UserController { } @PostMapping("/add-org-member") - @Operation(summary = "添加用户到组织") - //todo 这里权限有更改 权限待定 - // @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ_UPDATE) + @Operation(summary = "批量添加用户到组织") + @RequiresPermissions(value = {PermissionConstants.SYSTEM_USER_READ_UPDATE, PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_MEMBER_ADD}, logical = Logical.AND) public void addMember(@Validated @RequestBody UserRoleBatchRelationRequest userRoleBatchRelationRequest) { OrganizationMemberBatchRequest request = new OrganizationMemberBatchRequest(); request.setOrganizationIds(userRoleBatchRelationRequest.getRoleIds()); diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/request/user/UserBaseBatchRequest.java b/backend/services/system-setting/src/main/java/io/metersphere/system/request/user/UserBaseBatchRequest.java index 69481b6629..7bc0cef32f 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/request/user/UserBaseBatchRequest.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/request/user/UserBaseBatchRequest.java @@ -21,7 +21,7 @@ public class UserBaseBatchRequest { > userIds; @Schema(description = "不处理的用户ID") - List skipIds; + List excludeIds; @Schema(description = "是否选择所有数据") private boolean selectAll; diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java b/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java index 2e30e5ff05..c6ff9b12ae 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserService.java @@ -468,8 +468,8 @@ public class UserService { if (request.isSelectAll()) { List userList = baseUserMapper.selectByKeyword(request.getCondition().getKeyword(), true); List userIdList = userList.stream().map(User::getId).collect(Collectors.toList()); - if (CollectionUtils.isNotEmpty(request.getSkipIds())) { - userIdList.removeAll(request.getSkipIds()); + if (CollectionUtils.isNotEmpty(request.getExcludeIds())) { + userIdList.removeAll(request.getExcludeIds()); } return userIdList; } else { diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerNonePermissionTests.java b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerNonePermissionTests.java deleted file mode 100644 index d9b880914a..0000000000 --- a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerNonePermissionTests.java +++ /dev/null @@ -1,136 +0,0 @@ -package io.metersphere.system.controller.user; - -import com.jayway.jsonpath.JsonPath; -import io.metersphere.system.dto.UserCreateInfo; -import io.metersphere.system.request.user.UserAndRoleBatchRequest; -import io.metersphere.system.request.user.UserBaseBatchRequest; -import io.metersphere.system.request.user.UserChangeEnableRequest; -import io.metersphere.system.response.user.UserSelectOption; -import io.metersphere.system.utils.user.UserParamUtils; -import io.metersphere.system.utils.user.UserRequestUtils; -import jakarta.annotation.Resource; -import org.junit.jupiter.api.*; -import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.http.MediaType; -import org.springframework.mock.web.MockMultipartFile; -import org.springframework.test.context.jdbc.Sql; -import org.springframework.test.context.jdbc.SqlConfig; -import org.springframework.test.web.servlet.MockMvc; -import org.springframework.test.web.servlet.MvcResult; -import org.springframework.test.web.servlet.ResultMatcher; -import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; -import java.util.Objects; - -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; - - -@SpringBootTest -@AutoConfigureMockMvc -@TestMethodOrder(MethodOrderer.OrderAnnotation.class) -@Sql(scripts = {"/dml/init_user_controller_none_permission_test.sql"}, - config = @SqlConfig(encoding = "utf-8", transactionMode = SqlConfig.TransactionMode.ISOLATED), - executionPhase = Sql.ExecutionPhase.BEFORE_TEST_METHOD) -public class UserControllerNonePermissionTests { - @Resource - private MockMvc mockMvc; - UserRequestUtils userRequestUtils = null; - - private static final String NONE_ROLE_USERNAME = "tianyang.member@163.com"; - private static final String NONE_ROLE_PASSWORD = "tianyang.member@163.com"; - - private static final ResultMatcher CHECK_RESULT_MATHER = status().isForbidden(); - - /** - * 用户创建接口判断无权限用户是否可以访问 - * 接口参数校验优先级大于操作用户权限校验,所以参数要保证合法化 - */ - @Test - @Order(0) - public void testGetGlobalSystemUserRoleSuccess() throws Exception { - UserCreateInfo paramUserInfo = new UserCreateInfo() {{ - setId("testId"); - setName("tianyang.no.permission.email"); - setEmail("tianyang.no.permission.email@126.com"); - }}; - List paramRoleList = new ArrayList<>() {{ - this.add( - new UserSelectOption() {{ - this.setId("member"); - this.setName("member"); - }}); - }}; - userRequestUtils.requestGet(String.format(userRequestUtils.URL_USER_GET, NONE_ROLE_USERNAME), CHECK_RESULT_MATHER); - //校验权限:系统全局用户组获取 - userRequestUtils.requestGet(userRequestUtils.URL_GET_GLOBAL_SYSTEM, CHECK_RESULT_MATHER); - //校验权限:用户创建 - userRequestUtils.requestPost(userRequestUtils.URL_USER_CREATE, - UserParamUtils.getUserCreateDTO( - paramRoleList, - new ArrayList<>() {{ - add(paramUserInfo); - }} - ), - CHECK_RESULT_MATHER); - //校验权限:分页查询用户列表 - userRequestUtils.requestPost(userRequestUtils.URL_USER_PAGE, UserParamUtils.getDefaultPageRequest(), CHECK_RESULT_MATHER); - //校验权限:修改用户 - userRequestUtils.requestPost(userRequestUtils.URL_USER_UPDATE, - UserParamUtils.getUserUpdateDTO(paramUserInfo, paramRoleList), CHECK_RESULT_MATHER); - //校验权限:启用/禁用用户 - UserChangeEnableRequest userChangeEnableRequest = new UserChangeEnableRequest(); - userChangeEnableRequest.setEnable(false); - userChangeEnableRequest.setUserIds(new ArrayList<>() {{ - this.add("testId"); - }}); - userRequestUtils.requestPost(userRequestUtils.URL_USER_UPDATE_ENABLE, userChangeEnableRequest, CHECK_RESULT_MATHER); - - //用户导入 - //导入正常文件 - String filePath = Objects.requireNonNull(this.getClass().getClassLoader().getResource("file/user_import_success.xlsx")).getPath(); - MockMultipartFile file = new MockMultipartFile("file", "userImport.xlsx", MediaType.APPLICATION_OCTET_STREAM_VALUE, UserParamUtils.getFileBytes(filePath)); - userRequestUtils.requestFile(userRequestUtils.URL_USER_IMPORT, file, CHECK_RESULT_MATHER); - //用户删除 - UserBaseBatchRequest request = new UserBaseBatchRequest(); - request.setUserIds(new ArrayList<>() {{ - this.add("testId"); - }}); - userRequestUtils.requestPost(userRequestUtils.URL_USER_DELETE, request, CHECK_RESULT_MATHER); - - //重置密码 - request = new UserBaseBatchRequest(); - request.setUserIds(Collections.singletonList("admin")); - userRequestUtils.requestPost(userRequestUtils.URL_USER_RESET_PASSWORD, request, CHECK_RESULT_MATHER); - - //添加用户到用户组 - UserAndRoleBatchRequest userRoleRelationRequest = new UserAndRoleBatchRequest(); - userRoleRelationRequest.setUserIds(new ArrayList<>() {{ - this.add(NONE_ROLE_USERNAME); - }}); - userRoleRelationRequest.setRoleIds(new ArrayList<>() {{ - this.add("member"); - }}); - userRequestUtils.requestPost(userRequestUtils.URL_USER_ROLE_RELATION, userRoleRelationRequest, CHECK_RESULT_MATHER); - } - - @BeforeEach - public void login() throws Exception { - if (userRequestUtils == null) { - MvcResult mvcResult = mockMvc.perform(MockMvcRequestBuilders.post("/login") - .content("{\"username\":\"" + NONE_ROLE_USERNAME + "\",\"password\":\"" + NONE_ROLE_PASSWORD + "\"}") - .contentType(MediaType.APPLICATION_JSON)) - .andExpect(status().isOk()) - .andExpect(content().contentType(MediaType.APPLICATION_JSON)) - .andReturn(); - String sessionId = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.sessionId"); - String csrfToken = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.csrfToken"); - userRequestUtils = new UserRequestUtils(mockMvc, sessionId, csrfToken); - } - } - -} diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerPermissionTests.java b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerPermissionTests.java new file mode 100644 index 0000000000..4c93d76ed9 --- /dev/null +++ b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerPermissionTests.java @@ -0,0 +1,117 @@ +package io.metersphere.system.controller.user; + +import io.metersphere.sdk.base.BaseTest; +import io.metersphere.sdk.constants.PermissionConstants; +import io.metersphere.system.dto.UserCreateInfo; +import io.metersphere.system.request.user.UserAndRoleBatchRequest; +import io.metersphere.system.request.user.UserBaseBatchRequest; +import io.metersphere.system.request.user.UserChangeEnableRequest; +import io.metersphere.system.request.user.UserRoleBatchRelationRequest; +import io.metersphere.system.response.user.UserSelectOption; +import io.metersphere.system.utils.user.UserParamUtils; +import io.metersphere.system.utils.user.UserRequestUtils; +import org.junit.jupiter.api.MethodOrderer; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestMethodOrder; +import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; + +import java.io.File; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Objects; + + +@SpringBootTest +@AutoConfigureMockMvc +@TestMethodOrder(MethodOrderer.OrderAnnotation.class) +public class UserControllerPermissionTests extends BaseTest { + @Test + public void permissionTest() throws Exception { + //获取用户 + this.requestGetPermissionTest(PermissionConstants.SYSTEM_USER_READ, String.format(UserRequestUtils.URL_USER_GET, "admin")); + + //校验权限:用户创建 + UserCreateInfo paramUserInfo = new UserCreateInfo() {{ + setId("testId"); + setName("tianyang.no.permission.email"); + setEmail("tianyang.no.permission.email@126.com"); + }}; + List paramRoleList = new ArrayList<>() {{ + this.add( + new UserSelectOption() {{ + this.setId("member"); + this.setName("member"); + }}); + }}; + this.requestPostPermissionTest(PermissionConstants.SYSTEM_USER_READ_ADD, UserRequestUtils.URL_USER_CREATE, UserParamUtils.getUserCreateDTO( + paramRoleList, + new ArrayList<>() {{ + add(paramUserInfo); + }} + )); + + //校验权限:修改用户 + this.requestPostPermissionTest(PermissionConstants.SYSTEM_USER_READ_UPDATE, UserRequestUtils.URL_USER_UPDATE, UserParamUtils.getUserUpdateDTO(paramUserInfo, paramRoleList)); + + //校验权限:分页查询用户列表 + this.requestPostPermissionTest(PermissionConstants.SYSTEM_USER_READ, UserRequestUtils.URL_USER_PAGE, UserParamUtils.getDefaultPageRequest()); + + //校验权限:启用/禁用用户 + UserChangeEnableRequest userChangeEnableRequest = new UserChangeEnableRequest(); + userChangeEnableRequest.setEnable(false); + userChangeEnableRequest.setUserIds(new ArrayList<>() {{ + this.add("admin"); + }}); + this.requestPostPermissionTest(PermissionConstants.SYSTEM_USER_READ_UPDATE, UserRequestUtils.URL_USER_UPDATE_ENABLE, userChangeEnableRequest); + + //用户导入 + File jarFile = new File( + Objects.requireNonNull(this.getClass().getClassLoader().getResource("file/user_import_permission.xlsx")).getPath()); + + MultiValueMap paramMap = new LinkedMultiValueMap<>(); + paramMap.add("file", jarFile); + this.requestMultipartPermissionTest(PermissionConstants.SYSTEM_USER_READ_IMPORT, UserRequestUtils.URL_USER_IMPORT, paramMap); + + //用户删除 + UserBaseBatchRequest request = new UserBaseBatchRequest(); + request.setUserIds(new ArrayList<>() {{ + this.add("testId"); + }}); + this.requestPostPermissionTest(PermissionConstants.SYSTEM_USER_READ_DELETE, UserRequestUtils.URL_USER_DELETE, request); + + //重置密码 + request = new UserBaseBatchRequest(); + request.setUserIds(Collections.singletonList("admin")); + this.requestPostPermissionTest(PermissionConstants.SYSTEM_USER_READ_UPDATE, UserRequestUtils.URL_USER_RESET_PASSWORD, request); + + //批量添加用户到用户组 + UserAndRoleBatchRequest userAndRoleBatchRequest = new UserAndRoleBatchRequest(); + userAndRoleBatchRequest.setUserIds(Collections.singletonList("admin")); + userAndRoleBatchRequest.setRoleIds(Collections.singletonList("member")); + this.requestPostPermissionTest(PermissionConstants.SYSTEM_USER_READ_UPDATE, UserRequestUtils.URL_USER_ROLE_RELATION, userAndRoleBatchRequest); + + + //校验权限:系统全局用户组获取 + this.requestGetPermissionTest(PermissionConstants.SYSTEM_USER_ROLE_READ, UserRequestUtils.URL_GET_GLOBAL_SYSTEM); + // 查看组织 + this.requestGetPermissionsTest(List.of(PermissionConstants.SYSTEM_USER_ROLE_READ, PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ), UserRequestUtils.URL_GET_ORGANIZATION); + //查看项目 + this.requestGetPermissionsTest(List.of(PermissionConstants.SYSTEM_USER_ROLE_READ, PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ), UserRequestUtils.URL_GET_PROJECT); + + // 批量添加用户到项目 + UserRoleBatchRelationRequest roleBatchRelationRequest = new UserRoleBatchRelationRequest(); + roleBatchRelationRequest.setUserIds(Collections.singletonList("admin")); + roleBatchRelationRequest.setRoleIds(Collections.singletonList("member")); + List addMemberPermissionList = new ArrayList<>(); + addMemberPermissionList.add(PermissionConstants.SYSTEM_USER_READ_UPDATE); + addMemberPermissionList.add(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_MEMBER_ADD); + this.requestPostPermissionsTest(addMemberPermissionList, UserRequestUtils.URL_ADD_PROJECT_MEMBER, roleBatchRelationRequest); + // 批量添加用户到组织 + this.requestPostPermissionsTest(addMemberPermissionList, UserRequestUtils.URL_ADD_ORGANIZATION_MEMBER, roleBatchRelationRequest); + } + +} diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerTests.java b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerTests.java index 1e37fded43..35390b43e5 100644 --- a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerTests.java +++ b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/UserControllerTests.java @@ -58,6 +58,10 @@ public class UserControllerTests extends BaseTest { private UserMapper userMapper; @Resource private GlobalUserRoleRelationService globalUserRoleRelationService; + @Resource + ProjectMapper projectMapper; + @Resource + private UserRoleRelationMapper userRoleRelationMapper; //失败请求返回编码 private static final ResultMatcher BAD_REQUEST_MATCHER = status().isBadRequest(); @@ -470,14 +474,6 @@ public class UserControllerTests extends BaseTest { } } - public final String URL_GET_PROJECT = "/system/user/get/project"; - public final String URL_ADD_PROJECT_MEMBER = "/system/user/add-project-member"; - public final String URL_ADD_ORGANIZATION_MEMBER = "/system/user/add-org-member"; - @Resource - ProjectMapper projectMapper; - @Resource - private UserRoleRelationMapper userRoleRelationMapper; - @Test @Order(8) public void testUserResetPasswordError() throws Exception { @@ -643,7 +639,7 @@ public class UserControllerTests extends BaseTest { //重置非Admin用户的密码 { UserBaseBatchRequest request = new UserBaseBatchRequest(); - request.setSkipIds(Collections.singletonList("admin")); + request.setExcludeIds(Collections.singletonList("admin")); request.setSelectAll(true); BatchProcessResponse response = userRequestUtils.parseObjectFromMvcResult( this.requestPostAndReturn(userRequestUtils.URL_USER_RESET_PASSWORD, request), @@ -906,29 +902,6 @@ public class UserControllerTests extends BaseTest { Assertions.assertTrue(user.getDeleted()); USER_LIST.remove(deleteUser); } - - //删除已存的所有用户(不包括admin) - { - UserBaseBatchRequest request = new UserBaseBatchRequest(); - request.setUserIds(USER_LIST.stream().map(UserCreateInfo::getId).collect(Collectors.toList())); - request.setSkipIds(Collections.singletonList("admin")); - BatchProcessResponse response = userRequestUtils.parseObjectFromMvcResult(userRequestUtils.responsePost(userRequestUtils.URL_USER_DELETE, request), BatchProcessResponse.class); - Assertions.assertEquals(request.getUserIds().size(), response.getTotalCount(), response.getSuccessCount()); - //检查数据库 - UserExample example = new UserExample(); - example.createCriteria().andIdIn(request.getUserIds()); - List userList = userMapper.selectByExample(example); - for (User user : userList) { - Assertions.assertTrue(user.getDeleted()); - } - - //记录已经删除了的用户,用于反例 - DELETED_USER_ID_LIST.clear(); - USER_LIST.clear(); - DELETED_USER_ID_LIST.addAll(request.getUserIds()); - //检查删除了的用户,可以用其邮箱继续注册 - this.testAddSuccess(); - } } //删除失败的方法要放在删除成功方法后面执行 diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/utils/user/UserRequestUtils.java b/backend/services/system-setting/src/test/java/io/metersphere/system/utils/user/UserRequestUtils.java index e3b95b7612..2c921e62bd 100644 --- a/backend/services/system-setting/src/test/java/io/metersphere/system/utils/user/UserRequestUtils.java +++ b/backend/services/system-setting/src/test/java/io/metersphere/system/utils/user/UserRequestUtils.java @@ -13,29 +13,28 @@ import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; import java.nio.charset.StandardCharsets; - import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; public class UserRequestUtils { //用户管理URL - public final String URL_USER_CREATE = "/system/user/add"; - public final String URL_USER_UPDATE = "/system/user/update"; - public final String URL_USER_GET = "/system/user/get/%s"; - public final String URL_USER_PAGE = "/system/user/page"; - public final String URL_GET_GLOBAL_SYSTEM = "/system/user/get/global/system/role"; - public final String URL_USER_UPDATE_ENABLE = "/system/user/update/enable"; - public final String URL_USER_IMPORT = "/system/user/import"; - public final String URL_USER_DELETE = "/system/user/delete"; - public final String URL_USER_RESET_PASSWORD = "/system/user/reset/password"; - public final String URL_USER_ROLE_RELATION = "/system/user/add/batch/user-role"; + public static final String URL_USER_CREATE = "/system/user/add"; + public static final String URL_USER_UPDATE = "/system/user/update"; + public static final String URL_USER_GET = "/system/user/get/%s"; + public static final String URL_USER_PAGE = "/system/user/page"; + public static final String URL_GET_GLOBAL_SYSTEM = "/system/user/get/global/system/role"; + public static final String URL_USER_UPDATE_ENABLE = "/system/user/update/enable"; + public static final String URL_USER_IMPORT = "/system/user/import"; + public static final String URL_USER_DELETE = "/system/user/delete"; + public static final String URL_USER_RESET_PASSWORD = "/system/user/reset/password"; + public static final String URL_USER_ROLE_RELATION = "/system/user/add/batch/user-role"; //查找组织、项目 - public final String URL_GET_ORGANIZATION = "/system/user/get/organization"; - public final String URL_GET_PROJECT = "/system/user/get/project"; - public final String URL_ADD_PROJECT_MEMBER = "/system/user/add-project-member"; - public final String URL_ADD_ORGANIZATION_MEMBER = "/system/user/add-org-member"; + public static final String URL_GET_ORGANIZATION = "/system/user/get/organization"; + public static final String URL_GET_PROJECT = "/system/user/get/project"; + public static final String URL_ADD_PROJECT_MEMBER = "/system/user/add-project-member"; + public static final String URL_ADD_ORGANIZATION_MEMBER = "/system/user/add-org-member"; private final MockMvc mockMvc; private final String sessionId; diff --git a/backend/services/system-setting/src/test/resources/dml/init_user_controller_none_permission_test.sql b/backend/services/system-setting/src/test/resources/dml/init_user_controller_none_permission_test.sql deleted file mode 100644 index 1197f386aa..0000000000 --- a/backend/services/system-setting/src/test/resources/dml/init_user_controller_none_permission_test.sql +++ /dev/null @@ -1,7 +0,0 @@ --- 初始化一个没有任何权限的用户 -insert into user(id, name, email, password, create_time, update_time, language, last_organization_id, phone, source, - last_project_id, create_user, update_user) -VALUES ('tianyang.member.id', 'tianyang.member', 'tianyang.member@163.com', MD5('tianyang.member@163.com'), - UNIX_TIMESTAMP() * 1000, UNIX_TIMESTAMP() * 1000, NULL, NUll, '', 'LOCAL', NULL, 'admin', 'admin'); -INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user) -VALUES (uuid(), 'tianyang.member.id', 'member', 'system', 1684747668375, 'admin'); \ No newline at end of file diff --git a/backend/services/system-setting/src/test/resources/file/user_import_permission.xlsx b/backend/services/system-setting/src/test/resources/file/user_import_permission.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..88a08a2b970722c2e53b25676c8ed83c8c723c1f GIT binary patch literal 9506 zcmaJ{bzIcT7N;AeySt^k1*E&Xr8@AAv#82ZB(Fh9f^Ip@on zKtVv*z(7Ede-|^fw`X*>u}+U^mjY)-7rXSkNB(HX%0Q~bLgN?03$5isz-qV9CW9Kg zJ@$=((V655+V;#&)(^@@KDWkH;SI4riQw2c~fvqnZ_ zBsDCxERB^Fae+3BGvmdj`)Vn86fRgO2IYox#Ew}wy)C%Oo#=vqCXi}E|V#&(XTkMIV@3R`tB;dcZ5y@O*tQzoqo7oV3d(BOSdYDy#m^2f?w7KOF6HB9Wll1he=j&<}Y z*-`D7vIBal9W$)@>2eJHkXFX3>zez;h65@qD)OQBrR^1oEqX=yg?WKiL6vB{3ZE(3 z-}~1wt2q!wx&o{i1+FleWG4~mj&vMH9pJ-4vyJ;h*HY>a-`5<82&MF4srwm zAno1x%CQCe3rN{rV!5iMrE;YXaW{I|>!~3Ep$IWWskV5qO=u# zIDwkR>^^ctsR1f;r8drYp!9A-Whdj}@w&H%dkat+tNi0-q!C-X8V-yX0^fVfFV2>k zz6A%klx?gvO0v^d6fE|rQ1mB@sm`o>!r?V&Jx(yDEcO+yNn|E_{?YG_bxU+6_7v4- zBGw6aYYr^iUHB#6)01MqEX)X>Mn%%+vR@sJx+w1xpMAw!wU_}_kXn#=6gMli$d2Q_ zUcHiL1Si=KhrMC|so7@~f)?H%hHh0uzwFDIHVENf6l;6lXtb^Ik{1|^W!#%q2Coi~ zl3K?OuJWPkk9{{DUPVofvpQPEB({8xuFHN$gRU2NNJR8GV_0Qzdg^>wE?n>iCLcm6 z^P4XbE9T9X-$-qP7t1}!BeMS-T)-cYb+`TzR{mK4>8F63ouieLxv8o1(-1^5K(LA8(<@uZG=$=KsL?gTzfm2($*EB8nLL@p;TJ-vM+d|M05l~!M^VS3Bqukq^0?e zT-`g&R`-L2u%QXZSo!i-orwsH`Y!jdSNSf5UwOLUPxDgM`HfaU`vwaieL!TUL#<|F zh{kRW-MB-F7M<8mG9YItn?M`DZ`Y*WR#aX^!|i0AM2@@{2ui$vmV^&}^cI0Sto6#P zJ$pcbW4ULuV@IGJzBv z%M(U?l(VI7Q1Jhsj>pvda5|jLO>In{q+S_Kn(6vlNajPe$;cdX^uN3mlwiuW8U3yKu043q0 zH=)1IA(jeu4Nu^xPN$S@+1p3LV5Coen7X_FU5R)172<)DKl{Q%6P2Cc27L_;-r>$X}W-|j{mhzmnaL|foa zfG1}KN3xYIUGEld-W!Y~;>yzTEDxwiPR_S;rFy%q?pm%gCTA$R38md>n{^M@*g>3T zyUXpt#z<8s)f>0Q_BtQ4) z5d@?{tFCB&5*jdCv{GdLq_;JLWDZ5Tyj=h0>RUG}@ElN3 z5S5WB@NM(#czyDv;C2grCwRPg{%SF>_3Hbgd~<7t_vK!{x@{BFaqIoryj|;?U8oKL zEtc2U=aYgNg5KA|+i&lVxhRQeb())heZJQf9PHIi=rWWt|D8zi_ zT6Z`&2ey<(w%2iB%~x4BCTS8GClu!xGb}4$)Ny=nog8NTe1P# z?iZ>h0n(A^@V+_P+`Ms6N#f^DSi%yYFj8|omjrUkR4{Eun6Z`{%?Qxwd^n_u*laBbiL~1iM7)tZf}M%45#(h=~rXiN-yQ$m+?J6GvZk zC53*iwBQt%-0DD*#7&)x>PDAB_oz*FZjVZ8elg|N2QI~#|DCX1tzi_?uQ4l)GSAev zkc#!NZ_Pko zgM-r6y<@`$7TVpS8USG7%xn}?-Zf_%k9!x9mQG_)=-S3r} zyo4@O3|4fclvC(qn!gyf-?RB)dNa>8QbwCR+_6e>r*DUl(g=Mmn`e5*!@S9&Y;iDN z>r90@Oaq%uEAc*}Tg(a3wRk~DS((OsFWvcO%N1OTQb@Bmv+aODfD&gaQh`cal+67a zLn6cO3P3I06Zn+`WgB!hJFZw*gnWyTLb6wV@cE>Waw$oQwhcVQYC6R%l%~gQpYX&1 z`FcMD^n^?!b2e%ETgbrCPaW4PsrvXO^z#T4{NbHwb~3MSko-`ssx4`KNKlT#3KCwj zk{_vkME_`dTgsL%;yOI**AR5#AXQJCltU?oRn%#ol|fZece2!I1_8iPfjS6a_wb)4?HXeoM#_}FEZV5S z(yDcoqi%$NXbR8F+0V!!!JbNp)0{$IcfnCh(G6c{Hm+=AEle+v#4cLasnZSBo+nG2 zY+niF5u7VkV?dC_+?FD+xa|zQh6l$J1UcSmZ~Tn&juZ<9ap4yF&r&sTf>KZGp?q4E z2LVC+nKGQ5J*-Wg9t)po9V@%V8Js%-gL_|t3U6vNKyIP7B{#qnjd~0bG8PoPh9rw( zfKn(XLjuwj05(4{WD|^lJ;9)@XrK%K{CkDFHfM?OZ0=i1r49M-@SdZA!P^qS*=b4W zHlUbxz*}yh$7tX}oh#Q-{Nf0cGk9z1-hN6E*Bj2A`a3=C+i_W|(hszTCg1rN;k^n< z3Ax|DwmDr~UVzCV8?CPda>anr-&B+yz8r6#mZJE2$P3P^^9%`}=H2_T_s7}mUi03UZ}#<%8h}m+R`lF zUQ>tY-7j-eZLF|w4qTS$jN8(bOWWQ$+qBDyw2HSd-Co+!SW?UY)U$btA>K8Vp|qFN zs3=}FuHpU_g1DmX_D3V)Tm{PUSEWFze!`izL8aJ_zRW_N<_)nj;-w(xFGCD zL!tQbcf%1!Hk&mEpm)w2XSOSlFDSsUh2xJgmI=8wLXUULGX=eUG8bxtNwT7l)nuI! zjiUs(?Qac27}Y`$PTpeit0q+|hE=aF*=m2HN4%ql-%YZ}s!8);nJi=?WwbM7v()&) z7r}$Yli;j}%aH`maMdUQ4F{GQQU!9mr}Xj6^gWOf%D7V`Gfz}6T(B7P8#)P-TgB8# zwj*=0kttEl5aM9%;& zn~a%_Oq3@>@qTP&`f$Es zepcH#9?k)$?)Jh4C8nSaVL9Dxe(#-&$HmI{5*aFE@rBk`mn$%2aq<`d6r|Mxk72De zk^OCk(@tAoRwSSmuHfpURDPc|39A!28aV7;s2tTR&FWKs2YiQ|8a=Ca{ZI2nc%}Je zt1z49baDD2(&e*b1=xu-sEHhHIkL@5)*RYqs=f9@%Xv(>+7=S~p*OU1%Z1Y^?9HZ0 zua|~{MZ!++rHFNVN|wH zS-8sBi+IniDh=ook*%C8vl7#-s;;EO>OhVv25@f$?{^mCd}2Ymrx2Pm!^&y1J$g(F z=lDLLq1dKLG9H5^L%GSdtZ|}77L>ytHW(H4@p(Atr>q5$<0I zrq9Lib}U?lA+H=jt}KZlwM;<5Dvpt5OE=+=DK(r4=aB>eOeV{~UuT!CdvGcw9Xj7e0eQ}{Jq4KKv8oV2oaVVHL0@wGHi>Mbyiuh7zIploQ3&^C&;#Oyf9JxL_G+^RTB$D00ZHbj`G49s3B92aq_LyQh$GnB&h=R zC~{1&PqZ&)P7O#}3bn6(14%8CToZzM;8D*=vlp&YR%wE3_~0~=shl=Ga-ApuuE|kN zMnYdJ9mbzyrxo-3V@H}!%Q;%`$OPt*PNB3mp3@uAX?^Zhm*|FW<#VR4?IsVv%H_?5H#yA1 zyr^t!Z~xo^?Jx@tAMB?mZdbfcC7&O)1nAB><8kD74-MkN=CB+>o%#f%wi>wFFVDZP za})?RpR@zlvYIq?WEP>xD2|II0U7`wCYcR~P)yMvQEhNW?Q4Iw zk=O119ESbPx3BG2OOo^`65MbarO^^>lV?y4qIU83X!WX1mmU`TI9Mu?4my3sM^y{= z-^Z`|pBvSi&t)jAG^)#yDU)}1<-rXtEqfxX4zyLpIzDtI~ z3V9v~fN7vz5^rY1v*$D=>lle|kXiE;eTL$|lpEhAIE^1IcaH1}&8srf8Ptw7T2I*$ zm=2A~F*zyN%H`ch4jA*-M~jJ;;EOI~%pQq0y8JrwJX6qP$Rw=7UzP$j`9lOhYzB;= za+vRNzcQtoD4}&BPn3oklUB?Ih|W8X>wdu~Dz`g4X%5k(m`l4?<2-jK@%+!T;W!K= z*wVe;ygDg}JHB0x0DejL`o^Av@!muNCDd{5SUuc?GE{PMX=8G|YVkoV5saT|sFwx8;)F__rUR4z|Gm=C)^6ElS`?=@tUX01}QCSJRC5-RCQ!Y2JV z`m6p-b3tQVz+4OzIr}i{yblH;50fm-173Guw&j5@M)JJSVUydX94^v@LQg5}EX$tU4dd65s`Kt+vcTQoRV`5% zwl9^3$hTB+)@DshGgDpkGXy?7yydg}0niTxj zP`!SV-DU3ZC4^Oe+$%Nl7qz7=RaMjGHb9LYE#*bavSihQnwcUSoAT+Qk(rB{=?R3= zQ^soSvqd-cXD&{Mmp~|6H|zjmK`mfMs(^4S&^7&9zs*Wj>)37uG_LqPv^?U6N|kH8 z{!cXn>B#3X#dKL5*HICL0bgscIqskRS%eB{g`4s}^hd6cPVvwTVDrwMMVYE zDTnh4Lmhdw1idb@MnWF2k$1TO$Vjx@AWly#x?dTs87l><@h!Q#C|W%+?iP)P6elgY zhYZ~jRx$GYP>zrcwyayDFQt%Ql{SH$3k_`<%yDA@`c;Twp^7zll4c2LAG>9Ie(wMd zKq>xBq)Hzd&6c^{mVHYPPn6oWFA!2tx%*0vUZxY5wZHHz;+bC^8DKA&=~&{$z~1KF z?ZJEbV%d-*u~*Q+1he}AB$JwF@5xk`gV}JQ>$4;0mIPELMdYq>y&Cl2yzE>O_t}%V zA|i8-ubGFL=Ll(a@^jWcr9>K-xrpA1DbL6dB-Agp^3MADDy^hFubmcWO%lF+e$M7r zlS3+Qq7ew!-B>CJ`X}6YaV67K4{(2eY*GK}dm7omQdG9d&3C2oTI+!AWO zBgMD&6EO8CBS#`ij;BByzr#J|nw7K$$(}?kxY!rtLKCL}AM(h}g zAc81?tmsNH8SzunL9@>=rmLb!!S_r$lZCiMI^Im?ldz}?0MQHMVy^(paq5W0NpTtX zds2jJ0ZRj|t}|*?5zUUI-2Ee^BrtgBw{I0v8r;@PK=f`I>ygO6+0?={x_`Kgbs3PF zZKg}sTEnb@y@}6IJXlZ>VIBdL^d1X_tRe;Al2-Zm&)#ux6EsE9od|m*(MfekZGo@e zlwdaKLC*vm+Os5MP8zP=Fi&&-|JEDS1E%_prq)mU&7NGYP4^GKEkE>};s2Ile3UGW z9hK^0Lhb?j0g<;_WZf`O=AECDew8)x_DPbtAEQKz)jViv7FML6YJiSPzTQe*_A+V2 z`$DY8oFCcb=c4E*WY_1~qIl%xuJOfBqNI5m+(X5_1EO*7#OQl~{}x~T0wZ~hu9wmn zOE51@oW=OAih@ukFS}R)x1ceZKS#5zg6+VGcuyvwf-GP65^acQBa{PIVAHjoUD5u? z3V(9Wi&0j(4V9R57wc$@aDT6yxmM(JF(@eRQAZbnL7W~<$v3l z{{-jeQ8xC$1B?w1aN<6^KSYh6Vvh~~zc%w<=vqGP=pLYdv;Vla!$btLc)DIs)@-RK zh%wz;b0cVJ?bO=LzW170&WSn*nE|aps=>uC^}wlTl$OR!3MSmt2#nu2rl4AofX|+1 zh1eX`06-DLB`WBEz#5`C%>?PGYH%6{Sd%P6LcLFvvj%oF0C1>X73T8P9(S?Seq$}v4}2e)_ZYaW0$LU#&6K~m%t@yU<_O^mfP4;FUw zmBZ%0@FD*Vt-tXh{{*W(jkR?YQp$sJh-nGaL)s8&2#-7~0|H&HhkbU#K15deI;KG@6fo3o-OpQSHsuwV2$ELbD88Q+r)@v27p~+& z1xN9YuEvULB554yO$&1##`3<^+jN*aPnSKWI!W2O7(Nv%WP%!-EG(}{YWYDv{i3W3 zkF}g$J)na4&^v#m^|W8u**crrI_s-=*qb`(KE}?6zi@J3%;-Uvlr5dP+N{d?e52uO$aZZ5imRnoRVMKPQmM}9Wb2FSYN8O1dzPFHEP*JODR0cfRB#l!$^E_a@RrtBzNUIW^ym*1+Ow6Iq|(CTMQSTn*S;i$a`dkfuv~ zmFYzmrnUx&WuMNtI4r~mG@r-JK;3;2!sHj0bN=A7ZP)4qqPYceG}wDxaCtgX(OFG% zJ^*(xva-z}vfy2`yL8?XQ`1V{blQGu%y9#yAPowJ{-ad*d70qp$~-I%2q*~g!|MX! zKd#eH1OH4LK8Ej~zMrM^l3PM)cNTY7w<2fAIIb0oIS?3pX1Tlq7jO$9Qf6(TdTh;ls$A>A1(adX#F>^{+zof^bgg)XuUso$WvnPm&fei)qc@@PapYd zW%!$c2d?npk$;En-yZsrdjB~dSNP4(75*)a{G0A$!2LNMbt4J>cKlxw|DR9e)3o(y t;pe)y{T~ZYlGsx$p56}lWw7Xfrt`~`f;8lh_<{D2AyOXX9El(G{sZ|-F5LhC literal 0 HcmV?d00001