refactor(项目设置): 组织项目全局用户组不支持修改
This commit is contained in:
song-cc-rock
Craftsman
parent
9a00d86d56
commit
316526a0aa
|
|
@ -164,6 +164,7 @@ global_user_role_relation_system_permission_error=no global user role relation s
|
||||||
global_user_role_limit_error=At least one user group is required
|
global_user_role_limit_error=At least one user group is required
|
||||||
organization_user_role_permission_error=no organization user role permission
|
organization_user_role_permission_error=no organization user role permission
|
||||||
project_user_role_permission_error=no project user role permission
|
project_user_role_permission_error=no project user role permission
|
||||||
|
no_global_user_role_permission_error=no global user role permission
|
||||||
user_role_exist=User role already exists
|
user_role_exist=User role already exists
|
||||||
user_role_not_exist=User role not exist
|
user_role_not_exist=User role not exist
|
||||||
user_role_not_edit=User role can not edit
|
user_role_not_edit=User role can not edit
|
||||||
|
|
|
||||||
|
|
@ -163,6 +163,7 @@ global_user_role_relation_system_permission_error=没有权限操作非系统级
|
||||||
global_user_role_limit_error=至少需要有一个用户组
|
global_user_role_limit_error=至少需要有一个用户组
|
||||||
organization_user_role_permission_error=没有权限操作非组织用户组
|
organization_user_role_permission_error=没有权限操作非组织用户组
|
||||||
project_user_role_permission_error=没有权限操作非项目用户组
|
project_user_role_permission_error=没有权限操作非项目用户组
|
||||||
|
no_global_user_role_permission_error=没有权限操作全局用户组
|
||||||
user_role_exist=用户组已存在
|
user_role_exist=用户组已存在
|
||||||
user_role_not_exist=用户组不存在
|
user_role_not_exist=用户组不存在
|
||||||
user_role_not_edit=用户组无法编辑
|
user_role_not_edit=用户组无法编辑
|
||||||
|
|
|
||||||
|
|
@ -163,6 +163,7 @@ global_user_role_relation_system_permission_error=沒有權限操作非系統級
|
||||||
global_user_role_limit_error=至少需要有一个用户组
|
global_user_role_limit_error=至少需要有一个用户组
|
||||||
organization_user_role_permission_error=沒有權限操作非組織用戶組
|
organization_user_role_permission_error=沒有權限操作非組織用戶組
|
||||||
project_user_role_permission_error=沒有權限操作非項目用戶組
|
project_user_role_permission_error=沒有權限操作非項目用戶組
|
||||||
|
no_global_user_role_permission_error=沒有權限操作全局用戶組
|
||||||
user_role_exist=用戶組已存在
|
user_role_exist=用戶組已存在
|
||||||
user_role_not_exist=用戶組不存在
|
user_role_not_exist=用戶組不存在
|
||||||
user_role_not_edit=用戶組無法編輯
|
user_role_not_edit=用戶組無法編輯
|
||||||
|
|
|
||||||
|
|
@ -85,9 +85,9 @@ public class ProjectUserRoleService extends BaseUserRoleService {
|
||||||
@Override
|
@Override
|
||||||
public UserRole update(UserRole userRole) {
|
public UserRole update(UserRole userRole) {
|
||||||
UserRole oldRole = get(userRole.getId());
|
UserRole oldRole = get(userRole.getId());
|
||||||
// 非像项目用户组不允许修改, 内置用户组不允许修改
|
// 非项目用户组, 全局用户组不允许修改
|
||||||
checkProjectUserRole(oldRole);
|
checkProjectUserRole(oldRole);
|
||||||
checkInternalUserRole(oldRole);
|
checkGlobalUserRole(oldRole);
|
||||||
userRole.setType(UserRoleType.PROJECT.name());
|
userRole.setType(UserRoleType.PROJECT.name());
|
||||||
checkNewRoleExist(userRole);
|
checkNewRoleExist(userRole);
|
||||||
return super.update(userRole);
|
return super.update(userRole);
|
||||||
|
|
@ -147,7 +147,7 @@ public class ProjectUserRoleService extends BaseUserRoleService {
|
||||||
public void updatePermissionSetting(PermissionSettingUpdateRequest request) {
|
public void updatePermissionSetting(PermissionSettingUpdateRequest request) {
|
||||||
UserRole userRole = get(request.getUserRoleId());
|
UserRole userRole = get(request.getUserRoleId());
|
||||||
checkProjectUserRole(userRole);
|
checkProjectUserRole(userRole);
|
||||||
checkInternalUserRole(userRole);
|
checkGlobalUserRole(userRole);
|
||||||
super.updatePermissionSetting(request);
|
super.updatePermissionSetting(request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -37,6 +37,7 @@ import java.util.Set;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import static io.metersphere.system.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
|
import static io.metersphere.system.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
|
||||||
|
import static io.metersphere.system.controller.result.SystemResultCode.NO_GLOBAL_USER_ROLE_PERMISSION;
|
||||||
import static io.metersphere.system.controller.result.SystemResultCode.NO_PROJECT_USER_ROLE_PERMISSION;
|
import static io.metersphere.system.controller.result.SystemResultCode.NO_PROJECT_USER_ROLE_PERMISSION;
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
|
||||||
|
|
||||||
|
|
@ -153,10 +154,10 @@ public class ProjectUserRoleControllerTests extends BaseTest {
|
||||||
request = new ProjectUserRoleEditRequest();
|
request = new ProjectUserRoleEditRequest();
|
||||||
request.setId(InternalUserRole.ADMIN.getValue());
|
request.setId(InternalUserRole.ADMIN.getValue());
|
||||||
this.requestPost(PROJECT_USER_ROLE_UPDATE, request).andExpect(jsonPath("$.code").value(NO_PROJECT_USER_ROLE_PERMISSION.getCode()));
|
this.requestPost(PROJECT_USER_ROLE_UPDATE, request).andExpect(jsonPath("$.code").value(NO_PROJECT_USER_ROLE_PERMISSION.getCode()));
|
||||||
// 非内置用户组异常
|
// 非全局用户组异常
|
||||||
request = new ProjectUserRoleEditRequest();
|
request = new ProjectUserRoleEditRequest();
|
||||||
request.setId(InternalUserRole.PROJECT_ADMIN.getValue());
|
request.setId(InternalUserRole.PROJECT_ADMIN.getValue());
|
||||||
this.requestPost(PROJECT_USER_ROLE_UPDATE, request).andExpect(jsonPath("$.code").value(INTERNAL_USER_ROLE_PERMISSION.getCode()));
|
this.requestPost(PROJECT_USER_ROLE_UPDATE, request).andExpect(jsonPath("$.code").value(NO_GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
// 用户组名称已存在
|
// 用户组名称已存在
|
||||||
request = new ProjectUserRoleEditRequest();
|
request = new ProjectUserRoleEditRequest();
|
||||||
request.setId("default-pro-role-id-2");
|
request.setId("default-pro-role-id-2");
|
||||||
|
|
@ -268,10 +269,10 @@ public class ProjectUserRoleControllerTests extends BaseTest {
|
||||||
request.setUserRoleId(InternalUserRole.ADMIN.getValue());
|
request.setUserRoleId(InternalUserRole.ADMIN.getValue());
|
||||||
this.requestPost(PROJECT_USER_ROLE_PERMISSION_UPDATE, request)
|
this.requestPost(PROJECT_USER_ROLE_PERMISSION_UPDATE, request)
|
||||||
.andExpect(jsonPath("$.code").value(NO_PROJECT_USER_ROLE_PERMISSION.getCode()));
|
.andExpect(jsonPath("$.code").value(NO_PROJECT_USER_ROLE_PERMISSION.getCode()));
|
||||||
// 内置用户组异常
|
// 全局用户组异常
|
||||||
request.setUserRoleId(InternalUserRole.PROJECT_ADMIN.getValue());
|
request.setUserRoleId(InternalUserRole.PROJECT_ADMIN.getValue());
|
||||||
this.requestPost(PROJECT_USER_ROLE_PERMISSION_UPDATE, request)
|
this.requestPost(PROJECT_USER_ROLE_PERMISSION_UPDATE, request)
|
||||||
.andExpect(jsonPath("$.code").value(INTERNAL_USER_ROLE_PERMISSION.getCode()));
|
.andExpect(jsonPath("$.code").value(NO_GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
||||||
|
|
@ -26,7 +26,8 @@ public enum SystemResultCode implements IResultCode {
|
||||||
ORGANIZATION_TEMPLATE_PERMISSION(101009, "organization_template_permission_error"),
|
ORGANIZATION_TEMPLATE_PERMISSION(101009, "organization_template_permission_error"),
|
||||||
PLUGIN_SCRIPT_EXIST(101010, "plugin.script.exist"),
|
PLUGIN_SCRIPT_EXIST(101010, "plugin.script.exist"),
|
||||||
PLUGIN_SCRIPT_FORMAT(101011, "plugin.script.format"),
|
PLUGIN_SCRIPT_FORMAT(101011, "plugin.script.format"),
|
||||||
NO_PROJECT_USER_ROLE_PERMISSION(101012, "project_user_role_permission_error");
|
NO_PROJECT_USER_ROLE_PERMISSION(101012, "project_user_role_permission_error"),
|
||||||
|
NO_GLOBAL_USER_ROLE_PERMISSION(101013, "no_global_user_role_permission_error");
|
||||||
|
|
||||||
private final int code;
|
private final int code;
|
||||||
private final String message;
|
private final String message;
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,8 @@ import io.metersphere.sdk.dto.Permission;
|
||||||
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
import io.metersphere.sdk.exception.MSException;
|
import io.metersphere.sdk.exception.MSException;
|
||||||
import io.metersphere.system.uid.UUID;
|
|
||||||
import io.metersphere.sdk.util.JSON;
|
import io.metersphere.sdk.util.JSON;
|
||||||
import io.metersphere.sdk.util.PermissionCache;
|
import io.metersphere.sdk.util.PermissionCache;
|
||||||
import io.metersphere.system.utils.ServiceUtils;
|
|
||||||
import io.metersphere.sdk.util.Translator;
|
import io.metersphere.sdk.util.Translator;
|
||||||
import io.metersphere.system.domain.User;
|
import io.metersphere.system.domain.User;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
|
|
@ -16,6 +14,8 @@ import io.metersphere.system.domain.UserRoleExample;
|
||||||
import io.metersphere.system.domain.UserRoleRelation;
|
import io.metersphere.system.domain.UserRoleRelation;
|
||||||
import io.metersphere.system.mapper.UserMapper;
|
import io.metersphere.system.mapper.UserMapper;
|
||||||
import io.metersphere.system.mapper.UserRoleMapper;
|
import io.metersphere.system.mapper.UserRoleMapper;
|
||||||
|
import io.metersphere.system.uid.UUID;
|
||||||
|
import io.metersphere.system.utils.ServiceUtils;
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
import org.apache.commons.collections.CollectionUtils;
|
import org.apache.commons.collections.CollectionUtils;
|
||||||
import org.apache.commons.lang3.BooleanUtils;
|
import org.apache.commons.lang3.BooleanUtils;
|
||||||
|
|
@ -27,6 +27,7 @@ import java.util.*;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import static io.metersphere.system.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
|
import static io.metersphere.system.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
|
||||||
|
import static io.metersphere.system.controller.result.SystemResultCode.NO_GLOBAL_USER_ROLE_PERMISSION;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author jianxing
|
* @author jianxing
|
||||||
|
|
@ -183,6 +184,15 @@ public class BaseUserRoleService {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 校验是否是全局用户组,是全局抛异常
|
||||||
|
*/
|
||||||
|
public void checkGlobalUserRole(UserRole userRole) {
|
||||||
|
if (StringUtils.equals(userRole.getScopeId(), UserRoleEnum.GLOBAL.toString())) {
|
||||||
|
throw new MSException(NO_GLOBAL_USER_ROLE_PERMISSION);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public UserRole get(String id) {
|
public UserRole get(String id) {
|
||||||
return userRoleMapper.selectByPrimaryKey(id);
|
return userRoleMapper.selectByPrimaryKey(id);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -60,9 +60,9 @@ public class OrganizationUserRoleService extends BaseUserRoleService {
|
||||||
@Override
|
@Override
|
||||||
public UserRole update(UserRole userRole) {
|
public UserRole update(UserRole userRole) {
|
||||||
UserRole oldRole = get(userRole.getId());
|
UserRole oldRole = get(userRole.getId());
|
||||||
// 非组织用户组不允许修改, 内置用户组不允许修改
|
// 非组织用户组不允许修改, 全局用户组不允许修改
|
||||||
checkOrgUserRole(oldRole);
|
checkOrgUserRole(oldRole);
|
||||||
checkInternalUserRole(oldRole);
|
checkGlobalUserRole(oldRole);
|
||||||
userRole.setType(UserRoleType.ORGANIZATION.name());
|
userRole.setType(UserRoleType.ORGANIZATION.name());
|
||||||
checkNewRoleExist(userRole);
|
checkNewRoleExist(userRole);
|
||||||
return super.update(userRole);
|
return super.update(userRole);
|
||||||
|
|
@ -122,7 +122,7 @@ public class OrganizationUserRoleService extends BaseUserRoleService {
|
||||||
public void updatePermissionSetting(PermissionSettingUpdateRequest request) {
|
public void updatePermissionSetting(PermissionSettingUpdateRequest request) {
|
||||||
UserRole userRole = get(request.getUserRoleId());
|
UserRole userRole = get(request.getUserRoleId());
|
||||||
checkOrgUserRole(userRole);
|
checkOrgUserRole(userRole);
|
||||||
checkInternalUserRole(userRole);
|
checkGlobalUserRole(userRole);
|
||||||
super.updatePermissionSetting(request);
|
super.updatePermissionSetting(request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,20 +1,20 @@
|
||||||
package io.metersphere.system.controller;
|
package io.metersphere.system.controller;
|
||||||
|
|
||||||
import io.metersphere.system.base.BaseTest;
|
|
||||||
import io.metersphere.sdk.constants.InternalUserRole;
|
import io.metersphere.sdk.constants.InternalUserRole;
|
||||||
import io.metersphere.sdk.constants.PermissionConstants;
|
import io.metersphere.sdk.constants.PermissionConstants;
|
||||||
import io.metersphere.sdk.constants.SessionConstants;
|
import io.metersphere.sdk.constants.SessionConstants;
|
||||||
import io.metersphere.system.controller.handler.ResultHolder;
|
|
||||||
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
import io.metersphere.system.service.BaseUserRolePermissionService;
|
|
||||||
import io.metersphere.sdk.util.JSON;
|
import io.metersphere.sdk.util.JSON;
|
||||||
import io.metersphere.sdk.util.Pager;
|
import io.metersphere.sdk.util.Pager;
|
||||||
|
import io.metersphere.system.base.BaseTest;
|
||||||
|
import io.metersphere.system.controller.handler.ResultHolder;
|
||||||
import io.metersphere.system.domain.User;
|
import io.metersphere.system.domain.User;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
import io.metersphere.system.dto.OrganizationDTO;
|
import io.metersphere.system.dto.OrganizationDTO;
|
||||||
import io.metersphere.system.request.OrganizationUserRoleEditRequest;
|
import io.metersphere.system.request.OrganizationUserRoleEditRequest;
|
||||||
import io.metersphere.system.request.OrganizationUserRoleMemberEditRequest;
|
import io.metersphere.system.request.OrganizationUserRoleMemberEditRequest;
|
||||||
import io.metersphere.system.request.OrganizationUserRoleMemberRequest;
|
import io.metersphere.system.request.OrganizationUserRoleMemberRequest;
|
||||||
|
import io.metersphere.system.service.BaseUserRolePermissionService;
|
||||||
import io.metersphere.system.service.OrganizationService;
|
import io.metersphere.system.service.OrganizationService;
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
import org.apache.commons.collections4.CollectionUtils;
|
import org.apache.commons.collections4.CollectionUtils;
|
||||||
|
|
@ -36,6 +36,7 @@ import java.util.Set;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import static io.metersphere.system.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
|
import static io.metersphere.system.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
|
||||||
|
import static io.metersphere.system.controller.result.SystemResultCode.NO_GLOBAL_USER_ROLE_PERMISSION;
|
||||||
import static io.metersphere.system.controller.result.SystemResultCode.NO_ORG_USER_ROLE_PERMISSION;
|
import static io.metersphere.system.controller.result.SystemResultCode.NO_ORG_USER_ROLE_PERMISSION;
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
|
||||||
|
|
||||||
|
|
@ -125,7 +126,7 @@ public class OrganizationUserRoleControllerTests extends BaseTest {
|
||||||
// 非内置用户组异常
|
// 非内置用户组异常
|
||||||
request = new OrganizationUserRoleEditRequest();
|
request = new OrganizationUserRoleEditRequest();
|
||||||
request.setId(InternalUserRole.ORG_ADMIN.getValue());
|
request.setId(InternalUserRole.ORG_ADMIN.getValue());
|
||||||
this.requestPost(ORGANIZATION_USER_ROLE_UPDATE, request).andExpect(jsonPath("$.code").value(INTERNAL_USER_ROLE_PERMISSION.getCode()));
|
this.requestPost(ORGANIZATION_USER_ROLE_UPDATE, request).andExpect(jsonPath("$.code").value(NO_GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
// 用户组名称已存在
|
// 用户组名称已存在
|
||||||
request = new OrganizationUserRoleEditRequest();
|
request = new OrganizationUserRoleEditRequest();
|
||||||
request.setId("default-org-role-id-2");
|
request.setId("default-org-role-id-2");
|
||||||
|
|
@ -233,7 +234,7 @@ public class OrganizationUserRoleControllerTests extends BaseTest {
|
||||||
// 内置用户组异常
|
// 内置用户组异常
|
||||||
request.setUserRoleId(InternalUserRole.ORG_ADMIN.getValue());
|
request.setUserRoleId(InternalUserRole.ORG_ADMIN.getValue());
|
||||||
this.requestPost(ORGANIZATION_USER_ROLE_PERMISSION_UPDATE, request)
|
this.requestPost(ORGANIZATION_USER_ROLE_PERMISSION_UPDATE, request)
|
||||||
.andExpect(jsonPath("$.code").value(INTERNAL_USER_ROLE_PERMISSION.getCode()));
|
.andExpect(jsonPath("$.code").value(NO_GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue