Merge branch 'master' of https://github.com/metersphere/metersphere

backend/src/main/java/io/metersphere/commons/utils/ShiroUtils.java

@@ -44,6 +44,10 @@ public class ShiroUtils {
 //        filterChainDefinitionMap.put("/document/**", "anon");
     }
 
+    public static void ignoreCsrfFilter(Map<String, String> filterChainDefinitionMap) {
+        filterChainDefinitionMap.put("/", "apikey, authc"); // 跳转到 / 不用校验 csrf
+    }
+
     public static Cookie getSessionIdCookie(){
         SimpleCookie sessionIdCookie = new SimpleCookie();
         sessionIdCookie.setPath("/");

backend/src/main/java/io/metersphere/config/ShiroConfig.java

@@ -47,9 +47,11 @@ public class ShiroConfig implements EnvironmentAware {
         shiroFilterFactoryBean.getFilters().put("apikey", new ApiKeyFilter());
         shiroFilterFactoryBean.getFilters().put("csrf", new CsrfFilter());
         Map<String, String> filterChainDefinitionMap = shiroFilterFactoryBean.getFilterChainDefinitionMap();
+
         ShiroUtils.loadBaseFilterChain(filterChainDefinitionMap);
 
-        filterChainDefinitionMap.put("/", "apikey, authc"); // 跳转到 / 不用校验 csrf
+        ShiroUtils.ignoreCsrfFilter(filterChainDefinitionMap);
+
         filterChainDefinitionMap.put("/**", "apikey, csrf, authc");
         return shiroFilterFactoryBean;
     }

backend/src/main/java/io/metersphere/security/CsrfFilter.java

@@ -32,6 +32,12 @@ public class CsrfFilter extends AnonymousFilter {
         if (ApiKeyHandler.isApiKeyCall(WebUtils.toHttp(request))) {
             return true;
         }
+        // websocket 不需要csrf
+        String websocketKey = httpServletRequest.getHeader("Sec-WebSocket-Key");
+        if (StringUtils.isNotBlank(websocketKey)) {
+            return true;
+        }
+
         // 请求头取出的token value
         String csrfToken = httpServletRequest.getHeader(TOKEN_NAME);
         // 校验 token

frontend/src/business/components/performance/test/components/PerformanceAdvancedConfig.vue

@@ -117,6 +117,36 @@
         </el-form>
       </el-col>
     </el-row>
+    <el-row>
+      <el-col :span="8">
+        <el-form :inline="true">
+          <el-form-item>
+            <div>
+              {{ $t('load_test.granularity') }}
+              <el-popover
+                placement="bottom"
+                width="400"
+                trigger="hover">
+                <el-table :data="granularityData">
+                  <el-table-column property="start" :label="$t('load_test.duration')">
+                    <template v-slot:default="scope">
+                      <span>{{ scope.row.start }} - {{ scope.row.end }}</span>
+                    </template>
+                  </el-table-column>
+                  <el-table-column property="granularity" :label="$t('load_test.granularity')"/>
+                </el-table>
+                <i slot="reference" class="el-icon-info pointer"/>
+              </el-popover>
+            </div>
+          </el-form-item>
+          <el-form-item>
+            <el-select v-model="granularity" :placeholder="$t('commons.please_select')" size="mini" clearable>
+              <el-option v-for="op in granularityData" :key="op.granularity" :label="op.granularity" :value="op.granularity"></el-option>
+            </el-select>
+          </el-form-item>
+        </el-form>
+      </el-col>
+    </el-row>
   </div>
 </template>
 
@@ -134,6 +164,18 @@ export default {
       domains: [],
       params: [],
       statusCodeStr: '',
+      granularity: undefined,
+      granularityData: [
+        {start: 0, end: 100, granularity: 1},
+        {start: 101, end: 500, granularity: 5},
+        {start: 501, end: 1000, granularity: 10},
+        {start: 1001, end: 3000, granularity: 30},
+        {start: 3001, end: 6000, granularity: 60},
+        {start: 6001, end: 30000, granularity: 300},
+        {start: 30001, end: 60000, granularity: 600},
+        {start: 60001, end: 180000, granularity: 1800},
+        {start: 180001, end: 360000, granularity: 3600},
+      ]
     }
   },
   props: {
@@ -166,6 +208,7 @@ export default {
           this.statusCodeStr = this.statusCode.join(',');
           this.domains = data.domains || [];
           this.params = data.params || [];
+          this.granularity = data.granularity;
         }
       });
     },
@@ -252,6 +295,7 @@ export default {
         statusCode: statusCode,
         params: this.params,
         domains: this.domains,
+        granularity: this.granularity,
       };
     },
   }
@@ -287,4 +331,8 @@ export default {
   align: center;
 }
 
+.pointer {
+  cursor: pointer;
+}
+
 </style>

frontend/src/i18n/en-US.js

@@ -478,7 +478,8 @@ export default {
     delete_file: "The file already exists, please delete the file with the same name first!",
     thread_num: 'Concurrent users:',
     input_thread_num: 'Please enter the number of threads',
-    duration: 'Duration time (seconds):',
+    duration: 'Duration time (seconds)',
+    granularity: 'Aggregation time (seconds)',
     input_duration: 'Please enter a duration',
     rps_limit: 'RPS Limit:',
     input_rps_limit: 'Please enter a limit',

frontend/src/i18n/zh-CN.js

@@ -475,7 +475,8 @@ export default {
     delete_file: "文件已存在，请先删除同名文件！",
     thread_num: '并发用户数：',
     input_thread_num: '请输入线程数',
-    duration: '压测时长（秒）：',
+    duration: '压测时长（秒）',
+    granularity: '聚合时间（秒）',
     input_duration: '请输入时长',
     rps_limit: 'RPS上限：',
     input_rps_limit: '请输入限制',

frontend/src/i18n/zh-TW.js

@@ -475,7 +475,8 @@ export default {
     delete_file: "文件已存在，請先刪除同名文件！",
     thread_num: '並發用戶數：',
     input_thread_num: '請輸入線程數',
-    duration: '壓測時長（秒）：',
+    duration: '壓測時長（秒）',
+    granularity: '聚合時間（秒）',
     input_duration: '請輸入時長',
     rps_limit: 'RPS上限：',
     input_rps_limit: '請輸入限制',