fix: 修复jenkins执行接口场景不能正常查看结果的问题
This commit is contained in:
parent
2f43a7882b
commit
4c48bae74f
|
@ -162,10 +162,31 @@
|
|||
<version>${quartz-starter.version}</version>
|
||||
</dependency>
|
||||
<!-- shiro -->
|
||||
<dependency>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
<artifactId>shiro-spring-boot-web-starter</artifactId>
|
||||
<version>${shiro.version}</version>
|
||||
<classifier>jakarta</classifier>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
<artifactId>shiro-spring-boot-starter</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
<artifactId>shiro-web</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
<artifactId>shiro-spring</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
<artifactId>shiro-spring-boot-starter</artifactId>
|
||||
<version>${shiro.version}</version>
|
||||
<classifier>jakarta</classifier>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
|
@ -182,6 +203,18 @@
|
|||
<artifactId>shiro-web</artifactId>
|
||||
<version>${shiro.version}</version>
|
||||
<classifier>jakarta</classifier>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<artifactId>shiro-core</artifactId>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
<artifactId>shiro-core</artifactId>
|
||||
<version>${shiro.version}</version>
|
||||
<classifier>jakarta</classifier>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
|
@ -193,6 +226,10 @@
|
|||
<artifactId>shiro-web</artifactId>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<artifactId>shiro-core</artifactId>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
|
|
|
@ -51,14 +51,6 @@ public class ShiroConfig {
|
|||
return shiroFilterFactoryBean;
|
||||
}
|
||||
|
||||
@Bean(name = "shiroFilter")
|
||||
public FilterRegistrationBean<Filter> shiroFilter(ShiroFilterFactoryBean shiroFilterFactoryBean) throws Exception {
|
||||
FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>();
|
||||
registration.setFilter((Filter) Objects.requireNonNull(shiroFilterFactoryBean.getObject()));
|
||||
registration.setDispatcherTypes(EnumSet.allOf(DispatcherType.class));
|
||||
return registration;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public MemoryConstrainedCacheManager memoryConstrainedCacheManager() {
|
||||
return new MemoryConstrainedCacheManager();
|
||||
|
|
|
@ -5,5 +5,5 @@ import org.apache.ibatis.annotations.Param;
|
|||
import java.util.List;
|
||||
|
||||
public interface ExtCheckOwnerMapper {
|
||||
boolean checkoutOwner(@Param("table") String resourceType, @Param("projectId") String projectId, @Param("ids") List ids);
|
||||
boolean checkoutOwner(@Param("table") String resourceType, @Param("userId") String userId, @Param("ids") List ids);
|
||||
}
|
||||
|
|
|
@ -2,12 +2,15 @@
|
|||
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
||||
<mapper namespace="io.metersphere.base.mapper.ext.ExtCheckOwnerMapper">
|
||||
<select id="checkoutOwner" resultType="boolean">
|
||||
SELECT count(id) = ${ids.size()}
|
||||
FROM ${table}
|
||||
WHERE project_id = #{projectId}
|
||||
and id in
|
||||
SELECT count(1) > 0
|
||||
FROM user_group
|
||||
WHERE source_id IN (SELECT project_id
|
||||
FROM ${table} JOIN project ON ${table}.project_id = project.id
|
||||
WHERE ${table}.id IN
|
||||
<foreach collection="ids" item="id" separator="," open="(" close=")">
|
||||
#{id}
|
||||
</foreach>
|
||||
</foreach>)
|
||||
AND user_id = #{userId}
|
||||
|
||||
</select>
|
||||
</mapper>
|
|
@ -3,9 +3,9 @@ package io.metersphere.controller.handler;
|
|||
|
||||
import io.metersphere.commons.exception.MSException;
|
||||
import io.metersphere.commons.utils.LogUtil;
|
||||
import org.apache.shiro.ShiroException;
|
||||
import org.apache.shiro.authz.UnauthorizedException;
|
||||
|
||||
import org.apache.shiro.lang.ShiroException;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
|
|
|
@ -7,8 +7,13 @@ import io.metersphere.commons.exception.MSException;
|
|||
import io.metersphere.commons.utils.SessionUtils;
|
||||
import io.metersphere.i18n.Translator;
|
||||
import jakarta.annotation.Resource;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authc.UsernamePasswordToken;
|
||||
import org.apache.shiro.web.util.WebUtils;
|
||||
import org.aspectj.lang.JoinPoint;
|
||||
import org.aspectj.lang.annotation.After;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
import org.aspectj.lang.annotation.Before;
|
||||
import org.aspectj.lang.annotation.Pointcut;
|
||||
|
@ -20,9 +25,10 @@ import org.springframework.expression.ExpressionParser;
|
|||
import org.springframework.expression.spel.standard.SpelExpressionParser;
|
||||
import org.springframework.expression.spel.support.StandardEvaluationContext;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.context.request.RequestAttributes;
|
||||
import org.springframework.web.context.request.RequestContextHolder;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
|
||||
|
@ -43,6 +49,16 @@ public class CheckOwnerAspect {
|
|||
@Before("pointcut()")
|
||||
public void before(JoinPoint joinPoint) {
|
||||
|
||||
// apikey 过来的请求
|
||||
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
|
||||
if (requestAttributes != null) {
|
||||
HttpServletRequest request = (HttpServletRequest) requestAttributes.resolveReference(RequestAttributes.REFERENCE_REQUEST);
|
||||
if (ApiKeyHandler.isApiKeyCall(request) && !SecurityUtils.getSubject().isAuthenticated()) {
|
||||
String userId = ApiKeyHandler.getUser(WebUtils.toHttp(request));
|
||||
SecurityUtils.getSubject().login(new UsernamePasswordToken(userId, SSOSessionHandler.random));
|
||||
}
|
||||
}
|
||||
|
||||
//从切面织入点处通过反射机制获取织入点处的方法
|
||||
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
||||
//获取切入点所在的方法
|
||||
|
@ -59,6 +75,7 @@ public class CheckOwnerAspect {
|
|||
return;
|
||||
}
|
||||
|
||||
|
||||
// 操作内容
|
||||
//获取方法参数名
|
||||
String[] params = discoverer.getParameterNames(method);
|
||||
|
@ -73,14 +90,27 @@ public class CheckOwnerAspect {
|
|||
Expression titleExp = parser.parseExpression(resourceId);
|
||||
Object v = titleExp.getValue(context, Object.class);
|
||||
if (v instanceof String id) {
|
||||
if (!extCheckOwnerMapper.checkoutOwner(resourceType, SessionUtils.getCurrentProjectId(), List.of(id))) {
|
||||
if (!extCheckOwnerMapper.checkoutOwner(resourceType, SessionUtils.getUserId(), List.of(id))) {
|
||||
MSException.throwException(Translator.get("check_owner_case"));
|
||||
}
|
||||
}
|
||||
if (v instanceof List ids) {
|
||||
if (!extCheckOwnerMapper.checkoutOwner(resourceType, SessionUtils.getCurrentProjectId(), ids)) {
|
||||
if (!extCheckOwnerMapper.checkoutOwner(resourceType, SessionUtils.getUserId(), ids)) {
|
||||
MSException.throwException(Translator.get("check_owner_case"));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@After("pointcut()")
|
||||
public void after() {
|
||||
// apikey 过来的请求
|
||||
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
|
||||
if (requestAttributes != null) {
|
||||
HttpServletRequest request = (HttpServletRequest) requestAttributes.resolveReference(RequestAttributes.REFERENCE_REQUEST);
|
||||
// apikey 退出
|
||||
if (ApiKeyHandler.isApiKeyCall(WebUtils.toHttp(request)) && SecurityUtils.getSubject().isAuthenticated()) {
|
||||
SecurityUtils.getSubject().logout();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
4
pom.xml
4
pom.xml
|
@ -6,7 +6,7 @@
|
|||
<parent>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-parent</artifactId>
|
||||
<version>3.2.4</version>
|
||||
<version>3.2.6</version>
|
||||
<relativePath/>
|
||||
</parent>
|
||||
|
||||
|
@ -23,7 +23,7 @@
|
|||
<spring-cloud.version>2023.0.0</spring-cloud.version>
|
||||
<dubbo.version>2.7.22</dubbo.version>
|
||||
<platform-plugin-sdk.version>1.6.0</platform-plugin-sdk.version>
|
||||
<shiro.version>1.13.0</shiro.version>
|
||||
<shiro.version>2.0.1</shiro.version>
|
||||
<java-websocket.version>1.5.3</java-websocket.version>
|
||||
<easyexcel.version>3.1.1</easyexcel.version>
|
||||
<dom4j.version>2.1.4</dom4j.version>
|
||||
|
|
Loading…
Reference in New Issue