refactor(接口测试): 补充资源校验
This commit is contained in:
parent
662a0b9050
commit
62892fd496
|
@ -14,6 +14,7 @@ import io.metersphere.system.utils.SessionUtils;
|
|||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.shiro.authz.annotation.Logical;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
@ -64,6 +65,7 @@ public class ApiDefinitionModuleController {
|
|||
@PostMapping("/move")
|
||||
@Operation(summary = "接口测试-接口管理-模块-移动模块")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_UPDATE)
|
||||
@CheckOwner(resourceId = "#request.dragNodeId", resourceType = "api_definition_module")
|
||||
public void moveNode(@Validated @RequestBody NodeMoveRequest request) {
|
||||
apiDefinitionModuleService.moveNode(request, SessionUtils.getUserId());
|
||||
}
|
||||
|
@ -94,6 +96,8 @@ public class ApiDefinitionModuleController {
|
|||
|
||||
@PostMapping("/env/tree")
|
||||
@Operation(summary = "获取环境中的接口树和选中的模块")
|
||||
@CheckOwner(resourceId = "#request.projectId", resourceType = "project")
|
||||
@RequiresPermissions(value = {PermissionConstants.PROJECT_API_DEFINITION_READ, PermissionConstants.PROJECT_ENVIRONMENT_READ}, logical = Logical.OR)
|
||||
public EnvApiTreeDTO envTree(@RequestBody @Validated EnvApiModuleRequest request) {
|
||||
return apiDefinitionModuleService.envTree(request);
|
||||
}
|
||||
|
|
|
@ -8,6 +8,7 @@ import io.metersphere.api.service.definition.ApiDefinitionScheduleService;
|
|||
import io.metersphere.sdk.constants.PermissionConstants;
|
||||
import io.metersphere.system.log.annotation.Log;
|
||||
import io.metersphere.system.log.constants.OperationLogType;
|
||||
import io.metersphere.system.security.CheckOwner;
|
||||
import io.metersphere.system.utils.SessionUtils;
|
||||
import io.metersphere.validation.groups.Created;
|
||||
import io.metersphere.validation.groups.Updated;
|
||||
|
@ -37,6 +38,7 @@ public class ApiDefinitionScheduleController {
|
|||
@PostMapping(value = "/update")
|
||||
@Operation(summary = "接口测试-接口管理-定时同步-更新")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_IMPORT)
|
||||
@CheckOwner(resourceId = "#request.id", resourceType = "api_definition_swagger")
|
||||
public String updateSchedule(@RequestBody @Validated({Updated.class}) ApiScheduleRequest request) {
|
||||
return apiDefinitionScheduleService.updateSchedule(request, SessionUtils.getUserId());
|
||||
}
|
||||
|
@ -51,6 +53,7 @@ public class ApiDefinitionScheduleController {
|
|||
@GetMapping(value = "/switch/{id}")
|
||||
@Operation(summary = "接口测试-接口管理-定时同步-开启/关闭")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_IMPORT)
|
||||
@CheckOwner(resourceId = "#id", resourceType = "api_definition_swagger")
|
||||
public void updateScheduleEnable(@PathVariable String id) {
|
||||
apiDefinitionScheduleService.switchSchedule(id);
|
||||
}
|
||||
|
@ -58,12 +61,15 @@ public class ApiDefinitionScheduleController {
|
|||
@GetMapping("/delete/{id}")
|
||||
@Operation(summary = "接口测试-接口管理-定时同步-删除")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_IMPORT)
|
||||
@CheckOwner(resourceId = "#id", resourceType = "api_definition_swagger")
|
||||
public void deleteSchedule(@PathVariable String id) {
|
||||
apiDefinitionScheduleService.deleteSchedule(id);
|
||||
}
|
||||
|
||||
@GetMapping(value = "/get/{id}")
|
||||
@Operation(summary = "接口测试-接口管理-定时同步-查询")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_IMPORT)
|
||||
@CheckOwner(resourceId = "#id", resourceType = "api_definition_swagger")
|
||||
public ApiScheduleDTO getResourceId(@PathVariable String id) {
|
||||
return apiDefinitionScheduleService.getSchedule(id);
|
||||
}
|
||||
|
|
|
@ -152,6 +152,7 @@ public class ApiTestCaseController {
|
|||
@PostMapping(value = "/page")
|
||||
@Operation(summary = "接口测试-接口管理-接口用例-分页查询")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_READ)
|
||||
@CheckOwner(resourceId = "#request.getProjectId()", resourceType = "project")
|
||||
public Pager<List<ApiTestCaseDTO>> page(@Validated @RequestBody ApiTestCasePageRequest request) {
|
||||
Page<Object> page = PageHelper.startPage(request.getCurrent(), request.getPageSize(),
|
||||
StringUtils.isNotBlank(request.getSortString()) ? request.getSortString() : "pos desc");
|
||||
|
@ -195,6 +196,7 @@ public class ApiTestCaseController {
|
|||
@PostMapping(value = "/trash/page")
|
||||
@Operation(summary = "接口测试-接口管理-接口用例-回收站-分页查询")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_READ)
|
||||
@CheckOwner(resourceId = "#request.getProjectId()", resourceType = "project")
|
||||
public Pager<List<ApiTestCaseDTO>> pageTrash(@Validated @RequestBody ApiTestCasePageRequest request) {
|
||||
Page<Object> page = PageHelper.startPage(request.getCurrent(), request.getPageSize(),
|
||||
StringUtils.isNotBlank(request.getSortString()) ? request.getSortString() : "delete_time desc");
|
||||
|
@ -204,6 +206,7 @@ public class ApiTestCaseController {
|
|||
@PostMapping("/edit/pos")
|
||||
@Operation(summary = "接口测试-接口管理-接口用例-拖拽排序")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_UPDATE)
|
||||
@CheckOwner(resourceId = "#request.getTargetId()", resourceType = "api_test_case")
|
||||
public void editPos(@Validated @RequestBody PosRequest request) {
|
||||
apiTestCaseService.moveNode(request);
|
||||
}
|
||||
|
@ -261,6 +264,7 @@ public class ApiTestCaseController {
|
|||
@GetMapping("/run/{id}")
|
||||
@Operation(summary = "用例执行, 传ID执行")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_EXECUTE)
|
||||
@CheckOwner(resourceId = "#id", resourceType = "api_test_case")
|
||||
public TaskRequestDTO run(@PathVariable String id,
|
||||
@Schema(description = "报告ID,传了可以实时获取结果,不传则不支持实时获取")
|
||||
@RequestParam(required = false) String reportId) {
|
||||
|
@ -277,6 +281,7 @@ public class ApiTestCaseController {
|
|||
@PostMapping("/batch/run")
|
||||
@Operation(summary = "批量执行")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_EXECUTE)
|
||||
@CheckOwner(resourceId = "#request.getSelectIds()", resourceType = "api_test_case")
|
||||
public void batchRun(@Validated @RequestBody ApiTestCaseBatchRunRequest request) {
|
||||
apiTestCaseBatchRunService.asyncBatchRun(request, SessionUtils.getUserId());
|
||||
}
|
||||
|
|
|
@ -137,6 +137,7 @@ public class ApiScenarioController {
|
|||
@GetMapping("/step/get/{stepId}")
|
||||
@Operation(summary = "接口测试-接口场景管理-获取场景步骤详情")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ)
|
||||
@CheckOwner(resourceId = "#stepId", resourceType = "api_scenario_step")
|
||||
public Object getStepDetail(@PathVariable String stepId) {
|
||||
return apiScenarioService.getStepDetail(stepId);
|
||||
}
|
||||
|
@ -176,6 +177,7 @@ public class ApiScenarioController {
|
|||
@GetMapping("/run/{id}")
|
||||
@Operation(summary = "接口测试-接口场景管理-场景执行")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_EXECUTE)
|
||||
@CheckOwner(resourceId = "#id", resourceType = "api_scenario")
|
||||
public TaskRequestDTO run(@PathVariable String id, @RequestParam(required = false) String reportId) {
|
||||
return apiScenarioService.run(id, reportId, SessionUtils.getUserId());
|
||||
}
|
||||
|
@ -242,6 +244,7 @@ public class ApiScenarioController {
|
|||
@PostMapping("/edit/pos")
|
||||
@Operation(summary = "接口测试-接口场景管理-场景-拖拽排序")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_UPDATE)
|
||||
@CheckOwner(resourceId = "#request.getTargetId()", resourceType = "api_scenario")
|
||||
public void editPos(@Validated @RequestBody PosRequest request) {
|
||||
apiScenarioService.moveNode(request);
|
||||
}
|
||||
|
|
|
@ -62,6 +62,7 @@ public class ApiScenarioModuleController {
|
|||
@PostMapping("/move")
|
||||
@Operation(summary = "接口测试-接口场景-模块-移动模块")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_UPDATE)
|
||||
@CheckOwner(resourceId = "#request.getDragNodeId()", resourceType = "api_scenario_module")
|
||||
public void moveNode(@Validated @RequestBody NodeMoveRequest request) {
|
||||
apiScenarioModuleService.moveNode(request, SessionUtils.getUserId());
|
||||
}
|
||||
|
|
|
@ -348,7 +348,7 @@ public class ApiDefinitionImportUtilService {
|
|||
LogDTO dto = new LogDTO(
|
||||
project.getId(),
|
||||
project.getOrganizationId(),
|
||||
t.getId(),
|
||||
apiDefinition.getId(),
|
||||
request.getUserId(),
|
||||
OperationLogType.IMPORT.name(),
|
||||
OperationLogModule.API_TEST_MANAGEMENT_DEFINITION,
|
||||
|
|
|
@ -42,6 +42,7 @@ public class EnvironmentController {
|
|||
@PostMapping("/list")
|
||||
@Operation(summary = "项目管理-环境-环境目录-列表")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ)
|
||||
@CheckOwner(resourceId = "#request.projectId", resourceType = "project")
|
||||
public List<Environment> list(@Validated @RequestBody EnvironmentFilterRequest request) {
|
||||
return environmentService.list(request);
|
||||
}
|
||||
|
@ -57,6 +58,7 @@ public class EnvironmentController {
|
|||
@GetMapping("/scripts/{projectId}")
|
||||
@Operation(summary = "项目管理-环境-环境目录-接口插件前端配置脚本列表")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ)
|
||||
@CheckOwner(resourceId = "#projectId", resourceType = "project")
|
||||
public List<EnvironmentPluginScriptDTO> getPluginScripts(@PathVariable String projectId) {
|
||||
return environmentService.getPluginScripts(projectId);
|
||||
}
|
||||
|
@ -99,6 +101,7 @@ public class EnvironmentController {
|
|||
@GetMapping("/database/driver-options/{organizationId}")
|
||||
@Operation(summary = "项目管理-环境-数据库配置-数据库驱动选项")
|
||||
@RequiresPermissions(value = {PermissionConstants.PROJECT_ENVIRONMENT_READ, PermissionConstants.PROJECT_ENVIRONMENT_READ_ADD, PermissionConstants.PROJECT_ENVIRONMENT_READ_UPDATE}, logical = Logical.OR)
|
||||
@CheckOwner(resourceId = "#organizationId", resourceType = "organization")
|
||||
public List<OptionDTO> driverOptions(@PathVariable String organizationId) {
|
||||
return environmentService.getDriverOptions(organizationId);
|
||||
}
|
||||
|
|
|
@ -60,6 +60,7 @@ public class EnvironmentGroupController {
|
|||
@PostMapping("/list")
|
||||
@Operation(summary = "项目管理-环境组-列表")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ)
|
||||
@CheckOwner(resourceId = "#request.projectId", resourceType = "project")
|
||||
public List<EnvironmentGroup> list(@RequestBody EnvironmentFilterRequest request) {
|
||||
return environmentGroupService.list(request);
|
||||
}
|
||||
|
@ -75,6 +76,7 @@ public class EnvironmentGroupController {
|
|||
@GetMapping("/get-project/{organizationId}")
|
||||
@Operation(summary = "项目管理-环境组-获取项目")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ)
|
||||
@CheckOwner(resourceId = "#organizationId", resourceType = "organization")
|
||||
public List<OptionDTO> getProject(@PathVariable String organizationId) {
|
||||
return environmentGroupService.getProject(SessionUtils.getUserId(), organizationId);
|
||||
}
|
||||
|
|
|
@ -8,6 +8,7 @@ import io.metersphere.sdk.constants.PermissionConstants;
|
|||
import io.metersphere.sdk.domain.ProjectParameter;
|
||||
import io.metersphere.system.log.annotation.Log;
|
||||
import io.metersphere.system.log.constants.OperationLogType;
|
||||
import io.metersphere.system.security.CheckOwner;
|
||||
import io.metersphere.system.utils.SessionUtils;
|
||||
import io.metersphere.validation.groups.Created;
|
||||
import io.metersphere.validation.groups.Updated;
|
||||
|
@ -40,6 +41,7 @@ public class GlobalParamsController {
|
|||
@Operation(summary = "项目管理-环境-全局参数-修改")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ_UPDATE)
|
||||
@Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#request)", msClass = GlobalParamsLogService.class)
|
||||
@CheckOwner(resourceId = "#request.id", resourceType = "project_parameter")
|
||||
public ProjectParameter update(@Validated({Updated.class}) @RequestBody GlobalParamsRequest request) {
|
||||
return globalParamsService.update(request, SessionUtils.getUserId());
|
||||
}
|
||||
|
@ -47,6 +49,7 @@ public class GlobalParamsController {
|
|||
@GetMapping("/get/{projectId}")
|
||||
@Operation(summary = "项目管理-环境-全局参数-详情")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ)
|
||||
@CheckOwner(resourceId = "#projectId", resourceType = "project")
|
||||
public GlobalParamsDTO get(@PathVariable String projectId) {
|
||||
return globalParamsService.get(projectId);
|
||||
}
|
||||
|
|
|
@ -42,6 +42,7 @@ public class ProjectController {
|
|||
|
||||
@GetMapping("/list/options/{organizationId}")
|
||||
@Operation(summary = "根据组织ID获取所有有权限的项目")
|
||||
@CheckOwner(resourceId = "#organizationId", resourceType = "organization")
|
||||
public List<Project> getUserProject(@PathVariable String organizationId) {
|
||||
return projectService.getUserProject(organizationId, SessionUtils.getUserId());
|
||||
}
|
||||
|
@ -49,6 +50,7 @@ public class ProjectController {
|
|||
@PostMapping("/switch")
|
||||
@Operation(summary = "切换项目")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_BASE_INFO_READ)
|
||||
@CheckOwner(resourceId = "#request.projectId", resourceType = "project")
|
||||
public UserDTO switchProject(@RequestBody ProjectSwitchRequest request) {
|
||||
return projectService.switchProject(request, SessionUtils.getUserId());
|
||||
}
|
||||
|
@ -65,6 +67,7 @@ public class ProjectController {
|
|||
@GetMapping("/pool-options/{type}/{projectId}")
|
||||
@Operation(summary = "项目管理-获取项目下的资源池")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_BASE_INFO_READ)
|
||||
@CheckOwner(resourceId = "#projectId", resourceType = "project")
|
||||
public List<OptionDTO> getPoolOptions(@PathVariable String type, @PathVariable String projectId) {
|
||||
return projectService.getPoolOptions(projectId, type);
|
||||
}
|
||||
|
@ -79,6 +82,7 @@ public class ProjectController {
|
|||
@GetMapping("/get-member/option/{projectId}")
|
||||
@Operation(summary = "项目管理-获取成员下拉选项")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_BASE_INFO_READ)
|
||||
@CheckOwner(resourceId = "#projectId", resourceType = "project")
|
||||
public List<UserExtendDTO> getMemberOption(@PathVariable String projectId,
|
||||
@Schema(description = "查询关键字,根据邮箱和用户名查询")
|
||||
@RequestParam(value = "keyword", required = false) String keyword) {
|
||||
|
|
|
@ -214,6 +214,16 @@ public class ProjectControllerTests extends BaseTest {
|
|||
example.createCriteria().andOrganizationIdEqualTo(DEFAULT_ORGANIZATION_ID).andEnableEqualTo(true);
|
||||
Assertions.assertEquals(projectMapper.countByExample(example), list.size());
|
||||
|
||||
UserRoleRelation userRoleRelation = new UserRoleRelation();
|
||||
userRoleRelation.setUserId("admin1");
|
||||
userRoleRelation.setOrganizationId(DEFAULT_ORGANIZATION_ID);
|
||||
userRoleRelation.setSourceId(DEFAULT_ORGANIZATION_ID);
|
||||
userRoleRelation.setRoleId("1");
|
||||
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
||||
userRoleRelation.setCreateUser("admin");
|
||||
userRoleRelation.setId(IDGenerator.nextStr());
|
||||
userRoleRelationMapper.insertSelective(userRoleRelation);
|
||||
|
||||
mvcResult = mockMvc.perform(MockMvcRequestBuilders.post("/login")
|
||||
.content(String.format("{\"username\":\"%s\",\"password\":\"%s\"}", "admin1", "admin1@metersphere.io"))
|
||||
.contentType(MediaType.APPLICATION_JSON))
|
||||
|
|
|
@ -62,6 +62,7 @@ public class OrganizationProjectController {
|
|||
@PostMapping("/page")
|
||||
@RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ)
|
||||
@Operation(summary = "系统设置-组织-项目-获取项目列表")
|
||||
@CheckOwner(resourceId = "#request.getOrganizationId()", resourceType = "organization")
|
||||
public Pager<List<ProjectDTO>> getProjectList(@Validated @RequestBody OrganizationProjectRequest request) {
|
||||
Page<Object> page = PageHelper.startPage(request.getCurrent(), request.getPageSize(),
|
||||
StringUtils.isNotBlank(request.getSortString()) ? request.getSortString() : "create_time desc");
|
||||
|
@ -120,6 +121,7 @@ public class OrganizationProjectController {
|
|||
@PostMapping("/member-list")
|
||||
@RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ)
|
||||
@Operation(summary = "系统设置-组织-项目-成员列表")
|
||||
@CheckOwner(resourceId = "#reuqest.projectId", resourceType = "project")
|
||||
public Pager<List<UserExtendDTO>> getProjectMember(@Validated @RequestBody ProjectMemberRequest request) {
|
||||
Page<Object> page = PageHelper.startPage(request.getCurrent(), request.getPageSize());
|
||||
return PageUtils.setPageInfo(page, organizationProjectService.getProjectMember(request));
|
||||
|
@ -150,6 +152,7 @@ public class OrganizationProjectController {
|
|||
@GetMapping("/user-admin-list/{organizationId}")
|
||||
@Operation(summary = "系统设置-组织-项目-获取管理员列表")
|
||||
@RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ)
|
||||
@CheckOwner(resourceId = "#organizationId", resourceType = "organization")
|
||||
public List<UserExtendDTO> getUserAdminList(@PathVariable String organizationId, @Schema(description = "查询关键字,根据邮箱和用户名查询")
|
||||
@RequestParam(value = "keyword", required = false) String keyword) {
|
||||
return organizationProjectService.getUserAdminList(organizationId, keyword);
|
||||
|
@ -158,6 +161,7 @@ public class OrganizationProjectController {
|
|||
@GetMapping("/user-member-list/{organizationId}/{projectId}")
|
||||
@Operation(summary = "系统设置-组织-项目-获取成员列表")
|
||||
@RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ)
|
||||
@CheckOwner(resourceId = "#organizationId", resourceType = "organization")
|
||||
public List<UserExtendDTO> getUserMemberList(@PathVariable String organizationId, @PathVariable String projectId,
|
||||
@Schema(description = "查询关键字,根据邮箱和用户名查询")
|
||||
@RequestParam(value = "keyword", required = false) String keyword) {
|
||||
|
@ -167,6 +171,7 @@ public class OrganizationProjectController {
|
|||
@PostMapping("/pool-options")
|
||||
@Operation(summary = "系统设置-组织-项目-获取资源池下拉选项")
|
||||
@RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ)
|
||||
@CheckOwner(resourceId = "#request.organizationId", resourceType = "organization")
|
||||
public List<OptionDTO> getProjectOptions(@Validated @RequestBody ProjectPoolRequest request) {
|
||||
return organizationProjectService.getTestResourcePoolOptions(request);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue