diff --git a/backend/src/main/java/io/metersphere/api/controller/APIReportController.java b/backend/src/main/java/io/metersphere/api/controller/APIReportController.java index 5f41294711..0704e95119 100644 --- a/backend/src/main/java/io/metersphere/api/controller/APIReportController.java +++ b/backend/src/main/java/io/metersphere/api/controller/APIReportController.java @@ -21,7 +21,6 @@ import java.util.List; @RestController @RequestMapping(value = "/api/report") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public class APIReportController { @Resource @@ -60,7 +59,6 @@ public class APIReportController { } @PostMapping("/delete") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER}, logical = Logical.OR) public void delete(@RequestBody DeleteAPIReportRequest request) { apiReportService.delete(request); } @@ -71,7 +69,6 @@ public class APIReportController { } @PostMapping("/batch/delete") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER}, logical = Logical.OR) public void deleteAPIReportBatch(@RequestBody DeleteAPIReportRequest reportRequest) { apiReportService.deleteAPIReportBatch(reportRequest); } diff --git a/backend/src/main/java/io/metersphere/api/controller/APIScenarioReportController.java b/backend/src/main/java/io/metersphere/api/controller/APIScenarioReportController.java index f5267bbcfd..86424a1540 100644 --- a/backend/src/main/java/io/metersphere/api/controller/APIScenarioReportController.java +++ b/backend/src/main/java/io/metersphere/api/controller/APIScenarioReportController.java @@ -23,7 +23,6 @@ import java.util.List; @RestController @RequestMapping(value = "/api/scenario/report") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public class APIScenarioReportController { @Resource @@ -42,7 +41,6 @@ public class APIScenarioReportController { } @PostMapping("/update") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) public String update(@RequestBody APIScenarioReportResult node) { node.setExecuteType(ExecuteType.Saved.name()); return apiReportService.update(node); diff --git a/backend/src/main/java/io/metersphere/api/controller/APITestController.java b/backend/src/main/java/io/metersphere/api/controller/APITestController.java index 01290fc68e..a9d02efd14 100644 --- a/backend/src/main/java/io/metersphere/api/controller/APITestController.java +++ b/backend/src/main/java/io/metersphere/api/controller/APITestController.java @@ -41,7 +41,6 @@ import static io.metersphere.commons.utils.JsonPathUtils.getListJson; @RestController @RequestMapping(value = "/api") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public class APITestController { @Resource private APITestService apiTestService; @@ -159,7 +158,6 @@ public class APITestController { } @PostMapping(value = "/import", consumes = {"multipart/form-data"}) - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) public ApiTest testCaseImport(@RequestPart(value = "file", required = false) MultipartFile file, @RequestPart("request") ApiTestImportRequest request) { return apiTestService.apiTestImport(file, request); } diff --git a/backend/src/main/java/io/metersphere/api/controller/ApiDatabaseController.java b/backend/src/main/java/io/metersphere/api/controller/ApiDatabaseController.java index f3b316e703..d86433df6a 100644 --- a/backend/src/main/java/io/metersphere/api/controller/ApiDatabaseController.java +++ b/backend/src/main/java/io/metersphere/api/controller/ApiDatabaseController.java @@ -11,7 +11,7 @@ import javax.annotation.Resource; @RestController @RequestMapping(value = "/api/database") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER}, logical = Logical.OR) + public class ApiDatabaseController { @Resource diff --git a/backend/src/main/java/io/metersphere/api/controller/ApiModuleController.java b/backend/src/main/java/io/metersphere/api/controller/ApiModuleController.java index 28bef8f4c2..176249a168 100644 --- a/backend/src/main/java/io/metersphere/api/controller/ApiModuleController.java +++ b/backend/src/main/java/io/metersphere/api/controller/ApiModuleController.java @@ -19,7 +19,6 @@ import java.util.List; @RequestMapping("/api/module") @RestController -@RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER, RoleConstants.ORG_ADMIN}, logical = Logical.OR) public class ApiModuleController { @Resource @@ -60,21 +59,18 @@ public class ApiModuleController { } @PostMapping("/add") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_definition", type = OperLogConstants.CREATE, title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = ApiModuleService.class) public String addNode(@RequestBody ApiModule node) { return apiModuleService.addNode(node); } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_definition", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = ApiModuleService.class) public int editNode(@RequestBody DragModuleRequest node) { return apiModuleService.editNode(node); } @PostMapping("/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_definition", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#nodeIds)", msClass = ApiModuleService.class) public int deleteNode(@RequestBody List nodeIds) { //nodeIds 包含删除节点ID及其所有子节点ID @@ -82,7 +78,6 @@ public class ApiModuleController { } @PostMapping("/drag") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_definition", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = ApiModuleService.class) public void dragNode(@RequestBody DragModuleRequest node) { apiModuleService.dragNode(node); diff --git a/backend/src/main/java/io/metersphere/api/controller/ApiMonitorController.java b/backend/src/main/java/io/metersphere/api/controller/ApiMonitorController.java index 7eb2c89adb..601a68e34b 100644 --- a/backend/src/main/java/io/metersphere/api/controller/ApiMonitorController.java +++ b/backend/src/main/java/io/metersphere/api/controller/ApiMonitorController.java @@ -15,7 +15,6 @@ import java.util.List; @RestController @RequestMapping(value = "/api/monitor") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public class ApiMonitorController { @Resource diff --git a/backend/src/main/java/io/metersphere/api/controller/ApiScenarioModuleController.java b/backend/src/main/java/io/metersphere/api/controller/ApiScenarioModuleController.java index 463814a3f0..e198342034 100644 --- a/backend/src/main/java/io/metersphere/api/controller/ApiScenarioModuleController.java +++ b/backend/src/main/java/io/metersphere/api/controller/ApiScenarioModuleController.java @@ -17,7 +17,6 @@ import java.util.List; @RequestMapping("/api/automation/module") @RestController -@RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER, RoleConstants.ORG_ADMIN}, logical = Logical.OR) public class ApiScenarioModuleController { @Resource @@ -32,14 +31,12 @@ public class ApiScenarioModuleController { } @PostMapping("/add") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_automation", type = OperLogConstants.CREATE, title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = ApiScenarioModuleService.class) public String addNode(@RequestBody ApiScenarioModule node) { return apiScenarioModuleService.addNode(node); } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_automation", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = ApiScenarioModuleService.class) public int editNode(@RequestBody DragApiScenarioModuleRequest node) { return apiScenarioModuleService.editNode(node); @@ -52,7 +49,6 @@ public class ApiScenarioModuleController { } @PostMapping("/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_automation", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#nodeIds)", msClass = ApiScenarioModuleService.class) public int deleteNode(@RequestBody List nodeIds) { //nodeIds 包含删除节点ID及其所有子节点ID @@ -60,7 +56,6 @@ public class ApiScenarioModuleController { } @PostMapping("/drag") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_automation", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = ApiScenarioModuleService.class) public void dragNode(@RequestBody DragApiScenarioModuleRequest node) { apiScenarioModuleService.dragNode(node); diff --git a/backend/src/main/java/io/metersphere/api/controller/ApiTestCaseController.java b/backend/src/main/java/io/metersphere/api/controller/ApiTestCaseController.java index 154a9569d8..9d1d97fb71 100644 --- a/backend/src/main/java/io/metersphere/api/controller/ApiTestCaseController.java +++ b/backend/src/main/java/io/metersphere/api/controller/ApiTestCaseController.java @@ -26,7 +26,6 @@ import java.util.Map; @RestController @RequestMapping(value = "/api/testcase") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public class ApiTestCaseController { @Resource @@ -119,13 +118,11 @@ public class ApiTestCaseController { } @PostMapping("/batch/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) public void editApiBath(@RequestBody ApiCaseBatchRequest request) { apiTestCaseService.editApiBath(request); } @PostMapping("/batch/editByParam") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "api_definition", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class) public void editApiBathByParam(@RequestBody ApiTestBatchRequest request) { apiTestCaseService.editApiBathByParam(request); diff --git a/backend/src/main/java/io/metersphere/api/controller/ApiTestEnvironmentController.java b/backend/src/main/java/io/metersphere/api/controller/ApiTestEnvironmentController.java index 97a94600db..998b43078d 100644 --- a/backend/src/main/java/io/metersphere/api/controller/ApiTestEnvironmentController.java +++ b/backend/src/main/java/io/metersphere/api/controller/ApiTestEnvironmentController.java @@ -24,7 +24,6 @@ import java.util.List; @RestController @RequestMapping(value = "/api/environment") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public class ApiTestEnvironmentController { @Resource @@ -65,27 +64,23 @@ public class ApiTestEnvironmentController { @PostMapping(value = "/get/entry") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) public List getEntry(@RequestPart("request") String password, @RequestPart(value = "file") MultipartFile sslFiles) { return commandService.get(password, sslFiles); } @PostMapping("/add") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) @MsAuditLog(module = "project_environment_setting", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#apiTestEnvironmentWithBLOBs.id)", msClass = ApiTestEnvironmentService.class) public String create(@RequestPart("request") ApiTestEnvironmentDTO apiTestEnvironmentWithBLOBs, @RequestPart(value = "files") List sslFiles) { return apiTestEnvironmentService.add(apiTestEnvironmentWithBLOBs, sslFiles); } @PostMapping(value = "/update") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) @MsAuditLog(module = "project_environment_setting", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#apiTestEnvironment.id)", content = "#msClass.getLogDetails(#apiTestEnvironment.id)", msClass = ApiTestEnvironmentService.class) public void update(@RequestPart("request") ApiTestEnvironmentDTO apiTestEnvironment, @RequestPart(value = "files") List sslFiles) { apiTestEnvironmentService.update(apiTestEnvironment, sslFiles); } @GetMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) @MsAuditLog(module = "project_environment_setting", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = ApiTestEnvironmentService.class) public void delete(@PathVariable String id) { apiTestEnvironmentService.delete(id); diff --git a/backend/src/main/java/io/metersphere/controller/CustomFieldController.java b/backend/src/main/java/io/metersphere/controller/CustomFieldController.java index ade2b2fdf8..117a11330f 100644 --- a/backend/src/main/java/io/metersphere/controller/CustomFieldController.java +++ b/backend/src/main/java/io/metersphere/controller/CustomFieldController.java @@ -19,7 +19,7 @@ import java.util.List; @RequestMapping("custom/field") @RestController -@RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public class CustomFieldController { @Resource diff --git a/backend/src/main/java/io/metersphere/controller/CustomFieldTemplateController.java b/backend/src/main/java/io/metersphere/controller/CustomFieldTemplateController.java index d954ee0b8d..1e04f10580 100644 --- a/backend/src/main/java/io/metersphere/controller/CustomFieldTemplateController.java +++ b/backend/src/main/java/io/metersphere/controller/CustomFieldTemplateController.java @@ -16,7 +16,7 @@ import java.util.List; @RestController @RequestMapping("custom/field/template") -@RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public class CustomFieldTemplateController { @Resource diff --git a/backend/src/main/java/io/metersphere/controller/IssueTemplateController.java b/backend/src/main/java/io/metersphere/controller/IssueTemplateController.java index 85a114535e..64c3df9918 100644 --- a/backend/src/main/java/io/metersphere/controller/IssueTemplateController.java +++ b/backend/src/main/java/io/metersphere/controller/IssueTemplateController.java @@ -21,7 +21,7 @@ import java.util.List; @RequestMapping("field/template/issue") @RestController -@RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public class IssueTemplateController { @Resource private IssueTemplateService issueTemplateService; diff --git a/backend/src/main/java/io/metersphere/controller/JarConfigController.java b/backend/src/main/java/io/metersphere/controller/JarConfigController.java index 8fddda105a..ed38591780 100644 --- a/backend/src/main/java/io/metersphere/controller/JarConfigController.java +++ b/backend/src/main/java/io/metersphere/controller/JarConfigController.java @@ -19,14 +19,14 @@ import java.util.List; @RestController @RequestMapping(value = "/jar") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public class JarConfigController { @Resource JarConfigService JarConfigService; @PostMapping("list/{goPage}/{pageSize}") - @RequiresRoles(RoleConstants.ORG_ADMIN) + public Pager> list(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody JarConfig request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, JarConfigService.list(request)); @@ -48,21 +48,21 @@ public class JarConfigController { } @PostMapping(value = "/add", consumes = {"multipart/form-data"}) - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) + @MsAuditLog(module = "project_project_jar", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = JarConfigService.class) public String add(@RequestPart("request") JarConfig request, @RequestPart(value = "file") MultipartFile file) { return JarConfigService.add(request, file); } @PostMapping(value = "/update", consumes = {"multipart/form-data"}) - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) + @MsAuditLog(module = "project_project_jar", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", content = "#msClass.getLogDetails(#request.id)", msClass = JarConfigService.class) public void update(@RequestPart("request") JarConfig request, @RequestPart(value = "file", required = false) MultipartFile file) { JarConfigService.update(request, file); } @GetMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) + @MsAuditLog(module = "project_project_jar", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = JarConfigService.class) public void delete(@PathVariable String id) { JarConfigService.delete(id); diff --git a/backend/src/main/java/io/metersphere/controller/OrganizationController.java b/backend/src/main/java/io/metersphere/controller/OrganizationController.java index 4d92cccbc7..b735b74cdb 100644 --- a/backend/src/main/java/io/metersphere/controller/OrganizationController.java +++ b/backend/src/main/java/io/metersphere/controller/OrganizationController.java @@ -31,7 +31,7 @@ public class OrganizationController { private UserService userService; @PostMapping("/add") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "system_organization", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#organization.id)", msClass = OrganizationService.class) public Organization addOrganization(@RequestBody Organization organization) { organization.setId(UUID.randomUUID().toString()); @@ -39,20 +39,20 @@ public class OrganizationController { } @GetMapping("/list") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public List getOrganizationList() { return organizationService.getOrganizationList(new OrganizationRequest()); } @PostMapping("/list/{goPage}/{pageSize}") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN}, logical = Logical.OR) + public Pager> getOrganizationList(@RequestBody OrganizationRequest request, @PathVariable int goPage, @PathVariable int pageSize) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, organizationService.getOrganizationList(request)); } @GetMapping("/delete/{organizationId}") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "system_organization", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#organizationId)", msClass = OrganizationService.class) public void deleteOrganization(@PathVariable(value = "organizationId") String organizationId) { userService.refreshSessionUser("organization", organizationId); @@ -60,7 +60,7 @@ public class OrganizationController { } @PostMapping("/update") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN}, logical = Logical.OR) + @MsAuditLog(module = "system_organization", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#organization.id)", content = "#msClass.getLogDetails(#organization.id)", msClass = OrganizationService.class) public void updateOrganization(@RequestBody Organization organization) { organizationService.updateOrganization(organization); @@ -72,8 +72,8 @@ public class OrganizationController { } @PostMapping("/member/update") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN}, logical = Logical.OR) - @MsAuditLog(module = "organization_member", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#memberDTO)", content = "#msClass.getLogDetails(#memberDTO)", msClass = OrganizationService.class) + + @MsAuditLog(module = "organization_member", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#memberDTO.id)", content = "#msClass.getLogDetails(#memberDTO.id)", msClass = OrganizationService.class) public void updateOrgMember(@RequestBody OrganizationMemberDTO memberDTO) { organizationService.updateOrgMember(memberDTO); } diff --git a/backend/src/main/java/io/metersphere/controller/ProjectController.java b/backend/src/main/java/io/metersphere/controller/ProjectController.java index 57da33f2bc..57f10827dd 100644 --- a/backend/src/main/java/io/metersphere/controller/ProjectController.java +++ b/backend/src/main/java/io/metersphere/controller/ProjectController.java @@ -53,7 +53,6 @@ public class ProjectController { } @GetMapping("/recent/{count}") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public List recentProjects(@PathVariable int count) { String currentWorkspaceId = SessionUtils.getCurrentWorkspaceId(); ProjectRequest request = new ProjectRequest(); @@ -69,7 +68,6 @@ public class ProjectController { } @PostMapping("/add") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) @MsAuditLog(module = "project_project_manager", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#project.id)", msClass = ProjectService.class) public Project addProject(@RequestBody AddProjectRequest project, HttpServletRequest request) { Project returnModel = projectService.addProject(project); @@ -93,7 +91,6 @@ public class ProjectController { } @GetMapping("/delete/{projectId}") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) @MsAuditLog(module = "project_project_manager", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#projectId)", msClass = ProjectService.class) public void deleteProject(@PathVariable(value = "projectId") String projectId) { checkPermissionService.checkProjectOwner(projectId); @@ -101,7 +98,6 @@ public class ProjectController { } @PostMapping("/update") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) @MsAuditLog(module = "project_project_manager", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#Project.id)", content = "#msClass.getLogDetails(#Project.id)", msClass = ProjectService.class) public void updateProject(@RequestBody Project Project) { projectService.updateProject(Project); diff --git a/backend/src/main/java/io/metersphere/controller/ResourceController.java b/backend/src/main/java/io/metersphere/controller/ResourceController.java index 1db688f04d..7b9d56cc10 100644 --- a/backend/src/main/java/io/metersphere/controller/ResourceController.java +++ b/backend/src/main/java/io/metersphere/controller/ResourceController.java @@ -14,13 +14,13 @@ import javax.annotation.Resource; @RestController @RequestMapping(value = "/resource") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public class ResourceController { @Resource ResourceService resourceService; @PostMapping(value = "/md/upload", consumes = {"multipart/form-data"}) - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) + public void upload(@RequestPart(value = "request") MdUploadRequest request, @RequestPart(value = "file") MultipartFile file) { resourceService.mdUpload(request, file); } @@ -31,7 +31,7 @@ public class ResourceController { } @GetMapping("/md/delete/{fileName}") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER,}, logical = Logical.OR) + public void delete(@PathVariable("fileName") String fileName) { resourceService.mdDelete(fileName); } diff --git a/backend/src/main/java/io/metersphere/controller/RoleController.java b/backend/src/main/java/io/metersphere/controller/RoleController.java index b1a40877f1..89967abb22 100644 --- a/backend/src/main/java/io/metersphere/controller/RoleController.java +++ b/backend/src/main/java/io/metersphere/controller/RoleController.java @@ -25,7 +25,7 @@ public class RoleController { } @GetMapping("/all") - @RequiresRoles(RoleConstants.ADMIN) + public List getAllRole() { return roleService.getAllRole(); } diff --git a/backend/src/main/java/io/metersphere/controller/SystemParameterController.java b/backend/src/main/java/io/metersphere/controller/SystemParameterController.java index 18959e2aef..952d8dcd33 100644 --- a/backend/src/main/java/io/metersphere/controller/SystemParameterController.java +++ b/backend/src/main/java/io/metersphere/controller/SystemParameterController.java @@ -26,14 +26,12 @@ public class SystemParameterController { private SystemParameterService SystemParameterService; @PostMapping("/edit/email") - @RequiresRoles(value = {RoleConstants.ADMIN}) @MsAuditLog(module = "system_parameter_setting", type = OperLogConstants.UPDATE, title = "邮件设置") public void editMail(@RequestBody List systemParameter) { SystemParameterService.editMail(systemParameter); } @PostMapping("/testConnection") - @RequiresRoles(value = {RoleConstants.ADMIN}) public void testConnection(@RequestBody HashMap hashMap) { SystemParameterService.testConnection(hashMap); } @@ -49,7 +47,6 @@ public class SystemParameterController { } @GetMapping("/mail/info") - @RequiresRoles(value = {RoleConstants.ADMIN}) public MailInfo mailInfo() { return SystemParameterService.mailInfo(ParamConstants.Classify.MAIL.getValue()); } @@ -65,21 +62,18 @@ public class SystemParameterController { } @PostMapping("/save/base") - @RequiresRoles(value = {RoleConstants.ADMIN}) @MsAuditLog(module = "system_parameter_setting", type = OperLogConstants.UPDATE, title = "基本配置") public void saveBaseInfo(@RequestBody List systemParameter) { SystemParameterService.saveBaseInfo(systemParameter); } @PostMapping("/save/ldap") - @RequiresRoles(value = {RoleConstants.ADMIN}) @MsAuditLog(module = "system_parameter_setting", type = OperLogConstants.UPDATE, title = "LDAP设置") public void saveLdap(@RequestBody List systemParameter) { SystemParameterService.saveLdap(systemParameter); } @GetMapping("/ldap/info") - @RequiresRoles(value = {RoleConstants.ADMIN}) public LdapInfo getLdapInfo() { return SystemParameterService.getLdapInfo(ParamConstants.Classify.LDAP.getValue()); } diff --git a/backend/src/main/java/io/metersphere/controller/TestCaseTemplateController.java b/backend/src/main/java/io/metersphere/controller/TestCaseTemplateController.java index 366149e3d9..7191591349 100644 --- a/backend/src/main/java/io/metersphere/controller/TestCaseTemplateController.java +++ b/backend/src/main/java/io/metersphere/controller/TestCaseTemplateController.java @@ -22,7 +22,7 @@ import java.util.List; @RequestMapping("field/template/case") @RestController -@RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public class TestCaseTemplateController { @Resource @@ -35,7 +35,7 @@ public class TestCaseTemplateController { } @PostMapping("/list/{goPage}/{pageSize}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public Pager> list(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody BaseQueryRequest request) { Page> page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, testCaseTemplateService.list(request)); @@ -54,13 +54,13 @@ public class TestCaseTemplateController { } @GetMapping("/option/{workspaceId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public List list(@PathVariable String workspaceId) { return testCaseTemplateService.getOption(workspaceId); } @GetMapping("/get/relate/{projectId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public TestCaseTemplateDao getTemplate(@PathVariable String projectId) { return testCaseTemplateService.getTemplate(projectId); } diff --git a/backend/src/main/java/io/metersphere/controller/TestResourcePoolController.java b/backend/src/main/java/io/metersphere/controller/TestResourcePoolController.java index 3809810784..fabdfa5459 100644 --- a/backend/src/main/java/io/metersphere/controller/TestResourcePoolController.java +++ b/backend/src/main/java/io/metersphere/controller/TestResourcePoolController.java @@ -20,7 +20,7 @@ import java.util.List; @RequestMapping("testresourcepool") @RestController -@RequiresRoles(RoleConstants.ADMIN) + public class TestResourcePoolController { @Resource @@ -62,13 +62,13 @@ public class TestResourcePoolController { } @GetMapping("list/all/valid") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public List listValidResourcePools() { return testResourcePoolService.listValidResourcePools(); } @GetMapping("list/quota/valid") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public List listValidQuotaResourcePools() { return testResourcePoolService.listValidQuotaResourcePools(); } diff --git a/backend/src/main/java/io/metersphere/controller/UserController.java b/backend/src/main/java/io/metersphere/controller/UserController.java index f84081df96..0f8b17e4c3 100644 --- a/backend/src/main/java/io/metersphere/controller/UserController.java +++ b/backend/src/main/java/io/metersphere/controller/UserController.java @@ -53,6 +53,8 @@ public class UserController { private CheckPermissionService checkPermissionService; @PostMapping("/special/add") + + @MsAuditLog(module = "system_user", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#user.id)", msClass = UserService.class) @RequiresRoles(RoleConstants.ADMIN) @MsAuditLog(module = "system_user", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#user)", msClass = UserService.class) public UserDTO insertUser(@RequestBody UserRequest user) { @@ -60,26 +62,26 @@ public class UserController { } @PostMapping("/special/list/{goPage}/{pageSize}") - @RequiresRoles(RoleConstants.ADMIN) + public Pager> getUserList(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody io.metersphere.controller.request.UserRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, userService.getUserListWithRequest(request)); } @GetMapping("/special/user/role/{userId}") - @RequiresRoles(RoleConstants.ADMIN) + public UserRoleDTO getUserRole(@PathVariable("userId") String userId) { return userService.getUserRole(userId); } @GetMapping("/special/user/group/{userId}") - @RequiresRoles(RoleConstants.ADMIN) + public UserGroupPermissionDTO getUserGroup(@PathVariable("userId") String userId) { return userService.getUserGroup(userId); } @GetMapping("/special/delete/{userId}") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "system_user", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#userId)", msClass = UserService.class) public void deleteUser(@PathVariable(value = "userId") String userId) { userService.deleteUser(userId); @@ -88,69 +90,69 @@ public class UserController { } @PostMapping("/special/update") - @RequiresRoles(RoleConstants.ADMIN) - @MsAuditLog(module = "system_user", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#user)", content = "#msClass.getLogDetails(#user)", msClass = UserService.class) + + @MsAuditLog(module = "system_user", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#user.id)", content = "#msClass.getLogDetails(#user.id)", msClass = UserService.class) public void updateUser(@RequestBody UserRequest user) { userService.updateUserRole(user); } @PostMapping("/special/update_status") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "system_user", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#user.id)", content = "#msClass.getLogDetails(#user.id)", msClass = UserService.class) public void updateStatus(@RequestBody User user) { userService.updateUser(user); } @PostMapping("/special/ws/member/list/{goPage}/{pageSize}") - @RequiresRoles(RoleConstants.ADMIN) + public Pager> getMemberListByAdmin(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryMemberRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, userService.getMemberList(request)); } @PostMapping("/special/ws/member/list/all") - @RequiresRoles(RoleConstants.ADMIN) + public List getMemberListByAdmin(@RequestBody QueryMemberRequest request) { return userService.getMemberList(request); } @PostMapping("/special/ws/member/add") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "workspace_member", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = WorkspaceService.class) public void addMemberByAdmin(@RequestBody AddMemberRequest request) { userService.addMember(request); } @GetMapping("/special/ws/member/delete/{workspaceId}/{userId}") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "workspace_member", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#userId)", msClass = UserService.class) public void deleteMemberByAdmin(@PathVariable String workspaceId, @PathVariable String userId) { userService.deleteMember(workspaceId, userId); } @PostMapping("/special/org/member/add") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "organization_member", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = OrganizationService.class) public void addOrganizationMemberByAdmin(@RequestBody AddOrgMemberRequest request) { userService.addOrganizationMember(request); } @GetMapping("/special/org/member/delete/{organizationId}/{userId}") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "organization_member", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#userId)", msClass = UserService.class) public void delOrganizationMemberByAdmin(@PathVariable String organizationId, @PathVariable String userId) { userService.delOrganizationMember(organizationId, userId); } @PostMapping("/special/org/member/list/{goPage}/{pageSize}") - @RequiresRoles(RoleConstants.ADMIN) + public Pager> getOrgMemberListByAdmin(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryOrgMemberRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, userService.getOrgMemberList(request)); } @PostMapping("/special/org/member/list/all") - @RequiresRoles(RoleConstants.ADMIN) + public List getOrgMemberListByAdmin(@RequestBody QueryOrgMemberRequest request) { return userService.getOrgMemberList(request); } @@ -174,14 +176,12 @@ public class UserController { } @PostMapping("/switch/source/org/{sourceId}") - @RequiresRoles(value = {RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER, RoleConstants.TEST_VIEWER, RoleConstants.TEST_USER}, logical = Logical.OR) public UserDTO switchOrganization(@PathVariable(value = "sourceId") String sourceId) { userService.switchUserRole("organization", sourceId); return SessionUtils.getUser(); } @PostMapping("/switch/source/ws/{sourceId}") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_VIEWER, RoleConstants.TEST_USER}, logical = Logical.OR) public UserDTO switchWorkspace(@PathVariable(value = "sourceId") String sourceId) { userService.switchUserRole("workspace", sourceId); return SessionUtils.getUser(); @@ -205,8 +205,6 @@ public class UserController { * 获取工作空间成员用户 */ @PostMapping("/ws/member/list/{goPage}/{pageSize}") - @RequiresRoles(value = {RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER, - RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public Pager> getMemberList(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryMemberRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, userService.getMemberList(request)); @@ -222,8 +220,6 @@ public class UserController { * 获取工作空间成员用户 不分页 */ @PostMapping("/ws/member/list/all") - @RequiresRoles(value = {RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER, - RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) public List getMemberList(@RequestBody QueryMemberRequest request) { return userService.getMemberList(request); } @@ -232,7 +228,6 @@ public class UserController { * 添加工作空间成员 */ @PostMapping("/ws/member/add") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.ORG_ADMIN}, logical = Logical.OR) @MsAuditLog(module = "workspace_member", type = OperLogConstants.CREATE, title = "添加工作空间成员") public void addMember(@RequestBody AddMemberRequest request) { String wsId = request.getWorkspaceId(); @@ -251,7 +246,6 @@ public class UserController { * 删除工作空间成员 */ @GetMapping("/ws/member/delete/{workspaceId}/{userId}") - @RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.ORG_ADMIN}, logical = Logical.OR) @MsAuditLog(module = "workspace_member", type = OperLogConstants.DELETE, title = "删除工作空间成员") public void deleteMember(@PathVariable String workspaceId, @PathVariable String userId) { // workspaceService.checkWorkspaceOwner(workspaceId); @@ -277,8 +271,7 @@ public class UserController { * 添加组织成员 */ @PostMapping("/org/member/add") - @RequiresRoles(RoleConstants.ORG_ADMIN) - @MsAuditLog(module = "organization_member", type = OperLogConstants.CREATE, title = "'添加组织成员-'+#request.userIds") + @MsAuditLog(module = "organization_member", type = OperLogConstants.CREATE, title = "添加组织成员") public void addOrganizationMember(@RequestBody AddOrgMemberRequest request) { organizationService.checkOrgOwner(request.getOrganizationId()); userService.addOrganizationMember(request); @@ -288,7 +281,6 @@ public class UserController { * 删除组织成员 */ @GetMapping("/org/member/delete/{organizationId}/{userId}") - @RequiresRoles(RoleConstants.ORG_ADMIN) @MsAuditLog(module = "organization_member", type = OperLogConstants.DELETE, title = "删除组织成员") public void delOrganizationMember(@PathVariable String organizationId, @PathVariable String userId) { organizationService.checkOrgOwner(organizationId); @@ -303,7 +295,7 @@ public class UserController { * 查询组织成员列表 */ @PostMapping("/org/member/list/{goPage}/{pageSize}") - @RequiresRoles(value = {RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public Pager> getOrgMemberList(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryOrgMemberRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, userService.getOrgMemberList(request)); @@ -313,7 +305,7 @@ public class UserController { * 组织成员列表不分页 */ @PostMapping("/org/member/list/all") - @RequiresRoles(value = {RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public List getOrgMemberList(@RequestBody QueryOrgMemberRequest request) { return userService.getOrgMemberList(request); } @@ -343,33 +335,31 @@ public class UserController { * 获取工作空间成员用户 不分页 */ @PostMapping("/ws/member/tester/list") - @RequiresRoles(value = {RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER, - RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public List getTestManagerAndTestUserList(@RequestBody QueryMemberRequest request) { return userService.getTestManagerAndTestUserList(request); } @GetMapping("/search/{condition}") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public List searchUser(@PathVariable String condition) { return userService.searchUser(condition); } @GetMapping("/export/template") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public void testCaseTemplateExport(HttpServletResponse response) { userService.userTemplateExport(response); } @PostMapping("/import/{userId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) - @MsAuditLog(module = "system_user", type = OperLogConstants.IMPORT) - public ExcelResponse testCaseImport(MultipartFile file, @PathVariable String userId, HttpServletRequest request) { - return userService.userImport(file, userId,request); + + public ExcelResponse testCaseImport(MultipartFile file, @PathVariable String userId) { + return userService.userImport(file, userId); } @PostMapping("/special/batchProcessUserInfo") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER}) + @MsAuditLog(module = "system_user", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = UserService.class) public String batchProcessUserInfo(@RequestBody UserBatchProcessRequest request) { String returnString = "success"; diff --git a/backend/src/main/java/io/metersphere/controller/UserKeysController.java b/backend/src/main/java/io/metersphere/controller/UserKeysController.java index e906fdf29a..c4ffe6b1ef 100644 --- a/backend/src/main/java/io/metersphere/controller/UserKeysController.java +++ b/backend/src/main/java/io/metersphere/controller/UserKeysController.java @@ -21,7 +21,7 @@ import java.util.List; @RestController @RequestMapping("user/key") -@RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER, RoleConstants.ORG_ADMIN}, logical = Logical.OR) + public class UserKeysController { @Resource diff --git a/backend/src/main/java/io/metersphere/controller/UserRoleController.java b/backend/src/main/java/io/metersphere/controller/UserRoleController.java index 435d4e8b64..5f744569b5 100644 --- a/backend/src/main/java/io/metersphere/controller/UserRoleController.java +++ b/backend/src/main/java/io/metersphere/controller/UserRoleController.java @@ -22,19 +22,19 @@ public class UserRoleController { private UserRoleService userRoleService; @GetMapping("/list/org/{orgId}/{userId}") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN}, logical = Logical.OR) + public List getOrganizationMemberRoles(@PathVariable String orgId, @PathVariable String userId) { return userRoleService.getOrganizationMemberRoles(orgId, userId); } @GetMapping("/list/ws/{workspaceId}/{userId}") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public List getWorkspaceMemberRoles(@PathVariable String workspaceId, @PathVariable String userId) { return userRoleService.getWorkspaceMemberRoles(workspaceId, userId); } @GetMapping("/all/{userId}") - @RequiresRoles(RoleConstants.ADMIN) + public List> getUserRole(@PathVariable("userId") String userId) { return userRoleService.getUserRole(userId); } diff --git a/backend/src/main/java/io/metersphere/controller/WorkspaceController.java b/backend/src/main/java/io/metersphere/controller/WorkspaceController.java index efd3cbe526..be336a8272 100644 --- a/backend/src/main/java/io/metersphere/controller/WorkspaceController.java +++ b/backend/src/main/java/io/metersphere/controller/WorkspaceController.java @@ -33,7 +33,7 @@ public class WorkspaceController { private UserService userService; @PostMapping("add") - @RequiresRoles(RoleConstants.ORG_ADMIN) + @MsAuditLog(module = "system_workspace", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#workspace.id)", msClass = WorkspaceService.class) public Workspace addWorkspace(@RequestBody Workspace workspace) { String currentOrganizationId = SessionUtils.getCurrentOrganizationId(); @@ -47,14 +47,14 @@ public class WorkspaceController { } @PostMapping("special/add") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "system_workspace", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#workspace.id)", msClass = WorkspaceService.class) public Workspace addWorkspaceByAdmin(@RequestBody Workspace workspace) { return workspaceService.addWorkspaceByAdmin(workspace); } @PostMapping("update") - @RequiresRoles(RoleConstants.ORG_ADMIN) + @MsAuditLog(module = "system_workspace", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#workspace.id)", content = "#msClass.getLogDetails(#workspace.id)", msClass = WorkspaceService.class) public Workspace updateWorkspace(@RequestBody Workspace workspace) { // workspaceService.checkWorkspaceOwnerByOrgAdmin(workspace.getId()); @@ -62,22 +62,22 @@ public class WorkspaceController { } @PostMapping("special/update") - @RequiresRoles(RoleConstants.ADMIN) + @MsAuditLog(module = "system_workspace", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#workspace.id)", content = "#msClass.getLogDetails(#workspace.id)", msClass = WorkspaceService.class) public void updateWorkspaceByAdmin(@RequestBody Workspace workspace) { workspaceService.updateWorkspaceByAdmin(workspace); } @GetMapping("special/delete/{workspaceId}") - @RequiresRoles(RoleConstants.ADMIN) - @MsAuditLog(module = "system_workspace", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#workspaceId)", msClass = WorkspaceService.class) + + @MsAuditLog(module = "system_workspace", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#workspaceId)", msClass = WorkspaceService.class) public void deleteWorkspaceByAdmin(@PathVariable String workspaceId) { userService.refreshSessionUser("workspace", workspaceId); workspaceService.deleteWorkspace(workspaceId); } @GetMapping("delete/{workspaceId}") - @RequiresRoles(RoleConstants.ORG_ADMIN) + @MsAuditLog(module = "system_workspace", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#workspaceId)", msClass = WorkspaceService.class) public void deleteWorkspace(@PathVariable String workspaceId) { // workspaceService.checkWorkspaceOwnerByOrgAdmin(workspaceId); @@ -86,7 +86,7 @@ public class WorkspaceController { } @PostMapping("list/{goPage}/{pageSize}") - @RequiresRoles(RoleConstants.ORG_ADMIN) + public Pager> getWorkspaceList(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody WorkspaceRequest request) { request.setOrganizationId(SessionUtils.getCurrentOrganizationId()); Page page = PageHelper.startPage(goPage, pageSize, true); @@ -94,7 +94,7 @@ public class WorkspaceController { } @PostMapping("list/all/{goPage}/{pageSize}") - @RequiresRoles(RoleConstants.ADMIN) + public Pager> getAllWorkspaceList(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody WorkspaceRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, workspaceService.getAllWorkspaceList(request)); @@ -112,8 +112,8 @@ public class WorkspaceController { } @PostMapping("/member/update") - @RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.ORG_ADMIN, RoleConstants.TEST_MANAGER}, logical = Logical.OR) - @MsAuditLog(module = "workspace_member", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#memberDTO)", content = "#msClass.getLogDetails(#memberDTO)", msClass = WorkspaceService.class) + + @MsAuditLog(module = "workspace_member", type = OperLogConstants.UPDATE, title = "#memberDTO.name") public void updateOrgMember(@RequestBody WorkspaceMemberDTO memberDTO) { workspaceService.updateWorkspaceMember(memberDTO); } diff --git a/backend/src/main/java/io/metersphere/log/controller/OperatingLogController.java b/backend/src/main/java/io/metersphere/log/controller/OperatingLogController.java index 63f4d0fa7d..373082ad05 100644 --- a/backend/src/main/java/io/metersphere/log/controller/OperatingLogController.java +++ b/backend/src/main/java/io/metersphere/log/controller/OperatingLogController.java @@ -18,7 +18,7 @@ import java.util.List; @RestController @RequestMapping(value = "/operating/log") -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public class OperatingLogController { @Resource private OperatingLogService operatingLogService; diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseCommentController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseCommentController.java index 32d361585b..3930055899 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseCommentController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseCommentController.java @@ -1,13 +1,10 @@ package io.metersphere.track.controller; import io.metersphere.commons.constants.OperLogConstants; -import io.metersphere.commons.constants.RoleConstants; import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.track.dto.TestCaseCommentDTO; import io.metersphere.track.request.testreview.SaveCommentRequest; import io.metersphere.track.service.TestCaseCommentService; -import org.apache.shiro.authz.annotation.Logical; -import org.apache.shiro.authz.annotation.RequiresRoles; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -34,7 +31,6 @@ public class TestCaseCommentController { } @GetMapping("/delete/{commentId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#commentId)", msClass = TestCaseCommentService.class) public void deleteComment(@PathVariable String commentId) { testCaseCommentService.delete(commentId); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseController.java index e9e0569d05..8c91f1e286 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseController.java @@ -38,7 +38,7 @@ import java.util.UUID; @RequestMapping("/test/case") @RestController -@RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER, RoleConstants.ORG_ADMIN}, logical = Logical.OR) + public class TestCaseController { @Resource @@ -127,7 +127,7 @@ public class TestCaseController { } @PostMapping(value = "/add", consumes = {"multipart/form-data"}) - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.CREATE, title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = TestCaseService.class) public String addTestCase(@RequestPart("request") EditTestCaseRequest request, @RequestPart(value = "file") List files) { request.setId(UUID.randomUUID().toString()); @@ -135,21 +135,21 @@ public class TestCaseController { } @PostMapping(value = "/edit", consumes = {"multipart/form-data"}) - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = TestCaseService.class) public String editTestCase(@RequestPart("request") EditTestCaseRequest request, @RequestPart(value = "file") List files) { return testCaseService.edit(request, files); } @PostMapping(value = "/edit/testPlan", consumes = {"multipart/form-data"}) - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogBeforeDetails(#request.id)", title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = TestCaseService.class) public String editTestCaseByTestPlan(@RequestPart("request") EditTestCaseRequest request, @RequestPart(value = "file") List files) { return testCaseService.editTestCase(request, files); } @PostMapping("/delete/{testCaseId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#testCaseId)", msClass = TestCaseService.class) public int deleteTestCase(@PathVariable String testCaseId) { checkPermissionService.checkTestCaseOwner(testCaseId); @@ -157,7 +157,7 @@ public class TestCaseController { } @PostMapping("/import/{projectId}/{userId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.IMPORT, project = "#projectId") public ExcelResponse testCaseImport(MultipartFile file, @PathVariable String projectId, @PathVariable String userId, HttpServletRequest request) { checkPermissionService.checkProjectOwner(projectId); @@ -165,7 +165,7 @@ public class TestCaseController { } @PostMapping("/importIgnoreError/{projectId}/{userId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.IMPORT, project = "#projectId") public ExcelResponse testCaseImportIgnoreError(MultipartFile file, @PathVariable String projectId, @PathVariable String userId, HttpServletRequest request) { checkPermissionService.checkProjectOwner(projectId); @@ -173,33 +173,33 @@ public class TestCaseController { } @GetMapping("/export/template") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public void testCaseTemplateExport(HttpServletResponse response) { testCaseService.testCaseTemplateExport(response); } @GetMapping("/export/xmindTemplate") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public void xmindTemplate(HttpServletResponse response) { testCaseService.testCaseXmindTemplateExport(response); } @PostMapping("/export/testcase") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.EXPORT, sourceId = "#request.id", title = "#request.name", project = "#request.projectId") public void testCaseExport(HttpServletResponse response, @RequestBody TestCaseBatchRequest request) { testCaseService.testCaseExport(response, request); } @PostMapping("/batch/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class) public void editTestCaseBath(@RequestBody TestCaseBatchRequest request) { testCaseService.editTestCaseBath(request); } @PostMapping("/batch/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class) public void deleteTestCaseBath(@RequestBody TestCaseBatchRequest request) { testCaseService.deleteTestCaseBath(request); @@ -236,7 +236,7 @@ public class TestCaseController { } @PostMapping("/minder/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case", type = OperLogConstants.BATCH_UPDATE, project = "#request.projectId", beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class) public void minderEdit(@RequestBody TestCaseMinderEditRequest request) { testCaseService.minderEdit(request); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseNodeController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseNodeController.java index 8732f869e8..098eaf7c44 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseNodeController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseNodeController.java @@ -19,7 +19,6 @@ import java.util.List; @RequestMapping("/case/node") @RestController -@RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER, RoleConstants.ORG_ADMIN}, logical = Logical.OR) public class TestCaseNodeController { @Resource @@ -72,21 +71,18 @@ public class TestCaseNodeController { } @PostMapping("/add") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "track_test_case", type = OperLogConstants.CREATE, title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = TestCaseNodeService.class) public String addNode(@RequestBody TestCaseNode node) { return testCaseNodeService.addNode(node); } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "track_test_case", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = TestCaseNodeService.class) public int editNode(@RequestBody DragNodeRequest node) { return testCaseNodeService.editNode(node); } @PostMapping("/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "track_test_case", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#nodeIds)", msClass = TestCaseNodeService.class) public int deleteNode(@RequestBody List nodeIds) { //nodeIds 包含删除节点ID及其所有子节点ID @@ -94,7 +90,6 @@ public class TestCaseNodeController { } @PostMapping("/drag") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) @MsAuditLog(module = "track_test_case", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#node)", title = "#node.name", content = "#msClass.getLogDetails(#node)", msClass = TestCaseNodeService.class) public void dragNode(@RequestBody DragNodeRequest node) { testCaseNodeService.dragNode(node); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseReportController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseReportController.java index 919b1f3f01..90a37307f2 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseReportController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseReportController.java @@ -32,7 +32,7 @@ public class TestCaseReportController { } @PostMapping("/add") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = TestCaseReportService.class) public String addByTemplateId(@RequestBody CreateReportRequest request) { request.setId(UUID.randomUUID().toString()); @@ -40,14 +40,14 @@ public class TestCaseReportController { } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#TestCaseReport.id)", content = "#msClass.getLogDetails(#TestCaseReport.id)", msClass = TestCaseReportService.class) public void edit(@RequestBody TestCaseReport TestCaseReport) { testCaseReportService.editTestCaseReport(TestCaseReport); } @PostMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = TestCaseReportService.class) public int delete(@PathVariable String id) { return testCaseReportService.deleteTestCaseReport(id); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseReportTemplateController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseReportTemplateController.java index d2ba80a9eb..27e727ba41 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseReportTemplateController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseReportTemplateController.java @@ -31,21 +31,21 @@ public class TestCaseReportTemplateController { } @PostMapping("/add") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "workspace_template_settings", type = OperLogConstants.CREATE, title = "#testCaseReportTemplate.name",sourceId = "#testCaseReportTemplate.id") public void add(@RequestBody TestCaseReportTemplate testCaseReportTemplate) { testCaseReportTemplateService.addTestCaseReportTemplate(testCaseReportTemplate); } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "workspace_template_settings", type = OperLogConstants.UPDATE, title = "#testCaseReportTemplate.name",sourceId = "#testCaseReportTemplate.id") public void edit(@RequestBody TestCaseReportTemplate testCaseReportTemplate) { testCaseReportTemplateService.editTestCaseReportTemplate(testCaseReportTemplate); } @PostMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "workspace_template_settings", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = TestCaseReportTemplateService.class) public int delete(@PathVariable String id) { return testCaseReportTemplateService.deleteTestCaseReportTemplate(id); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewApiCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewApiCaseController.java index 0d8bf9b36a..46616817ec 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewApiCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewApiCaseController.java @@ -37,19 +37,19 @@ public class TestCaseReviewApiCaseController { } @GetMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public int deleteTestCase(@PathVariable String id) { return testCaseReviewApiCaseService.delete(id); } @PostMapping("/batch/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public void deleteApiCaseBath(@RequestBody TestReviewApiCaseBatchRequest request) { testCaseReviewApiCaseService.deleteApiCaseBath(request); } @PostMapping("/batch/update/env") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public void batchUpdateEnv(@RequestBody TestPlanApiCaseBatchRequest request) { testCaseReviewApiCaseService.batchUpdateEnv(request); } diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewController.java index ee86a0bb77..5f5035ce99 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewController.java @@ -30,7 +30,7 @@ import java.util.UUID; @RequestMapping("/test/case/review") @RestController -@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public class TestCaseReviewController { @Resource @@ -47,7 +47,7 @@ public class TestCaseReviewController { } @PostMapping("/save") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.CREATE, title = "#reviewRequest.name", content = "#msClass.getLogDetails(#reviewRequest.id)", msClass = TestCaseReviewService.class) public String saveCaseReview(@RequestBody SaveTestCaseReviewRequest reviewRequest) { reviewRequest.setId(UUID.randomUUID().toString()); @@ -72,14 +72,14 @@ public class TestCaseReviewController { } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#testCaseReview.id)", title = "#testCaseReview.name", content = "#msClass.getLogDetails(#testCaseReview.id)", msClass = TestCaseReviewService.class) public String editCaseReview(@RequestBody SaveTestCaseReviewRequest testCaseReview) { return testCaseReviewService.editCaseReview(testCaseReview); } @GetMapping("/delete/{reviewId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#reviewId)", msClass = TestCaseReviewService.class) public void deleteCaseReview(@PathVariable String reviewId) { checkPermissionService.checkTestReviewOwner(reviewId); @@ -120,7 +120,7 @@ public class TestCaseReviewController { } @PostMapping("/edit/status/{reviewId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public void editTestPlanStatus(@PathVariable String reviewId) { checkPermissionService.checkTestReviewOwner(reviewId); testCaseReviewService.editTestReviewStatus(reviewId); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewScenarioCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewScenarioCaseController.java index 3b69153905..954126f780 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewScenarioCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewScenarioCaseController.java @@ -38,13 +38,13 @@ public class TestCaseReviewScenarioCaseController { } @GetMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public int deleteTestCase(@PathVariable String id) { return testCaseReviewScenarioCaseService.delete(id); } @PostMapping("/batch/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public void deleteApiCaseBath(@RequestBody TestPlanApiCaseBatchRequest request) { testCaseReviewScenarioCaseService.deleteApiCaseBath(request); } @@ -56,7 +56,7 @@ public class TestCaseReviewScenarioCaseController { } @PostMapping("/batch/update/env") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + public void batchUpdateEnv(@RequestBody RelevanceScenarioRequest request) { testCaseReviewScenarioCaseService.batchUpdateEnv(request); } diff --git a/backend/src/main/java/io/metersphere/track/controller/TestPlanApiCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestPlanApiCaseController.java index 587277abe1..c3234f789a 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestPlanApiCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestPlanApiCaseController.java @@ -44,21 +44,21 @@ public class TestPlanApiCaseController { } @GetMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = TestPlanApiCaseService.class) public int deleteTestCase(@PathVariable String id) { return testPlanApiCaseService.delete(id); } @PostMapping("/batch/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = TestPlanApiCaseService.class) public void deleteApiCaseBath(@RequestBody TestPlanApiCaseBatchRequest request) { testPlanApiCaseService.deleteApiCaseBath(request); } @PostMapping("/batch/update/env") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.batchLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestPlanApiCaseService.class) public void batchUpdateEnv(@RequestBody TestPlanApiCaseBatchRequest request) { testPlanApiCaseService.batchUpdateEnv(request); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestPlanController.java b/backend/src/main/java/io/metersphere/track/controller/TestPlanController.java index 565873e5ee..0665724433 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestPlanController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestPlanController.java @@ -86,7 +86,7 @@ public class TestPlanController { } @PostMapping("/add") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.CREATE, title = "#testPlan.name", content = "#msClass.getLogDetails(#testPlan.id)", msClass = TestPlanService.class) public String addTestPlan(@RequestBody AddTestPlanRequest testPlan) { testPlan.setId(UUID.randomUUID().toString()); @@ -95,14 +95,14 @@ public class TestPlanController { } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#testPlanDTO.id)", content = "#msClass.getLogDetails(#testPlanDTO.id)", msClass = TestPlanService.class) public String editTestPlan(@RequestBody TestPlanDTO testPlanDTO) { return testPlanService.editTestPlan(testPlanDTO, true); } @PostMapping("/edit/status/{planId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#planId)", content = "#msClass.getLogDetails(#planId)", msClass = TestPlanService.class) public void editTestPlanStatus(@PathVariable String planId) { checkPermissionService.checkTestPlanOwner(planId); @@ -110,7 +110,7 @@ public class TestPlanController { } @PostMapping("/delete/{testPlanId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#testPlanId)", msClass = TestPlanService.class) public int deleteTestPlan(@PathVariable String testPlanId) { checkPermissionService.checkTestPlanOwner(testPlanId); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestPlanScenarioCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestPlanScenarioCaseController.java index a1f497bdd5..3ea254373c 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestPlanScenarioCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestPlanScenarioCaseController.java @@ -46,14 +46,14 @@ public class TestPlanScenarioCaseController { } @GetMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = TestPlanScenarioCaseService.class) public int deleteTestCase(@PathVariable String id) { return testPlanScenarioCaseService.delete(id); } @PostMapping("/batch/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = TestPlanScenarioCaseService.class) public void deleteApiCaseBath(@RequestBody TestPlanScenarioCaseBatchRequest request) { testPlanScenarioCaseService.deleteApiCaseBath(request); @@ -76,7 +76,7 @@ public class TestPlanScenarioCaseController { } @PostMapping("/batch/update/env") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.batchLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestPlanScenarioCaseService.class) public void batchUpdateEnv(@RequestBody RelevanceScenarioRequest request) { testPlanScenarioCaseService.batchUpdateEnv(request); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestPlanTestCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestPlanTestCaseController.java index 4f57a3b22f..36978664e1 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestPlanTestCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestPlanTestCaseController.java @@ -106,35 +106,35 @@ public class TestPlanTestCaseController { } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UPDATE, content = "#msClass.getLogDetails(#testPlanTestCase.id)", msClass = TestPlanTestCaseService.class) public void editTestCase(@RequestBody TestPlanTestCaseWithBLOBs testPlanTestCase) { testPlanTestCaseService.editTestCase(testPlanTestCase); } @PostMapping("/minder/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.ASSOCIATE_CASE, content = "#msClass.getCaseLogDetails(#testPlanTestCases)", msClass = TestPlanTestCaseService.class) public void editTestCaseForMinder(@RequestBody List testPlanTestCases) { testPlanTestCaseService.editTestCaseForMinder(testPlanTestCases); } @PostMapping("/batch/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.batchLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestPlanTestCaseService.class) public void editTestCaseBath(@RequestBody TestPlanCaseBatchRequest request) { testPlanTestCaseService.editTestCaseBath(request); } @PostMapping("/batch/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = TestPlanTestCaseService.class) public void deleteTestCaseBath(@RequestBody TestPlanCaseBatchRequest request) { testPlanTestCaseService.deleteTestCaseBath(request); } @PostMapping("/delete/{id}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = TestPlanTestCaseService.class) public int deleteTestCase(@PathVariable String id) { return testPlanTestCaseService.deleteTestCase(id); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestReviewTestCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestReviewTestCaseController.java index 239f3b7f93..5c79c0bfb9 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestReviewTestCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestReviewTestCaseController.java @@ -34,28 +34,28 @@ public class TestReviewTestCaseController { } @PostMapping("/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#request)", msClass = TestReviewTestCaseService.class) public int deleteTestCase(@RequestBody DeleteRelevanceRequest request) { return testReviewTestCaseService.deleteTestCase(request); } @PostMapping("/batch/delete") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#request)", msClass = TestReviewTestCaseService.class) public void deleteTestCaseBatch(@RequestBody TestReviewCaseBatchRequest request) { testReviewTestCaseService.deleteTestCaseBatch(request); } @PostMapping("/batch/edit/status") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.batchLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = TestReviewTestCaseService.class) public void editTestCaseBatch(@RequestBody TestReviewCaseBatchRequest request) { testReviewTestCaseService.editTestCaseBatchStatus(request); } @PostMapping("/minder/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.ASSOCIATE_CASE, content = "#msClass.getLogDetails(#testCases)", msClass = TestReviewTestCaseService.class) public void editTestCaseForMinder(@RequestBody List testCases) { testReviewTestCaseService.editTestCaseForMinder(testCases); @@ -67,20 +67,20 @@ public class TestReviewTestCaseController { } @PostMapping("/edit") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER}, logical = Logical.OR) + @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.REVIEW, content = "#msClass.getLogDetails(#testCaseReviewTestCase)", msClass = TestReviewTestCaseService.class) public void editTestCase(@RequestBody TestCaseReviewTestCase testCaseReviewTestCase) { testReviewTestCaseService.editTestCase(testCaseReviewTestCase); } @GetMapping("/get/{reviewId}") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public TestReviewCaseDTO get(@PathVariable String reviewId) { return testReviewTestCaseService.get(reviewId); } @PostMapping("/list/ids") - @RequiresRoles(value = {RoleConstants.TEST_USER, RoleConstants.TEST_MANAGER, RoleConstants.TEST_VIEWER}, logical = Logical.OR) + public List getTestReviewCaseList(@RequestBody QueryCaseReviewRequest request) { return testReviewTestCaseService.getTestCaseReviewDTOList(request); } diff --git a/backend/src/main/java/io/metersphere/track/controller/TrackController.java b/backend/src/main/java/io/metersphere/track/controller/TrackController.java index 1dc69994d2..4f68c611ec 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TrackController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TrackController.java @@ -22,7 +22,7 @@ import java.util.List; @RestController @RequestMapping("/track") -@RequiresRoles(value = {RoleConstants.ADMIN, RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER, RoleConstants.ORG_ADMIN}, logical = Logical.OR) + public class TrackController { @Resource diff --git a/backend/src/main/java/io/metersphere/xpack b/backend/src/main/java/io/metersphere/xpack index 2cd34f2f95..9925f59ecd 160000 --- a/backend/src/main/java/io/metersphere/xpack +++ b/backend/src/main/java/io/metersphere/xpack @@ -1 +1 @@ -Subproject commit 2cd34f2f9588672a8c3a3f6c4a74bcbdcad49ac8 +Subproject commit 9925f59ecdaed93a4365d83f8473d6788a233c4b