feat(系统设置): 用户组相关接口实现
--story=1012250 --user=陈建星 系统设置-用户组管理 https://www.tapd.cn/55049933/s/1388860
This commit is contained in:
jianxing
fit2-zhao
parent
599270efcb
commit
7108d9c4ff
|
|
@ -1,14 +1,10 @@
|
||||||
package io.metersphere.system.domain;
|
package io.metersphere.system.domain;
|
||||||
|
|
||||||
import io.metersphere.validation.groups.Created;
|
import io.metersphere.validation.groups.*;
|
||||||
import io.metersphere.validation.groups.Updated;
|
|
||||||
import io.swagger.v3.oas.annotations.media.Schema;
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
import jakarta.validation.constraints.NotBlank;
|
import jakarta.validation.constraints.*;
|
||||||
import jakarta.validation.constraints.NotNull;
|
|
||||||
import jakarta.validation.constraints.Size;
|
|
||||||
import lombok.Data;
|
|
||||||
|
|
||||||
import java.io.Serializable;
|
import java.io.Serializable;
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
@Data
|
@Data
|
||||||
public class UserRole implements Serializable {
|
public class UserRole implements Serializable {
|
||||||
|
|
@ -48,9 +44,5 @@ public class UserRole implements Serializable {
|
||||||
@Size(min = 1, max = 50, message = "{user_role.scope_id.length_range}", groups = {Created.class, Updated.class})
|
@Size(min = 1, max = 50, message = "{user_role.scope_id.length_range}", groups = {Created.class, Updated.class})
|
||||||
private String scopeId;
|
private String scopeId;
|
||||||
|
|
||||||
@Schema(title = "自定义排序,间隔5000", requiredMode = Schema.RequiredMode.REQUIRED)
|
|
||||||
@NotNull(message = "{user_role.pos.not_blank}", groups = {Created.class})
|
|
||||||
private Long pos;
|
|
||||||
|
|
||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
}
|
}
|
||||||
|
|
@ -703,66 +703,6 @@ public class UserRoleExample {
|
||||||
addCriterion("scope_id not between", value1, value2, "scopeId");
|
addCriterion("scope_id not between", value1, value2, "scopeId");
|
||||||
return (Criteria) this;
|
return (Criteria) this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Criteria andPosIsNull() {
|
|
||||||
addCriterion("pos is null");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosIsNotNull() {
|
|
||||||
addCriterion("pos is not null");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosEqualTo(Long value) {
|
|
||||||
addCriterion("pos =", value, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosNotEqualTo(Long value) {
|
|
||||||
addCriterion("pos <>", value, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosGreaterThan(Long value) {
|
|
||||||
addCriterion("pos >", value, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosGreaterThanOrEqualTo(Long value) {
|
|
||||||
addCriterion("pos >=", value, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosLessThan(Long value) {
|
|
||||||
addCriterion("pos <", value, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosLessThanOrEqualTo(Long value) {
|
|
||||||
addCriterion("pos <=", value, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosIn(List<Long> values) {
|
|
||||||
addCriterion("pos in", values, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosNotIn(List<Long> values) {
|
|
||||||
addCriterion("pos not in", values, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosBetween(Long value1, Long value2) {
|
|
||||||
addCriterion("pos between", value1, value2, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andPosNotBetween(Long value1, Long value2) {
|
|
||||||
addCriterion("pos not between", value1, value2, "pos");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class Criteria extends GeneratedCriteria {
|
public static class Criteria extends GeneratedCriteria {
|
||||||
|
|
|
||||||
|
|
@ -23,10 +23,5 @@ public class UserRolePermission implements Serializable {
|
||||||
@Size(min = 1, max = 128, message = "{user_role_permission.permission_id.length_range}", groups = {Created.class, Updated.class})
|
@Size(min = 1, max = 128, message = "{user_role_permission.permission_id.length_range}", groups = {Created.class, Updated.class})
|
||||||
private String permissionId;
|
private String permissionId;
|
||||||
|
|
||||||
@Schema(title = "功能菜单", requiredMode = Schema.RequiredMode.REQUIRED)
|
|
||||||
@NotBlank(message = "{user_role_permission.module_id.not_blank}", groups = {Created.class})
|
|
||||||
@Size(min = 1, max = 64, message = "{user_role_permission.module_id.length_range}", groups = {Created.class, Updated.class})
|
|
||||||
private String moduleId;
|
|
||||||
|
|
||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
}
|
}
|
||||||
|
|
@ -313,76 +313,6 @@ public class UserRolePermissionExample {
|
||||||
addCriterion("permission_id not between", value1, value2, "permissionId");
|
addCriterion("permission_id not between", value1, value2, "permissionId");
|
||||||
return (Criteria) this;
|
return (Criteria) this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Criteria andModuleIdIsNull() {
|
|
||||||
addCriterion("module_id is null");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdIsNotNull() {
|
|
||||||
addCriterion("module_id is not null");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdEqualTo(String value) {
|
|
||||||
addCriterion("module_id =", value, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdNotEqualTo(String value) {
|
|
||||||
addCriterion("module_id <>", value, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdGreaterThan(String value) {
|
|
||||||
addCriterion("module_id >", value, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdGreaterThanOrEqualTo(String value) {
|
|
||||||
addCriterion("module_id >=", value, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdLessThan(String value) {
|
|
||||||
addCriterion("module_id <", value, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdLessThanOrEqualTo(String value) {
|
|
||||||
addCriterion("module_id <=", value, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdLike(String value) {
|
|
||||||
addCriterion("module_id like", value, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdNotLike(String value) {
|
|
||||||
addCriterion("module_id not like", value, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdIn(List<String> values) {
|
|
||||||
addCriterion("module_id in", values, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdNotIn(List<String> values) {
|
|
||||||
addCriterion("module_id not in", values, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdBetween(String value1, String value2) {
|
|
||||||
addCriterion("module_id between", value1, value2, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Criteria andModuleIdNotBetween(String value1, String value2) {
|
|
||||||
addCriterion("module_id not between", value1, value2, "moduleId");
|
|
||||||
return (Criteria) this;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class Criteria extends GeneratedCriteria {
|
public static class Criteria extends GeneratedCriteria {
|
||||||
|
|
|
||||||
|
|
@ -1,22 +1,23 @@
|
||||||
package io.metersphere.system.domain;
|
package io.metersphere.system.domain;
|
||||||
|
|
||||||
import io.metersphere.validation.groups.Created;
|
import io.metersphere.validation.groups.*;
|
||||||
import io.metersphere.validation.groups.Updated;
|
|
||||||
import io.swagger.v3.oas.annotations.media.Schema;
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
import jakarta.validation.constraints.NotBlank;
|
import jakarta.validation.constraints.NotBlank;
|
||||||
import jakarta.validation.constraints.Size;
|
import jakarta.validation.constraints.Size;
|
||||||
import lombok.AllArgsConstructor;
|
import lombok.AllArgsConstructor;
|
||||||
|
import java.io.Serializable;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
import lombok.NoArgsConstructor;
|
import lombok.NoArgsConstructor;
|
||||||
|
|
||||||
import java.io.Serializable;
|
/**
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
@Data
|
@Data
|
||||||
@AllArgsConstructor
|
@AllArgsConstructor
|
||||||
@NoArgsConstructor
|
@NoArgsConstructor
|
||||||
public class UserRoleRelation implements Serializable {
|
public class UserRoleRelation implements Serializable {
|
||||||
@Schema(title = "用户组关系ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
@Schema(title = "用户组关系ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
@NotBlank(message = "{user_role_relation.id.not_blank}", groups = {Created.class, Updated.class})
|
@NotBlank(message = "{user_role_relation.id.not_blank}", groups = {Updated.class})
|
||||||
@Size(min = 1, max = 50, message = "{user_role_relation.id.length_range}", groups = {Created.class, Updated.class})
|
@Size(min = 1, max = 50, message = "{user_role_relation.id.length_range}", groups = {Created.class, Updated.class})
|
||||||
private String id;
|
private String id;
|
||||||
|
|
||||||
|
|
@ -38,9 +39,7 @@ public class UserRoleRelation implements Serializable {
|
||||||
@Schema(title = "创建时间")
|
@Schema(title = "创建时间")
|
||||||
private Long createTime;
|
private Long createTime;
|
||||||
|
|
||||||
@Schema(title = "创建人", requiredMode = Schema.RequiredMode.REQUIRED)
|
@Schema(title = "创建人")
|
||||||
@NotBlank(message = "{user_role_relation.create_user.not_blank}", groups = {Created.class})
|
|
||||||
@Size(min = 1, max = 50, message = "{user_role_relation.create_user.length_range}", groups = {Created.class, Updated.class})
|
|
||||||
private String createUser;
|
private String createUser;
|
||||||
|
|
||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,6 @@
|
||||||
<result column="update_time" jdbcType="BIGINT" property="updateTime" />
|
<result column="update_time" jdbcType="BIGINT" property="updateTime" />
|
||||||
<result column="create_user" jdbcType="VARCHAR" property="createUser" />
|
<result column="create_user" jdbcType="VARCHAR" property="createUser" />
|
||||||
<result column="scope_id" jdbcType="VARCHAR" property="scopeId" />
|
<result column="scope_id" jdbcType="VARCHAR" property="scopeId" />
|
||||||
<result column="pos" jdbcType="BIGINT" property="pos" />
|
|
||||||
</resultMap>
|
</resultMap>
|
||||||
<sql id="Example_Where_Clause">
|
<sql id="Example_Where_Clause">
|
||||||
<where>
|
<where>
|
||||||
|
|
@ -73,7 +72,7 @@
|
||||||
</sql>
|
</sql>
|
||||||
<sql id="Base_Column_List">
|
<sql id="Base_Column_List">
|
||||||
id, `name`, description, internal, `type`, create_time, update_time, create_user,
|
id, `name`, description, internal, `type`, create_time, update_time, create_user,
|
||||||
scope_id, pos
|
scope_id
|
||||||
</sql>
|
</sql>
|
||||||
<select id="selectByExample" parameterType="io.metersphere.system.domain.UserRoleExample" resultMap="BaseResultMap">
|
<select id="selectByExample" parameterType="io.metersphere.system.domain.UserRoleExample" resultMap="BaseResultMap">
|
||||||
select
|
select
|
||||||
|
|
@ -108,12 +107,12 @@
|
||||||
<insert id="insert" parameterType="io.metersphere.system.domain.UserRole">
|
<insert id="insert" parameterType="io.metersphere.system.domain.UserRole">
|
||||||
insert into user_role (id, `name`, description,
|
insert into user_role (id, `name`, description,
|
||||||
internal, `type`, create_time,
|
internal, `type`, create_time,
|
||||||
update_time, create_user, scope_id,
|
update_time, create_user, scope_id
|
||||||
pos)
|
)
|
||||||
values (#{id,jdbcType=VARCHAR}, #{name,jdbcType=VARCHAR}, #{description,jdbcType=VARCHAR},
|
values (#{id,jdbcType=VARCHAR}, #{name,jdbcType=VARCHAR}, #{description,jdbcType=VARCHAR},
|
||||||
#{internal,jdbcType=BIT}, #{type,jdbcType=VARCHAR}, #{createTime,jdbcType=BIGINT},
|
#{internal,jdbcType=BIT}, #{type,jdbcType=VARCHAR}, #{createTime,jdbcType=BIGINT},
|
||||||
#{updateTime,jdbcType=BIGINT}, #{createUser,jdbcType=VARCHAR}, #{scopeId,jdbcType=VARCHAR},
|
#{updateTime,jdbcType=BIGINT}, #{createUser,jdbcType=VARCHAR}, #{scopeId,jdbcType=VARCHAR}
|
||||||
#{pos,jdbcType=BIGINT})
|
)
|
||||||
</insert>
|
</insert>
|
||||||
<insert id="insertSelective" parameterType="io.metersphere.system.domain.UserRole">
|
<insert id="insertSelective" parameterType="io.metersphere.system.domain.UserRole">
|
||||||
insert into user_role
|
insert into user_role
|
||||||
|
|
@ -145,9 +144,6 @@
|
||||||
<if test="scopeId != null">
|
<if test="scopeId != null">
|
||||||
scope_id,
|
scope_id,
|
||||||
</if>
|
</if>
|
||||||
<if test="pos != null">
|
|
||||||
pos,
|
|
||||||
</if>
|
|
||||||
</trim>
|
</trim>
|
||||||
<trim prefix="values (" suffix=")" suffixOverrides=",">
|
<trim prefix="values (" suffix=")" suffixOverrides=",">
|
||||||
<if test="id != null">
|
<if test="id != null">
|
||||||
|
|
@ -177,9 +173,6 @@
|
||||||
<if test="scopeId != null">
|
<if test="scopeId != null">
|
||||||
#{scopeId,jdbcType=VARCHAR},
|
#{scopeId,jdbcType=VARCHAR},
|
||||||
</if>
|
</if>
|
||||||
<if test="pos != null">
|
|
||||||
#{pos,jdbcType=BIGINT},
|
|
||||||
</if>
|
|
||||||
</trim>
|
</trim>
|
||||||
</insert>
|
</insert>
|
||||||
<select id="countByExample" parameterType="io.metersphere.system.domain.UserRoleExample" resultType="java.lang.Long">
|
<select id="countByExample" parameterType="io.metersphere.system.domain.UserRoleExample" resultType="java.lang.Long">
|
||||||
|
|
@ -218,9 +211,6 @@
|
||||||
<if test="record.scopeId != null">
|
<if test="record.scopeId != null">
|
||||||
scope_id = #{record.scopeId,jdbcType=VARCHAR},
|
scope_id = #{record.scopeId,jdbcType=VARCHAR},
|
||||||
</if>
|
</if>
|
||||||
<if test="record.pos != null">
|
|
||||||
pos = #{record.pos,jdbcType=BIGINT},
|
|
||||||
</if>
|
|
||||||
</set>
|
</set>
|
||||||
<if test="_parameter != null">
|
<if test="_parameter != null">
|
||||||
<include refid="Update_By_Example_Where_Clause" />
|
<include refid="Update_By_Example_Where_Clause" />
|
||||||
|
|
@ -236,8 +226,7 @@
|
||||||
create_time = #{record.createTime,jdbcType=BIGINT},
|
create_time = #{record.createTime,jdbcType=BIGINT},
|
||||||
update_time = #{record.updateTime,jdbcType=BIGINT},
|
update_time = #{record.updateTime,jdbcType=BIGINT},
|
||||||
create_user = #{record.createUser,jdbcType=VARCHAR},
|
create_user = #{record.createUser,jdbcType=VARCHAR},
|
||||||
scope_id = #{record.scopeId,jdbcType=VARCHAR},
|
scope_id = #{record.scopeId,jdbcType=VARCHAR}
|
||||||
pos = #{record.pos,jdbcType=BIGINT}
|
|
||||||
<if test="_parameter != null">
|
<if test="_parameter != null">
|
||||||
<include refid="Update_By_Example_Where_Clause" />
|
<include refid="Update_By_Example_Where_Clause" />
|
||||||
</if>
|
</if>
|
||||||
|
|
@ -269,9 +258,6 @@
|
||||||
<if test="scopeId != null">
|
<if test="scopeId != null">
|
||||||
scope_id = #{scopeId,jdbcType=VARCHAR},
|
scope_id = #{scopeId,jdbcType=VARCHAR},
|
||||||
</if>
|
</if>
|
||||||
<if test="pos != null">
|
|
||||||
pos = #{pos,jdbcType=BIGINT},
|
|
||||||
</if>
|
|
||||||
</set>
|
</set>
|
||||||
where id = #{id,jdbcType=VARCHAR}
|
where id = #{id,jdbcType=VARCHAR}
|
||||||
</update>
|
</update>
|
||||||
|
|
@ -284,8 +270,7 @@
|
||||||
create_time = #{createTime,jdbcType=BIGINT},
|
create_time = #{createTime,jdbcType=BIGINT},
|
||||||
update_time = #{updateTime,jdbcType=BIGINT},
|
update_time = #{updateTime,jdbcType=BIGINT},
|
||||||
create_user = #{createUser,jdbcType=VARCHAR},
|
create_user = #{createUser,jdbcType=VARCHAR},
|
||||||
scope_id = #{scopeId,jdbcType=VARCHAR},
|
scope_id = #{scopeId,jdbcType=VARCHAR}
|
||||||
pos = #{pos,jdbcType=BIGINT}
|
|
||||||
where id = #{id,jdbcType=VARCHAR}
|
where id = #{id,jdbcType=VARCHAR}
|
||||||
</update>
|
</update>
|
||||||
</mapper>
|
</mapper>
|
||||||
|
|
@ -5,7 +5,6 @@
|
||||||
<id column="id" jdbcType="VARCHAR" property="id" />
|
<id column="id" jdbcType="VARCHAR" property="id" />
|
||||||
<result column="role_id" jdbcType="VARCHAR" property="roleId" />
|
<result column="role_id" jdbcType="VARCHAR" property="roleId" />
|
||||||
<result column="permission_id" jdbcType="VARCHAR" property="permissionId" />
|
<result column="permission_id" jdbcType="VARCHAR" property="permissionId" />
|
||||||
<result column="module_id" jdbcType="VARCHAR" property="moduleId" />
|
|
||||||
</resultMap>
|
</resultMap>
|
||||||
<sql id="Example_Where_Clause">
|
<sql id="Example_Where_Clause">
|
||||||
<where>
|
<where>
|
||||||
|
|
@ -66,7 +65,7 @@
|
||||||
</where>
|
</where>
|
||||||
</sql>
|
</sql>
|
||||||
<sql id="Base_Column_List">
|
<sql id="Base_Column_List">
|
||||||
id, role_id, permission_id, module_id
|
id, role_id, permission_id
|
||||||
</sql>
|
</sql>
|
||||||
<select id="selectByExample" parameterType="io.metersphere.system.domain.UserRolePermissionExample" resultMap="BaseResultMap">
|
<select id="selectByExample" parameterType="io.metersphere.system.domain.UserRolePermissionExample" resultMap="BaseResultMap">
|
||||||
select
|
select
|
||||||
|
|
@ -99,10 +98,10 @@
|
||||||
</if>
|
</if>
|
||||||
</delete>
|
</delete>
|
||||||
<insert id="insert" parameterType="io.metersphere.system.domain.UserRolePermission">
|
<insert id="insert" parameterType="io.metersphere.system.domain.UserRolePermission">
|
||||||
insert into user_role_permission (id, role_id, permission_id,
|
insert into user_role_permission (id, role_id, permission_id
|
||||||
module_id)
|
)
|
||||||
values (#{id,jdbcType=VARCHAR}, #{roleId,jdbcType=VARCHAR}, #{permissionId,jdbcType=VARCHAR},
|
values (#{id,jdbcType=VARCHAR}, #{roleId,jdbcType=VARCHAR}, #{permissionId,jdbcType=VARCHAR}
|
||||||
#{moduleId,jdbcType=VARCHAR})
|
)
|
||||||
</insert>
|
</insert>
|
||||||
<insert id="insertSelective" parameterType="io.metersphere.system.domain.UserRolePermission">
|
<insert id="insertSelective" parameterType="io.metersphere.system.domain.UserRolePermission">
|
||||||
insert into user_role_permission
|
insert into user_role_permission
|
||||||
|
|
@ -116,9 +115,6 @@
|
||||||
<if test="permissionId != null">
|
<if test="permissionId != null">
|
||||||
permission_id,
|
permission_id,
|
||||||
</if>
|
</if>
|
||||||
<if test="moduleId != null">
|
|
||||||
module_id,
|
|
||||||
</if>
|
|
||||||
</trim>
|
</trim>
|
||||||
<trim prefix="values (" suffix=")" suffixOverrides=",">
|
<trim prefix="values (" suffix=")" suffixOverrides=",">
|
||||||
<if test="id != null">
|
<if test="id != null">
|
||||||
|
|
@ -130,9 +126,6 @@
|
||||||
<if test="permissionId != null">
|
<if test="permissionId != null">
|
||||||
#{permissionId,jdbcType=VARCHAR},
|
#{permissionId,jdbcType=VARCHAR},
|
||||||
</if>
|
</if>
|
||||||
<if test="moduleId != null">
|
|
||||||
#{moduleId,jdbcType=VARCHAR},
|
|
||||||
</if>
|
|
||||||
</trim>
|
</trim>
|
||||||
</insert>
|
</insert>
|
||||||
<select id="countByExample" parameterType="io.metersphere.system.domain.UserRolePermissionExample" resultType="java.lang.Long">
|
<select id="countByExample" parameterType="io.metersphere.system.domain.UserRolePermissionExample" resultType="java.lang.Long">
|
||||||
|
|
@ -153,9 +146,6 @@
|
||||||
<if test="record.permissionId != null">
|
<if test="record.permissionId != null">
|
||||||
permission_id = #{record.permissionId,jdbcType=VARCHAR},
|
permission_id = #{record.permissionId,jdbcType=VARCHAR},
|
||||||
</if>
|
</if>
|
||||||
<if test="record.moduleId != null">
|
|
||||||
module_id = #{record.moduleId,jdbcType=VARCHAR},
|
|
||||||
</if>
|
|
||||||
</set>
|
</set>
|
||||||
<if test="_parameter != null">
|
<if test="_parameter != null">
|
||||||
<include refid="Update_By_Example_Where_Clause" />
|
<include refid="Update_By_Example_Where_Clause" />
|
||||||
|
|
@ -165,8 +155,7 @@
|
||||||
update user_role_permission
|
update user_role_permission
|
||||||
set id = #{record.id,jdbcType=VARCHAR},
|
set id = #{record.id,jdbcType=VARCHAR},
|
||||||
role_id = #{record.roleId,jdbcType=VARCHAR},
|
role_id = #{record.roleId,jdbcType=VARCHAR},
|
||||||
permission_id = #{record.permissionId,jdbcType=VARCHAR},
|
permission_id = #{record.permissionId,jdbcType=VARCHAR}
|
||||||
module_id = #{record.moduleId,jdbcType=VARCHAR}
|
|
||||||
<if test="_parameter != null">
|
<if test="_parameter != null">
|
||||||
<include refid="Update_By_Example_Where_Clause" />
|
<include refid="Update_By_Example_Where_Clause" />
|
||||||
</if>
|
</if>
|
||||||
|
|
@ -180,17 +169,13 @@
|
||||||
<if test="permissionId != null">
|
<if test="permissionId != null">
|
||||||
permission_id = #{permissionId,jdbcType=VARCHAR},
|
permission_id = #{permissionId,jdbcType=VARCHAR},
|
||||||
</if>
|
</if>
|
||||||
<if test="moduleId != null">
|
|
||||||
module_id = #{moduleId,jdbcType=VARCHAR},
|
|
||||||
</if>
|
|
||||||
</set>
|
</set>
|
||||||
where id = #{id,jdbcType=VARCHAR}
|
where id = #{id,jdbcType=VARCHAR}
|
||||||
</update>
|
</update>
|
||||||
<update id="updateByPrimaryKey" parameterType="io.metersphere.system.domain.UserRolePermission">
|
<update id="updateByPrimaryKey" parameterType="io.metersphere.system.domain.UserRolePermission">
|
||||||
update user_role_permission
|
update user_role_permission
|
||||||
set role_id = #{roleId,jdbcType=VARCHAR},
|
set role_id = #{roleId,jdbcType=VARCHAR},
|
||||||
permission_id = #{permissionId,jdbcType=VARCHAR},
|
permission_id = #{permissionId,jdbcType=VARCHAR}
|
||||||
module_id = #{moduleId,jdbcType=VARCHAR}
|
|
||||||
where id = #{id,jdbcType=VARCHAR}
|
where id = #{id,jdbcType=VARCHAR}
|
||||||
</update>
|
</update>
|
||||||
</mapper>
|
</mapper>
|
||||||
|
|
@ -334,7 +334,6 @@ CREATE TABLE IF NOT EXISTS user_role_permission
|
||||||
`id` VARCHAR(64) NOT NULL COMMENT '',
|
`id` VARCHAR(64) NOT NULL COMMENT '',
|
||||||
`role_id` VARCHAR(64) NOT NULL COMMENT '用户组ID',
|
`role_id` VARCHAR(64) NOT NULL COMMENT '用户组ID',
|
||||||
`permission_id` VARCHAR(128) NOT NULL COMMENT '权限ID',
|
`permission_id` VARCHAR(128) NOT NULL COMMENT '权限ID',
|
||||||
`module_id` VARCHAR(64) NOT NULL COMMENT '功能菜单',
|
|
||||||
PRIMARY KEY (id)
|
PRIMARY KEY (id)
|
||||||
) ENGINE = InnoDB
|
) ENGINE = InnoDB
|
||||||
DEFAULT CHARSET = utf8mb4
|
DEFAULT CHARSET = utf8mb4
|
||||||
|
|
|
||||||
|
|
@ -11,69 +11,69 @@ insert into user(id, name, email, password, create_time, update_time, language,
|
||||||
VALUES ('admin', 'Administrator', 'admin@metersphere.io', MD5('metersphere'), UNIX_TIMESTAMP() * 1000, UNIX_TIMESTAMP() * 1000, NULL, NUll, '', 'LOCAL', NULL, 'admin', 'admin');
|
VALUES ('admin', 'Administrator', 'admin@metersphere.io', MD5('metersphere'), UNIX_TIMESTAMP() * 1000, UNIX_TIMESTAMP() * 1000, NULL, NUll, '', 'LOCAL', NULL, 'admin', 'admin');
|
||||||
|
|
||||||
-- 初始化用户组
|
-- 初始化用户组
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('admin', '系统管理员(系统)', '拥有系统全部组织以及项目的操作权限', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'global');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('admin', '系统管理员', '拥有系统全部组织以及项目的操作权限', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'GLOBAL');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('member', '系统成员', '系统内初始化的用户', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'global');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('member', '系统成员', '系统内初始化的用户', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'GLOBAL');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('org_admin', '组织管理员(系统)', '组织管理员', 1, 'ORGANIZATION', 1620674220007, 1620674220000, 'admin', 'global');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('org_admin', '组织管理员', '组织管理员', 1, 'ORGANIZATION', 1620674220007, 1620674220000, 'admin', 'GLOBAL');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('org_member', '组织成员(系统)', '组织成员', 1, 'ORGANIZATION', 1620674220008, 1620674220000, 'admin', 'global');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('org_member', '组织成员', '组织成员', 1, 'ORGANIZATION', 1620674220008, 1620674220000, 'admin', 'GLOBAL');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('project_admin', '项目管理员(系统)', '项目管理员', 1, 'PROJECT', 1620674220004, 1620674220000, 'admin', 'global');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('project_admin', '项目管理员', '项目管理员', 1, 'PROJECT', 1620674220004, 1620674220000, 'admin', 'GLOBAL');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('project_member', '项目成员(系统)', '项目成员', 1, 'PROJECT', 1620674220005, 1620674220000, 'admin', 'global');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('project_member', '项目成员', '项目成员', 1, 'PROJECT', 1620674220005, 1620674220000, 'admin', 'GLOBAL');
|
||||||
|
|
||||||
-- 初始化用户和组的关系
|
-- 初始化用户和组的关系
|
||||||
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user) VALUES (uuid(), 'admin', 'admin', 'system', 1684747668375, 'admin');
|
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user) VALUES (uuid(), 'admin', 'admin', 'SYSTEM', 1684747668375, 'admin');
|
||||||
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user) VALUES (uuid(), 'admin', 'member', 'system', 1684747668375, 'admin');
|
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user) VALUES (uuid(), 'admin', 'member', 'SYSTEM', 1684747668375, 'admin');
|
||||||
|
|
||||||
|
|
||||||
-- 初始化用户组权限
|
-- 初始化用户组权限
|
||||||
-- 系统管理员拥有所有的权限,不用初始化
|
-- 系统管理员拥有所有的权限,不用初始化
|
||||||
|
|
||||||
-- 组织管理员权限
|
-- 组织管理员权限
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2ef69c80-3bc6-11ed-9680-0242ac130008', 'org_admin', 'SYSTEM_PROJECT:READ+DELETE_USER', 'SYSTEM_PROJECT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'SYSTEM_PROJECT:READ+DELETE_USER');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2ef68cda-3bc6-11ed-9680-0242ac130008', 'org_admin', 'SYSTEM_PROJECT:READ+ADD_USER', 'SYSTEM_PROJECT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'SYSTEM_PROJECT:READ+ADD_USER');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2ef67aba-3bc6-11ed-9680-0242ac130008', 'org_admin', 'SYSTEM_PROJECT:READ+UPDATE_USER', 'SYSTEM_PROJECT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'SYSTEM_PROJECT:READ+UPDATE_USER');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2eb8cdb1-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_QUOTA:READ+UPDATE', 'ORGANIZATION_QUOTA');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_QUOTA:READ+UPDATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2eb8bc41-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_QUOTA:READ', 'ORGANIZATION_QUOTA');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_QUOTA:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2dde1a80-3bc6-11ed-9680-0242ac130008', 'org_admin', 'PERSONAL_INFORMATION:READ+UPDATE_PASSWORD', 'PERSONAL_INFORMATION');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'PERSONAL_INFORMATION:READ+UPDATE_PASSWORD');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2dde1a2e-3bc6-11ed-9680-0242ac130008', 'org_admin', 'PERSONAL_INFORMATION:READ+API_KEYS', 'PERSONAL_INFORMATION');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'PERSONAL_INFORMATION:READ+API_KEYS');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2dde19c9-3bc6-11ed-9680-0242ac130008', 'org_admin', 'PERSONAL_INFORMATION:READ+THIRD_ACCOUNT', 'PERSONAL_INFORMATION');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'PERSONAL_INFORMATION:READ+THIRD_ACCOUNT');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2dde18f5-3bc6-11ed-9680-0242ac130008', 'org_admin', 'PERSONAL_INFORMATION:READ+UPDATE', 'PERSONAL_INFORMATION');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'PERSONAL_INFORMATION:READ+UPDATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2d140aab-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+DELETE_GROUP', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+DELETE_GROUP');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2d13f889-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+COPY_GROUP', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+COPY_GROUP');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2d13e8c8-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+UPDATE_GROUP', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+UPDATE_GROUP');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2d13d1c8-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+CREATE_GROUP', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+CREATE_GROUP');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2cea1857-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_MANAGER:READ+UPLOAD_JAR', 'ORGANIZATION_PROJECT_MANAGER');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_MANAGER:READ+UPLOAD_JAR');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caf4318-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_MESSAGE:READ+UPDATE', 'ORGANIZATION_MESSAGE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_MESSAGE:READ+UPDATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caf15cd-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_MESSAGE:READ', 'ORGANIZATION_MESSAGE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_MESSAGE:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caf0246-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_SERVICE:READ+UPDATE', 'ORGANIZATION_SERVICE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_SERVICE:READ+UPDATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caed957-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_SERVICE:READ', 'ORGANIZATION_SERVICE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_SERVICE:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b817d1d-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_OPERATING_LOG:READ', 'ORGANIZATION_OPERATING_LOG');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_OPERATING_LOG:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b816897-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+DELETE', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+DELETE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81585a-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+UPDATE', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+UPDATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b8146ea-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+EXPORT', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+EXPORT');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b812d70-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+IMPORT', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+IMPORT');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b811ba3-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+ADD', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+ADD');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b810b30-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+COPY', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ+COPY');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80fb44-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80e844-3bc6-11ed-9680-0242ac130008', 'org_admin', 'SYSTEM_PROJECT:READ+UPDATE', 'SYSTEM_PROJECT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'SYSTEM_PROJECT:READ+UPDATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80d69a-3bc6-11ed-9680-0242ac130008', 'org_admin', 'SYSTEM_PROJECT:READ+DELETE', 'SYSTEM_PROJECT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'SYSTEM_PROJECT:READ+DELETE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80c5fe-3bc6-11ed-9680-0242ac130008', 'org_admin', 'SYSTEM_PROJECT:READ+ADD', 'SYSTEM_PROJECT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'SYSTEM_PROJECT:READ+ADD');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80b588-3bc6-11ed-9680-0242ac130008', 'org_admin', 'SYSTEM_PROJECT:READ', 'SYSTEM_PROJECT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'SYSTEM_PROJECT:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80a580-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_TEMPLATE:READ+CASE_TEMPLATE', 'ORGANIZATION_TEMPLATE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_TEMPLATE:READ+CASE_TEMPLATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b8091ab-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_TEMPLATE:READ+ISSUE_TEMPLATE', 'ORGANIZATION_TEMPLATE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_TEMPLATE:READ+ISSUE_TEMPLATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b8081e3-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_TEMPLATE:READ', 'ORGANIZATION_TEMPLATE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_TEMPLATE:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b806fbf-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_USER:READ+UPDATE', 'ORGANIZATION_USER');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_USER:READ+UPDATE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b80601c-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_USER:READ+DELETE', 'ORGANIZATION_USER');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_USER:READ+DELETE');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b805052-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_USER:READ', 'ORGANIZATION_USER');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_USER:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b802f2a-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_TEMPLATE:READ+CUSTOM', 'ORGANIZATION_TEMPLATE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_TEMPLATE:READ+CUSTOM');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b801d1f-3bc6-11ed-9680-0242ac130008', 'org_admin', 'ORGANIZATION_USER:READ+ADD', 'ORGANIZATION_USER');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_admin', 'ORGANIZATION_USER:READ+ADD');
|
||||||
-- 组织成员权限
|
-- 组织成员权限
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2cea2a4c-3bc6-11ed-9680-0242ac130008', 'org_member', 'ORGANIZATION_PROJECT_MANAGER:READ+UPLOAD_JAR', 'ORGANIZATION_PROJECT_MANAGER');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_member', 'ORGANIZATION_PROJECT_MANAGER:READ+UPLOAD_JAR');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caf28b0-3bc6-11ed-9680-0242ac130008', 'org_member', 'ORGANIZATION_MESSAGE:READ', 'ORGANIZATION_MESSAGE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_member', 'ORGANIZATION_MESSAGE:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2caeef78-3bc6-11ed-9680-0242ac130008', 'org_member', 'ORGANIZATION_SERVICE:READ', 'ORGANIZATION_SERVICE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_member', 'ORGANIZATION_SERVICE:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81d869-3bc6-11ed-9680-0242ac130008', 'org_member', 'ORGANIZATION_OPERATING_LOG:READ', 'ORGANIZATION_OPERATING_LOG');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_member', 'ORGANIZATION_OPERATING_LOG:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81c48b-3bc6-11ed-9680-0242ac130008', 'org_member', 'SYSTEM_PROJECT:READ', 'SYSTEM_PROJECT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_member', 'SYSTEM_PROJECT:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81b3ae-3bc6-11ed-9680-0242ac130008', 'org_member', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ', 'ORGANIZATION_PROJECT_ENVIRONMENT');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_member', 'ORGANIZATION_PROJECT_ENVIRONMENT:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b81a16c-3bc6-11ed-9680-0242ac130008', 'org_member', 'ORGANIZATION_TEMPLATE:READ', 'ORGANIZATION_TEMPLATE');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_member', 'ORGANIZATION_TEMPLATE:READ');
|
||||||
INSERT INTO user_role_permission (id, role_id, permission_id, module_id) VALUES ('2b818ee7-3bc6-11ed-9680-0242ac130008', 'org_member', 'ORGANIZATION_USER:READ', 'ORGANIZATION_USER');
|
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'org_member', 'ORGANIZATION_USER:READ');
|
||||||
|
|
||||||
-- 项目管理员权限
|
-- 项目管理员权限
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,39 +1,41 @@
|
||||||
package io.metersphere.sdk.config;
|
package io.metersphere.sdk.config;
|
||||||
|
|
||||||
import io.metersphere.sdk.dto.UserRoleJson;
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
import io.metersphere.sdk.util.JSON;
|
import io.metersphere.sdk.util.JSON;
|
||||||
import io.metersphere.sdk.util.LogUtils;
|
import io.metersphere.sdk.util.LogUtils;
|
||||||
import io.metersphere.sdk.util.PermissionCache;
|
import io.metersphere.sdk.util.PermissionCache;
|
||||||
import org.apache.commons.io.IOUtils;
|
import org.apache.commons.io.IOUtils;
|
||||||
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
import java.util.Enumeration;
|
import java.util.Enumeration;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
public class PermissionConfig {
|
public class PermissionConfig {
|
||||||
@Bean
|
@Bean
|
||||||
public PermissionCache permissionCache() throws Exception {
|
public PermissionCache permissionCache() throws Exception {
|
||||||
LogUtils.info("load permission form permission.json file");
|
LogUtils.info("load permission form permission.json file");
|
||||||
UserRoleJson userRoleJson = null;
|
List<PermissionDefinitionItem> permissionDefinition = null;
|
||||||
Enumeration<URL> urls = this.getClass().getClassLoader().getResources("permission.json");
|
Enumeration<URL> urls = this.getClass().getClassLoader().getResources("permission.json");
|
||||||
while (urls.hasMoreElements()) {
|
while (urls.hasMoreElements()) {
|
||||||
URL url = urls.nextElement();
|
URL url = urls.nextElement();
|
||||||
String content = IOUtils.toString(url.openStream(), StandardCharsets.UTF_8);
|
String content = IOUtils.toString(url.openStream(), StandardCharsets.UTF_8);
|
||||||
UserRoleJson temp = JSON.parseObject(content, UserRoleJson.class);
|
if (StringUtils.isBlank(content)) {
|
||||||
if (userRoleJson == null) {
|
continue;
|
||||||
userRoleJson = temp;
|
}
|
||||||
} else {
|
List<PermissionDefinitionItem> temp = JSON.parseArray(content, PermissionDefinitionItem.class);
|
||||||
userRoleJson.getResource().addAll(temp.getResource());
|
if (permissionDefinition == null) {
|
||||||
userRoleJson.getPermissions().addAll(temp.getPermissions());
|
permissionDefinition = temp;
|
||||||
|
} else {
|
||||||
|
permissionDefinition.addAll(temp);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
PermissionCache permissionCache = new PermissionCache();
|
PermissionCache permissionCache = new PermissionCache();
|
||||||
permissionCache.setUserRoleJson(userRoleJson);
|
permissionCache.setPermissionDefinition(permissionDefinition);
|
||||||
|
|
||||||
return permissionCache;
|
return permissionCache;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,25 @@
|
||||||
|
package io.metersphere.sdk.constants;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 系统内置用户组ID
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
|
public enum InternalUserRole {
|
||||||
|
|
||||||
|
ADMIN("admin"),
|
||||||
|
MEMBER("member"),
|
||||||
|
ORG_ADMIN("org_admin"),
|
||||||
|
ORG_MEMBER("org_member"),
|
||||||
|
PROJECT_ADMIN("project_admin"),
|
||||||
|
PROJECT_MEMBER("project_member");
|
||||||
|
|
||||||
|
private String value;
|
||||||
|
|
||||||
|
InternalUserRole(String value) {
|
||||||
|
this.value = value;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getValue() {
|
||||||
|
return value;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -1,12 +0,0 @@
|
||||||
package io.metersphere.sdk.constants;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 系统内置用户组常量
|
|
||||||
*/
|
|
||||||
public class UserRoleConstants {
|
|
||||||
public static final String ADMIN = "admin";
|
|
||||||
public static final String ORG_ADMIN = "org_admin";
|
|
||||||
public static final String ORG_MEMBER = "org_member";
|
|
||||||
public static final String PROJECT_ADMIN = "project_admin";
|
|
||||||
public static final String PROJECT_MEMBER = "project_member";
|
|
||||||
}
|
|
||||||
|
|
@ -3,19 +3,22 @@ package io.metersphere.sdk.dto;
|
||||||
import io.swagger.v3.oas.annotations.media.Schema;
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
|
|
||||||
|
import java.io.Serializable;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 权限信息
|
* 权限信息
|
||||||
* @author jianxing
|
* @author jianxing
|
||||||
*/
|
*/
|
||||||
@Data
|
@Data
|
||||||
@Schema(title = "权限信息")
|
@Schema(title = "权限信息")
|
||||||
public class PermissionDTO {
|
public class Permission implements Serializable {
|
||||||
|
|
||||||
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
@Schema(title = "权限ID")
|
@Schema(title = "权限ID")
|
||||||
private String id;
|
private String id;
|
||||||
@Schema(title = "权限名称")
|
@Schema(title = "权限名称")
|
||||||
private String name;
|
private String name;
|
||||||
@Schema(title = "权限所属菜单ID")
|
|
||||||
private String resourceId;
|
|
||||||
@Schema(title = "是否启用该权限")
|
@Schema(title = "是否启用该权限")
|
||||||
private Boolean enable = false;
|
private Boolean enable = false;
|
||||||
@Schema(title = "是否是企业权限")
|
@Schema(title = "是否是企业权限")
|
||||||
|
|
@ -1,16 +1,19 @@
|
||||||
package io.metersphere.sdk.dto;
|
package io.metersphere.sdk.dto;
|
||||||
|
|
||||||
|
|
||||||
import io.metersphere.system.domain.UserRolePermission;
|
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
|
|
||||||
import java.io.Serializable;
|
import java.io.Serializable;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 加载的权限定义
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
@Data
|
@Data
|
||||||
public class UserRoleJson implements Serializable {
|
public class PermissionDefinition implements Serializable {
|
||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
private List<UserRoleResource> resource;
|
private List<UserRoleResource> resource;
|
||||||
private List<UserRolePermission> permissions;
|
private List<Permission> permissions;
|
||||||
}
|
}
|
||||||
|
|
@ -10,15 +10,19 @@ import java.util.List;
|
||||||
*/
|
*/
|
||||||
@Data
|
@Data
|
||||||
@Schema(title = "权限设置菜单项")
|
@Schema(title = "权限设置菜单项")
|
||||||
public class PermissionSettingDTO {
|
public class PermissionDefinitionItem {
|
||||||
@Schema(title = "菜单项ID")
|
@Schema(title = "菜单项ID")
|
||||||
private String id;
|
private String id;
|
||||||
|
@Schema(title = "菜单所属类型 SYSTEM ORGANIZATION PROJECT")
|
||||||
|
private String type;
|
||||||
@Schema(title = "菜单项名称")
|
@Schema(title = "菜单项名称")
|
||||||
private String name;
|
private String name;
|
||||||
@Schema(title = "是否是企业版菜单")
|
@Schema(title = "是否是企业版菜单")
|
||||||
private Boolean license = false;
|
private Boolean license = false;
|
||||||
|
@Schema(title = "菜单是否全选")
|
||||||
|
private Boolean enable = false;
|
||||||
@Schema(title = "菜单下的权限列表")
|
@Schema(title = "菜单下的权限列表")
|
||||||
private List<PermissionDTO> permissions;
|
private List<Permission> permissions;
|
||||||
@Schema(title = "子菜单")
|
@Schema(title = "子菜单")
|
||||||
private List<PermissionSettingDTO> children;
|
private List<PermissionDefinitionItem> children;
|
||||||
}
|
}
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
package io.metersphere.system.dto;
|
package io.metersphere.sdk.dto;
|
||||||
|
|
||||||
import io.swagger.v3.oas.annotations.media.Schema;
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
|
|
@ -7,8 +7,14 @@ import lombok.Data;
|
||||||
* @author jianxing
|
* @author jianxing
|
||||||
*/
|
*/
|
||||||
@Data
|
@Data
|
||||||
@Schema(title = "用户基础信息")
|
@Schema(title = "用户组与用户的关联关系DTO")
|
||||||
public class GlobalUserRoleUserDTO {
|
public class UserRoleRelationUserDTO {
|
||||||
|
|
||||||
|
@Schema(title = "关联关系ID")
|
||||||
|
private String id;
|
||||||
|
|
||||||
|
@Schema(title = "用户ID")
|
||||||
|
private String userId;
|
||||||
|
|
||||||
@Schema(title = "用户名")
|
@Schema(title = "用户名")
|
||||||
private String name;
|
private String name;
|
||||||
|
|
@ -4,6 +4,11 @@ import lombok.Data;
|
||||||
|
|
||||||
import java.io.Serializable;
|
import java.io.Serializable;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* 权限所属资源,例如 SYSTEM_USER_ROLE
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
@Data
|
@Data
|
||||||
public class UserRoleResource implements Serializable {
|
public class UserRoleResource implements Serializable {
|
||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
@ -11,10 +16,4 @@ public class UserRoleResource implements Serializable {
|
||||||
private String id;
|
private String id;
|
||||||
private String name;
|
private String name;
|
||||||
private Boolean license = false;
|
private Boolean license = false;
|
||||||
|
|
||||||
/**
|
|
||||||
* 系统设置、工作空间、项目类型 公用的权限模块
|
|
||||||
* e.g. 个人信息
|
|
||||||
*/
|
|
||||||
private boolean global = false;
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,25 @@
|
||||||
|
package io.metersphere.sdk.dto.request;
|
||||||
|
|
||||||
|
import io.metersphere.validation.groups.Created;
|
||||||
|
import io.metersphere.validation.groups.Updated;
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
import jakarta.validation.constraints.NotBlank;
|
||||||
|
import jakarta.validation.constraints.Size;
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
|
@Data
|
||||||
|
public class GlobalUserRoleRelationUpdateRequest {
|
||||||
|
|
||||||
|
@Schema(title = "用户ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
|
@NotBlank(message = "{user_role_relation.user_id.not_blank}", groups = {Created.class})
|
||||||
|
@Size(min = 1, max = 50, message = "{user_role_relation.user_id.length_range}", groups = {Created.class, Updated.class})
|
||||||
|
private String userId;
|
||||||
|
|
||||||
|
@Schema(title = "组ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
|
@NotBlank(message = "{user_role_relation.role_id.not_blank}", groups = {Created.class})
|
||||||
|
@Size(min = 1, max = 50, message = "{user_role_relation.role_id.length_range}", groups = {Created.class, Updated.class})
|
||||||
|
private String roleId;
|
||||||
|
}
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
package io.metersphere.system.dto.request;
|
package io.metersphere.sdk.dto.request;
|
||||||
|
|
||||||
import io.swagger.v3.oas.annotations.media.Schema;
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
import jakarta.validation.constraints.NotBlank;
|
||||||
|
import jakarta.validation.constraints.NotNull;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
@ -11,12 +13,15 @@ import java.util.List;
|
||||||
@Data
|
@Data
|
||||||
public class PermissionSettingUpdateRequest {
|
public class PermissionSettingUpdateRequest {
|
||||||
@Schema(title = "用户组ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
@Schema(title = "用户组ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
|
@NotBlank
|
||||||
private String userRoleId;
|
private String userRoleId;
|
||||||
|
@NotNull
|
||||||
@Schema(title = "菜单下的权限列表", requiredMode = Schema.RequiredMode.REQUIRED)
|
@Schema(title = "菜单下的权限列表", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
private List<PermissionUpdateDTO> permissions;
|
private List<PermissionUpdateRequest> permissions;
|
||||||
|
|
||||||
@Data
|
@Data
|
||||||
class PermissionUpdateDTO {
|
public static class PermissionUpdateRequest {
|
||||||
|
@NotBlank
|
||||||
@Schema(title = "权限ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
@Schema(title = "权限ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
private String id;
|
private String id;
|
||||||
@Schema(title = "是否启用该权限", requiredMode = Schema.RequiredMode.REQUIRED)
|
@Schema(title = "是否启用该权限", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
|
|
@ -0,0 +1,24 @@
|
||||||
|
package io.metersphere.sdk.dto.request;
|
||||||
|
|
||||||
|
import io.metersphere.validation.groups.Created;
|
||||||
|
import io.metersphere.validation.groups.Updated;
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
import jakarta.validation.constraints.NotBlank;
|
||||||
|
import jakarta.validation.constraints.Size;
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
|
@Data
|
||||||
|
public class UserRoleRelationUpdateRequest extends GlobalUserRoleRelationUpdateRequest {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 全局用户组列表不支持给非系统级别的用户组添加用户
|
||||||
|
* 所以 GlobalUserRoleRelationUpdateRequest 参数不需要 sourceId
|
||||||
|
*/
|
||||||
|
@Schema(title = "组织或项目ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
|
@NotBlank(message = "{user_role_relation.source_id.not_blank}", groups = {Created.class})
|
||||||
|
@Size(min = 1, max = 50, message = "{user_role_relation.source_id.length_range}", groups = {Created.class, Updated.class})
|
||||||
|
private String sourceId;
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,36 @@
|
||||||
|
package io.metersphere.sdk.dto.request;
|
||||||
|
|
||||||
|
import io.metersphere.validation.groups.Created;
|
||||||
|
import io.metersphere.validation.groups.Updated;
|
||||||
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
import jakarta.validation.constraints.NotBlank;
|
||||||
|
import jakarta.validation.constraints.Size;
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
|
import java.io.Serializable;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
|
@Data
|
||||||
|
public class UserRoleUpdateRequest implements Serializable {
|
||||||
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
|
@Schema(title = "组ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
|
@NotBlank(message = "{user_role.id.not_blank}", groups = {Updated.class})
|
||||||
|
@Size(min = 1, max = 50, message = "{user_role.id.length_range}", groups = {Created.class, Updated.class})
|
||||||
|
private String id;
|
||||||
|
|
||||||
|
@Schema(title = "组名称", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
|
@NotBlank(message = "{user_role.name.not_blank}", groups = {Created.class})
|
||||||
|
@Size(min = 1, max = 255, message = "{user_role.name.length_range}", groups = {Created.class, Updated.class})
|
||||||
|
private String name;
|
||||||
|
|
||||||
|
@Schema(title = "描述")
|
||||||
|
private String description;
|
||||||
|
|
||||||
|
@Schema(title = "所属类型 SYSTEM ORGANIZATION PROJECT", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
|
@NotBlank(message = "{user_role.type.not_blank}", groups = {Created.class})
|
||||||
|
@Size(min = 1, max = 20, message = "{user_role.type.length_range}", groups = {Created.class, Updated.class})
|
||||||
|
private String type;
|
||||||
|
}
|
||||||
|
|
@ -6,6 +6,8 @@ public class OperationLogModule {
|
||||||
public static final String SYSTEM_TEST_RESOURCE = "SYSTEM_TEST_RESOURCE";
|
public static final String SYSTEM_TEST_RESOURCE = "SYSTEM_TEST_RESOURCE";
|
||||||
public static final String SYSTEM_TEST_RESOURCE_POOL = "SYSTEM_TEST_RESOURCE_POOL";
|
public static final String SYSTEM_TEST_RESOURCE_POOL = "SYSTEM_TEST_RESOURCE_POOL";
|
||||||
public static final String SYSTEM_USER = "SYSTEM_USER";
|
public static final String SYSTEM_USER = "SYSTEM_USER";
|
||||||
|
public static final String SYSTEM_USER_ROLE = "SYSTEM_USER_ROLE";
|
||||||
|
public static final String SYSTEM_USER_ROLE_RELATION = "SYSTEM_USER_ROLE_RELATION";
|
||||||
public static final String SYSTEM_ORGANIZATION = "SYSTEM_ORGANIZATION";
|
public static final String SYSTEM_ORGANIZATION = "SYSTEM_ORGANIZATION";
|
||||||
public static final String ORGANIZATION_TEMPLATE_SETTINGS = "ORGANIZATION_TEMPLATE_SETTINGS";
|
public static final String ORGANIZATION_TEMPLATE_SETTINGS = "ORGANIZATION_TEMPLATE_SETTINGS";
|
||||||
public static final String ORGANIZATION_MESSAGE_SETTINGS = "ORGANIZATION_MESSAGE_SETTINGS";
|
public static final String ORGANIZATION_MESSAGE_SETTINGS = "ORGANIZATION_MESSAGE_SETTINGS";
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,78 @@
|
||||||
|
package io.metersphere.sdk.service;
|
||||||
|
|
||||||
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
|
import io.metersphere.system.domain.UserRolePermission;
|
||||||
|
import io.metersphere.system.domain.UserRolePermissionExample;
|
||||||
|
import io.metersphere.system.mapper.UserRolePermissionMapper;
|
||||||
|
import jakarta.annotation.Resource;
|
||||||
|
import org.apache.commons.lang3.BooleanUtils;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Set;
|
||||||
|
import java.util.UUID;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 用户组与权限的关联关系
|
||||||
|
*
|
||||||
|
* @author jianxing
|
||||||
|
* @date : 2023-6-8
|
||||||
|
*/
|
||||||
|
@Service
|
||||||
|
public class BaseUserRolePermissionService {
|
||||||
|
@Resource
|
||||||
|
private UserRolePermissionMapper userRolePermissionMapper;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 查询用户组对应的权限列表
|
||||||
|
*
|
||||||
|
* @param roleId
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public List<UserRolePermission> getByRoleId(String roleId) {
|
||||||
|
UserRolePermissionExample example = new UserRolePermissionExample();
|
||||||
|
example.createCriteria().andRoleIdEqualTo(roleId);
|
||||||
|
return userRolePermissionMapper.selectByExample(example);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 查询用户组对应的权限ID
|
||||||
|
*
|
||||||
|
* @param roleId
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public Set<String> getPermissionIdSetByRoleId(String roleId) {
|
||||||
|
return getByRoleId(roleId).stream()
|
||||||
|
.map(UserRolePermission::getPermissionId)
|
||||||
|
.collect(Collectors.toSet());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 更新单个用户组的配置项
|
||||||
|
*
|
||||||
|
* @param request
|
||||||
|
*/
|
||||||
|
public void updatePermissionSetting(PermissionSettingUpdateRequest request) {
|
||||||
|
List<PermissionSettingUpdateRequest.PermissionUpdateRequest> permissions = request.getPermissions();
|
||||||
|
|
||||||
|
// 先删除
|
||||||
|
UserRolePermissionExample userGroupPermissionExample = new UserRolePermissionExample();
|
||||||
|
userGroupPermissionExample.createCriteria()
|
||||||
|
.andRoleIdEqualTo(request.getUserRoleId());
|
||||||
|
userRolePermissionMapper.deleteByExample(userGroupPermissionExample);
|
||||||
|
|
||||||
|
// 再新增
|
||||||
|
String groupId = request.getUserRoleId();
|
||||||
|
permissions.forEach(permission -> {
|
||||||
|
if (BooleanUtils.isTrue(permission.getEnable())) {
|
||||||
|
String permissionId = permission.getId();
|
||||||
|
UserRolePermission groupPermission = new UserRolePermission();
|
||||||
|
groupPermission.setId(UUID.randomUUID().toString());
|
||||||
|
groupPermission.setRoleId(groupId);
|
||||||
|
groupPermission.setPermissionId(permissionId);
|
||||||
|
userRolePermissionMapper.insert(groupPermission);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,102 @@
|
||||||
|
package io.metersphere.sdk.service;
|
||||||
|
|
||||||
|
import io.metersphere.sdk.dto.Permission;
|
||||||
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
|
import io.metersphere.sdk.util.PermissionCache;
|
||||||
|
import io.metersphere.system.domain.UserRole;
|
||||||
|
import io.metersphere.system.mapper.UserRoleMapper;
|
||||||
|
import jakarta.annotation.Resource;
|
||||||
|
import org.apache.commons.collections.CollectionUtils;
|
||||||
|
import org.apache.commons.lang3.StringUtils;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Set;
|
||||||
|
import java.util.UUID;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
|
@Service
|
||||||
|
@Transactional(rollbackFor = Exception.class)
|
||||||
|
public class BaseUserRoleService {
|
||||||
|
public static final String SYSTEM_TYPE = "SYSTEM";
|
||||||
|
@Resource
|
||||||
|
private PermissionCache permissionCache;
|
||||||
|
@Resource
|
||||||
|
private UserRoleMapper userRoleMapper;
|
||||||
|
@Resource
|
||||||
|
private BaseUserRolePermissionService baseUserRolePermissionService;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 根据用户组获取对应的权限配置项
|
||||||
|
* @param userRole
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public List<PermissionDefinitionItem> getPermissionSetting(UserRole userRole) {
|
||||||
|
// 获取该用户组拥有的权限
|
||||||
|
Set<String> permissionIds = baseUserRolePermissionService.getPermissionIdSetByRoleId(userRole.getId());
|
||||||
|
// 获取所有的权限
|
||||||
|
List<PermissionDefinitionItem> permissionDefinition = permissionCache.getPermissionDefinition();
|
||||||
|
// 过滤该用户组级别的菜单,例如系统级别
|
||||||
|
permissionDefinition = permissionDefinition.stream()
|
||||||
|
.filter(item -> StringUtils.equals(item.getType(), userRole.getType()))
|
||||||
|
.toList();
|
||||||
|
|
||||||
|
// 设置勾选项
|
||||||
|
permissionDefinition.forEach(firstLevel -> {
|
||||||
|
List<PermissionDefinitionItem> children = firstLevel.getChildren();
|
||||||
|
boolean allCheck = true;
|
||||||
|
for (PermissionDefinitionItem secondLevel : children) {
|
||||||
|
List<Permission> permissions = secondLevel.getPermissions();
|
||||||
|
if (CollectionUtils.isEmpty(permissions)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
boolean secondAllCheck = true;
|
||||||
|
for (Permission p : permissions) {
|
||||||
|
if (permissionIds.contains(p.getId())) {
|
||||||
|
p.setEnable(true);
|
||||||
|
} else {
|
||||||
|
// 如果权限有未勾选,则二级菜单设置为未勾选
|
||||||
|
p.setEnable(false);
|
||||||
|
secondAllCheck = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
secondLevel.setEnable(secondAllCheck);
|
||||||
|
if (!secondAllCheck) {
|
||||||
|
// 如果二级菜单有未勾选,则一级菜单设置为未勾选
|
||||||
|
allCheck = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
firstLevel.setEnable(allCheck);
|
||||||
|
});
|
||||||
|
|
||||||
|
return permissionDefinition;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 更新单个用户组的配置项
|
||||||
|
* @param request
|
||||||
|
*/
|
||||||
|
protected void updatePermissionSetting(PermissionSettingUpdateRequest request) {
|
||||||
|
baseUserRolePermissionService.updatePermissionSetting(request);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected UserRole add(UserRole userRole) {
|
||||||
|
userRole.setId(UUID.randomUUID().toString());
|
||||||
|
userRole.setCreateTime(System.currentTimeMillis());
|
||||||
|
userRole.setUpdateTime(System.currentTimeMillis());
|
||||||
|
userRoleMapper.insert(userRole);
|
||||||
|
return userRole;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected UserRole update(UserRole userRole) {
|
||||||
|
userRole.setCreateUser(null);
|
||||||
|
userRole.setCreateTime(null);
|
||||||
|
userRole.setUpdateTime(System.currentTimeMillis());
|
||||||
|
userRoleMapper.updateByPrimaryKeySelective(userRole);
|
||||||
|
return userRole;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -3,7 +3,7 @@ package io.metersphere.sdk.service;
|
||||||
import io.metersphere.project.domain.Project;
|
import io.metersphere.project.domain.Project;
|
||||||
import io.metersphere.project.domain.ProjectExample;
|
import io.metersphere.project.domain.ProjectExample;
|
||||||
import io.metersphere.project.mapper.ProjectMapper;
|
import io.metersphere.project.mapper.ProjectMapper;
|
||||||
import io.metersphere.sdk.constants.UserRoleConstants;
|
import io.metersphere.sdk.constants.InternalUserRole;
|
||||||
import io.metersphere.sdk.constants.UserRoleType;
|
import io.metersphere.sdk.constants.UserRoleType;
|
||||||
import io.metersphere.sdk.constants.UserSource;
|
import io.metersphere.sdk.constants.UserSource;
|
||||||
import io.metersphere.sdk.controller.handler.ResultHolder;
|
import io.metersphere.sdk.controller.handler.ResultHolder;
|
||||||
|
|
@ -143,7 +143,7 @@ public class BaseUserService {
|
||||||
List<String> superRoleIds = user.getUserRoles()
|
List<String> superRoleIds = user.getUserRoles()
|
||||||
.stream()
|
.stream()
|
||||||
.map(UserRole::getId)
|
.map(UserRole::getId)
|
||||||
.filter(id -> StringUtils.equals(id, UserRoleConstants.ADMIN))
|
.filter(id -> StringUtils.equals(id, InternalUserRole.ADMIN.getValue()))
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
if (CollectionUtils.isNotEmpty(superRoleIds)) {
|
if (CollectionUtils.isNotEmpty(superRoleIds)) {
|
||||||
Project p = baseProjectMapper.selectOne();
|
Project p = baseProjectMapper.selectOne();
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,11 @@
|
||||||
package io.metersphere.sdk.util;
|
package io.metersphere.sdk.util;
|
||||||
|
|
||||||
import io.metersphere.sdk.dto.UserRoleJson;
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
@Data
|
@Data
|
||||||
public class PermissionCache {
|
public class PermissionCache {
|
||||||
private UserRoleJson userRoleJson;
|
private List<PermissionDefinitionItem> permissionDefinition;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package io.metersphere.sdk.util;
|
package io.metersphere.sdk.util;
|
||||||
|
|
||||||
import io.metersphere.sdk.constants.UserRoleConstants;
|
import io.metersphere.sdk.constants.InternalUserRole;
|
||||||
import io.metersphere.sdk.dto.SessionUser;
|
import io.metersphere.sdk.dto.SessionUser;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
import io.metersphere.system.domain.UserRolePermission;
|
import io.metersphere.system.domain.UserRolePermission;
|
||||||
|
|
@ -143,7 +143,7 @@ public class SessionUtils {
|
||||||
|
|
||||||
long count = user.getUserRoles()
|
long count = user.getUserRoles()
|
||||||
.stream()
|
.stream()
|
||||||
.filter(g -> StringUtils.equals(g.getId(), UserRoleConstants.ADMIN))
|
.filter(g -> StringUtils.equals(g.getId(), InternalUserRole.ADMIN.getValue()))
|
||||||
.count();
|
.count();
|
||||||
|
|
||||||
if (count > 0) {
|
if (count > 0) {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,9 @@
|
||||||
package base;
|
package base;
|
||||||
|
|
||||||
import com.jayway.jsonpath.JsonPath;
|
import com.jayway.jsonpath.JsonPath;
|
||||||
|
import io.metersphere.sdk.constants.SessionConstants;
|
||||||
|
import io.metersphere.sdk.util.JSON;
|
||||||
|
import io.metersphere.sdk.util.Pager;
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.junit.jupiter.api.BeforeEach;
|
import org.junit.jupiter.api.BeforeEach;
|
||||||
|
|
@ -11,8 +14,13 @@ import org.springframework.boot.test.context.SpringBootTest;
|
||||||
import org.springframework.http.MediaType;
|
import org.springframework.http.MediaType;
|
||||||
import org.springframework.test.web.servlet.MockMvc;
|
import org.springframework.test.web.servlet.MockMvc;
|
||||||
import org.springframework.test.web.servlet.MvcResult;
|
import org.springframework.test.web.servlet.MvcResult;
|
||||||
|
import org.springframework.test.web.servlet.ResultActions;
|
||||||
|
import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
|
||||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||||
|
|
||||||
|
|
@ -25,6 +33,13 @@ public abstract class BaseTest {
|
||||||
protected static String sessionId;
|
protected static String sessionId;
|
||||||
protected static String csrfToken;
|
protected static String csrfToken;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 可以重写该方法定义 BASE_PATH
|
||||||
|
*/
|
||||||
|
protected String getBasePath() {
|
||||||
|
return StringUtils.EMPTY;
|
||||||
|
}
|
||||||
|
|
||||||
@BeforeEach
|
@BeforeEach
|
||||||
public void login() throws Exception {
|
public void login() throws Exception {
|
||||||
if (StringUtils.isAnyBlank(sessionId, csrfToken)) {
|
if (StringUtils.isAnyBlank(sessionId, csrfToken)) {
|
||||||
|
|
@ -38,4 +53,77 @@ public abstract class BaseTest {
|
||||||
csrfToken = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.csrfToken");
|
csrfToken = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.csrfToken");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected MockHttpServletRequestBuilder getPostRequestBuilder(String url, Object param, Object... uriVariables) {
|
||||||
|
return MockMvcRequestBuilders.post(getBasePath() + url, uriVariables)
|
||||||
|
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
||||||
|
.header(SessionConstants.CSRF_TOKEN, csrfToken)
|
||||||
|
.content(JSON.toJSONString(param))
|
||||||
|
.contentType(MediaType.APPLICATION_JSON);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected MockHttpServletRequestBuilder getRequestBuilder(String url, Object... uriVariables) {
|
||||||
|
return MockMvcRequestBuilders.get(getBasePath() + url, uriVariables)
|
||||||
|
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
||||||
|
.header(SessionConstants.CSRF_TOKEN, csrfToken);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected ResultActions requestPost(String url, Object param, Object... uriVariables) throws Exception {
|
||||||
|
return mockMvc.perform(getPostRequestBuilder(url, param, uriVariables))
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON));
|
||||||
|
}
|
||||||
|
|
||||||
|
protected MvcResult requestPostAndReturn(String url, Object... uriVariables) throws Exception {
|
||||||
|
return this.requestPost(url, uriVariables).andReturn();
|
||||||
|
}
|
||||||
|
|
||||||
|
protected ResultActions requestGet(String url, Object... uriVariables) throws Exception {
|
||||||
|
return mockMvc.perform(getRequestBuilder(url, uriVariables))
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON));
|
||||||
|
}
|
||||||
|
|
||||||
|
protected MvcResult requestGetAndReturn(String url, Object... uriVariables) throws Exception {
|
||||||
|
return this.requestGet(url, uriVariables).andReturn();
|
||||||
|
}
|
||||||
|
|
||||||
|
protected ResultActions requestGetWithOk(String url, Object... uriVariables) throws Exception {
|
||||||
|
return mockMvc.perform(getRequestBuilder(url, uriVariables))
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON))
|
||||||
|
.andExpect(status().isOk());
|
||||||
|
}
|
||||||
|
|
||||||
|
protected MvcResult requestGetWithOkAndReturn(String url, Object... uriVariables) throws Exception {
|
||||||
|
return this.requestGetWithOk(url, uriVariables).andReturn();
|
||||||
|
}
|
||||||
|
|
||||||
|
protected ResultActions requestPostWithOk(String url, Object param, Object... uriVariables) throws Exception {
|
||||||
|
return mockMvc.perform(getPostRequestBuilder(url, param, uriVariables))
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON))
|
||||||
|
.andExpect(status().isOk());
|
||||||
|
}
|
||||||
|
|
||||||
|
protected MvcResult requestPostWithOkAndReturn(String url, Object param, Object... uriVariables) throws Exception {
|
||||||
|
return this.requestPostWithOk(url, param, uriVariables).andReturn();
|
||||||
|
}
|
||||||
|
|
||||||
|
protected <T> T getResultData(MvcResult mvcResult, Class<T> clazz) throws Exception {
|
||||||
|
Object data = JSON.parseMap(mvcResult.getResponse().getContentAsString()).get("data");
|
||||||
|
return JSON.parseObject(JSON.toJSONString(data), clazz);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected <T> List<T> getResultDataArray(MvcResult mvcResult, Class<T> clazz) throws Exception {
|
||||||
|
Object data = JSON.parseMap(mvcResult.getResponse().getContentAsString()).get("data");
|
||||||
|
return JSON.parseArray(JSON.toJSONString(data), clazz);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected <T> Pager<List<T>> getPageResult(MvcResult mvcResult, Class<T> clazz) throws Exception {
|
||||||
|
Map<String, Object> pagerResult = (Map<String, Object>) JSON.parseMap(mvcResult.getResponse().getContentAsString()).get("data");
|
||||||
|
List<T> list = JSON.parseArray(JSON.toJSONString(pagerResult.get("list")), clazz);
|
||||||
|
Pager pager = new Pager();
|
||||||
|
pager.setPageSize(Long.valueOf(pagerResult.get("pageSize").toString()));
|
||||||
|
pager.setCurrent(Long.valueOf(pagerResult.get("current").toString()));
|
||||||
|
pager.setTotal(Long.valueOf(pagerResult.get("total").toString()));
|
||||||
|
pager.setList(list);
|
||||||
|
return pager;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,18 @@
|
||||||
package io.metersphere.system.controller;
|
package io.metersphere.system.controller;
|
||||||
|
|
||||||
import io.metersphere.sdk.constants.PermissionConstants;
|
import io.metersphere.sdk.constants.PermissionConstants;
|
||||||
import io.metersphere.sdk.dto.PermissionSettingDTO;
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
|
import io.metersphere.sdk.dto.request.UserRoleUpdateRequest;
|
||||||
|
import io.metersphere.sdk.log.annotation.Log;
|
||||||
|
import io.metersphere.sdk.log.constants.OperationLogModule;
|
||||||
|
import io.metersphere.sdk.log.constants.OperationLogType;
|
||||||
|
import io.metersphere.sdk.util.BeanUtils;
|
||||||
|
import io.metersphere.sdk.util.SessionUtils;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
import io.metersphere.system.dto.request.PermissionSettingUpdateRequest;
|
|
||||||
import io.metersphere.system.service.GlobalUserRoleService;
|
import io.metersphere.system.service.GlobalUserRoleService;
|
||||||
import io.metersphere.validation.groups.Created;
|
import io.metersphere.validation.groups.Created;
|
||||||
|
import io.metersphere.validation.groups.Updated;
|
||||||
import io.swagger.v3.oas.annotations.Operation;
|
import io.swagger.v3.oas.annotations.Operation;
|
||||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
|
|
@ -13,7 +20,6 @@ import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||||
import org.springframework.validation.annotation.Validated;
|
import org.springframework.validation.annotation.Validated;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -38,41 +44,48 @@ public class GlobalUserRoleController {
|
||||||
@GetMapping("/permission/setting/{id}")
|
@GetMapping("/permission/setting/{id}")
|
||||||
@Operation(summary = "获取全局用户组对应的权限配置")
|
@Operation(summary = "获取全局用户组对应的权限配置")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_READ)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_READ)
|
||||||
public List<PermissionSettingDTO> getPermissionSetting(@PathVariable String id) {
|
public List<PermissionDefinitionItem> getPermissionSetting(@PathVariable String id) {
|
||||||
return new ArrayList<>();
|
return globalUserRoleService.getPermissionSetting(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/permission/update")
|
@PostMapping("/permission/update")
|
||||||
@Operation(summary = "编辑全局用户组对应的权限配置")
|
@Operation(summary = "编辑全局用户组对应的权限配置")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_UPDATE)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_UPDATE)
|
||||||
public void updatePermissionSetting(@RequestBody PermissionSettingUpdateRequest request) {
|
@Log(isBefore = true, type = OperationLogType.UPDATE, module = OperationLogModule.SYSTEM_USER_ROLE,
|
||||||
}
|
details = "#msClass.getLogDetails(#request.userRoleId)", msClass = GlobalUserRoleService.class)
|
||||||
|
public void updatePermissionSetting(@Validated @RequestBody PermissionSettingUpdateRequest request) {
|
||||||
@GetMapping("/get/{id}")
|
globalUserRoleService.updatePermissionSetting(request);
|
||||||
@Operation(summary = "获取单个全局用户组信息")
|
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_READ)
|
|
||||||
public UserRole get(@PathVariable String id) {
|
|
||||||
return globalUserRoleService.get(id);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/add")
|
@PostMapping("/add")
|
||||||
@Operation(summary = "添加自定义全局用户组")
|
@Operation(summary = "添加自定义全局用户组")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_ADD)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_ADD)
|
||||||
public UserRole add(@Validated({Created.class}) @RequestBody UserRole userRole) {
|
@Log(type = OperationLogType.ADD, module = OperationLogModule.SYSTEM_USER_ROLE,
|
||||||
|
sourceId = "#request.id", details = "#request.name")
|
||||||
|
public UserRole add(@Validated({Created.class}) @RequestBody UserRoleUpdateRequest request) {
|
||||||
|
UserRole userRole = new UserRole();
|
||||||
|
userRole.setCreateUser(SessionUtils.getUserId());
|
||||||
|
BeanUtils.copyBean(userRole, request);
|
||||||
return globalUserRoleService.add(userRole);
|
return globalUserRoleService.add(userRole);
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/update")
|
@PostMapping("/update")
|
||||||
@Operation(summary = "更新自定义全局用户组")
|
@Operation(summary = "更新自定义全局用户组")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_UPDATE)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_UPDATE)
|
||||||
public UserRole update(@Validated({Created.class}) @RequestBody UserRole userRole) {
|
@Log(isBefore = true, type = OperationLogType.UPDATE, module = OperationLogModule.SYSTEM_USER_ROLE,
|
||||||
|
sourceId = "#request.id", details = "#request.name")
|
||||||
|
public UserRole update(@Validated({Updated.class}) @RequestBody UserRoleUpdateRequest request) {
|
||||||
|
UserRole userRole = new UserRole();
|
||||||
|
BeanUtils.copyBean(userRole, request);
|
||||||
return globalUserRoleService.update(userRole);
|
return globalUserRoleService.update(userRole);
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/delete/{id}")
|
@GetMapping("/delete/{id}")
|
||||||
@Operation(summary = "删除自定义全局用户组")
|
@Operation(summary = "删除自定义全局用户组")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_DELETE)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_DELETE)
|
||||||
public String delete(@PathVariable String id) {
|
@Log(isBefore = true, type = OperationLogType.DELETE, module = OperationLogModule.SYSTEM_USER_ROLE,
|
||||||
return globalUserRoleService.delete(id);
|
details = "#msClass.getLogDetails(#id)", msClass = GlobalUserRoleService.class)
|
||||||
|
public void delete(@PathVariable String id) {
|
||||||
|
globalUserRoleService.delete(id);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,23 +1,29 @@
|
||||||
package io.metersphere.system.controller;
|
package io.metersphere.system.controller;
|
||||||
|
|
||||||
import java.util.List;
|
import com.github.pagehelper.Page;
|
||||||
|
import com.github.pagehelper.PageHelper;
|
||||||
import io.metersphere.system.dto.GlobalUserRoleUserDTO;
|
import io.metersphere.sdk.constants.PermissionConstants;
|
||||||
|
import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
|
||||||
|
import io.metersphere.sdk.dto.request.GlobalUserRoleRelationUpdateRequest;
|
||||||
|
import io.metersphere.sdk.log.annotation.Log;
|
||||||
|
import io.metersphere.sdk.log.constants.OperationLogModule;
|
||||||
|
import io.metersphere.sdk.log.constants.OperationLogType;
|
||||||
|
import io.metersphere.sdk.util.BeanUtils;
|
||||||
|
import io.metersphere.sdk.util.PageUtils;
|
||||||
|
import io.metersphere.sdk.util.Pager;
|
||||||
|
import io.metersphere.sdk.util.SessionUtils;
|
||||||
|
import io.metersphere.system.domain.UserRoleRelation;
|
||||||
|
import io.metersphere.system.dto.request.GlobalUserRoleRelationQueryRequest;
|
||||||
|
import io.metersphere.system.service.GlobalUserRoleRelationService;
|
||||||
|
import io.metersphere.validation.groups.Created;
|
||||||
import io.swagger.v3.oas.annotations.Operation;
|
import io.swagger.v3.oas.annotations.Operation;
|
||||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
import org.springframework.web.bind.annotation.*;
|
|
||||||
import io.metersphere.validation.groups.*;
|
|
||||||
import io.metersphere.sdk.util.PageUtils;
|
|
||||||
import com.github.pagehelper.Page;
|
|
||||||
import io.metersphere.sdk.util.Pager;
|
|
||||||
import com.github.pagehelper.PageHelper;
|
|
||||||
import io.metersphere.sdk.constants.PermissionConstants;
|
|
||||||
import org.springframework.validation.annotation.Validated;
|
|
||||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||||
import io.metersphere.system.dto.request.GlobalUserRoleRelationQueryRequest;
|
import org.springframework.validation.annotation.Validated;
|
||||||
import io.metersphere.system.service.GlobalUserRoleRelationService;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import io.metersphere.system.domain.UserRoleRelation;
|
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author : jianxing
|
* @author : jianxing
|
||||||
|
|
@ -34,7 +40,7 @@ public class GlobalUserRoleRelationController {
|
||||||
@PostMapping("/list")
|
@PostMapping("/list")
|
||||||
@Operation(summary = "获取全局用户组对应的用户列表")
|
@Operation(summary = "获取全局用户组对应的用户列表")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_RELATION_READ)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_RELATION_READ)
|
||||||
public Pager<List<GlobalUserRoleUserDTO>> list(@RequestBody GlobalUserRoleRelationQueryRequest request) {
|
public Pager<List<UserRoleRelationUserDTO>> list(@Validated @RequestBody GlobalUserRoleRelationQueryRequest request) {
|
||||||
Page<Object> page = PageHelper.startPage(request.getCurrent(), request.getPageSize(), true);
|
Page<Object> page = PageHelper.startPage(request.getCurrent(), request.getPageSize(), true);
|
||||||
return PageUtils.setPageInfo(page, globalUserRoleRelationService.list(request));
|
return PageUtils.setPageInfo(page, globalUserRoleRelationService.list(request));
|
||||||
}
|
}
|
||||||
|
|
@ -42,14 +48,21 @@ public class GlobalUserRoleRelationController {
|
||||||
@PostMapping("/add")
|
@PostMapping("/add")
|
||||||
@Operation(summary = "创建全局用户组和用户的关联关系")
|
@Operation(summary = "创建全局用户组和用户的关联关系")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_RELATION_ADD)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_RELATION_ADD)
|
||||||
public UserRoleRelation add(@Validated({Created.class}) @RequestBody UserRoleRelation userRoleRelation) {
|
@Log(isBefore = true, type = OperationLogType.ADD, module = OperationLogModule.SYSTEM_USER_ROLE_RELATION,
|
||||||
|
details = "#msClass.getLogDetails(#id)", msClass = GlobalUserRoleRelationService.class)
|
||||||
|
public UserRoleRelation add(@Validated({Created.class}) @RequestBody GlobalUserRoleRelationUpdateRequest request) {
|
||||||
|
UserRoleRelation userRoleRelation = new UserRoleRelation();
|
||||||
|
BeanUtils.copyBean(userRoleRelation, request);
|
||||||
|
userRoleRelation.setCreateUser(SessionUtils.getUserId());
|
||||||
return globalUserRoleRelationService.add(userRoleRelation);
|
return globalUserRoleRelationService.add(userRoleRelation);
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/delete/{id}")
|
@GetMapping("/delete/{id}")
|
||||||
@Operation(summary = "删除全局用户组和用户的关联关系")
|
@Operation(summary = "删除全局用户组和用户的关联关系")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_RELATION_DELETE)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_ROLE_RELATION_DELETE)
|
||||||
public String delete(@PathVariable String id) {
|
@Log(isBefore = true, type = OperationLogType.DELETE, module = OperationLogModule.SYSTEM_USER_ROLE_RELATION,
|
||||||
return globalUserRoleRelationService.delete(id);
|
details = "#msClass.getLogDetails(#id)", msClass = GlobalUserRoleRelationService.class)
|
||||||
|
public void delete(@PathVariable String id) {
|
||||||
|
globalUserRoleRelationService.delete(id);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,41 @@
|
||||||
|
package io.metersphere.system.controller.result;
|
||||||
|
|
||||||
|
import io.metersphere.sdk.controller.handler.result.IResultCode;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author jianxing
|
||||||
|
*/
|
||||||
|
public enum SystemResultCode implements IResultCode {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 调用获取全局用户组接口,如果操作的是非全局的用户组,会返回该响应码
|
||||||
|
*/
|
||||||
|
GLOBAL_USER_ROLE_PERMISSION(101001, "没有权限操作非全局用户组"),
|
||||||
|
/**
|
||||||
|
* 调用获取全局用户组接口,如果操作的是内置的用户组,会返回该响应码
|
||||||
|
*/
|
||||||
|
INTERNAL_USER_ROLE_PERMISSION(101002, "内置用户组无法编辑与删除"),
|
||||||
|
GLOBAL_USER_ROLE_EXIST(101003, "全局用户组已存在"),
|
||||||
|
GLOBAL_USER_ROLE_RELATION_EXIST(101004, "用户已在当前用户组"),
|
||||||
|
GLOBAL_USER_ROLE_RELATION_SYSTEM_PERMISSION(101005, "没有权限操作非系统级别用户组"),
|
||||||
|
GLOBAL_USER_ROLE_RELATION_REMOVE_ADMIN_USER_PERMISSION(101005, "无法将 admin 用户将系统管理员用户组删除")
|
||||||
|
;
|
||||||
|
|
||||||
|
private final int code;
|
||||||
|
private final String message;
|
||||||
|
|
||||||
|
SystemResultCode(int code, String message) {
|
||||||
|
this.code = code;
|
||||||
|
this.message = message;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int getCode() {
|
||||||
|
return code;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getMessage() {
|
||||||
|
return getTranslationMessage(this.message);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -1,9 +1,11 @@
|
||||||
package io.metersphere.system.dto.request;
|
package io.metersphere.system.dto.request;
|
||||||
|
|
||||||
import io.swagger.v3.oas.annotations.media.Schema;
|
import io.swagger.v3.oas.annotations.media.Schema;
|
||||||
|
import jakarta.validation.constraints.NotBlank;
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
import lombok.Setter;
|
import lombok.Setter;
|
||||||
import io.metersphere.sdk.dto.BasePageRequest;
|
import io.metersphere.sdk.dto.BasePageRequest;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author : jianxing
|
* @author : jianxing
|
||||||
* @date : 2023-6-12
|
* @date : 2023-6-12
|
||||||
|
|
@ -11,6 +13,7 @@ import io.metersphere.sdk.dto.BasePageRequest;
|
||||||
@Getter
|
@Getter
|
||||||
@Setter
|
@Setter
|
||||||
public class GlobalUserRoleRelationQueryRequest extends BasePageRequest {
|
public class GlobalUserRoleRelationQueryRequest extends BasePageRequest {
|
||||||
|
@NotBlank
|
||||||
@Schema(title = "用户组ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
@Schema(title = "用户组ID", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
private String userRoleId;
|
private String roleId;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,5 +5,5 @@ import org.apache.ibatis.annotations.Param;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
public interface ExtUserRoleMapper {
|
public interface ExtUserRoleMapper {
|
||||||
public List<String> selectGlobalRoleList(@Param("roleIdList") List<String> roleIdList, @Param("isSystem") boolean isSystem);
|
List<String> selectGlobalRoleList(@Param("roleIdList") List<String> roleIdList, @Param("isSystem") boolean isSystem);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
package io.metersphere.system.mapper;
|
package io.metersphere.system.mapper;
|
||||||
|
|
||||||
import io.metersphere.system.domain.UserRoleRelation;
|
import io.metersphere.system.domain.UserRoleRelation;
|
||||||
|
import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
|
||||||
|
import io.metersphere.system.dto.request.GlobalUserRoleRelationQueryRequest;
|
||||||
import org.apache.ibatis.annotations.Param;
|
import org.apache.ibatis.annotations.Param;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
@ -9,4 +11,6 @@ public interface ExtUserRoleRelationMapper {
|
||||||
List<UserRoleRelation> listByUserIdAndScope(@Param("userIds") List<String> userIdList);
|
List<UserRoleRelation> listByUserIdAndScope(@Param("userIds") List<String> userIdList);
|
||||||
|
|
||||||
List<UserRoleRelation> selectGlobalRoleByUserId(String userId);
|
List<UserRoleRelation> selectGlobalRoleByUserId(String userId);
|
||||||
|
|
||||||
|
List<UserRoleRelationUserDTO> listGlobal(@Param("request") GlobalUserRoleRelationQueryRequest request);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -19,4 +19,15 @@
|
||||||
SELECT id FROM user_role WHERE type = 'SYSTEM' AND scope_id = 'global'
|
SELECT id FROM user_role WHERE type = 'SYSTEM' AND scope_id = 'global'
|
||||||
)
|
)
|
||||||
</select>
|
</select>
|
||||||
|
<select id="listGlobal" resultType="io.metersphere.sdk.dto.UserRoleRelationUserDTO">
|
||||||
|
select urr.id, u.id as userId, u.name, u.email, u.phone
|
||||||
|
from user_role_relation urr
|
||||||
|
inner join user u on urr.user_id = u.id and urr.role_id = #{request.roleId}
|
||||||
|
<if test="request.keyword != null">
|
||||||
|
and (
|
||||||
|
u.name like concat('%', #{request.keyword},'%')
|
||||||
|
or u.email like concat('%', #{request.keyword},'%')
|
||||||
|
)
|
||||||
|
</if>
|
||||||
|
</select>
|
||||||
</mapper>
|
</mapper>
|
||||||
|
|
@ -1,13 +1,24 @@
|
||||||
package io.metersphere.system.service;
|
package io.metersphere.system.service;
|
||||||
|
|
||||||
|
import io.metersphere.sdk.exception.MSException;
|
||||||
|
import io.metersphere.system.domain.UserRole;
|
||||||
import io.metersphere.system.domain.UserRoleRelation;
|
import io.metersphere.system.domain.UserRoleRelation;
|
||||||
import io.metersphere.system.dto.GlobalUserRoleUserDTO;
|
import io.metersphere.system.domain.UserRoleRelationExample;
|
||||||
|
import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
|
||||||
|
import io.metersphere.system.mapper.ExtUserRoleRelationMapper;
|
||||||
import io.metersphere.system.mapper.UserRoleRelationMapper;
|
import io.metersphere.system.mapper.UserRoleRelationMapper;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.ArrayList;
|
import java.util.UUID;
|
||||||
|
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
|
import org.apache.commons.collections.CollectionUtils;
|
||||||
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
import io.metersphere.system.dto.request.GlobalUserRoleRelationQueryRequest;
|
import io.metersphere.system.dto.request.GlobalUserRoleRelationQueryRequest;
|
||||||
|
|
||||||
|
import static io.metersphere.sdk.constants.InternalUserRole.ADMIN;
|
||||||
|
import static io.metersphere.system.controller.result.SystemResultCode.*;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author jianxing
|
* @author jianxing
|
||||||
* @date : 2023-6-12
|
* @date : 2023-6-12
|
||||||
|
|
@ -17,18 +28,70 @@ public class GlobalUserRoleRelationService {
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private UserRoleRelationMapper userRoleRelationMapper;
|
private UserRoleRelationMapper userRoleRelationMapper;
|
||||||
|
@Resource
|
||||||
|
private ExtUserRoleRelationMapper extUserRoleRelationMapper;
|
||||||
|
@Resource
|
||||||
|
private GlobalUserRoleService globalUserRoleService;
|
||||||
|
|
||||||
public List<GlobalUserRoleUserDTO> list(GlobalUserRoleRelationQueryRequest request) {
|
public List<UserRoleRelationUserDTO> list(GlobalUserRoleRelationQueryRequest request) {
|
||||||
return new ArrayList<>();
|
UserRole userRole = globalUserRoleService.get(request.getRoleId());
|
||||||
|
globalUserRoleService.checkSystemUserGroup(userRole);
|
||||||
|
globalUserRoleService.checkGlobalUserRole(userRole);
|
||||||
|
return extUserRoleRelationMapper.listGlobal(request);
|
||||||
}
|
}
|
||||||
|
|
||||||
public UserRoleRelation add(UserRoleRelation userRoleRelation) {
|
public UserRoleRelation add(UserRoleRelation userRoleRelation) {
|
||||||
|
UserRole userRole = globalUserRoleService.get(userRoleRelation.getRoleId());
|
||||||
|
checkExist(userRoleRelation);
|
||||||
|
globalUserRoleService.checkSystemUserGroup(userRole);
|
||||||
|
globalUserRoleService.checkGlobalUserRole(userRole);
|
||||||
|
|
||||||
|
userRoleRelation.setSourceId(GlobalUserRoleService.SYSTEM_TYPE);
|
||||||
|
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
||||||
|
userRoleRelation.setId(UUID.randomUUID().toString());
|
||||||
userRoleRelationMapper.insert(userRoleRelation);
|
userRoleRelationMapper.insert(userRoleRelation);
|
||||||
return userRoleRelation;
|
return userRoleRelation;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String delete(String id) {
|
/**
|
||||||
|
* 校验用户是否已在当前用户组
|
||||||
|
*/
|
||||||
|
public void checkExist(UserRoleRelation userRoleRelation) {
|
||||||
|
UserRoleRelationExample example = new UserRoleRelationExample();
|
||||||
|
example.createCriteria()
|
||||||
|
.andUserIdEqualTo(userRoleRelation.getUserId())
|
||||||
|
.andRoleIdEqualTo(userRoleRelation.getRoleId());
|
||||||
|
|
||||||
|
List<UserRoleRelation> userRoleRelations = userRoleRelationMapper.selectByExample(example);
|
||||||
|
if (CollectionUtils.isNotEmpty(userRoleRelations)) {
|
||||||
|
throw new MSException(GLOBAL_USER_ROLE_RELATION_EXIST);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void delete(String id) {
|
||||||
|
UserRoleRelation userRoleRelation = userRoleRelationMapper.selectByPrimaryKey(id);
|
||||||
|
UserRole userRole = globalUserRoleService.get(userRoleRelation.getRoleId());
|
||||||
|
checkAdminPermissionRemove(userRoleRelation, userRole);
|
||||||
|
globalUserRoleService.checkSystemUserGroup(userRole);
|
||||||
|
globalUserRoleService.checkGlobalUserRole(userRole);
|
||||||
userRoleRelationMapper.deleteByPrimaryKey(id);
|
userRoleRelationMapper.deleteByPrimaryKey(id);
|
||||||
return id;
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* admin 不能从系统管理员用户组删除
|
||||||
|
*/
|
||||||
|
private static void checkAdminPermissionRemove(UserRoleRelation userRoleRelation, UserRole userRole) {
|
||||||
|
if (StringUtils.equals(userRole.getId(), ADMIN.getValue()) && StringUtils.equals(userRoleRelation.getUserId(), ADMIN.getValue())) {
|
||||||
|
throw new MSException(GLOBAL_USER_ROLE_RELATION_REMOVE_ADMIN_USER_PERMISSION);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getLogDetails(String id) {
|
||||||
|
UserRoleRelation userRoleRelation = userRoleRelationMapper.selectByPrimaryKey(id);
|
||||||
|
if (userRoleRelation != null) {
|
||||||
|
UserRole userRole = globalUserRoleService.get(userRoleRelation.getRoleId());
|
||||||
|
return userRole == null ? null : userRole.getName();
|
||||||
|
}
|
||||||
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,9 @@
|
||||||
package io.metersphere.system.service;
|
package io.metersphere.system.service;
|
||||||
|
|
||||||
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
import io.metersphere.sdk.exception.MSException;
|
import io.metersphere.sdk.exception.MSException;
|
||||||
|
import io.metersphere.sdk.service.BaseUserRoleService;
|
||||||
import io.metersphere.sdk.util.Translator;
|
import io.metersphere.sdk.util.Translator;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
import io.metersphere.system.domain.UserRoleExample;
|
import io.metersphere.system.domain.UserRoleExample;
|
||||||
|
|
@ -10,12 +13,18 @@ import io.metersphere.system.mapper.UserRoleMapper;
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
import jakarta.validation.Valid;
|
import jakarta.validation.Valid;
|
||||||
import jakarta.validation.constraints.NotEmpty;
|
import jakarta.validation.constraints.NotEmpty;
|
||||||
|
import org.apache.commons.collections.CollectionUtils;
|
||||||
|
import org.apache.commons.lang3.BooleanUtils;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
import static io.metersphere.sdk.constants.InternalUserRole.MEMBER;
|
||||||
|
import static io.metersphere.system.controller.result.SystemResultCode.*;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 系统设置的接口增删改查都是针对全局用户组
|
* 系统设置的接口增删改查都是针对全局用户组
|
||||||
*
|
*
|
||||||
|
|
@ -23,10 +32,9 @@ import java.util.List;
|
||||||
* @date : 2023-6-8
|
* @date : 2023-6-8
|
||||||
*/
|
*/
|
||||||
@Service
|
@Service
|
||||||
public class GlobalUserRoleService {
|
@Transactional(rollbackFor = Exception.class)
|
||||||
|
public class GlobalUserRoleService extends BaseUserRoleService {
|
||||||
public static String GLOBAL_SCOPE = "GLOBAL";
|
public static final String GLOBAL_SCOPE = "GLOBAL";
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private UserRoleMapper userRoleMapper;
|
private UserRoleMapper userRoleMapper;
|
||||||
@Resource
|
@Resource
|
||||||
|
|
@ -38,27 +46,74 @@ public class GlobalUserRoleService {
|
||||||
return userRoleMapper.selectByExample(example);
|
return userRoleMapper.selectByExample(example);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 校验是否是全局用户组,非全局抛异常
|
||||||
|
*/
|
||||||
|
public void checkGlobalUserRole(UserRole userRole) {
|
||||||
|
if (!StringUtils.equals(userRole.getScopeId(), GLOBAL_SCOPE)) {
|
||||||
|
throw new MSException(GLOBAL_USER_ROLE_PERMISSION);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 校验是否是内置用户组,是内置抛异常
|
||||||
|
*/
|
||||||
|
public void checkInternalUserRole(UserRole userRole) {
|
||||||
|
if (BooleanUtils.isTrue(userRole.getInternal())) {
|
||||||
|
throw new MSException(INTERNAL_USER_ROLE_PERMISSION);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 校验用户是否是系统用户组
|
||||||
|
*/
|
||||||
|
public void checkSystemUserGroup(UserRole userRole) {
|
||||||
|
if (!StringUtils.equals(userRole.getType(), GlobalUserRoleService.SYSTEM_TYPE)) {
|
||||||
|
throw new MSException(GLOBAL_USER_ROLE_RELATION_SYSTEM_PERMISSION);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public UserRole add(UserRole userRole) {
|
||||||
|
userRole.setInternal(false);
|
||||||
|
userRole.setScopeId(GLOBAL_SCOPE);
|
||||||
|
checkExist(userRole);
|
||||||
|
return super.add(userRole);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void checkExist(UserRole userRole) {
|
||||||
|
UserRoleExample example = new UserRoleExample();
|
||||||
|
UserRoleExample.Criteria criteria = example.createCriteria()
|
||||||
|
.andNameEqualTo(userRole.getName())
|
||||||
|
.andScopeIdEqualTo(GLOBAL_SCOPE);
|
||||||
|
if (StringUtils.isNoneBlank(userRole.getId())) {
|
||||||
|
criteria.andIdNotEqualTo(userRole.getId());
|
||||||
|
}
|
||||||
|
|
||||||
|
List<UserRole> userRoles = userRoleMapper.selectByExample(example);
|
||||||
|
if (CollectionUtils.isNotEmpty(userRoles)) {
|
||||||
|
throw new MSException(GLOBAL_USER_ROLE_EXIST);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@Override
|
||||||
|
public UserRole update(UserRole userRole) {
|
||||||
|
UserRole originUserRole = get(userRole.getId());
|
||||||
|
checkGlobalUserRole(originUserRole);
|
||||||
|
checkInternalUserRole(originUserRole);
|
||||||
|
userRole.setInternal(false);
|
||||||
|
checkExist(userRole);
|
||||||
|
return super.update(userRole);
|
||||||
|
}
|
||||||
|
|
||||||
public UserRole get(String id) {
|
public UserRole get(String id) {
|
||||||
// todo 只能获取全局
|
|
||||||
return userRoleMapper.selectByPrimaryKey(id);
|
return userRoleMapper.selectByPrimaryKey(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
public UserRole add(UserRole userRole) {
|
public void delete(String id) {
|
||||||
// todo 只能添加自定义全局
|
UserRole userRole = get(id);
|
||||||
userRoleMapper.insert(userRole);
|
checkGlobalUserRole(userRole);
|
||||||
return userRole;
|
checkInternalUserRole(userRole);
|
||||||
}
|
|
||||||
|
|
||||||
public UserRole update(UserRole userRole) {
|
|
||||||
// todo 只能修改自定义全局
|
|
||||||
userRoleMapper.updateByPrimaryKeySelective(userRole);
|
|
||||||
return userRole;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String delete(String id) {
|
|
||||||
// todo 只能删除自定义全局
|
|
||||||
userRoleMapper.deleteByPrimaryKey(id);
|
userRoleMapper.deleteByPrimaryKey(id);
|
||||||
return id;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void checkRoleIsGlobalAndHaveMember(@Valid @NotEmpty List<String> roleIdList, boolean isSystem) {
|
public void checkRoleIsGlobalAndHaveMember(@Valid @NotEmpty List<String> roleIdList, boolean isSystem) {
|
||||||
|
|
@ -66,23 +121,43 @@ public class GlobalUserRoleService {
|
||||||
if (globalRoleList.size() != roleIdList.size()) {
|
if (globalRoleList.size() != roleIdList.size()) {
|
||||||
throw new MSException("role.not.global");
|
throw new MSException("role.not.global");
|
||||||
}
|
}
|
||||||
if (!globalRoleList.contains("member")) {
|
if (!globalRoleList.contains(MEMBER.getValue())) {
|
||||||
throw new MSException(Translator.get("role.not.contains.member"));
|
throw new MSException(Translator.get("role.not.contains.member"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public List<UserRoleOption> getGlobalSystemRoleList() {
|
public List<UserRoleOption> getGlobalSystemRoleList() {
|
||||||
UserRoleExample example = new UserRoleExample();
|
UserRoleExample example = new UserRoleExample();
|
||||||
example.createCriteria().andScopeIdEqualTo("global").andTypeEqualTo("SYSTEM");
|
example.createCriteria().andScopeIdEqualTo(GLOBAL_SCOPE).andTypeEqualTo(SYSTEM_TYPE);
|
||||||
List<UserRoleOption> returnList = new ArrayList<>();
|
List<UserRoleOption> returnList = new ArrayList<>();
|
||||||
userRoleMapper.selectByExample(example).forEach(userRole -> {
|
userRoleMapper.selectByExample(example).forEach(userRole -> {
|
||||||
UserRoleOption userRoleOption = new UserRoleOption();
|
UserRoleOption userRoleOption = new UserRoleOption();
|
||||||
userRoleOption.setId(userRole.getId());
|
userRoleOption.setId(userRole.getId());
|
||||||
userRoleOption.setName(userRole.getName());
|
userRoleOption.setName(userRole.getName());
|
||||||
userRoleOption.setSelected(StringUtils.equals(userRole.getId(), "member"));
|
userRoleOption.setSelected(StringUtils.equals(userRole.getId(), MEMBER.getValue()));
|
||||||
userRoleOption.setCloseable(!StringUtils.equals(userRole.getId(), "member"));
|
userRoleOption.setCloseable(!StringUtils.equals(userRole.getId(), MEMBER.getValue()));
|
||||||
returnList.add(userRoleOption);
|
returnList.add(userRoleOption);
|
||||||
});
|
});
|
||||||
return returnList;
|
return returnList;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public List<PermissionDefinitionItem> getPermissionSetting(String id) {
|
||||||
|
UserRole userRole = get(id);
|
||||||
|
checkGlobalUserRole(userRole);
|
||||||
|
return getPermissionSetting(userRole);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void updatePermissionSetting(PermissionSettingUpdateRequest request) {
|
||||||
|
UserRole userRole = get(request.getUserRoleId());
|
||||||
|
checkGlobalUserRole(userRole);
|
||||||
|
checkInternalUserRole(userRole);
|
||||||
|
super.updatePermissionSetting(request);
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getLogDetails(String id) {
|
||||||
|
UserRole userRole = userRoleMapper.selectByPrimaryKey(id);
|
||||||
|
return userRole == null ? null : userRole.getName();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,7 @@
|
||||||
package io.metersphere.system.service;
|
package io.metersphere.system.service;
|
||||||
|
|
||||||
import io.metersphere.sdk.constants.UserRoleConstants;
|
import io.metersphere.sdk.constants.InternalUserRole;
|
||||||
import io.metersphere.sdk.exception.MSException;
|
|
||||||
import io.metersphere.sdk.util.BeanUtils;
|
import io.metersphere.sdk.util.BeanUtils;
|
||||||
import io.metersphere.sdk.util.Translator;
|
|
||||||
import io.metersphere.system.domain.Organization;
|
import io.metersphere.system.domain.Organization;
|
||||||
import io.metersphere.system.domain.OrganizationExample;
|
import io.metersphere.system.domain.OrganizationExample;
|
||||||
import io.metersphere.system.domain.UserRoleRelation;
|
import io.metersphere.system.domain.UserRoleRelation;
|
||||||
|
|
@ -68,7 +66,7 @@ public class OrganizationServiceImpl implements OrganizationService{
|
||||||
userRoleRelation.setId(UUID.randomUUID().toString());
|
userRoleRelation.setId(UUID.randomUUID().toString());
|
||||||
userRoleRelation.setUserId(userId);
|
userRoleRelation.setUserId(userId);
|
||||||
userRoleRelation.setSourceId(organizationMemberRequest.getOrganizationId());
|
userRoleRelation.setSourceId(organizationMemberRequest.getOrganizationId());
|
||||||
userRoleRelation.setRoleId(UserRoleConstants.ORG_MEMBER);
|
userRoleRelation.setRoleId(InternalUserRole.ORG_MEMBER.getValue());
|
||||||
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
||||||
userRoleRelation.setCreateUser(organizationMemberRequest.getCreateUserId());
|
userRoleRelation.setCreateUser(organizationMemberRequest.getCreateUserId());
|
||||||
userRoleRelationMapper.insertSelective(userRoleRelation);
|
userRoleRelationMapper.insertSelective(userRoleRelation);
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ package io.metersphere.system.service;
|
||||||
import io.metersphere.project.domain.Project;
|
import io.metersphere.project.domain.Project;
|
||||||
import io.metersphere.project.domain.ProjectExample;
|
import io.metersphere.project.domain.ProjectExample;
|
||||||
import io.metersphere.project.mapper.ProjectMapper;
|
import io.metersphere.project.mapper.ProjectMapper;
|
||||||
import io.metersphere.sdk.constants.UserRoleConstants;
|
import io.metersphere.sdk.constants.InternalUserRole;
|
||||||
import io.metersphere.sdk.dto.ProjectDTO;
|
import io.metersphere.sdk.dto.ProjectDTO;
|
||||||
import io.metersphere.sdk.exception.MSException;
|
import io.metersphere.sdk.exception.MSException;
|
||||||
import io.metersphere.sdk.util.Translator;
|
import io.metersphere.sdk.util.Translator;
|
||||||
|
|
@ -105,7 +105,7 @@ public class SystemProjectService {
|
||||||
UserRoleRelation userRoleRelation = new UserRoleRelation(
|
UserRoleRelation userRoleRelation = new UserRoleRelation(
|
||||||
UUID.randomUUID().toString(),
|
UUID.randomUUID().toString(),
|
||||||
userId,
|
userId,
|
||||||
UserRoleConstants.PROJECT_MEMBER,
|
InternalUserRole.PROJECT_MEMBER.getValue(),
|
||||||
request.getProjectId(),
|
request.getProjectId(),
|
||||||
System.currentTimeMillis(),
|
System.currentTimeMillis(),
|
||||||
request.getCreateUser());
|
request.getCreateUser());
|
||||||
|
|
|
||||||
|
|
@ -1,54 +1,53 @@
|
||||||
|
[
|
||||||
{
|
{
|
||||||
|
"id": "SYSTEM",
|
||||||
|
"name": "permission.system.name",
|
||||||
|
"type": "SYSTEM",
|
||||||
|
"children": [
|
||||||
|
{
|
||||||
|
"id": "SYSTEM_USER_ROLE",
|
||||||
|
"name": "permission.system_user_role.name",
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
"id": "SYSTEM_USER_ROLE:READ",
|
"id": "SYSTEM_USER_ROLE:READ",
|
||||||
"name": "permission.system_user_role.read",
|
"name": "permission.system_user_role.read"
|
||||||
"resourceId": "SYSTEM_USER_ROLE"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"id": "SYSTEM_USER_ROLE:READ+ADD",
|
"id": "SYSTEM_USER_ROLE:READ+ADD",
|
||||||
"name": "permission.system_user_role.add",
|
"name": "permission.system_user_role.add"
|
||||||
"resourceId": "SYSTEM_USER_ROLE"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"id": "SYSTEM_USER_ROLE:READ+UPDATE",
|
"id": "SYSTEM_USER_ROLE:READ+UPDATE",
|
||||||
"name": "permission.system_user_role.edit",
|
"name": "permission.system_user_role.update"
|
||||||
"resourceId": "SYSTEM_USER_ROLE"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"id": "SYSTEM_USER_ROLE:READ+DELETE",
|
"id": "SYSTEM_USER_ROLE:READ+DELETE",
|
||||||
"name": "permission.system_user_role.delete",
|
"name": "permission.system_user_role.delete"
|
||||||
"resourceId": "SYSTEM_USER_ROLE"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "SYSTEM_TEST_RESOURCE_POOL:READ",
|
|
||||||
"name": "permission.system_test_resource_pool.read",
|
|
||||||
"resourceId": "SYSTEM_USER_ROLE"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "SYSTEM_TEST_RESOURCE_POOL:READ+ADD",
|
|
||||||
"name": "permission.system_test_resource_pool.add",
|
|
||||||
"resourceId": "SYSTEM_USER_ROLE"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "SYSTEM_TEST_RESOURCE_POOL:READ+UPDATE",
|
|
||||||
"name": "permission.system_test_resource_pool.update",
|
|
||||||
"resourceId": "SYSTEM_USER_ROLE"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "SYSTEM_TEST_RESOURCE_POOL:READ+DELETE",
|
|
||||||
"name": "permission.system_test_resource_pool.delete",
|
|
||||||
"resourceId": "SYSTEM_USER_ROLE"
|
|
||||||
}
|
}
|
||||||
],
|
]
|
||||||
"resource": [
|
|
||||||
{
|
|
||||||
"id": "SYSTEM_USER_ROLE",
|
|
||||||
"name": "permission.system_role.name"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"id": "SYSTEM_TEST_RESOURCE_POOL",
|
"id": "SYSTEM_TEST_RESOURCE_POOL",
|
||||||
"name": "permission.system_test_resource_pool.name"
|
"name": "permission.system_test_resource_pool.name",
|
||||||
|
"permissions": [
|
||||||
|
{
|
||||||
|
"id": "SYSTEM_TEST_RESOURCE_POOL:READ",
|
||||||
|
"name": "permission.system_test_resource_pool.read"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id": "SYSTEM_TEST_RESOURCE_POOL:READ+ADD",
|
||||||
|
"name": "permission.system_test_resource_pool.add"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id": "SYSTEM_TEST_RESOURCE_POOL:READ+UPDATE",
|
||||||
|
"name": "permission.system_test_resource_pool.update"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id": "SYSTEM_TEST_RESOURCE_POOL:READ+DELETE",
|
||||||
|
"name": "permission.system_test_resource_pool.delete"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
|
||||||
|
|
@ -1,100 +1,255 @@
|
||||||
package io.metersphere.system.controller;
|
package io.metersphere.system.controller;
|
||||||
|
|
||||||
import com.jayway.jsonpath.JsonPath;
|
import base.BaseTest;
|
||||||
import io.metersphere.sdk.constants.SessionConstants;
|
import io.metersphere.sdk.constants.InternalUserRole;
|
||||||
import io.metersphere.sdk.util.JSON;
|
import io.metersphere.sdk.constants.PermissionConstants;
|
||||||
|
import io.metersphere.sdk.constants.UserRoleType;
|
||||||
|
import io.metersphere.sdk.dto.Permission;
|
||||||
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
|
import io.metersphere.sdk.dto.request.UserRoleUpdateRequest;
|
||||||
|
import io.metersphere.sdk.service.BaseUserRolePermissionService;
|
||||||
|
import io.metersphere.sdk.util.BeanUtils;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
import io.metersphere.system.dto.request.GlobalUserRoleRelationQueryRequest;
|
import io.metersphere.system.mapper.UserRoleMapper;
|
||||||
import io.metersphere.system.dto.request.PermissionSettingUpdateRequest;
|
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.collections.CollectionUtils;
|
||||||
import org.junit.jupiter.api.BeforeEach;
|
import org.junit.jupiter.api.*;
|
||||||
import org.junit.jupiter.api.MethodOrderer;
|
|
||||||
import org.junit.jupiter.api.Test;
|
|
||||||
import org.junit.jupiter.api.TestMethodOrder;
|
|
||||||
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
|
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
|
||||||
import org.springframework.boot.test.context.SpringBootTest;
|
import org.springframework.boot.test.context.SpringBootTest;
|
||||||
import org.springframework.http.MediaType;
|
|
||||||
import org.springframework.test.web.servlet.MockMvc;
|
|
||||||
import org.springframework.test.web.servlet.MvcResult;
|
import org.springframework.test.web.servlet.MvcResult;
|
||||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
import org.testcontainers.shaded.org.apache.commons.lang3.StringUtils;
|
||||||
|
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
import java.util.*;
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
import static io.metersphere.sdk.constants.InternalUserRole.ADMIN;
|
||||||
|
import static io.metersphere.system.controller.result.SystemResultCode.*;
|
||||||
|
import static io.metersphere.system.service.GlobalUserRoleService.GLOBAL_SCOPE;
|
||||||
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||||
|
|
||||||
@SpringBootTest
|
@SpringBootTest
|
||||||
@AutoConfigureMockMvc
|
@AutoConfigureMockMvc
|
||||||
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
|
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
|
||||||
class GlobalUserRoleControllerTest {
|
class GlobalUserRoleControllerTest extends BaseTest {
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private MockMvc mockMvc;
|
private UserRoleMapper userRoleMapper;
|
||||||
private static String sessionId;
|
@Resource
|
||||||
private static String csrfToken;
|
private BaseUserRolePermissionService baseUserRolePermissionService;
|
||||||
|
|
||||||
private static final String BASE_URL = "/user/role/global/";
|
private static final String BASE_PATH = "/user/role/global/";
|
||||||
|
private static final String LIST = "list";
|
||||||
|
private static final String ADD = "add";
|
||||||
|
private static final String UPDATE = "update";
|
||||||
|
private static final String DELETE = "delete/{0}";
|
||||||
|
private static final String PERMISSION_SETTING = "permission/setting/{0}";
|
||||||
|
private static final String PERMISSION_UPDATE = "permission/update";
|
||||||
|
|
||||||
@BeforeEach
|
// 保存创建的用户组,方便之后的修改和删除测试使用
|
||||||
public void login() throws Exception {
|
private static UserRole addUserRole;
|
||||||
if (StringUtils.isAnyBlank(sessionId, csrfToken)) {
|
@Override
|
||||||
MvcResult mvcResult = mockMvc.perform(MockMvcRequestBuilders.post("/login")
|
protected String getBasePath() {
|
||||||
.content("{\"username\":\"admin\",\"password\":\"metersphere\"}")
|
return BASE_PATH;
|
||||||
.contentType(MediaType.APPLICATION_JSON))
|
|
||||||
.andExpect(status().isOk())
|
|
||||||
.andExpect(content().contentType(MediaType.APPLICATION_JSON))
|
|
||||||
.andReturn();
|
|
||||||
sessionId = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.sessionId");
|
|
||||||
csrfToken = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.csrfToken");
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void list() throws Exception {
|
void list() throws Exception {
|
||||||
this.requestPost("list", new GlobalUserRoleRelationQueryRequest());
|
|
||||||
|
// @@请求成功
|
||||||
|
MvcResult mvcResult = this.requestGetWithOk(LIST)
|
||||||
|
.andReturn();
|
||||||
|
List<UserRole> userRoles = getResultDataArray(mvcResult, UserRole.class);
|
||||||
|
|
||||||
|
// 校验是否是全局用户组
|
||||||
|
userRoles.forEach(item -> Assertions.assertTrue(StringUtils.equals(item.getScopeId(), GLOBAL_SCOPE)));
|
||||||
|
|
||||||
|
// 校验是否包含全部的内置用户组
|
||||||
|
List<String> userRoleIds = userRoles.stream().map(UserRole::getId).toList();
|
||||||
|
List<String> internalUserRoleIds = Arrays.stream(InternalUserRole.values())
|
||||||
|
.map(InternalUserRole::getValue)
|
||||||
|
.toList();
|
||||||
|
Assertions.assertTrue(CollectionUtils.isSubCollection(internalUserRoleIds, userRoleIds));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Order(0)
|
||||||
|
void add() throws Exception {
|
||||||
|
|
||||||
|
// @@请求成功
|
||||||
|
UserRoleUpdateRequest request = new UserRoleUpdateRequest();
|
||||||
|
request.setName("test");
|
||||||
|
request.setType(UserRoleType.SYSTEM.name());
|
||||||
|
request.setDescription("test desc");
|
||||||
|
MvcResult mvcResult = this.requestPostWithOkAndReturn(ADD, request);
|
||||||
|
UserRole resultData = getResultData(mvcResult, UserRole.class);
|
||||||
|
UserRole userRole = userRoleMapper.selectByPrimaryKey(resultData.getId());
|
||||||
|
// 校验请求成功数据
|
||||||
|
Assertions.assertEquals(request.getName(), userRole.getName());
|
||||||
|
Assertions.assertEquals(request.getType(), userRole.getType());
|
||||||
|
Assertions.assertEquals(request.getDescription(), userRole.getDescription());
|
||||||
|
this.addUserRole = userRole;
|
||||||
|
|
||||||
|
// @@重名校验异常
|
||||||
|
this.requestPost(ADD, request)
|
||||||
|
.andExpect(
|
||||||
|
jsonPath("$.code")
|
||||||
|
.value(GLOBAL_USER_ROLE_EXIST.getCode())
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Order(1)
|
||||||
|
void update() throws Exception {
|
||||||
|
|
||||||
|
// @@请求成功
|
||||||
|
UserRoleUpdateRequest request = new UserRoleUpdateRequest();
|
||||||
|
request.setId(addUserRole.getId());
|
||||||
|
request.setName("test update");
|
||||||
|
request.setType(UserRoleType.SYSTEM.name());
|
||||||
|
request.setDescription("test desc !!!!");
|
||||||
|
this.requestPostWithOk(UPDATE, request);
|
||||||
|
// 校验请求成功数据
|
||||||
|
UserRole userRoleResult = userRoleMapper.selectByPrimaryKey(request.getId());
|
||||||
|
Assertions.assertEquals(request.getName(), userRoleResult.getName());
|
||||||
|
Assertions.assertEquals(request.getType(), userRoleResult.getType());
|
||||||
|
Assertions.assertEquals(request.getDescription(), userRoleResult.getDescription());
|
||||||
|
|
||||||
|
// @@操作非全局用户组异常
|
||||||
|
BeanUtils.copyBean(request, getNonGlobalUserRole());
|
||||||
|
this.requestPost(UPDATE, request)
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
|
|
||||||
|
// @@操作内置用户组异常
|
||||||
|
request.setId(ADMIN.getValue());
|
||||||
|
request.setName(ADMIN.getValue());
|
||||||
|
this.requestPost(UPDATE, request)
|
||||||
|
.andExpect(jsonPath("$.code").value(INTERNAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
|
|
||||||
|
// @@重名校验异常
|
||||||
|
request.setId(addUserRole.getId());
|
||||||
|
request.setName("系统管理员");
|
||||||
|
this.requestPost(UPDATE, request)
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_EXIST.getCode()));
|
||||||
|
this.requestPost(UPDATE, new UserRole());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void getPermissionSetting() throws Exception {
|
void getPermissionSetting() throws Exception {
|
||||||
this.requestGet("permission/setting/1");
|
// @@请求成功
|
||||||
|
MvcResult mvcResult = this.requestGetWithOkAndReturn(PERMISSION_SETTING, ADMIN.getValue());
|
||||||
|
List<PermissionDefinitionItem> permissionDefinition = getResultDataArray(mvcResult, PermissionDefinitionItem.class);
|
||||||
|
// 获取该用户组拥有的权限
|
||||||
|
Set<String> permissionIds = baseUserRolePermissionService.getPermissionIdSetByRoleId(ADMIN.getValue());
|
||||||
|
// 设置勾选项
|
||||||
|
permissionDefinition.forEach(firstLevel -> {
|
||||||
|
List<PermissionDefinitionItem> children = firstLevel.getChildren();
|
||||||
|
boolean allCheck = true;
|
||||||
|
for (PermissionDefinitionItem secondLevel : children) {
|
||||||
|
List<Permission> permissions = secondLevel.getPermissions();
|
||||||
|
if (CollectionUtils.isEmpty(permissions)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
boolean secondAllCheck = true;
|
||||||
|
for (Permission p : permissions) {
|
||||||
|
if (permissionIds.contains(p.getId())) {
|
||||||
|
// 如果有权限这里校验开启
|
||||||
|
Assertions.assertTrue(p.getEnable());
|
||||||
|
// 使用完移除
|
||||||
|
permissionIds.remove(p.getId());
|
||||||
|
} else {
|
||||||
|
// 如果没有权限校验关闭
|
||||||
|
Assertions.assertFalse(p.getEnable());
|
||||||
|
secondAllCheck = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// 校验二级菜单启用设置
|
||||||
|
Assertions.assertEquals(secondLevel.getEnable(), secondAllCheck);
|
||||||
|
if (!secondAllCheck) {
|
||||||
|
// 如果二级菜单有未勾选,则一级菜单设置为未勾选
|
||||||
|
allCheck = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// 校验一级菜单启用设置
|
||||||
|
Assertions.assertEquals(firstLevel.getEnable(), allCheck);
|
||||||
|
});
|
||||||
|
// 校验是不是获取的数据中包含了该用户组所有的权限
|
||||||
|
Assertions.assertTrue(CollectionUtils.isEmpty(permissionIds));
|
||||||
|
|
||||||
|
// @@操作非全局用户组异常
|
||||||
|
this.requestGet(PERMISSION_SETTING, getNonGlobalUserRole().getId())
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@Order(2)
|
||||||
void updatePermissionSetting() throws Exception {
|
void updatePermissionSetting() throws Exception {
|
||||||
this.requestPost("list", new PermissionSettingUpdateRequest());
|
|
||||||
}
|
PermissionSettingUpdateRequest request = new PermissionSettingUpdateRequest();
|
||||||
|
request.setPermissions(new ArrayList<>() {{
|
||||||
@Test
|
PermissionSettingUpdateRequest.PermissionUpdateRequest permission1
|
||||||
void get() throws Exception {
|
= new PermissionSettingUpdateRequest.PermissionUpdateRequest();
|
||||||
this.requestGet("get/1");
|
permission1.setEnable(true);
|
||||||
}
|
permission1.setId(PermissionConstants.SYSTEM_USER_READ);
|
||||||
|
add(permission1);
|
||||||
@Test
|
PermissionSettingUpdateRequest.PermissionUpdateRequest permission2
|
||||||
void add() throws Exception {
|
= new PermissionSettingUpdateRequest.PermissionUpdateRequest();
|
||||||
this.requestPost("add", new UserRole());
|
permission2.setEnable(false);
|
||||||
}
|
permission2.setId(PermissionConstants.SYSTEM_USER_ROLE_RELATION_READ);
|
||||||
|
add(permission2);
|
||||||
@Test
|
}});
|
||||||
void update() throws Exception {
|
|
||||||
this.requestPost("update", new UserRole());
|
// @@请求成功
|
||||||
|
request.setUserRoleId(addUserRole.getId());
|
||||||
|
this.requestPostWithOk(PERMISSION_UPDATE, request);
|
||||||
|
// 获取该用户组拥有的权限
|
||||||
|
Set<String> permissionIds = baseUserRolePermissionService.getPermissionIdSetByRoleId(request.getUserRoleId());
|
||||||
|
Set<String> requestPermissionIds = request.getPermissions().stream()
|
||||||
|
.filter(PermissionSettingUpdateRequest.PermissionUpdateRequest::getEnable)
|
||||||
|
.map(PermissionSettingUpdateRequest.PermissionUpdateRequest::getId)
|
||||||
|
.collect(Collectors.toSet());
|
||||||
|
// 校验请求成功数据
|
||||||
|
Assertions.assertEquals(requestPermissionIds, permissionIds);
|
||||||
|
|
||||||
|
// @@操作非全局用户组异常
|
||||||
|
request.setUserRoleId(getNonGlobalUserRole().getId());
|
||||||
|
this.requestPost(PERMISSION_UPDATE, request)
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
|
|
||||||
|
// @@操作内置用户组异常
|
||||||
|
request.setUserRoleId(ADMIN.getValue());
|
||||||
|
this.requestPost(PERMISSION_UPDATE, request)
|
||||||
|
.andExpect(jsonPath("$.code").value(INTERNAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@Order(3)
|
||||||
void delete() throws Exception {
|
void delete() throws Exception {
|
||||||
this.requestGet("delete/1");
|
// @@请求成功
|
||||||
|
this.requestGet(DELETE, addUserRole.getId());
|
||||||
|
// 校验请求成功数据
|
||||||
|
Assertions.assertNull(userRoleMapper.selectByPrimaryKey(addUserRole.getId()));
|
||||||
|
|
||||||
|
// @@操作非全局用户组异常
|
||||||
|
this.requestGet(DELETE, getNonGlobalUserRole().getId())
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
|
|
||||||
|
// @@操作内置用户组异常
|
||||||
|
this.requestGet(DELETE, ADMIN.getValue())
|
||||||
|
.andExpect(jsonPath("$.code").value(INTERNAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private void requestPost(String url, Object param) throws Exception {
|
/**
|
||||||
mockMvc.perform(MockMvcRequestBuilders.post(BASE_URL + url)
|
* 插入一条非全局用户组,并返回
|
||||||
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
*/
|
||||||
.header(SessionConstants.CSRF_TOKEN, csrfToken)
|
private UserRole getNonGlobalUserRole() {
|
||||||
.content(JSON.toJSONString(param))
|
// 插入一条非全局用户组数据
|
||||||
.contentType(MediaType.APPLICATION_JSON)).andReturn();
|
UserRole nonGlobalUserRole = userRoleMapper.selectByPrimaryKey(ADMIN.getValue());
|
||||||
}
|
nonGlobalUserRole.setName("非全局用户组");
|
||||||
|
nonGlobalUserRole.setScopeId("not global");
|
||||||
private MvcResult requestGet(String url) throws Exception {
|
nonGlobalUserRole.setId(UUID.randomUUID().toString());
|
||||||
return mockMvc.perform(MockMvcRequestBuilders.get(BASE_URL + url)
|
userRoleMapper.insert(nonGlobalUserRole);
|
||||||
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
return nonGlobalUserRole;
|
||||||
.header(SessionConstants.CSRF_TOKEN, csrfToken)
|
|
||||||
.contentType(MediaType.APPLICATION_JSON)).andReturn();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -1,79 +1,217 @@
|
||||||
package io.metersphere.system.controller;
|
package io.metersphere.system.controller;
|
||||||
|
|
||||||
import com.jayway.jsonpath.JsonPath;
|
import base.BaseTest;
|
||||||
import io.metersphere.sdk.constants.SessionConstants;
|
import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
|
||||||
import io.metersphere.sdk.util.JSON;
|
import io.metersphere.sdk.dto.request.GlobalUserRoleRelationUpdateRequest;
|
||||||
|
import io.metersphere.sdk.util.Pager;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
|
import io.metersphere.system.domain.UserRoleRelation;
|
||||||
|
import io.metersphere.system.domain.UserRoleRelationExample;
|
||||||
import io.metersphere.system.dto.request.GlobalUserRoleRelationQueryRequest;
|
import io.metersphere.system.dto.request.GlobalUserRoleRelationQueryRequest;
|
||||||
|
import io.metersphere.system.mapper.UserRoleMapper;
|
||||||
|
import io.metersphere.system.mapper.UserRoleRelationMapper;
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.collections.CollectionUtils;
|
||||||
import org.junit.jupiter.api.BeforeEach;
|
import org.junit.jupiter.api.*;
|
||||||
import org.junit.jupiter.api.MethodOrderer;
|
|
||||||
import org.junit.jupiter.api.Test;
|
|
||||||
import org.junit.jupiter.api.TestMethodOrder;
|
|
||||||
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
|
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
|
||||||
import org.springframework.boot.test.context.SpringBootTest;
|
import org.springframework.boot.test.context.SpringBootTest;
|
||||||
import org.springframework.http.MediaType;
|
|
||||||
import org.springframework.test.web.servlet.MockMvc;
|
|
||||||
import org.springframework.test.web.servlet.MvcResult;
|
import org.springframework.test.web.servlet.MvcResult;
|
||||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
|
||||||
|
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
|
import java.util.List;
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
import java.util.Set;
|
||||||
|
import java.util.UUID;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
import static io.metersphere.sdk.constants.InternalUserRole.ADMIN;
|
||||||
|
import static io.metersphere.sdk.constants.InternalUserRole.ORG_ADMIN;
|
||||||
|
import static io.metersphere.system.controller.result.SystemResultCode.*;
|
||||||
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||||
|
|
||||||
@SpringBootTest
|
@SpringBootTest
|
||||||
@AutoConfigureMockMvc
|
@AutoConfigureMockMvc
|
||||||
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
|
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
|
||||||
class GlobalUserRoleRelationControllerTest {
|
class GlobalUserRoleRelationControllerTest extends BaseTest {
|
||||||
|
|
||||||
@Resource
|
|
||||||
private MockMvc mockMvc;
|
|
||||||
private static String sessionId;
|
|
||||||
private static String csrfToken;
|
|
||||||
|
|
||||||
private static final String BASE_URL = "/user/role/relation/global/";
|
private static final String BASE_URL = "/user/role/relation/global/";
|
||||||
|
private static final String LIST = "list";
|
||||||
@BeforeEach
|
private static final String ADD = "add";
|
||||||
public void login() throws Exception {
|
private static final String DELETE = "delete/{0}";
|
||||||
if (StringUtils.isAnyBlank(sessionId, csrfToken)) {
|
// 保存创建的数据,方便之后的修改和删除测试使用
|
||||||
MvcResult mvcResult = mockMvc.perform(MockMvcRequestBuilders.post("/login")
|
private static UserRoleRelation addUserRoleRelation;
|
||||||
.content("{\"username\":\"admin\",\"password\":\"metersphere\"}")
|
@Resource
|
||||||
.contentType(MediaType.APPLICATION_JSON))
|
private UserRoleMapper userRoleMapper;
|
||||||
.andExpect(status().isOk())
|
@Resource
|
||||||
.andExpect(content().contentType(MediaType.APPLICATION_JSON))
|
private UserRoleRelationMapper userRoleRelationMapper;
|
||||||
.andReturn();
|
@Override
|
||||||
sessionId = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.sessionId");
|
protected String getBasePath() {
|
||||||
csrfToken = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.csrfToken");
|
return BASE_URL;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void list() throws Exception {
|
void list() throws Exception {
|
||||||
this.requestPost("list", new GlobalUserRoleRelationQueryRequest());
|
|
||||||
|
GlobalUserRoleRelationQueryRequest request = new GlobalUserRoleRelationQueryRequest();
|
||||||
|
request.setCurrent(1);
|
||||||
|
request.setPageSize(10);
|
||||||
|
request.setRoleId(ADMIN.getValue());
|
||||||
|
|
||||||
|
// @@正常请求
|
||||||
|
MvcResult mvcResult = this.requestPostWithOkAndReturn(LIST, request);
|
||||||
|
Pager<List<UserRoleRelationUserDTO>> pageResult = getPageResult(mvcResult, UserRoleRelationUserDTO.class);
|
||||||
|
List<UserRoleRelationUserDTO> listRes = pageResult.getList();
|
||||||
|
Set<String> userIdSet = listRes.stream()
|
||||||
|
.map(UserRoleRelationUserDTO::getUserId).collect(Collectors.toSet());
|
||||||
|
|
||||||
|
UserRoleRelationExample example = new UserRoleRelationExample();
|
||||||
|
example.createCriteria()
|
||||||
|
.andRoleIdEqualTo(request.getRoleId())
|
||||||
|
.andUserIdIn(listRes.stream().map(UserRoleRelationUserDTO::getUserId).toList());
|
||||||
|
Set<String> dbUserIdSet = userRoleRelationMapper.selectByExample(example).stream()
|
||||||
|
.map(UserRoleRelation::getUserId).collect(Collectors.toSet());
|
||||||
|
// 检查查询结果和数据库结果是否一致
|
||||||
|
Assertions.assertEquals(userIdSet, dbUserIdSet);
|
||||||
|
|
||||||
|
|
||||||
|
// @@操作非系统级别用户组异常
|
||||||
|
request.setRoleId(ORG_ADMIN.getValue());
|
||||||
|
this.requestPost(LIST, request)
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_RELATION_SYSTEM_PERMISSION.getCode()));
|
||||||
|
|
||||||
|
// @@操作非全局用户组异常
|
||||||
|
UserRole nonGlobalUserRole = getNonGlobalUserRole();
|
||||||
|
request.setRoleId(nonGlobalUserRole.getId());
|
||||||
|
this.requestPost(LIST, request)
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@Order(0)
|
||||||
void add() throws Exception {
|
void add() throws Exception {
|
||||||
this.requestPost("add", new UserRole());
|
|
||||||
|
// 查询一条非内置用户组的数据
|
||||||
|
UserRole nonInternalUserRole = getNonInternalUserRole();
|
||||||
|
|
||||||
|
// @@请求成功
|
||||||
|
GlobalUserRoleRelationUpdateRequest request = new GlobalUserRoleRelationUpdateRequest();
|
||||||
|
request.setUserId(ADMIN.getValue());
|
||||||
|
request.setRoleId(nonInternalUserRole.getId());
|
||||||
|
this.requestPostWithOk(ADD, request);
|
||||||
|
UserRoleRelationExample example = new UserRoleRelationExample();
|
||||||
|
example.createCriteria()
|
||||||
|
.andRoleIdEqualTo(request.getRoleId())
|
||||||
|
.andUserIdEqualTo(request.getUserId());
|
||||||
|
Assertions.assertTrue(CollectionUtils.isNotEmpty(userRoleRelationMapper.selectByExample(example)));
|
||||||
|
addUserRoleRelation = userRoleRelationMapper.selectByExample(example).get(0);
|
||||||
|
|
||||||
|
// @@重复添加校验
|
||||||
|
request.setUserId(ADMIN.getValue());
|
||||||
|
request.setRoleId(ADMIN.getValue());
|
||||||
|
this.requestPost(ADD, request)
|
||||||
|
.andExpect(
|
||||||
|
jsonPath("$.code")
|
||||||
|
.value(GLOBAL_USER_ROLE_RELATION_EXIST.getCode())
|
||||||
|
);
|
||||||
|
|
||||||
|
// @@操作非系统用户组异常
|
||||||
|
request.setUserId(ADMIN.getValue());
|
||||||
|
request.setRoleId(ORG_ADMIN.getValue());
|
||||||
|
this.requestPost(ADD, request)
|
||||||
|
.andExpect(
|
||||||
|
jsonPath("$.code")
|
||||||
|
.value(GLOBAL_USER_ROLE_RELATION_SYSTEM_PERMISSION.getCode())
|
||||||
|
);
|
||||||
|
|
||||||
|
// @@操作非全局用户组异常
|
||||||
|
UserRole nonGlobalUserRole = getNonGlobalUserRole();
|
||||||
|
request.setUserId(ADMIN.getValue());
|
||||||
|
request.setRoleId(nonGlobalUserRole.getId());
|
||||||
|
this.requestPost(ADD, request)
|
||||||
|
.andExpect(
|
||||||
|
jsonPath("$.code")
|
||||||
|
.value(GLOBAL_USER_ROLE_PERMISSION.getCode())
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@Order(1)
|
||||||
void delete() throws Exception {
|
void delete() throws Exception {
|
||||||
this.requestGet("delete/1");
|
// @@请求成功
|
||||||
|
this.requestGetWithOk(DELETE, addUserRoleRelation.getId());
|
||||||
|
UserRoleRelation userRoleRelation = userRoleRelationMapper.selectByPrimaryKey(addUserRoleRelation.getId());
|
||||||
|
Assertions.assertNull(userRoleRelation);
|
||||||
|
|
||||||
|
// @@操作非系统级别用户组异常
|
||||||
|
this.requestGet(DELETE, getNonSystemUserRoleRelation().getId())
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_RELATION_SYSTEM_PERMISSION.getCode()));
|
||||||
|
|
||||||
|
// @@操作非全局用户组异常
|
||||||
|
this.requestGet(DELETE, getNonGlobalUserRoleRelation().getId())
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_PERMISSION.getCode()));
|
||||||
|
|
||||||
|
// @@删除admin系统管理员用户组异常
|
||||||
|
UserRoleRelationExample example = new UserRoleRelationExample();
|
||||||
|
example.createCriteria()
|
||||||
|
.andRoleIdEqualTo(ADMIN.getValue())
|
||||||
|
.andUserIdEqualTo(ADMIN.getValue());
|
||||||
|
List<UserRoleRelation> userRoleRelations = userRoleRelationMapper.selectByExample(example);
|
||||||
|
this.requestGet(DELETE, userRoleRelations.get(0).getId())
|
||||||
|
.andExpect(jsonPath("$.code").value(GLOBAL_USER_ROLE_RELATION_REMOVE_ADMIN_USER_PERMISSION.getCode()));
|
||||||
}
|
}
|
||||||
|
|
||||||
private void requestPost(String url, Object param) throws Exception {
|
/**
|
||||||
mockMvc.perform(MockMvcRequestBuilders.post(BASE_URL + url)
|
* 插入一条非内置用户组与用户的关联关系,并返回
|
||||||
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
*/
|
||||||
.header(SessionConstants.CSRF_TOKEN, csrfToken)
|
private UserRoleRelation getNonGlobalUserRoleRelation() {
|
||||||
.content(JSON.toJSONString(param))
|
UserRole nonGlobalUserRole = getNonGlobalUserRole();
|
||||||
.contentType(MediaType.APPLICATION_JSON)).andReturn();
|
UserRoleRelation userRoleRelation = new UserRoleRelation();
|
||||||
|
userRoleRelation.setId(UUID.randomUUID().toString());
|
||||||
|
userRoleRelation.setRoleId(nonGlobalUserRole.getId());
|
||||||
|
userRoleRelation.setCreateUser(ADMIN.getValue());
|
||||||
|
userRoleRelation.setUserId(ADMIN.getValue());
|
||||||
|
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
||||||
|
userRoleRelation.setSourceId(UUID.randomUUID().toString());
|
||||||
|
userRoleRelationMapper.insert(userRoleRelation);
|
||||||
|
return userRoleRelation;
|
||||||
}
|
}
|
||||||
|
|
||||||
private MvcResult requestGet(String url) throws Exception {
|
/**
|
||||||
return mockMvc.perform(MockMvcRequestBuilders.get(BASE_URL + url)
|
* 插入一条非系统级别用户组与用户的关联关系,并返回
|
||||||
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
*/
|
||||||
.header(SessionConstants.CSRF_TOKEN, csrfToken)
|
private UserRoleRelation getNonSystemUserRoleRelation() {
|
||||||
.contentType(MediaType.APPLICATION_JSON)).andReturn();
|
UserRoleRelation userRoleRelation = new UserRoleRelation();
|
||||||
|
userRoleRelation.setId(UUID.randomUUID().toString());
|
||||||
|
userRoleRelation.setRoleId(ORG_ADMIN.getValue());
|
||||||
|
userRoleRelation.setUserId(ADMIN.getValue());
|
||||||
|
userRoleRelation.setCreateUser(ADMIN.getValue());
|
||||||
|
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
||||||
|
userRoleRelation.setSourceId(UUID.randomUUID().toString());
|
||||||
|
userRoleRelationMapper.insert(userRoleRelation);
|
||||||
|
return userRoleRelation;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 插入一条非全局用户组,并返回
|
||||||
|
*/
|
||||||
|
private UserRole getNonGlobalUserRole() {
|
||||||
|
// 插入一条非全局用户组数据
|
||||||
|
UserRole nonGlobalUserRole = userRoleMapper.selectByPrimaryKey(ADMIN.getValue());
|
||||||
|
nonGlobalUserRole.setName("非全局用户组");
|
||||||
|
nonGlobalUserRole.setScopeId("not global");
|
||||||
|
nonGlobalUserRole.setId(UUID.randomUUID().toString());
|
||||||
|
userRoleMapper.insert(nonGlobalUserRole);
|
||||||
|
return nonGlobalUserRole;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 插入一条非内置的用户组数据,并返回
|
||||||
|
*/
|
||||||
|
private UserRole getNonInternalUserRole() {
|
||||||
|
// 插入一条用户组数据
|
||||||
|
UserRole nonInternalRole = userRoleMapper.selectByPrimaryKey(ADMIN.getValue());
|
||||||
|
nonInternalRole.setName("非内置用户组");
|
||||||
|
nonInternalRole.setInternal(false);
|
||||||
|
nonInternalRole.setId(UUID.randomUUID().toString());
|
||||||
|
userRoleMapper.insert(nonInternalRole);
|
||||||
|
return nonInternalRole;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ package io.metersphere.system.utils;
|
||||||
import io.metersphere.sdk.controller.handler.ResultHolder;
|
import io.metersphere.sdk.controller.handler.ResultHolder;
|
||||||
import io.metersphere.sdk.dto.BasePageRequest;
|
import io.metersphere.sdk.dto.BasePageRequest;
|
||||||
import io.metersphere.sdk.dto.UserDTO;
|
import io.metersphere.sdk.dto.UserDTO;
|
||||||
|
import io.metersphere.sdk.service.BaseUserRoleService;
|
||||||
import io.metersphere.sdk.util.BeanUtils;
|
import io.metersphere.sdk.util.BeanUtils;
|
||||||
import io.metersphere.sdk.util.JSON;
|
import io.metersphere.sdk.util.JSON;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
|
|
@ -11,6 +12,7 @@ import io.metersphere.system.dto.UserCreateInfo;
|
||||||
import io.metersphere.system.dto.UserRoleOption;
|
import io.metersphere.system.dto.UserRoleOption;
|
||||||
import io.metersphere.system.dto.request.UserEditRequest;
|
import io.metersphere.system.dto.request.UserEditRequest;
|
||||||
import io.metersphere.system.dto.response.UserImportResponse;
|
import io.metersphere.system.dto.response.UserImportResponse;
|
||||||
|
import io.metersphere.system.service.GlobalUserRoleService;
|
||||||
import io.metersphere.utils.JsonUtils;
|
import io.metersphere.utils.JsonUtils;
|
||||||
import org.apache.commons.collections4.CollectionUtils;
|
import org.apache.commons.collections4.CollectionUtils;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
|
|
@ -117,8 +119,8 @@ public class UserTestUtils {
|
||||||
//判断系统权限是否一样
|
//判断系统权限是否一样
|
||||||
List<String> selectUserSystemRoleId
|
List<String> selectUserSystemRoleId
|
||||||
= selectUserDTO.getUserRoles().stream()
|
= selectUserDTO.getUserRoles().stream()
|
||||||
.filter(item -> (StringUtils.equals(item.getType(), "SYSTEM")
|
.filter(item -> (StringUtils.equals(item.getType(), BaseUserRoleService.SYSTEM_TYPE)
|
||||||
&& StringUtils.equals(item.getScopeId(), "global")))
|
&& StringUtils.equals(item.getScopeId(), GlobalUserRoleService.GLOBAL_SCOPE)))
|
||||||
.map(UserRole::getId).collect(Collectors.toList());
|
.map(UserRole::getId).collect(Collectors.toList());
|
||||||
Assertions.assertTrue(
|
Assertions.assertTrue(
|
||||||
editRequest.getUserRoleIdList().containsAll(selectUserSystemRoleId)
|
editRequest.getUserRoleIdList().containsAll(selectUserSystemRoleId)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue