refactor(项目管理): 增加当前用户是否有当前项目权限的接口
This commit is contained in:
parent
de74dac4b8
commit
830f4e4725
|
@ -5,10 +5,10 @@ import io.metersphere.project.request.ProjectSwitchRequest;
|
||||||
import io.metersphere.project.service.ProjectLogService;
|
import io.metersphere.project.service.ProjectLogService;
|
||||||
import io.metersphere.project.service.ProjectService;
|
import io.metersphere.project.service.ProjectService;
|
||||||
import io.metersphere.sdk.constants.PermissionConstants;
|
import io.metersphere.sdk.constants.PermissionConstants;
|
||||||
import io.metersphere.system.dto.sdk.OptionDTO;
|
|
||||||
import io.metersphere.system.dto.user.UserDTO;
|
|
||||||
import io.metersphere.system.dto.ProjectDTO;
|
import io.metersphere.system.dto.ProjectDTO;
|
||||||
import io.metersphere.system.dto.UpdateProjectRequest;
|
import io.metersphere.system.dto.UpdateProjectRequest;
|
||||||
|
import io.metersphere.system.dto.sdk.OptionDTO;
|
||||||
|
import io.metersphere.system.dto.user.UserDTO;
|
||||||
import io.metersphere.system.log.annotation.Log;
|
import io.metersphere.system.log.annotation.Log;
|
||||||
import io.metersphere.system.log.constants.OperationLogType;
|
import io.metersphere.system.log.constants.OperationLogType;
|
||||||
import io.metersphere.system.security.CheckOwner;
|
import io.metersphere.system.security.CheckOwner;
|
||||||
|
@ -64,8 +64,15 @@ public class ProjectController {
|
||||||
@GetMapping("/pool-options/{type}/{projectId}")
|
@GetMapping("/pool-options/{type}/{projectId}")
|
||||||
@Operation(summary = "项目管理-获取项目下的资源池")
|
@Operation(summary = "项目管理-获取项目下的资源池")
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_BASE_INFO_READ)
|
@RequiresPermissions(PermissionConstants.PROJECT_BASE_INFO_READ)
|
||||||
public List<OptionDTO> getPoolOptions(@PathVariable String type , @PathVariable String projectId) {
|
public List<OptionDTO> getPoolOptions(@PathVariable String type, @PathVariable String projectId) {
|
||||||
return projectService.getPoolOptions(projectId, type);
|
return projectService.getPoolOptions(projectId, type);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@GetMapping("/has-permission/{id}")
|
||||||
|
@Operation(summary = "项目管理-获取当前用户是否有当前项目的权限")
|
||||||
|
@CheckOwner(resourceId = "#id", resourceType = "project")
|
||||||
|
public boolean hasPermission(@PathVariable String id) {
|
||||||
|
return projectService.hasPermission(id, SessionUtils.getUserId());
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -76,7 +76,7 @@ public class ProjectService {
|
||||||
userRoleRelationExample.createCriteria().andUserIdEqualTo(userId).andRoleIdEqualTo(InternalUserRole.ADMIN.name());
|
userRoleRelationExample.createCriteria().andUserIdEqualTo(userId).andRoleIdEqualTo(InternalUserRole.ADMIN.name());
|
||||||
if (userRoleRelationMapper.countByExample(userRoleRelationExample) > 0) {
|
if (userRoleRelationMapper.countByExample(userRoleRelationExample) > 0) {
|
||||||
ProjectExample example = new ProjectExample();
|
ProjectExample example = new ProjectExample();
|
||||||
example.createCriteria().andOrganizationIdEqualTo(organizationId).andEnableEqualTo(true);
|
example.createCriteria().andOrganizationIdEqualTo(organizationId);
|
||||||
return projectMapper.selectByExample(example);
|
return projectMapper.selectByExample(example);
|
||||||
}
|
}
|
||||||
return extProjectMapper.getUserProject(organizationId, userId);
|
return extProjectMapper.getUserProject(organizationId, userId);
|
||||||
|
@ -198,4 +198,25 @@ public class ProjectService {
|
||||||
Long pos = getLastPosFunc.apply(projectId);
|
Long pos = getLastPosFunc.apply(projectId);
|
||||||
return (pos == null ? 0 : pos) + ORDER_STEP;
|
return (pos == null ? 0 : pos) + ORDER_STEP;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public boolean hasPermission(String id, String userId) {
|
||||||
|
boolean hasPermission = true;
|
||||||
|
//判断用户是否是系统管理员
|
||||||
|
UserRoleRelationExample userRoleRelationExample = new UserRoleRelationExample();
|
||||||
|
userRoleRelationExample.createCriteria().andUserIdEqualTo(userId).andRoleIdEqualTo(InternalUserRole.ADMIN.name());
|
||||||
|
if (userRoleRelationMapper.countByExample(userRoleRelationExample) > 0) {
|
||||||
|
return hasPermission;
|
||||||
|
}
|
||||||
|
ProjectExample example = new ProjectExample();
|
||||||
|
example.createCriteria().andIdEqualTo(id).andEnableEqualTo(true);
|
||||||
|
if (CollectionUtils.isEmpty(projectMapper.selectByExample(example))) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
userRoleRelationExample = new UserRoleRelationExample();
|
||||||
|
userRoleRelationExample.createCriteria().andUserIdEqualTo(userId).andSourceIdEqualTo(id);
|
||||||
|
if (CollectionUtils.isEmpty(userRoleRelationMapper.selectByExample(userRoleRelationExample))) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return hasPermission;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,11 +13,14 @@ import io.metersphere.sdk.constants.SessionConstants;
|
||||||
import io.metersphere.sdk.util.JSON;
|
import io.metersphere.sdk.util.JSON;
|
||||||
import io.metersphere.system.base.BaseTest;
|
import io.metersphere.system.base.BaseTest;
|
||||||
import io.metersphere.system.controller.handler.ResultHolder;
|
import io.metersphere.system.controller.handler.ResultHolder;
|
||||||
|
import io.metersphere.system.domain.UserRoleRelation;
|
||||||
import io.metersphere.system.dto.ProjectDTO;
|
import io.metersphere.system.dto.ProjectDTO;
|
||||||
import io.metersphere.system.dto.UpdateProjectRequest;
|
import io.metersphere.system.dto.UpdateProjectRequest;
|
||||||
import io.metersphere.system.dto.user.UserDTO;
|
import io.metersphere.system.dto.user.UserDTO;
|
||||||
import io.metersphere.system.invoker.ProjectServiceInvoker;
|
import io.metersphere.system.invoker.ProjectServiceInvoker;
|
||||||
import io.metersphere.system.log.constants.OperationLogType;
|
import io.metersphere.system.log.constants.OperationLogType;
|
||||||
|
import io.metersphere.system.mapper.UserRoleRelationMapper;
|
||||||
|
import io.metersphere.system.uid.IDGenerator;
|
||||||
import jakarta.annotation.Resource;
|
import jakarta.annotation.Resource;
|
||||||
import org.apache.commons.collections.CollectionUtils;
|
import org.apache.commons.collections.CollectionUtils;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
|
@ -41,7 +44,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||||
|
|
||||||
|
|
||||||
@SpringBootTest(webEnvironment= SpringBootTest.WebEnvironment.RANDOM_PORT)
|
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
|
||||||
@AutoConfigureMockMvc
|
@AutoConfigureMockMvc
|
||||||
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
|
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
|
||||||
public class ProjectControllerTests extends BaseTest {
|
public class ProjectControllerTests extends BaseTest {
|
||||||
|
@ -62,6 +65,8 @@ public class ProjectControllerTests extends BaseTest {
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private ProjectService projectService;
|
private ProjectService projectService;
|
||||||
|
@Resource
|
||||||
|
private UserRoleRelationMapper userRoleRelationMapper;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
public ProjectControllerTests(ProjectServiceInvoker serviceInvoker) {
|
public ProjectControllerTests(ProjectServiceInvoker serviceInvoker) {
|
||||||
|
@ -381,4 +386,54 @@ public class ProjectControllerTests extends BaseTest {
|
||||||
Assertions.assertNotNull(latestVersion);
|
Assertions.assertNotNull(latestVersion);
|
||||||
Assertions.assertTrue(latestVersion.getLatest());
|
Assertions.assertTrue(latestVersion.getLatest());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Order(11)
|
||||||
|
public void testHasPermission() throws Exception {
|
||||||
|
//当前用户是系统管理员
|
||||||
|
responseGet(prefix + "/has-permission/" + DEFAULT_PROJECT_ID, status().isOk());
|
||||||
|
|
||||||
|
MvcResult mvcResult = mockMvc.perform(MockMvcRequestBuilders.post("/login")
|
||||||
|
.content(String.format("{\"username\":\"%s\",\"password\":\"%s\"}", "delete", "deleted@metersphere.io"))
|
||||||
|
.contentType(MediaType.APPLICATION_JSON))
|
||||||
|
.andExpect(status().isOk())
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON))
|
||||||
|
.andReturn();
|
||||||
|
String sessionId = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.sessionId");
|
||||||
|
String csrfToken = JsonPath.read(mvcResult.getResponse().getContentAsString(), "$.data.csrfToken");
|
||||||
|
|
||||||
|
mockMvc.perform(MockMvcRequestBuilders.get(prefix + "/has-permission/" + "projectId")
|
||||||
|
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
||||||
|
.header(SessionConstants.CSRF_TOKEN, csrfToken)
|
||||||
|
.contentType(MediaType.APPLICATION_JSON))
|
||||||
|
.andExpect(status().isOk())
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON)).andReturn();
|
||||||
|
UserRoleRelation userRoleRelation = new UserRoleRelation();
|
||||||
|
userRoleRelation.setUserId("delete");
|
||||||
|
userRoleRelation.setOrganizationId(DEFAULT_ORGANIZATION_ID);
|
||||||
|
userRoleRelation.setSourceId("projectId");
|
||||||
|
userRoleRelation.setRoleId("1");
|
||||||
|
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
||||||
|
userRoleRelation.setCreateUser("admin");
|
||||||
|
userRoleRelation.setId(IDGenerator.nextStr());
|
||||||
|
userRoleRelationMapper.insertSelective(userRoleRelation);
|
||||||
|
mockMvc.perform(MockMvcRequestBuilders.get(prefix + "/has-permission/" + "projectId")
|
||||||
|
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
||||||
|
.header(SessionConstants.CSRF_TOKEN, csrfToken)
|
||||||
|
.contentType(MediaType.APPLICATION_JSON))
|
||||||
|
.andExpect(status().isOk())
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON)).andReturn();
|
||||||
|
|
||||||
|
ProjectExample example = new ProjectExample();
|
||||||
|
example.createCriteria().andIdEqualTo("projectId");
|
||||||
|
Project project = new Project();
|
||||||
|
project.setEnable(false);
|
||||||
|
projectMapper.updateByExampleSelective(project, example);
|
||||||
|
mockMvc.perform(MockMvcRequestBuilders.get(prefix + "/has-permission/" + "projectId")
|
||||||
|
.header(SessionConstants.HEADER_TOKEN, sessionId)
|
||||||
|
.header(SessionConstants.CSRF_TOKEN, csrfToken)
|
||||||
|
.contentType(MediaType.APPLICATION_JSON))
|
||||||
|
.andExpect(status().isOk())
|
||||||
|
.andExpect(content().contentType(MediaType.APPLICATION_JSON)).andReturn();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue