refactor(权限管理): 权限设置

2021-05-25 23:53:37 +08:00 · 2021-05-25 23:53:37 +08:00 · 8c19897706
parent 8b3a9ae1b9
commit 8c19897706
10 changed files with 157 additions and 77 deletions
--- a/backend/src/main/java/io/metersphere/base/mapper/ext/ExtUserGroupMapper.java
+++ b/backend/src/main/java/io/metersphere/base/mapper/ext/ExtUserGroupMapper.java
@ -4,6 +4,7 @@ import io.metersphere.base.domain.Group;
 import io.metersphere.base.domain.User;
 import io.metersphere.controller.request.member.QueryMemberRequest;
 import io.metersphere.controller.request.organization.QueryOrgMemberRequest;
+import io.metersphere.dto.RelatedSource;
 import io.metersphere.dto.UserGroupDTO;
 import io.metersphere.dto.UserGroupHelpDTO;
 import org.apache.ibatis.annotations.Param;
@ -27,4 +28,6 @@ public interface ExtUserGroupMapper {
    List<User> getProjectMemberList(@Param("request") QueryMemberRequest request);

    List<Group> getProjectMemberGroups(@Param("projectId") String projectId,@Param("userId") String userId);
+
+    List<RelatedSource> getRelatedSource(@Param("userId") String userId);
 }
--- a/backend/src/main/java/io/metersphere/base/mapper/ext/ExtUserGroupMapper.xml
+++ b/backend/src/main/java/io/metersphere/base/mapper/ext/ExtUserGroupMapper.xml
@ -76,4 +76,23 @@
                 join `group` r on r.id = ur.group_id
        where p.id = #{projectId} and ur.user_id = #{userId}
    </select>
+    <select id="getRelatedSource" resultType="io.metersphere.dto.RelatedSource">
+        SELECT organization_id, workspace_id, project.id
+        FROM user_group
+                 JOIN project ON source_id = project.id
+                 JOIN workspace w ON project.workspace_id = w.id
+                 JOIN organization o ON w.organization_id = o.id
+        WHERE user_id = #{userId} -- project_admin project_member read_only bb
+        UNION
+        SELECT organization_id, w.id, ''
+        FROM user_group
+                 JOIN workspace w ON user_group.source_id = w.id
+                 JOIN organization o2 ON w.organization_id = o2.id
+        WHERE user_id = #{userId} -- workspace_admin workspace_member ccc
+        UNION
+        SELECT o.id, '', ''
+        FROM user_group
+                 JOIN organization o ON user_group.source_id = o.id
+        WHERE user_id = #{userId} -- org_admin org_member aaa
+    </select>
 </mapper>
--- a/backend/src/main/java/io/metersphere/controller/UserController.java
+++ b/backend/src/main/java/io/metersphere/controller/UserController.java
@ -52,7 +52,6 @@ public class UserController {
    private CheckPermissionService checkPermissionService;

    @PostMapping("/special/add")
-    @RequiresRoles(RoleConstants.ADMIN)
    @MsAuditLog(module = "system_user", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#user)", msClass = UserService.class)
    public UserDTO insertUser(@RequestBody UserRequest user) {
        return userService.insert(user);
--- a/backend/src/main/java/io/metersphere/dto/RelatedSource.java
+++ b/backend/src/main/java/io/metersphere/dto/RelatedSource.java
@ -0,0 +1,10 @@
+package io.metersphere.dto;
+
+import lombok.Data;
+
+@Data
+public class RelatedSource {
+    private String organizationId;
+    private String workspaceId;
+    private String projectId;
+}
--- a/backend/src/main/java/io/metersphere/service/OrganizationService.java
+++ b/backend/src/main/java/io/metersphere/service/OrganizationService.java
@ -11,15 +11,13 @@ import io.metersphere.commons.exception.MSException;
 import io.metersphere.commons.user.SessionUser;
 import io.metersphere.commons.utils.SessionUtils;
 import io.metersphere.controller.request.OrganizationRequest;
-import io.metersphere.dto.OrganizationMemberDTO;
-import io.metersphere.dto.OrganizationResource;
-import io.metersphere.dto.UserDTO;
-import io.metersphere.dto.UserGroupHelpDTO;
+import io.metersphere.dto.*;
 import io.metersphere.i18n.Translator;
 import io.metersphere.log.utils.ReflexObjectUtil;
 import io.metersphere.log.vo.DetailColumn;
 import io.metersphere.log.vo.OperatingLogDetails;
 import io.metersphere.log.vo.system.SystemReference;
+import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@ -127,21 +125,17 @@ public class OrganizationService {
    }

    public List<Organization> getOrganizationListByUserId(String userId) {
-        List<UserGroupHelpDTO> userGroupHelpDTOList = extUserGroupMapper.getUserRoleHelpList(userId);
-        List<String> list = new ArrayList<>();
-        userGroupHelpDTOList.forEach(r -> {
-            if (StringUtils.isEmpty(r.getParentId())) {
-                list.add(r.getSourceId());
-            } else {
-                list.add(r.getParentId());
+        List<RelatedSource> relatedSource = extUserGroupMapper.getRelatedSource(userId);
+        List<String> organizationIds = relatedSource
+                .stream()
+                .map(RelatedSource::getOrganizationId)
+                .distinct()
+                .collect(Collectors.toList());
+        if (CollectionUtils.isEmpty(organizationIds)) {
+            return new ArrayList<>();
        }
-        });
-
-        // ignore list size is 0
-        list.add("no_such_id");
-
        OrganizationExample organizationExample = new OrganizationExample();
-        organizationExample.createCriteria().andIdIn(list);
+        organizationExample.createCriteria().andIdIn(organizationIds);
        return organizationMapper.selectByExample(organizationExample);
    }

--- a/backend/src/main/java/io/metersphere/service/UserService.java
+++ b/backend/src/main/java/io/metersphere/service/UserService.java
@ -283,9 +283,9 @@ public class UserService {
        }
        UserDTO userDTO = new UserDTO();
        BeanUtils.copyProperties(user, userDTO);
-        UserRoleDTO userRole = getUserRole(userId);
-        userDTO.setUserRoles(Optional.ofNullable(userRole.getUserRoles()).orElse(new ArrayList<>()));
-        userDTO.setRoles(Optional.ofNullable(userRole.getRoles()).orElse(new ArrayList<>()));
+//        UserRoleDTO userRole = getUserRole(userId);
+//        userDTO.setUserRoles(Optional.ofNullable(userRole.getUserRoles()).orElse(new ArrayList<>()));
+//        userDTO.setRoles(Optional.ofNullable(userRole.getRoles()).orElse(new ArrayList<>()));
        UserGroupPermissionDTO dto = getUserGroupPermission(userId);
        userDTO.setUserGroups(dto.getUserGroups());
        userDTO.setGroups(dto.getGroups());
@ -761,31 +761,32 @@ public class UserService {
            subject.login(token);
            if (subject.isAuthenticated()) {
                UserDTO user = (UserDTO) subject.getSession().getAttribute(ATTR_USER);
+                autoSwitch(user);
                // 自动选中组织，工作空间
-                if (StringUtils.isEmpty(user.getLastOrganizationId())) {
-                    List<String> orgIds = user.getGroups()
-                            .stream()
-                            .filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.ORGANIZATION))
-                            .map(Group::getId)
-                            .collect(Collectors.toList());
-                    List<String> testIds = user.getGroups()
-                            .stream()
-                            .filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.WORKSPACE))
-                            .map(Group::getId)
-                            .collect(Collectors.toList());
-                    List<UserGroup> userGroups = user.getUserGroups();
-                    List<UserGroup> org = userGroups.stream().filter(ug -> orgIds.contains(ug.getGroupId()))
-                            .collect(Collectors.toList());
-                    List<UserGroup> test = userGroups.stream().filter(ug -> testIds.contains(ug.getGroupId()))
-                            .collect(Collectors.toList());
-                    if (test.size() > 0) {
-                        String wsId = test.get(0).getSourceId();
-                        switchUserRole("workspace", wsId);
-                    } else if (org.size() > 0) {
-                        String orgId = org.get(0).getSourceId();
-                        switchUserRole("organization", orgId);
-                    }
-                }
+//                if (StringUtils.isEmpty(user.getLastOrganizationId())) {
+//                    List<String> orgIds = user.getGroups()
+//                            .stream()
+//                            .filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.ORGANIZATION))
+//                            .map(Group::getId)
+//                            .collect(Collectors.toList());
+//                    List<String> testIds = user.getGroups()
+//                            .stream()
+//                            .filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.WORKSPACE))
+//                            .map(Group::getId)
+//                            .collect(Collectors.toList());
+//                    List<UserGroup> userGroups = user.getUserGroups();
+//                    List<UserGroup> org = userGroups.stream().filter(ug -> orgIds.contains(ug.getGroupId()))
+//                            .collect(Collectors.toList());
+//                    List<UserGroup> test = userGroups.stream().filter(ug -> testIds.contains(ug.getGroupId()))
+//                            .collect(Collectors.toList());
+//                    if (test.size() > 0) {
+//                        String wsId = test.get(0).getSourceId();
+//                        switchUserRole("workspace", wsId);
+//                    } else if (org.size() > 0) {
+//                        String orgId = org.get(0).getSourceId();
+//                        switchUserRole("organization", orgId);
+//                    }
+//                }
                // 返回 userDTO
                return ResultHolder.success(subject.getSession().getAttribute("user"));
            } else {
@ -806,6 +807,56 @@ public class UserService {
        }
    }

+    private void autoSwitch(UserDTO user) {
+        if (StringUtils.isEmpty(user.getLastProjectId())) {
+            List<UserGroup> userGroups = user.getUserGroups();
+            List<String> projectGroupIds = user.getGroups()
+                    .stream().filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.PROJECT))
+                    .map(Group::getId)
+                    .collect(Collectors.toList());
+            List<UserGroup> project = userGroups.stream().filter(ug -> projectGroupIds.contains(ug.getGroupId()))
+                    .collect(Collectors.toList());
+            if (CollectionUtils.isEmpty(project)) {
+                // 项目用户组为空切换工作空间
+                List<String> orgIds = user.getGroups()
+                        .stream()
+                        .filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.ORGANIZATION))
+                        .map(Group::getId)
+                        .collect(Collectors.toList());
+                List<String> testIds = user.getGroups()
+                        .stream()
+                        .filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.WORKSPACE))
+                        .map(Group::getId)
+                        .collect(Collectors.toList());
+                List<UserGroup> org = userGroups.stream().filter(ug -> orgIds.contains(ug.getGroupId()))
+                        .collect(Collectors.toList());
+                List<UserGroup> test = userGroups.stream().filter(ug -> testIds.contains(ug.getGroupId()))
+                        .collect(Collectors.toList());
+                if (test.size() > 0) {
+                    String wsId = test.get(0).getSourceId();
+                    switchUserRole("workspace", wsId);
+                } else if (org.size() > 0) {
+                    String orgId = org.get(0).getSourceId();
+                    switchUserRole("organization", orgId);
+                }
+            } else {
+                UserGroup userGroup = project.stream().filter(p -> StringUtils.isNotBlank(p.getSourceId()))
+                        .collect(Collectors.toList()).get(0);
+                String projectId = userGroup.getSourceId();
+                Project p = projectMapper.selectByPrimaryKey(projectId);
+                String wsId = p.getWorkspaceId();
+                Workspace workspace = workspaceMapper.selectByPrimaryKey(wsId);
+                String orgId = workspace.getOrganizationId();
+                user.setId(user.getId());
+                user.setLastProjectId(projectId);
+                user.setLastWorkspaceId(wsId);
+                user.setLastOrganizationId(orgId);
+                updateUser(user);
+                SecurityUtils.getSubject().getSession().setAttribute(ATTR_USER, user);
+            }
+        }
+    }
+
    public List<User> searchUser(String condition) {
        return extUserMapper.searchUser(condition);
    }
--- a/backend/src/main/java/io/metersphere/service/WorkspaceService.java
+++ b/backend/src/main/java/io/metersphere/service/WorkspaceService.java
@ -10,6 +10,7 @@ import io.metersphere.base.mapper.ext.ExtWorkspaceMapper;
 import io.metersphere.commons.exception.MSException;
 import io.metersphere.commons.utils.SessionUtils;
 import io.metersphere.controller.request.WorkspaceRequest;
+import io.metersphere.dto.RelatedSource;
 import io.metersphere.dto.UserRoleHelpDTO;
 import io.metersphere.dto.WorkspaceDTO;
 import io.metersphere.dto.WorkspaceMemberDTO;
@ -191,23 +192,19 @@ public class WorkspaceService {

    public List<Workspace> getWorkspaceListByOrgIdAndUserId(String orgId) {
        String useId = SessionUtils.getUser().getId();
+        List<RelatedSource> relatedSource = extUserGroupMapper.getRelatedSource(useId);
+        List<String> wsIds = relatedSource
+                .stream()
+                .filter(r -> StringUtils.equals(r.getOrganizationId(), orgId))
+                .map(RelatedSource::getWorkspaceId)
+                .distinct()
+                .collect(Collectors.toList());
+        if (CollectionUtils.isEmpty(wsIds)) {
+            return new ArrayList<>();
+        }
        WorkspaceExample workspaceExample = new WorkspaceExample();
-        workspaceExample.createCriteria().andOrganizationIdEqualTo(orgId);
-        List<Workspace> workspaces = workspaceMapper.selectByExample(workspaceExample);
-        UserGroupExample userGroupExample = new UserGroupExample();
-        userGroupExample.createCriteria().andUserIdEqualTo(useId);
-        List<UserGroup> userGroups = userGroupMapper.selectByExample(userGroupExample);
-        List<Workspace> resultWorkspaceList = new ArrayList<>();
-        userGroups.forEach(userGroup -> {
-            workspaces.forEach(workspace -> {
-                if (StringUtils.equals(userGroup.getSourceId(), workspace.getId())) {
-                    if (!resultWorkspaceList.contains(workspace)) {
-                        resultWorkspaceList.add(workspace);
-                    }
-                }
-            });
-        });
-        return resultWorkspaceList;
+        workspaceExample.createCriteria().andIdIn(wsIds);
+        return workspaceMapper.selectByExample(workspaceExample);
    }

    public List<String> getWorkspaceIdsOrgId(String orgId) {
--- a/frontend/src/business/components/common/head/ProjectSwitch.vue
+++ b/frontend/src/business/components/common/head/ProjectSwitch.vue
@ -10,11 +10,11 @@
      </template>
      <search-list :current-project.sync="currentProject"/>
      <el-divider/>
-      <el-menu-item :index="'/setting/project/create'">
+      <el-menu-item :index="'/setting/project/create'" v-permission="['WORKSPACE_PROJECT_MANAGER:READ+CREATE']">
        <font-awesome-icon :icon="['fa', 'plus']"/>
        <span style="padding-left: 7px;">{{ $t("project.create") }}</span>
      </el-menu-item>
-      <el-menu-item :index="'/setting/project/all'">
+      <el-menu-item :index="'/setting/project/all'" v-permission="['WORKSPACE_PROJECT_MANAGER:READ']">
        <font-awesome-icon :icon="['fa', 'list-ul']"/>
        <span style="padding-left: 7px;">{{ $t('commons.show_all') }}</span>
      </el-menu-item>
--- a/frontend/src/business/components/settings/SettingMenu.vue
+++ b/frontend/src/business/components/settings/SettingMenu.vue
@ -1,6 +1,6 @@
 <template>
  <el-menu menu-trigger="click" :default-active="$route.path" router class="setting">
-    <el-submenu index="1">
+    <el-submenu index="1" v-permission="systemPermission">
      <template v-slot:title>
        <font-awesome-icon class="icon account" :icon="['far', 'address-card']" size="lg"/>
        <span>{{ $t('commons.system') }}</span>
@ -106,6 +106,11 @@ export default {
      persons: getMenus('person'),
      project: getMenus('project'),
      workspaceTemplate: getMenus('workspaceTemplate'),
+      systemPermission: [
+        'SYSTEM_USER:READ','SYSTEM_ORGANIZATION:READ', 'SYSTEM_GROUP:READ',
+        'ORGANIZATION_GROUP:READ', 'SYSTEM_WORKSPACE:READ','SYSTEM_TEST_POOL:READ',
+        'SYSTEM_SETTING:READ','SYSTEM_QUOTA:READ','SYSTEM_AUTH:READ'
+      ]
    };
  },
  methods: {
--- a/frontend/src/business/components/settings/project/Member.vue
+++ b/frontend/src/business/components/settings/project/Member.vue
@ -121,6 +121,7 @@ export default {
    initTableData() {
      let param = {};
      param.projectId = this.projectId;
+      if (this.projectId) {
        this.result = this.$post('/user/project/member/list/' + this.currentPage + "/" + this.pageSize, param, response => {
          let data = response.data;
          this.tableData = data.listObject;
@ -132,7 +133,8 @@ export default {
            })
          }
          this.total = data.itemCount;
-      })
+        });
+      }
    },
    edit(row) {
      this.updateVisible = true;